Zaneřáděný PC

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 13 lis 2013 10:37

Mám problém s vypnutím brány firewall,když kliknu na odkaz zapnout nebo vypnout bránu Windows firewall tak se mi ukáže načtení stránky se nezdařilo.
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod jaro3 » 13 lis 2013 11:12

Tak , pokud nelze firewall bypnout , tak pokračuj s RK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 14 lis 2013 20:47

RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Pafča [Práva správce]
Mód : Kontrola -- Datum : 11/13/2013 18:52:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 5 ¤¤¤
[SUSP UNIC][DLL] explorer.exe -- C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\5950libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] 3CXWin8Phone.exe -- C:\ProgramData\3CXPhone for Windows\PhoneApp\3CXWin8Phone.exe [7] -> SMAZÁNO [TermProc]
[SUSP UNIC] szndesktop.exe -- C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP UNIC] listicka-x64.exe -- C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermProc]
[SUSP UNIC] adni18_Weather_F-C.exe -- C:\Users\Pafča\AppData\Local\Temp\{FE97ABA0-7FF3-481B-B54C-D98BD3F142AD}\adni18_Weather_F-C.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 35 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP UNIC] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1122946128-3615468232-4277924103-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1122946128-3615468232-4277924103-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\browsemngr.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\browsermngr.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\bundlesweetimsetup.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\cltmngsvc.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\delta babylon.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\delta tb.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\delta2.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\deltainstaller.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\deltasetup.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\deltatb.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\deltatb_2501-c733154b.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\iminentsetup.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\rjatydimofu.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\sweetimsetup.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\tbdelta.exetoolbar783881609.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Pafča][SUSP UNIC] adni18_Weather_F-C.lnk : C:\Users\Pafča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\adni18_Weather_F-C.lnk @C:\Install\ADNI18~1\ADNI18~1.COM\ADNI18~1.EXE [-][-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST750LM022 HN-M750MBB +++++
--- User ---
[MBR] c682621a5baf028deb851a0912dfb850
[BSP] 41eae3bf8dbd3632e3ba8101ba86496e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 669122 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1370773504 | Size: 26080 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1424185344 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11132013_185215.txt >>
RKreport[0]_S_11122013_015942.txt;RKreport[0]_S_11132013_185055.txt

log z TDSSKiller

20:44:24.0026 0x1b14 TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
20:44:27.0466 0x1b14 EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter.
20:44:27.0469 0x0dac Deinitialize success
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod jaro3 » 15 lis 2013 10:01

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 17 lis 2013 12:52

RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Pafča [Práva správce]
Mód : Odebrat -- Datum : 11/17/2013 05:07:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 35 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP UNIC] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1122946128-3615468232-4277924103-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP UNIC] HKUS\S-1-5-21-1122946128-3615468232-4277924103-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Pafča\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\browsemngr.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\browsermngr.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\bundlesweetimsetup.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\cltmngsvc.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\delta babylon.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\delta tb.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\delta2.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\deltainstaller.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\deltasetup.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\deltatb.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\deltatb_2501-c733154b.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\iminentsetup.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\rjatydimofu.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\sweetimsetup.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[IFEO] HKLM\[...]\tbdelta.exetoolbar783881609.exe : Debugger (tasklist.exe [x]) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[Pafča][SUSP UNIC] adni18_Weather_F-C.lnk : C:\Users\Pafča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\adni18_Weather_F-C.lnk @C:\Install\ADNI18~1\ADNI18~1.COM\ADNI18~1.EXE [-][-] -> VYMAZÁNO
[Pafča][SUSP UNIC] Dropbox.lnk : C:\Users\Pafča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk @C:\Users\PAFA~1\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [-][7] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST750LM022 HN-M750MBB +++++
--- User ---
[MBR] c682621a5baf028deb851a0912dfb850
[BSP] 41eae3bf8dbd3632e3ba8101ba86496e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 669122 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1370773504 | Size: 26080 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 1424185344 | Size: 20001 Mo
User = LL1 ... OK!
User = LL2 ... OK!

