Ahojda.
Tak mi kamarad donesl infikovane PC, ze uz nevi co s tim.
Na prvopocatku tam snad bylo neco o blokaci pocitace, coz resil timto navodem: http://www.viruskasino.com/2012/10/pozo ... ovany.html.
Ale nechodilo centrum akci a v IE se zobrazi jen aktualni domovska stranka a cokoliv jineho ne (pouze bila prazdna stranka).
Ja jsem pustil RKill a Combofix, pote uz Centrum akci jede ale internet ne.
Preinstaloval jsem Winsows Essentials security (ale jeho ikonka v systemtray po startu neni, po manualnim spusteni programu z plochy uz ano, ale mam pochyby o jeho funkcnosti), Windows defender je vypnuty a nejde zapnout.
Stale tam asi porad neco je. Muzete prosim pomoci? Dekuji!
log z RSit:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Racocha at 2013-04-02 13:11:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 418