1čast logu z TDSSKIller
Dokončeno : << RKreport[0]_D_11172013_050733.txt >>
RKreport[0]_S_11122013_015942.txt;RKreport[0]_S_11132013_185055.txt;RKreport[0]_S_11132013_185215.txt
RKreport[0]_S_11172013_045541.txt
05:12:26.0243 0x2334 TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
05:12:29.0940 0x2334 ============================================================
05:12:29.0940 0x2334 Current date / time: 2013/11/17 05:12:29.0940
05:12:29.0940 0x2334 SystemInfo:
05:12:29.0940 0x2334
05:12:29.0940 0x2334 OS Version: 6.1.7601 ServicePack: 1.0
05:12:29.0940 0x2334 Product type: Workstation
05:12:29.0940 0x2334 ComputerName: PAFCA-PC
05:12:29.0940 0x2334 UserName: Pafča
05:12:29.0940 0x2334 Windows directory: C:\Windows
05:12:29.0940 0x2334 System windows directory: C:\Windows
05:12:29.0940 0x2334 Running under WOW64
05:12:29.0940 0x2334 Processor architecture: Intel x64
05:12:29.0940 0x2334 Number of processors: 4
05:12:29.0940 0x2334 Page size: 0x1000
05:12:29.0940 0x2334 Boot type: Normal boot
05:12:29.0940 0x2334 ============================================================
05:12:31.0610 0x2334 System UUID: {A03AB5B0-AD61-06C5-957A-8CD84676DF50}
05:12:32.0811 0x2334 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:12:32.0826 0x2334 ============================================================
05:12:32.0826 0x2334 \Device\Harddisk0\DR0:
05:12:32.0826 0x2334 MBR partitions:
05:12:32.0826 0x2334 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
05:12:32.0826 0x2334 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x51AE1000
05:12:32.0826 0x2334 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x51B45800, BlocksNum 0x32F0000
05:12:32.0826 0x2334 ============================================================
05:12:32.0873 0x2334 C: <-> \Device\Harddisk0\DR0\Partition2
05:12:32.0936 0x2334 D: <-> \Device\Harddisk0\DR0\Partition3
05:12:32.0967 0x2334 ============================================================
05:12:32.0967 0x2334 Initialize success
05:12:32.0967 0x2334 ============================================================
05:12:35.0416 0x1884 ============================================================
05:12:35.0416 0x1884 Scan started
05:12:35.0416 0x1884 Mode: Manual;
05:12:35.0416 0x1884 ============================================================
05:12:35.0416 0x1884 KSN ping started
05:12:38.0957 0x1884 KSN ping finished: true
05:12:39.0503 0x1884 ================ Scan system memory ========================
05:12:39.0503 0x1884 System memory - ok
05:12:39.0503 0x1884 ================ Scan services =============================
05:12:39.0675 0x1884 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
05:12:39.0690 0x1884 1394ohci - ok
05:12:39.0768 0x1884 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
05:12:39.0800 0x1884 ACPI - ok
05:12:39.0831 0x1884 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
05:12:39.0831 0x1884 AcpiPmi - ok
05:12:39.0878 0x1884 [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
05:12:39.0878 0x1884 ACPIVPC - ok
05:12:40.0034 0x1884 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
05:12:40.0034 0x1884 AdobeARMservice - ok
05:12:40.0096 0x1884 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
05:12:40.0127 0x1884 adp94xx - ok
05:12:40.0174 0x1884 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
05:12:40.0190 0x1884 adpahci - ok
05:12:40.0205 0x1884 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
05:12:40.0221 0x1884 adpu320 - ok
05:12:40.0252 0x1884 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
05:12:40.0252 0x1884 AeLookupSvc - ok
05:12:40.0314 0x1884 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
05:12:40.0330 0x1884 AFD - ok
05:12:40.0361 0x1884 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
05:12:40.0361 0x1884 agp440 - ok
05:12:40.0377 0x1884 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
05:12:40.0392 0x1884 ALG - ok
05:12:40.0408 0x1884 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
05:12:40.0424 0x1884 aliide - ok
05:12:40.0455 0x1884 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
05:12:40.0455 0x1884 amdide - ok
05:12:40.0470 0x1884 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
05:12:40.0470 0x1884 AmdK8 - ok
05:12:40.0533 0x1884 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
05:12:40.0548 0x1884 AmdPPM - ok
05:12:40.0580 0x1884 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
05:12:40.0580 0x1884 amdsata - ok
05:12:40.0626 0x1884 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
05:12:40.0642 0x1884 amdsbs - ok
05:12:40.0673 0x1884 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
05:12:40.0673 0x1884 amdxata - ok
05:12:40.0720 0x1884 [ 64053D3AA5CFEF3D81CD152F00EC09F5, E07CE31BA2556EFDC15AD4DBB21B76882945AED3A5E56FDEE4523A15CAAEE355 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
05:12:40.0736 0x1884 AmUStor - ok
05:12:40.0767 0x1884 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
05:12:40.0767 0x1884 AppID - ok
05:12:40.0798 0x1884 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
05:12:40.0814 0x1884 AppIDSvc - ok
05:12:40.0860 0x1884 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
05:12:40.0876 0x1884 Appinfo - ok
05:12:41.0032 0x1884 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:12:41.0032 0x1884 Apple Mobile Device - ok
05:12:41.0079 0x1884 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
05:12:41.0094 0x1884 arc - ok
05:12:41.0172 0x1884 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
05:12:41.0172 0x1884 arcsas - ok
05:12:41.0313 0x1884 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:12:41.0313 0x1884 aspnet_state - ok
05:12:41.0328 0x1884 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
05:12:41.0328 0x1884 AsyncMac - ok
05:12:41.0360 0x1884 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
05:12:41.0360 0x1884 atapi - ok
05:12:41.0406 0x1884 [ 185F180536188C1A4ED605234721A5B9, FF06E13656E3442D66F8092CA2CF5AC474EFF7DC9C530E8DD87843E8322EF5C5 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
05:12:41.0406 0x1884 AthBTPort - ok
05:12:41.0453 0x1884 [ 846DBF46408C30941E6182E2EF084223, 40D7B9B2807902C7A601F71D849571431D96B3716ACC5538FC458A79E884D04B ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
05:12:41.0469 0x1884 AtherosSvc - ok
05:12:41.0718 0x1884 [ DE9FB3DADE8FD39AE2C587DF22D36B8E, 5315448D41661E625D51330E689139E914E7173DF1F8593C9F81ABC959F5F85D ] athr C:\Windows\system32\DRIVERS\athrx.sys
05:12:41.0781 0x1884 athr - ok
05:12:41.0828 0x1884 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
05:12:41.0843 0x1884 AudioEndpointBuilder - ok
05:12:41.0859 0x1884 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
05:12:41.0874 0x1884 AudioSrv - ok
05:12:41.0952 0x1884 [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
05:12:41.0984 0x1884 AVP - ok
05:12:41.0999 0x1884 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
05:12:41.0999 0x1884 AxInstSV - ok
05:12:42.0062 0x1884 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
05:12:42.0093 0x1884 b06bdrv - ok
05:12:42.0124 0x1884 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
05:12:42.0140 0x1884 b57nd60a - ok
05:12:42.0171 0x1884 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
05:12:42.0186 0x1884 BDESVC - ok
05:12:42.0202 0x1884 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
05:12:42.0202 0x1884 Beep - ok
05:12:42.0264 0x1884 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
05:12:42.0296 0x1884 BFE - ok
05:12:42.0342 0x1884 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
05:12:42.0452 0x1884 BITS - ok
05:12:42.0467 0x1884 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
05:12:42.0467 0x1884 blbdrive - ok
05:12:42.0639 0x1884 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:12:42.0670 0x1884 Bonjour Service - ok
05:12:42.0717 0x1884 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
05:12:42.0732 0x1884 bowser - ok
05:12:42.0795 0x1884 [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv C:\Windows\system32\drivers\BPntDrv.sys
05:12:42.0795 0x1884 BPntDrv - ok
05:12:42.0842 0x1884 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
05:12:42.0842 0x1884 BrFiltLo - ok
05:12:42.0857 0x1884 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
05:12:42.0857 0x1884 BrFiltUp - ok
05:12:42.0904 0x1884 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
05:12:42.0920 0x1884 Browser - ok
05:12:42.0998 0x1884 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
05:12:43.0013 0x1884 Brserid - ok
05:12:43.0060 0x1884 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
05:12:43.0060 0x1884 BrSerWdm - ok
05:12:43.0076 0x1884 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
05:12:43.0091 0x1884 BrUsbMdm - ok
05:12:43.0185 0x1884 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
05:12:43.0185 0x1884 BrUsbSer - ok
05:12:43.0232 0x1884 [ 58C4425368625D275BFC412B59363CE9, 2ABD3865ADAC44A7B81B752AF4631448480007F26DB53D75E60CA92F589436DB ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
05:12:43.0247 0x1884 BTATH_A2DP - ok
05:12:43.0278 0x1884 [ 31D4AC3BE7BD37328D49885C380EC506, CB3469FDC56779B9620CDB9E6B3E7DA3BD3576CAEE56707AFD9B5E14F980A918 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
05:12:43.0294 0x1884 btath_avdt - ok
05:12:43.0325 0x1884 [ E6B734A37ADE36FE1A77035F4E484C8C, 7F3AB1E0CF9F348633B3B325F5F365CCD4C7FF7E4564BDE02C2DA27A499D0234 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
05:12:43.0325 0x1884 BTATH_BUS - ok
05:12:43.0356 0x1884 [ FB3833E63FF602B69C2FF085846DCF43, 468BC9580341AD4C65F0BBB3A11F3E39C1DD0F9694D098AB3647A181C03E4E11 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
05:12:43.0372 0x1884 BTATH_HCRP - ok
05:12:43.0372 0x1884 [ 371A11C1333BA526263A987A93ACDE3D, 80E15B815F2B6F4AFBDDB115C4F54126F5D2796F6ACB387DEA9C4A1C061EB7EB ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
05:12:43.0388 0x1884 BTATH_LWFLT - ok
05:12:43.0419 0x1884 [ ABCD3C16CA850A7594CEB9AD5D966810, DB0EAF000BB6F12F2AA550B66F5C61E08F2C6E58A18DA40BE69DD2B662D1EC60 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
05:12:43.0419 0x1884 BTATH_RCP - ok
05:12:43.0481 0x1884 [ 0EE0D4ECFE459C5937FEC7639C13E26E, 1CCBB713D53A9ECCC3E98FB697E24ED806432297919601CA242D8D1F0BF629D5 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
05:12:43.0512 0x1884 BtFilter - ok
05:12:43.0544 0x1884 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
05:12:43.0544 0x1884 BthEnum - ok
05:12:43.0559 0x1884 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
05:12:43.0559 0x1884 BTHMODEM - ok
05:12:43.0590 0x1884 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
05:12:43.0590 0x1884 BthPan - ok
05:12:43.0700 0x1884 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
05:12:43.0731 0x1884 BTHPORT - ok
05:12:43.0762 0x1884 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
05:12:43.0762 0x1884 bthserv - ok
05:12:43.0778 0x1884 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
05:12:43.0793 0x1884 BTHUSB - ok
05:12:43.0871 0x1884 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
05:12:43.0871 0x1884 cdfs - ok
05:12:43.0918 0x1884 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
05:12:43.0934 0x1884 cdrom - ok
05:12:43.0965 0x1884 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
05:12:43.0965 0x1884 CertPropSvc - ok
05:12:43.0981 0x1884 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
05:12:43.0996 0x1884 circlass - ok
05:12:44.0043 0x1884 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
05:12:44.0059 0x1884 CLFS - ok
05:12:44.0199 0x1884 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:12:44.0199 0x1884 clr_optimization_v2.0.50727_32 - ok
05:12:44.0246 0x1884 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:12:44.0261 0x1884 clr_optimization_v2.0.50727_64 - ok
05:12:44.0464 0x1884 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:12:44.0464 0x1884 clr_optimization_v4.0.30319_32 - ok
05:12:44.0495 0x1884 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:12:44.0511 0x1884 clr_optimization_v4.0.30319_64 - ok
05:12:44.0542 0x1884 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
05:12:44.0542 0x1884 clwvd - ok
05:12:44.0573 0x1884 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
05:12:44.0573 0x1884 CmBatt - ok
05:12:44.0605 0x1884 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
05:12:44.0620 0x1884 cmdide - ok
05:12:44.0745 0x1884 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
05:12:44.0776 0x1884 CNG - ok
05:12:44.0792 0x1884 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
05:12:44.0807 0x1884 Compbatt - ok
05:12:44.0807 0x1884 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
05:12:44.0823 0x1884 CompositeBus - ok
05:12:44.0823 0x1884 COMSysApp - ok
05:12:44.0917 0x1884 [ 236172C3A418B9A0F26B416A72F5A556, 315D8C8A002BE607A7AC011DA17C6CE305C49C6AF458669C3D2B649A06DBCDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
05:12:44.0948 0x1884 cphs - ok
05:12:44.0995 0x1884 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
05:12:44.0995 0x1884 crcdisk - ok
05:12:45.0041 0x1884 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
05:12:45.0041 0x1884 CryptSvc - ok
05:12:45.0088 0x1884 [ 56F4750B7F0CE969E43DE2A76DDA5A5F, FD6F600F52F13E9FDF27A98E959C8AB154E95C1959C8C779D8DA74F1609517A5 ] DamageGuard C:\Windows\system32\DRIVERS\DamageGuardX64.sys
05:12:45.0104 0x1884 DamageGuard - ok
05:12:45.0166 0x1884 [ 75974DA59BA3D2E3DCE9386493A31F54, 6A1E17AD95B93F15C89C1716CC443F239222EBAF29E985D4E32C2AC4F60E3731 ] DamageGuardSvc C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe
05:12:45.0197 0x1884 DamageGuardSvc - ok
05:12:45.0244 0x1884 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
05:12:45.0275 0x1884 DcomLaunch - ok
05:12:45.0322 0x1884 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
05:12:45.0400 0x1884 defragsvc - ok
05:12:45.0431 0x1884 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
05:12:45.0447 0x1884 DfsC - ok
05:12:45.0463 0x1884 [ 5014042B07FE6CBE0E6C737AA3F1EBFC, 35BE28BB681A677AB9E26276B8457081CF715BE3CB29D635FDCB100EC36EC35A ] dgFltr C:\Windows\system32\drivers\dgFltrX64.sys
05:12:45.0463 0x1884 dgFltr - ok
05:12:45.0494 0x1884 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
05:12:45.0525 0x1884 Dhcp - ok
05:12:45.0541 0x1884 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
05:12:45.0541 0x1884 discache - ok
05:12:45.0556 0x1884 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
05:12:45.0572 0x1884 Disk - ok
05:12:45.0587 0x1884 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
05:12:45.0619 0x1884 Dnscache - ok
05:12:45.0634 0x1884 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
05:12:45.0650 0x1884 dot3svc - ok
05:12:45.0665 0x1884 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
05:12:45.0681 0x1884 DPS - ok
05:12:45.0697 0x1884 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
05:12:45.0697 0x1884 drmkaud - ok
05:12:45.0759 0x1884 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
05:12:45.0775 0x1884 dtsoftbus01 - ok
05:12:45.0915 0x1884 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
05:12:45.0946 0x1884 DXGKrnl - ok
05:12:45.0977 0x1884 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
05:12:45.0993 0x1884 EapHost - ok
05:12:46.0165 0x1884 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
05:12:46.0227 0x1884 ebdrv - ok
05:12:46.0243 0x1884 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
05:12:46.0258 0x1884 EFS - ok
05:12:46.0414 0x1884 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
05:12:46.0445 0x1884 ehRecvr - ok
05:12:46.0461 0x1884 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
05:12:46.0477 0x1884 ehSched - ok
05:12:46.0539 0x1884 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
05:12:46.0633 0x1884 elxstor - ok
05:12:46.0648 0x1884 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
05:12:46.0648 0x1884 ErrDev - ok
05:12:46.0711 0x1884 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
05:12:46.0726 0x1884 EventSystem - ok
05:12:46.0742 0x1884 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
05:12:46.0757 0x1884 exfat - ok
05:12:46.0773 0x1884 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
05:12:46.0773 0x1884 fastfat - ok
05:12:46.0820 0x1884 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
05:12:46.0867 0x1884 Fax - ok
05:12:46.0898 0x1884 [ 0BDD7984DB7AAFF6DFEFD11D82D473DB, 616B20DD438DA1F18949DD99513889D47A5773E7FD98776B61A2A654733C855E ] fbfmon C:\Windows\system32\drivers\fbfmon.sys
05:12:46.0898 0x1884 fbfmon - ok
05:12:46.0976 0x1884 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
05:12:46.0991 0x1884 fdc - ok
05:12:47.0007 0x1884 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
05:12:47.0007 0x1884 fdPHost - ok
05:12:47.0023 0x1884 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
05:12:47.0038 0x1884 FDResPub - ok
05:12:47.0038 0x1884 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
05:12:47.0054 0x1884 FileInfo - ok
05:12:47.0069 0x1884 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
05:12:47.0069 0x1884 Filetrace - ok
05:12:47.0101 0x1884 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
05:12:47.0101 0x1884 flpydisk - ok
05:12:47.0147 0x1884 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
05:12:47.0163 0x1884 FltMgr - ok
05:12:47.0335 0x1884 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
05:12:47.0381 0x1884 FontCache - ok
05:12:47.0522 0x1884 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:12:47.0522 0x1884 FontCache3.0.0.0 - ok
05:12:47.0553 0x1884 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
05:12:47.0553 0x1884 FsDepends - ok
Nahoru
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 17 lis 2013 12:59

2část
05:12:47.0600 0x1884 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
05:12:47.0600 0x1884 fssfltr - ok
05:12:47.0740 0x1884 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
05:12:47.0787 0x1884 fsssvc - ok
05:12:47.0818 0x1884 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
05:12:47.0834 0x1884 Fs_Rec - ok
05:12:47.0927 0x1884 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
05:12:47.0943 0x1884 fvevol - ok
05:12:47.0990 0x1884 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
05:12:47.0990 0x1884 gagp30kx - ok
05:12:48.0037 0x1884 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
05:12:48.0037 0x1884 GEARAspiWDM - ok
05:12:48.0177 0x1884 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
05:12:48.0224 0x1884 gpsvc - ok
05:12:48.0286 0x1884 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:12:48.0286 0x1884 gupdate - ok
05:12:48.0302 0x1884 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:12:48.0317 0x1884 gupdatem - ok
05:12:48.0349 0x1884 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
05:12:48.0349 0x1884 hcw85cir - ok
05:12:48.0380 0x1884 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
05:12:48.0395 0x1884 HdAudAddService - ok
05:12:48.0427 0x1884 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
05:12:48.0427 0x1884 HDAudBus - ok
05:12:48.0489 0x1884 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
05:12:48.0505 0x1884 HidBatt - ok
05:12:48.0520 0x1884 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
05:12:48.0536 0x1884 HidBth - ok
05:12:48.0551 0x1884 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
05:12:48.0567 0x1884 HidIr - ok
05:12:48.0614 0x1884 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
05:12:48.0614 0x1884 hidserv - ok
05:12:48.0707 0x1884 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
05:12:48.0707 0x1884 HidUsb - ok
05:12:48.0754 0x1884 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
05:12:48.0754 0x1884 hkmsvc - ok
05:12:48.0785 0x1884 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
05:12:48.0801 0x1884 HomeGroupListener - ok
05:12:48.0863 0x1884 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
05:12:48.0879 0x1884 HomeGroupProvider - ok
05:12:48.0910 0x1884 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
05:12:48.0910 0x1884 HpSAMD - ok
05:12:49.0051 0x1884 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
05:12:49.0097 0x1884 HTTP - ok
05:12:49.0113 0x1884 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
05:12:49.0113 0x1884 hwpolicy - ok
05:12:49.0129 0x1884 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
05:12:49.0144 0x1884 i8042prt - ok
05:12:49.0191 0x1884 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
05:12:49.0207 0x1884 iaStor - ok
05:12:49.0269 0x1884 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
05:12:49.0269 0x1884 IAStorDataMgrSvc - ok
05:12:49.0331 0x1884 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
05:12:49.0378 0x1884 iaStorV - ok
05:12:49.0706 0x1884 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:12:49.0862 0x1884 idsvc - ok
05:12:50.0361 0x1884 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
05:12:50.0876 0x1884 igfx - ok
05:12:50.0923 0x1884 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
05:12:50.0938 0x1884 iirsp - ok
05:12:51.0016 0x1884 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
05:12:51.0047 0x1884 IKEEXT - ok
05:12:51.0281 0x1884 [ BB0D3D57C25D6C5215077A8FAA7AD4B3, 886B543BB75F01F8EE7C8BC1603189259248B8EC397BD851ECBBB0DDAE1D2D69 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
05:12:51.0375 0x1884 IntcAzAudAddService - ok
05:12:51.0422 0x1884 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
05:12:51.0500 0x1884 IntcDAud - ok
05:12:51.0593 0x1884 [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
05:12:51.0609 0x1884 Intel(R) Capability Licensing Service Interface - ok
05:12:51.0671 0x1884 [ C9DCE1CB628AEED3C0C30ABBF4F1E718, 794E6BE05010E315C321DA75ED8FF427CAF3C2AA7C723B267CB22A5D9FC8C4C8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
05:12:51.0671 0x1884 Intel(R) ME Service - ok
05:12:51.0718 0x1884 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
05:12:51.0718 0x1884 intelide - ok
05:12:51.0749 0x1884 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
05:12:51.0749 0x1884 intelppm - ok
05:12:51.0781 0x1884 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
05:12:51.0796 0x1884 IPBusEnum - ok
05:12:51.0859 0x1884 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
05:12:51.0859 0x1884 IpFilterDriver - ok
05:12:51.0921 0x1884 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
05:12:51.0968 0x1884 iphlpsvc - ok
05:12:51.0983 0x1884 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
05:12:51.0999 0x1884 IPMIDRV - ok
05:12:52.0015 0x1884 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
05:12:52.0015 0x1884 IPNAT - ok
05:12:52.0093 0x1884 [ 71F993192EB04B2C4C80F2DEE9119229, 881B7042724364C9D667DF6109E15DE78D9431DF5708CB16736AD723F4A38578 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:12:52.0108 0x1884 iPod Service - ok
05:12:52.0139 0x1884 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
05:12:52.0139 0x1884 IRENUM - ok
05:12:52.0171 0x1884 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
05:12:52.0171 0x1884 isapnp - ok
05:12:52.0233 0x1884 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
05:12:52.0249 0x1884 iScsiPrt - ok
05:12:52.0295 0x1884 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
05:12:52.0295 0x1884 iusb3hcs - ok
05:12:52.0327 0x1884 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
05:12:52.0342 0x1884 iusb3hub - ok
05:12:52.0451 0x1884 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
05:12:52.0483 0x1884 iusb3xhc - ok
05:12:52.0529 0x1884 [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
05:12:52.0529 0x1884 jhi_service - ok
05:12:52.0561 0x1884 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
05:12:52.0561 0x1884 kbdclass - ok
05:12:52.0576 0x1884 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
05:12:52.0576 0x1884 kbdhid - ok
05:12:52.0670 0x1884 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
05:12:52.0670 0x1884 KeyIso - ok
05:12:53.0029 0x1884 [ 1C6256096A341051509D36AD724830BE, 025F7E1E979DC8C4794FC7D3581D6BCF6E0F6DC327C6FCB925B6A8EDBE999A68 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
05:12:53.0294 0x1884 kl1 - ok
05:12:53.0372 0x1884 [ 788E5F92721849A17BD64883C49EB825, CEBCE3D9A84D31F597F8592F0E62C2E6ED8A492087F121B151E64903A86CAC52 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
05:12:53.0387 0x1884 KLIF - ok
05:12:53.0450 0x1884 [ 9BD99E1AB3F664120AB95C35F9EC1EB0, B78738689B5006A3CC7AF17FC4A28B604411512A6CD74CC3CC5602602E5CBA00 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
05:12:53.0450 0x1884 KLIM6 - ok
05:12:53.0497 0x1884 [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
05:12:53.0497 0x1884 klkbdflt - ok
05:12:53.0590 0x1884 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
05:12:53.0590 0x1884 klmouflt - ok
05:12:53.0621 0x1884 [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
05:12:53.0621 0x1884 kltdi - ok
05:12:53.0668 0x1884 [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
05:12:53.0684 0x1884 kneps - ok
05:12:53.0715 0x1884 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
05:12:53.0715 0x1884 KSecDD - ok
05:12:53.0746 0x1884 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
05:12:53.0762 0x1884 KSecPkg - ok
05:12:53.0809 0x1884 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
05:12:53.0809 0x1884 ksthunk - ok
05:12:53.0871 0x1884 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
05:12:53.0918 0x1884 KtmRm - ok
05:12:53.0980 0x1884 [ E84DA1A93978B3700EA63414357B9BA3, B6119D23457CDEE2CCEBA433F5427B183387C3C54E9E51B42D7C79D1524727A4 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
05:12:53.0996 0x1884 L1C - ok
05:12:54.0043 0x1884 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
05:12:54.0058 0x1884 LanmanServer - ok
05:12:54.0105 0x1884 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
05:12:54.0183 0x1884 LanmanWorkstation - ok
05:12:54.0230 0x1884 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
05:12:54.0230 0x1884 LHDmgr - ok
05:12:54.0245 0x1884 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
05:12:54.0261 0x1884 lltdio - ok
05:12:54.0323 0x1884 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
05:12:54.0370 0x1884 lltdsvc - ok
05:12:54.0401 0x1884 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
05:12:54.0401 0x1884 lmhosts - ok
05:12:54.0448 0x1884 [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
05:12:54.0464 0x1884 LMS - ok
05:12:54.0791 0x1884 [ 649982D990F825800FAA8BDAD98A1C30, 1871CDA2817F89F7A563B76EBE60913843CA09917DFE3EB1CD78F674DF1578B9 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
05:12:54.0838 0x1884 LSCWinService - ok
05:12:54.0885 0x1884 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
05:12:54.0885 0x1884 LSI_FC - ok
05:12:54.0947 0x1884 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
05:12:54.0963 0x1884 LSI_SAS - ok
05:12:54.0994 0x1884 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
05:12:54.0994 0x1884 LSI_SAS2 - ok
05:12:55.0025 0x1884 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
05:12:55.0041 0x1884 LSI_SCSI - ok
05:12:55.0072 0x1884 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
05:12:55.0088 0x1884 luafv - ok
05:12:55.0119 0x1884 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
05:12:55.0119 0x1884 MBAMProtector - ok
05:12:55.0213 0x1884 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:12:55.0213 0x1884 MBAMScheduler - ok
05:12:55.0275 0x1884 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:12:55.0306 0x1884 MBAMService - ok
05:12:55.0322 0x1884 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
05:12:55.0337 0x1884 Mcx2Svc - ok
05:12:55.0353 0x1884 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
05:12:55.0353 0x1884 megasas - ok
05:12:55.0400 0x1884 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
05:12:55.0415 0x1884 MegaSR - ok
05:12:55.0478 0x1884 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
05:12:55.0493 0x1884 MEIx64 - ok
05:12:55.0540 0x1884 Microsoft SharePoint Workspace Audit Service - ok
05:12:55.0571 0x1884 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
05:12:55.0587 0x1884 MMCSS - ok
05:12:55.0618 0x1884 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
05:12:55.0618 0x1884 Modem - ok
05:12:55.0634 0x1884 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
05:12:55.0634 0x1884 monitor - ok
05:12:55.0665 0x1884 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
05:12:55.0665 0x1884 mouclass - ok
05:12:55.0681 0x1884 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
05:12:55.0681 0x1884 mouhid - ok
05:12:55.0712 0x1884 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
05:12:55.0712 0x1884 mountmgr - ok
05:12:55.0774 0x1884 [ 5D494509432897338AFC19DB78A76DCB, 873F61F45D4A96096E17F9E266B1A20CCD65E4678DDB21DDE3DB98E831E524D3 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:12:55.0774 0x1884 MozillaMaintenance - ok
05:12:55.0805 0x1884 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
05:12:55.0821 0x1884 mpio - ok
05:12:55.0837 0x1884 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
05:12:55.0837 0x1884 mpsdrv - ok
05:12:55.0915 0x1884 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
05:12:55.0930 0x1884 MpsSvc - ok
05:12:55.0977 0x1884 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
05:12:55.0993 0x1884 MRxDAV - ok
05:12:56.0024 0x1884 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
05:12:56.0024 0x1884 mrxsmb - ok
05:12:56.0071 0x1884 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
05:12:56.0086 0x1884 mrxsmb10 - ok
05:12:56.0102 0x1884 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
05:12:56.0102 0x1884 mrxsmb20 - ok
05:12:56.0149 0x1884 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
05:12:56.0149 0x1884 msahci - ok
05:12:56.0180 0x1884 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
05:12:56.0195 0x1884 msdsm - ok
05:12:56.0227 0x1884 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
05:12:56.0242 0x1884 MSDTC - ok
05:12:56.0258 0x1884 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
05:12:56.0258 0x1884 Msfs - ok
05:12:56.0289 0x1884 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
05:12:56.0289 0x1884 mshidkmdf - ok
05:12:56.0289 0x1884 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
05:12:56.0305 0x1884 msisadrv - ok
05:12:56.0336 0x1884 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
05:12:56.0351 0x1884 MSiSCSI - ok
05:12:56.0367 0x1884 msiserver - ok
05:12:56.0383 0x1884 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
05:12:56.0383 0x1884 MSKSSRV - ok
05:12:56.0461 0x1884 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
05:12:56.0461 0x1884 MSPCLOCK - ok
05:12:56.0476 0x1884 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
05:12:56.0476 0x1884 MSPQM - ok
05:12:56.0523 0x1884 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
05:12:56.0539 0x1884 MsRPC - ok
05:12:56.0554 0x1884 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
05:12:56.0554 0x1884 mssmbios - ok
05:12:56.0570 0x1884 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
05:12:56.0570 0x1884 MSTEE - ok
05:12:56.0617 0x1884 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
05:12:56.0617 0x1884 MTConfig - ok
05:12:56.0632 0x1884 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
05:12:56.0648 0x1884 Mup - ok
05:12:56.0695 0x1884 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
05:12:56.0710 0x1884 napagent - ok
05:12:56.0741 0x1884 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
05:12:56.0757 0x1884 NativeWifiP - ok
05:12:56.0897 0x1884 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
05:12:56.0913 0x1884 NAUpdate - ok
05:12:57.0007 0x1884 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
05:12:57.0053 0x1884 NDIS - ok
05:12:57.0069 0x1884 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
05:12:57.0069 0x1884 NdisCap - ok
05:12:57.0100 0x1884 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
05:12:57.0100 0x1884 NdisTapi - ok
05:12:57.0163 0x1884 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
05:12:57.0178 0x1884 Ndisuio - ok
05:12:57.0194 0x1884 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
05:12:57.0209 0x1884 NdisWan - ok
05:12:57.0241 0x1884 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
05:12:57.0241 0x1884 NDProxy - ok
05:12:57.0303 0x1884 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
05:12:57.0303 0x1884 NetBIOS - ok
05:12:57.0381 0x1884 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
05:12:57.0397 0x1884 NetBT - ok
05:12:57.0428 0x1884 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
05:12:57.0428 0x1884 Netlogon - ok
05:12:57.0475 0x1884 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
05:12:57.0506 0x1884 Netman - ok
05:12:57.0584 0x1884 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:12:57.0599 0x1884 NetMsmqActivator - ok
05:12:57.0615 0x1884 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:12:57.0631 0x1884 NetPipeActivator - ok
05:12:57.0709 0x1884 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
05:12:57.0740 0x1884 netprofm - ok
05:12:57.0740 0x1884 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:12:57.0755 0x1884 NetTcpActivator - ok
05:12:57.0771 0x1884 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:12:57.0771 0x1884 NetTcpPortSharing - ok
05:12:57.0802 0x1884 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
05:12:57.0802 0x1884 nfrd960 - ok
05:12:57.0849 0x1884 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
05:12:57.0865 0x1884 NlaSvc - ok
05:12:57.0880 0x1884 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
05:12:57.0880 0x1884 Npfs - ok
05:12:57.0896 0x1884 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
05:12:57.0896 0x1884 nsi - ok
05:12:57.0911 0x1884 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
05:12:57.0911 0x1884 nsiproxy - ok
05:12:58.0021 0x1884 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
05:12:58.0052 0x1884 Ntfs - ok
05:12:58.0083 0x1884 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
05:12:58.0083 0x1884 Null - ok
05:12:58.0598 0x1884 [ 67428BB28210D22743CC5B3C032CBC57, F10113DA8633B81C8303E8DFDA0B4053E4B2BF54D1AB8F72D21D0193F6B7B2E6 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
05:12:59.0081 0x1884 nvlddmkm - ok
05:12:59.0159 0x1884 [ 2AFE430C06494691DD97CBB20A982544, 8549EC54F39AB44B3C155A56FA8B9AD300D4320DFCDAD7894848F163CD65FE1D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
05:12:59.0175 0x1884 nvpciflt - ok
05:12:59.0206 0x1884 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
05:12:59.0222 0x1884 nvraid - ok
05:12:59.0269 0x1884 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
05:12:59.0269 0x1884 nvstor - ok
05:12:59.0393 0x1884 [ D594841129E5902A67430C01F59EB20C, 343E81DA152372FD03D2A7512E63F7C4FF1ED55067CC97935378346995E6923F ] nvsvc C:\Windows\system32\nvvsvc.exe
05:12:59.0425 0x1884 nvsvc - ok
05:12:59.0581 0x1884 [ CFE798F2095D6F23F9127CDED4547814, 45FA8538B8C870F380955825A17AE981657678928A5332972DE0A33BB5085BF7 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:12:59.0643 0x1884 nvUpdatusService - ok
05:12:59.0659 0x1884 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
05:12:59.0674 0x1884 nv_agp - ok
05:12:59.0690 0x1884 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
05:12:59.0690 0x1884 ohci1394 - ok
05:12:59.0752 0x1884 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:12:59.0752 0x1884 ose - ok
05:12:59.0908 0x1884 [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:12:59.0924 0x1884 ose64 - ok
05:13:00.0173 0x1884 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
05:13:00.0267 0x1884 osppsvc - ok
05:13:00.0298 0x1884 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
05:13:00.0314 0x1884 p2pimsvc - ok
05:13:00.0345 0x1884 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
05:13:00.0361 0x1884 p2psvc - ok
05:13:00.0392 0x1884 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
05:13:00.0407 0x1884 Parport - ok
05:13:00.0548 0x1884 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
05:13:00.0548 0x1884 partmgr - ok
05:13:00.0579 0x1884 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
05:13:00.0595 0x1884 PcaSvc - ok
05:13:00.0641 0x1884 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
05:13:00.0641 0x1884 pci - ok
05:13:00.0673 0x1884 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
05:13:00.0673 0x1884 pciide - ok
05:13:00.0704 0x1884 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
05:13:00.0719 0x1884 pcmcia - ok
05:13:00.0735 0x1884 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
05:13:00.0751 0x1884 pcw - ok
05:13:00.0813 0x1884 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
05:13:00.0844 0x1884 PEAUTH - ok
05:13:00.0922 0x1884 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
05:13:00.0922 0x1884 PerfHost - ok
05:13:01.0047 0x1884 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
05:13:01.0094 0x1884 pla - ok
05:13:01.0156 0x1884 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
05:13:01.0250 0x1884 PlugPlay - ok
05:13:01.0265 0x1884 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
05:13:01.0265 0x1884 PNRPAutoReg - ok
05:13:01.0312 0x1884 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
05:13:01.0328 0x1884 PNRPsvc - ok
05:13:01.0390 0x1884 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
05:13:01.0421 0x1884 PolicyAgent - ok
05:13:01.0453 0x1884 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
05:13:01.0468 0x1884 Power - ok
05:13:01.0499 0x1884 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
05:13:01.0499 0x1884 PptpMiniport - ok
05:13:01.0531 0x1884 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
05:13:01.0531 0x1884 Processor - ok
05:13:01.0624 0x1884 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
05:13:01.0640 0x1884 ProfSvc - ok
05:13:01.0671 0x1884 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
05:13:01.0671 0x1884 ProtectedStorage - ok
05:13:01.0702 0x1884 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
05:13:01.0718 0x1884 Psched - ok
05:13:01.0749 0x1884 [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
05:13:01.0765 0x1884 PxHlpa64 - ok
05:13:01.0874 0x1884 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
05:13:01.0905 0x1884 ql2300 - ok
05:13:01.0936 0x1884 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
05:13:01.0936 0x1884 ql40xx - ok
05:13:01.0983 0x1884 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
05:13:01.0983 0x1884 QWAVE - ok
05:13:01.0999 0x1884 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
05:13:01.0999 0x1884 QWAVEdrv - ok
05:13:02.0014 0x1884 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
05:13:02.0014 0x1884 RasAcd - ok
05:13:02.0045 0x1884 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
05:13:02.0045 0x1884 RasAgileVpn - ok
05:13:02.0077 0x1884 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
05:13:02.0077 0x1884 RasAuto - ok
05:13:02.0092 0x1884 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
05:13:02.0092 0x1884 Rasl2tp - ok
05:13:02.0123 0x1884 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
05:13:02.0123 0x1884 RasMan - ok
05:13:02.0139 0x1884 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
05:13:02.0139 0x1884 RasPppoe - ok
05:13:02.0201 0x1884 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
05:13:02.0217 0x1884 RasSstp - ok
05:13:02.0248 0x1884 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
05:13:02.0279 0x1884 rdbss - ok
05:13:02.0311 0x1884 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
05:13:02.0311 0x1884 rdpbus - ok
05:13:02.0389 0x1884 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
05:13:02.0389 0x1884 RDPCDD - ok
05:13:02.0420 0x1884 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
05:13:02.0420 0x1884 RDPENCDD - ok
05:13:02.0435 0x1884 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
05:13:02.0435 0x1884 RDPREFMP - ok
05:13:02.0482 0x1884 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
05:13:02.0498 0x1884 RDPWD - ok
05:13:02.0529 0x1884 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
05:13:02.0545 0x1884 rdyboost - ok
05:13:02.0576 0x1884 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
05:13:02.0591 0x1884 RemoteAccess - ok
05:13:02.0638 0x1884 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
05:13:02.0654 0x1884 RemoteRegistry - ok
05:13:02.0685 0x1884 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
05:13:02.0701 0x1884 RFCOMM - ok
05:13:02.0732 0x1884 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
05:13:02.0747 0x1884 RpcEptMapper - ok
05:13:02.0794 0x1884 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
05:13:02.0794 0x1884 RpcLocator - ok
05:13:02.0966 0x1884 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
05:13:02.0981 0x1884 RpcSs - ok
05:13:03.0013 0x1884 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
05:13:03.0028 0x1884 rspndr - ok
05:13:03.0059 0x1884 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
05:13:03.0059 0x1884 SamSs - ok
05:13:03.0091 0x1884 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
05:13:03.0091 0x1884 sbp2port - ok
05:13:03.0137 0x1884 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
05:13:03.0153 0x1884 SCardSvr - ok
05:13:03.0169 0x1884 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
05:13:03.0184 0x1884 scfilter - ok
05:13:03.0247 0x1884 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
05:13:03.0293 0x1884 Schedule - ok
05:13:03.0340 0x1884 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
05:13:03.0340 0x1884 SCPolicySvc - ok
05:13:03.0387 0x1884 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
05:13:03.0403 0x1884 SDRSVC - ok
05:13:03.0449 0x1884 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
05:13:03.0449 0x1884 secdrv - ok
05:13:03.0527 0x1884 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
05:13:03.0527 0x1884 seclogon - ok
05:13:03.0559 0x1884 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
05:13:03.0574 0x1884 SENS - ok
05:13:03.0605 0x1884 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
05:13:03.0621 0x1884 SensrSvc - ok
05:13:03.0637 0x1884 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
05:13:03.0652 0x1884 Serenum - ok
05:13:03.0683 0x1884 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
05:13:03.0699 0x1884 Serial - ok
05:13:03.0730 0x1884 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
05:13:03.0730 0x1884 sermouse - ok
05:13:03.0793 0x1884 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
05:13:03.0793 0x1884 SessionEnv - ok
05:13:03.0824 0x1884 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
05:13:03.0824 0x1884 sffdisk - ok
05:13:03.0839 0x1884 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
05:13:03.0839 0x1884 sffp_mmc - ok
05:13:03.0855 0x1884 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
05:13:03.0855 0x1884 sffp_sd - ok
05:13:03.0886 0x1884 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
05:13:03.0886 0x1884 sfloppy - ok
05:13:03.0949 0x1884 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
05:13:03.0980 0x1884 SharedAccess - ok
05:13:04.0058 0x1884 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
05:13:04.0089 0x1884 ShellHWDetection - ok
05:13:04.0120 0x1884 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
05:13:04.0120 0x1884 SiSRaid2 - ok
05:13:04.0183 0x1884 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
05:13:04.0183 0x1884 SiSRaid4 - ok
05:13:04.0261 0x1884 [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
05:13:04.0276 0x1884 SkypeUpdate - ok
05:13:04.0307 0x1884 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
05:13:04.0307 0x1884 Smb - ok
05:13:04.0354 0x1884 [ F3998826302C2B8DFF897B87D5519DA2, B9A245089253935ECFF89C63B508C8D48DFFC7AA59F4F5247F70B317D5E0C961 ] SmbDrvIntel C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
05:13:04.0354 0x1884 SmbDrvIntel - ok
05:13:04.0417 0x1884 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
05:13:04.0417 0x1884 SNMPTRAP - ok
05:13:04.0463 0x1884 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
05:13:04.0463 0x1884 spldr - ok
05:13:04.0541 0x1884 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
05:13:04.0573 0x1884 Spooler - ok
05:13:04.0729 0x1884 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
05:13:04.0822 0x1884 sppsvc - ok
05:13:04.0853 0x1884 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
05:13:04.0869 0x1884 sppuinotify - ok
05:13:04.0916 0x1884 [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
05:13:04.0947 0x1884 sptd - ok
05:13:04.0978 0x1884 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
05:13:04.0994 0x1884 srv - ok
05:13:05.0025 0x1884 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
05:13:05.0041 0x1884 srv2 - ok
05:13:05.0056 0x1884 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
05:13:05.0056 0x1884 srvnet - ok
05:13:05.0134 0x1884 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
05:13:05.0150 0x1884 SSDPSRV - ok
05:13:05.0181 0x1884 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
05:13:05.0181 0x1884 SstpSvc - ok
05:13:05.0243 0x1884 [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
05:13:05.0243 0x1884 ss_bbus - ok
05:13:05.0306 0x1884 [ 08B1B34ABEBEB6AC2DEA06900C56411E, 928EF9B9F194DB07049BA2D7127756B021C2729F562E54F7FECD0F2B2FF5A209 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
05:13:05.0321 0x1884 ss_bmdfl - ok
05:13:05.0368 0x1884 [ 71A9DA6BEAA4CB54DFB827FB78600A5D, 6393CA17CF6A6F30447FF599B2D27CAB44BA1A709D986AC5E14463303094BE5F ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
05:13:05.0384 0x1884 ss_bmdm - ok
05:13:05.0431 0x1884 Steam Client Service - ok
05:13:05.0493 0x1884 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
05:13:05.0493 0x1884 stexstor - ok
05:13:05.0587 0x1884 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
05:13:05.0618 0x1884 stisvc - ok
05:13:05.0649 0x1884 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
05:13:05.0649 0x1884 swenum - ok
05:13:05.0727 0x1884 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
05:13:05.0743 0x1884 SwitchBoard - ok
05:13:05.0805 0x1884 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
05:13:05.0836 0x1884 swprv - ok
05:13:05.0883 0x1884 [ 95CA082C513FC43DE9842905D15173A2, 581AF6D760E14F66968920F6379B6322785198501959338FACFA30B5B33A0E52 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
05:13:05.0899 0x1884 SynTP - ok
05:13:05.0977 0x1884 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
05:13:06.0023 0x1884 SysMain - ok
05:13:06.0055 0x1884 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
05:13:06.0055 0x1884 TabletInputService - ok
05:13:06.0179 0x1884 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
05:13:06.0211 0x1884 TapiSrv - ok
05:13:06.0242 0x1884 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
05:13:06.0242 0x1884 TBS - ok
05:13:06.0382 0x1884 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
05:13:06.0445 0x1884 Tcpip - ok
05:13:06.0491 0x1884 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
05:13:06.0538 0x1884 TCPIP6 - ok
05:13:06.0569 0x1884 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
05:13:06.0569 0x1884 tcpipreg - ok
05:13:06.0647 0x1884 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
05:13:06.0647 0x1884 TDPIPE - ok
05:13:06.0694 0x1884 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
05:13:06.0694 0x1884 TDTCP - ok
05:13:06.0725 0x1884 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
05:13:06.0741 0x1884 tdx - ok
05:13:06.0772 0x1884 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
05:13:06.0772 0x1884 TermDD - ok
05:13:06.0866 0x1884 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ]
Nahoru
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 17 lis 2013 13:02

3část
05:13:06.0881 0x1884 TermService - ok
05:13:06.0897 0x1884 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
05:13:06.0897 0x1884 Themes - ok
05:13:06.0928 0x1884 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
05:13:06.0944 0x1884 THREADORDER - ok
05:13:06.0975 0x1884 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
05:13:06.0975 0x1884 TPM - ok
05:13:07.0022 0x1884 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
05:13:07.0022 0x1884 TrkWks - ok
05:13:07.0131 0x1884 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
05:13:07.0147 0x1884 TrustedInstaller - ok
05:13:07.0193 0x1884 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
05:13:07.0209 0x1884 tssecsrv - ok
05:13:07.0240 0x1884 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
05:13:07.0256 0x1884 TsUsbFlt - ok
05:13:07.0303 0x1884 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
05:13:07.0303 0x1884 TsUsbGD - ok
05:13:07.0490 0x1884 [ BA1EE944D5A06CC4A8DD51546BBA6547, A9FF677553AB8D2178ED02891C40C9FCB2459613AE3C1DFA36D34DD152DACC92 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
05:13:07.0537 0x1884 TuneUp.UtilitiesSvc - ok
05:13:07.0568 0x1884 [ 7BC3381C0713F613B31ACDE38B71CB53, 275A6CB6A6157270C35FD7D6213D0D99030AEE5AE852E0D929CBE879C63FAB2F ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
05:13:07.0568 0x1884 TuneUpUtilitiesDrv - ok
05:13:07.0583 0x1884 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
05:13:07.0583 0x1884 tunnel - ok
05:13:07.0615 0x1884 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
05:13:07.0615 0x1884 uagp35 - ok
05:13:07.0693 0x1884 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
05:13:07.0724 0x1884 udfs - ok
05:13:07.0771 0x1884 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
05:13:07.0771 0x1884 UI0Detect - ok
05:13:07.0817 0x1884 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
05:13:07.0817 0x1884 uliagpkx - ok
05:13:07.0849 0x1884 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
05:13:07.0864 0x1884 umbus - ok
05:13:07.0880 0x1884 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
05:13:07.0895 0x1884 UmPass - ok
05:13:08.0020 0x1884 [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
05:13:08.0036 0x1884 UNS - ok
05:13:08.0098 0x1884 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
05:13:08.0114 0x1884 upnphost - ok
05:13:08.0161 0x1884 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
05:13:08.0161 0x1884 USBAAPL64 - ok
05:13:08.0301 0x1884 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
05:13:08.0301 0x1884 usbaudio - ok
05:13:08.0332 0x1884 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
05:13:08.0348 0x1884 usbccgp - ok
05:13:08.0410 0x1884 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
05:13:08.0410 0x1884 usbcir - ok
05:13:08.0457 0x1884 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\drivers\usbehci.sys
05:13:08.0457 0x1884 usbehci - ok
05:13:08.0644 0x1884 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
05:13:08.0660 0x1884 usbhub - ok
05:13:08.0707 0x1884 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
05:13:08.0707 0x1884 usbohci - ok
05:13:08.0753 0x1884 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
05:13:08.0769 0x1884 usbprint - ok
05:13:08.0894 0x1884 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
05:13:08.0894 0x1884 usbscan - ok
05:13:08.0941 0x1884 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
05:13:08.0956 0x1884 USBSTOR - ok
05:13:08.0972 0x1884 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
05:13:08.0972 0x1884 usbuhci - ok
05:13:09.0019 0x1884 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
05:13:09.0034 0x1884 usbvideo - ok
05:13:09.0050 0x1884 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
05:13:09.0065 0x1884 UxSms - ok
05:13:09.0143 0x1884 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
05:13:09.0159 0x1884 VaultSvc - ok
05:13:09.0175 0x1884 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
05:13:09.0190 0x1884 vdrvroot - ok
05:13:09.0253 0x1884 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
05:13:09.0268 0x1884 vds - ok
05:13:09.0331 0x1884 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
05:13:09.0331 0x1884 vga - ok
05:13:09.0362 0x1884 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
05:13:09.0362 0x1884 VgaSave - ok
05:13:09.0409 0x1884 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
05:13:09.0409 0x1884 vhdmp - ok
05:13:09.0455 0x1884 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
05:13:09.0455 0x1884 viaide - ok
05:13:09.0596 0x1884 [ 9A57B880B0F7AD01155B06741E073FBE, E4E8A6EFB340433012188A1BA763B072A1671796DFCC0336EAC529753BD73A5B ] vm332avs C:\Windows\system32\Drivers\vm332avs.sys
05:13:09.0643 0x1884 vm332avs - ok
05:13:09.0674 0x1884 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
05:13:09.0674 0x1884 volmgr - ok
05:13:09.0689 0x1884 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
05:13:09.0705 0x1884 volmgrx - ok
05:13:09.0721 0x1884 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
05:13:09.0752 0x1884 volsnap - ok
05:13:09.0814 0x1884 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
05:13:09.0830 0x1884 vsmraid - ok
05:13:09.0970 0x1884 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
05:13:10.0033 0x1884 VSS - ok
05:13:10.0048 0x1884 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
05:13:10.0048 0x1884 vwifibus - ok
05:13:10.0079 0x1884 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
05:13:10.0079 0x1884 vwififlt - ok
05:13:10.0111 0x1884 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
05:13:10.0111 0x1884 vwifimp - ok
05:13:10.0142 0x1884 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
05:13:10.0157 0x1884 W32Time - ok
05:13:10.0235 0x1884 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
05:13:10.0235 0x1884 WacomPen - ok
05:13:10.0267 0x1884 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
05:13:10.0282 0x1884 WANARP - ok
05:13:10.0298 0x1884 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
05:13:10.0298 0x1884 Wanarpv6 - ok
05:13:10.0485 0x1884 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
05:13:10.0547 0x1884 WatAdminSvc - ok
05:13:10.0625 0x1884 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
05:13:10.0672 0x1884 wbengine - ok
05:13:10.0703 0x1884 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
05:13:10.0719 0x1884 WbioSrvc - ok
05:13:10.0735 0x1884 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
05:13:10.0750 0x1884 wcncsvc - ok
05:13:10.0766 0x1884 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
05:13:10.0766 0x1884 WcsPlugInService - ok
05:13:10.0797 0x1884 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
05:13:10.0797 0x1884 Wd - ok
05:13:10.0875 0x1884 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
05:13:10.0906 0x1884 Wdf01000 - ok
05:13:10.0937 0x1884 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
05:13:10.0953 0x1884 WdiServiceHost - ok
05:13:10.0969 0x1884 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
05:13:10.0969 0x1884 WdiSystemHost - ok
05:13:11.0015 0x1884 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
05:13:11.0031 0x1884 WebClient - ok
05:13:11.0078 0x1884 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
05:13:11.0171 0x1884 Wecsvc - ok
05:13:11.0218 0x1884 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
05:13:11.0234 0x1884 wercplsupport - ok
05:13:11.0249 0x1884 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
05:13:11.0265 0x1884 WerSvc - ok
05:13:11.0312 0x1884 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
05:13:11.0312 0x1884 WfpLwf - ok
05:13:11.0343 0x1884 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
05:13:11.0343 0x1884 WIMMount - ok
05:13:11.0374 0x1884 WinDefend - ok
05:13:11.0452 0x1884 WinHttpAutoProxySvc - ok
05:13:11.0530 0x1884 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
05:13:11.0546 0x1884 Winmgmt - ok
05:13:11.0780 0x1884 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
05:13:11.0827 0x1884 WinRM - ok
05:13:11.0873 0x1884 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
05:13:11.0889 0x1884 WinUsb - ok
05:13:12.0014 0x1884 [ 4CEEFBB4D646848A6FCEC512B8C39479, 7FD15B04E22A6C8656C9105EE42AC39763E1ECC941B75F3F5C4D366166CBD315 ] WisLMSvc C:\Program Files\Launch Manager\WisLMSvc.exe
05:13:12.0029 0x1884 WisLMSvc - ok
05:13:12.0107 0x1884 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
05:13:12.0154 0x1884 Wlansvc - ok
05:13:12.0217 0x1884 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
05:13:12.0217 0x1884 wlcrasvc - ok
05:13:12.0341 0x1884 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:13:12.0404 0x1884 wlidsvc - ok
05:13:12.0435 0x1884 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
05:13:12.0435 0x1884 WmiAcpi - ok
05:13:12.0529 0x1884 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
05:13:12.0544 0x1884 wmiApSrv - ok
05:13:12.0591 0x1884 WMPNetworkSvc - ok
05:13:12.0638 0x1884 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
05:13:12.0638 0x1884 WPCSvc - ok
05:13:12.0747 0x1884 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
05:13:12.0747 0x1884 WPDBusEnum - ok
05:13:12.0794 0x1884 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
05:13:12.0794 0x1884 ws2ifsl - ok
05:13:12.0825 0x1884 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
05:13:12.0841 0x1884 wscsvc - ok
05:13:12.0856 0x1884 WSearch - ok
05:13:12.0919 0x1884 [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
05:13:12.0919 0x1884 wsvd - ok
05:13:13.0090 0x1884 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
05:13:13.0153 0x1884 wuauserv - ok
05:13:13.0184 0x1884 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
05:13:13.0184 0x1884 WudfPf - ok
05:13:13.0199 0x1884 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
05:13:13.0215 0x1884 WUDFRd - ok
05:13:13.0262 0x1884 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
05:13:13.0262 0x1884 wudfsvc - ok
05:13:13.0293 0x1884 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
05:13:13.0324 0x1884 WwanSvc - ok
05:13:13.0433 0x1884 [ 28B051B78471FC290C1790623D5908E1, 01B711DAC7290B5DBBA5AF49E69FC906BE0A1BF40EFB372A0DA1FB59F0BA9983 ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
05:13:13.0433 0x1884 ZAtheros Bt&Wlan Coex Agent - ok
05:13:13.0480 0x1884 ================ Scan global ===============================
05:13:13.0543 0x1884 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
05:13:13.0621 0x1884 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
05:13:13.0667 0x1884 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
05:13:13.0699 0x1884 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
05:13:13.0745 0x1884 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
05:13:13.0761 0x1884 [ Global ] - ok
05:13:13.0761 0x1884 ================ Scan MBR ==================================
05:13:13.0777 0x1884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:13:13.0901 0x1884 \Device\Harddisk0\DR0 - ok
05:13:13.0901 0x1884 ================ Scan VBR ==================================
05:13:13.0917 0x1884 [ 3217CA0815AFCB94211660232C422924 ] \Device\Harddisk0\DR0\Partition1
05:13:13.0917 0x1884 \Device\Harddisk0\DR0\Partition1 - ok
05:13:13.0933 0x1884 [ F28EB7F3AF23F14F202EA847CB982884 ] \Device\Harddisk0\DR0\Partition2
05:13:13.0933 0x1884 \Device\Harddisk0\DR0\Partition2 - ok
05:13:13.0948 0x1884 [ BD2A5A7C73F29E71C921827F0FBE0CD3 ] \Device\Harddisk0\DR0\Partition3
05:13:13.0964 0x1884 \Device\Harddisk0\DR0\Partition3 - ok
05:13:13.0964 0x1884 Waiting for KSN requests completion. In queue: 98
05:13:14.0978 0x1884 Waiting for KSN requests completion. In queue: 98
05:13:15.0992 0x1884 Waiting for KSN requests completion. In queue: 98
05:13:17.0131 0x1884 AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
05:13:17.0411 0x1884 Win FW state via NFP2: enabled
05:13:20.0313 0x1884 ============================================================
05:13:20.0313 0x1884 Scan finished
05:13:20.0313 0x1884 ============================================================
05:13:20.0313 0x1780 Detected object count: 0
05:13:20.0313 0x1780 Actual detected object count: 0
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod memphisto » 17 lis 2013 20:21

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 17 lis 2013 22:18

1.část
ComboFix 13-11-16.01 - Pafča 17.11.2013 22:03:42.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3941.2060 [GMT 1:00]
Spuštěný z: c:\staen soubory\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Lenovo\Lenovo Solution Center\Microsoft Fix it\FixitUi\_desktop.ini
c:\programdata\ntuser.dat
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-17 do 2013-11-17 )))))))))))))))))))))))))))))))
.
.
2013-11-17 21:14 . 2013-11-17 21:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-17 21:14 . 2013-11-17 21:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-16 09:03 . 2013-11-16 12:42 -------- d-----r- c:\users\Pafča\Dropbox
2013-11-16 08:43 . 2013-11-17 03:04 -------- d-----w- c:\users\Pafča\AppData\Roaming\Dropbox
2013-11-15 08:06 . 2013-11-16 09:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7A5F890-069B-43EA-AB24-164459CCE157}\offreg.dll
2013-11-15 07:51 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7A5F890-069B-43EA-AB24-164459CCE157}\mpengine.dll
2013-11-13 13:05 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-11 22:43 . 2013-05-16 21:58 64856 ----a-w- c:\windows\system32\klfphc.dll
2013-11-11 22:42 . 2013-11-11 22:42 -------- d-----w- c:\windows\ELAMBKUP
2013-11-11 22:42 . 2013-11-17 19:52 -------- d-----w- c:\programdata\Kaspersky Lab
2013-11-11 22:42 . 2013-11-11 22:42 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-11-11 22:42 . 2013-11-11 22:52 626272 ----a-w- c:\windows\system32\drivers\klif.sys
2013-11-11 22:42 . 2013-05-16 21:58 90208 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-11-11 22:35 . 2013-11-11 22:35 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2013-11-11 22:33 . 2013-11-11 22:33 -------- d-----w- c:\windows\ERUNT
2013-11-09 12:46 . 2013-11-09 12:51 -------- d-----w- C:\AdwCleaner
2013-11-07 22:48 . 2013-11-07 22:48 388096 ----a-r- c:\users\Pafča\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-07 22:48 . 2013-11-07 22:48 -------- d-----w- c:\program files (x86)\Trend Micro
2013-11-07 22:34 . 2013-11-07 22:34 -------- d-----w- c:\users\Pafča\AppData\Roaming\Malwarebytes
2013-11-07 22:34 . 2013-11-07 22:34 -------- d-----w- c:\programdata\Malwarebytes
2013-11-07 22:33 . 2013-11-07 22:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-07 22:33 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-06 07:40 . 2013-11-16 12:49 -------- d-----w- C:\Specialisté na zdraví
2013-11-06 07:02 . 2013-11-06 07:02 -------- d-----w- c:\users\Pafča\AppData\Roaming\ProgSense
2013-11-06 07:02 . 2013-11-06 07:46 -------- d-----w- C:\downloads
2013-11-06 07:02 . 2013-11-06 07:02 -------- d-----w- c:\users\Pafča\AppData\Roaming\GrabPro
2013-11-06 06:58 . 2013-11-06 07:45 -------- d-----w- c:\users\Pafča\AppData\Roaming\Orbit
2013-11-05 09:33 . 2013-11-05 23:23 -------- d-----w- c:\users\Pafča\AppData\Roaming\zbusoft
2013-11-05 09:33 . 2013-11-05 09:38 -------- d-----w- C:\FLVDownload
2013-11-05 09:33 . 2013-11-05 09:33 -------- d-----w- c:\program files (x86)\FLV Downloader 1.0
2013-10-30 22:35 . 2013-10-31 07:49 -------- d-----w- c:\users\Pafča\AppData\Roaming\CallTriggerCmd
2013-10-30 22:34 . 2013-10-30 22:34 -------- d-----w- c:\programdata\3CXPhone for Windows
2013-10-30 20:07 . 2013-10-30 20:07 -------- d-----w- c:\users\Pafča\AppData\Roaming\3CX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 12:15 . 2012-12-16 07:45 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-11 22:52 . 2013-05-16 21:58 54368 ----a-w- c:\windows\system32\drivers\kltdi.sys
2013-11-11 22:52 . 2013-05-16 21:58 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2013-11-11 22:52 . 2013-05-16 21:58 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2013-11-11 22:52 . 2012-06-19 16:28 7717984 ----a-w- c:\windows\system32\drivers\kl1.sys
2013-11-07 22:48 . 2013-11-07 22:48 388096 ----a-r- c:\users\Pafča\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-11-07 22:48 . 2013-11-07 22:48 388096 ----a-r- c:\users\Pafča\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-25 02:22 . 2013-11-13 13:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-13 13:05 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-08 02:30 . 2013-10-09 13:38 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 13:38 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 13:38 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 13:37 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 13:37 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 13:37 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 13:37 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 13:37 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 13:37 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 13:37 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-03 12:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-09 13:38 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 13:37 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 13:37 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 13:37 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 13:37 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 13:37 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 13:37 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 13:37 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 13:37 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 13:37 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 13:37 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 13:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 13:37 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 13:37 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 13:37 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 13:37 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 18:05 . 2013-08-28 18:05 472576 ----a-w- c:\windows\AutoKMS.exe
2013-08-28 01:21 . 2013-10-09 13:38 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 13:37 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2012-11-22 11146360]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-30 1820584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-21 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2011-12-09 548864]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-29 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-29 228448]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"{CDF13D74-E6AA-4006-818A-B360D6A3573C}"="c:\program files\Launch Manager\HotkeyApp.exe" [2012-03-01 415272]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"ACSW16EN"="c:\program files (x86)\ACD Systems\ACDSee\16.0\acdIDInTouch2.exe" [2013-07-15 1344840]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2013-08-08 2236816]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-06-10 162856]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2013-11-11 356128]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
3CXPhone for Windows.lnk - c:\programdata\3CXPhone for Windows\PhoneApp\3CXWin8Phone.exe [2013-10-14 2744664]
Image Transfer.lnk - c:\program files (x86)\Sony Corporation\Image Transfer\SonyTray.exe [2013-8-10 73728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
Nahoru
xixarida
nováček
Příspěvky: 21
Registrován: listopad 13
Pohlaví: Žena
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod xixarida » 17 lis 2013 22:20

2.část
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"VeriFaceManager"=c:\program files (x86)\Lenovo\VeriFace\PManage.exe
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 LSCWinService;LSCWinService;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe;c:\program files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe;c:\program files\Launch Manager\WisLMSvc.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-15 10:22 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:37]
.
2013-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce7f2b1a0b625d.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-21 08:37]
.
2013-11-17 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
2013-11-17 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 20:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2013-07-31 20:36 3359088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2013-07-31 20:36 3359088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2013-07-31 20:36 3359088 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Pafča\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-11-22 08:13 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-11-22 08:13 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-11-22 08:13 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-11-22 08:13 480888 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-06-21 08:37 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-30 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-30 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-30 439064]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-04-27 368728]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-10 12445288]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-10-28 984224]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-10-28 800416]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-06-21 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-06-21 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-06-21 206176]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.ividi.org/?src=tbhp&id=12 ... 0&affilt=3
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Pafča\AppData\Roaming\Mozilla\Firefox\Profiles\6xvn4bfm.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynLenovoGestureMgr - c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe
AddRemove-FLV Player - c:\users\Pafča\AppData\Local\WebPlayer\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.032"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.abr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ani"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.apd"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.arw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bay"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bmp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cr2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.crw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cs1"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cur"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dcr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dcx"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dib"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.djv"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.djvu"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dng"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.emf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.eps"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.erf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.fff"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.gif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.hdr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.icl"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.icn"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.iff"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ilbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.int"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.inta"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.iw4"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.j2c"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.j2k"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jbr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jfif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jp2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpc"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpe"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpeg"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1122946128-3615468232-4277924103-1001)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpk"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpx"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.kdc"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.lbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mef"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mos"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mrw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.nef"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.nrw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.orf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pbr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pcd"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pct"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pcx"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pef"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pgm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pic"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pict"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.png"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ppm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1122946128-3615468232-4277924103-1001)
"Progid"="ACDSee 16.psd"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.psp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pspbrush"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pspimage"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.raf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ras"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.raw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rgb"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rgba"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rle"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rsb"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rw2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rwl"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.sgi"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.sr2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.srf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.srw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tga"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.thm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tiff"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ttc"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ttf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v16o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.v16o"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v16p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.v16p"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v16pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.v16pf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wbmp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wmf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xmp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-17 22:17:31
ComboFix-quarantined-files.txt 2013-11-17 21:17
.
Před spuštěním: 5 946 208 256
Po spuštění: 6 193 004 544
.
- - End Of File - - B892C2131FD71DBCA70519AAD4A36A13
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod jaro3 » 18 lis 2013 10:41

Spuštěný z: c:\staen soubory\ComboFix.exe

Přesuň ComboFix.exe na plochu!!


Odinstaluj:
Seznam.cz

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

CkearJavaCache::

KillAll::
File::
c:\windows\AutoKMS.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce7f2b1a0b625d.job

Folder::
c:\program files (x86)\Seznam.cz
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate


Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000

RegLock::
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.032"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.abr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ani"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.apd"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.arw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bay"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bmp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.bw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cr2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.crw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cs1"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.cur"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dcr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dcx"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dib"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.djv"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.djvu"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.dng"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.emf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.eps"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.erf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.fff"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.gif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.hdr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.icl"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.icn"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.iff"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ilbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.int"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.inta"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.iw4"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.j2c"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.j2k"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jbr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jfif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jp2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpc"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpe"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpeg"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-1122946128-3615468232-4277924103-1001)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpk"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.jpx"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.kdc"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.lbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mef"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mos"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.mrw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.nef"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.nrw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.orf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pbr"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pcd"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pct"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pcx"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pef"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pgm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pic"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pict"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.png"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ppm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-1122946128-3615468232-4277924103-1001)
"Progid"="ACDSee 16.psd"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.psp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pspbrush"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.pspimage"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.raf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ras"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.raw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rgb"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rgba"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rle"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rsb"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rw2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.rwl"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.sgi"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.sr2"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.srf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.srw"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tga"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.thm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.tiff"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ttc"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.ttf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v16o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.v16o"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v16p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.v16p"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v16pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.v16pf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wbmp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.wmf"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xbm"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xif"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xmp"
.
[HKEY_USERS\S-1-5-21-1122946128-3615468232-4277924103-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 16.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zaneřáděný PC

Příspěvekod jaro3 » 18 lis 2013 10:42

+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

+
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7A5F890-069B-43EA-AB24-164459CCE157}\[b][b]offreg.dll[/b][/b]
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 130 hostů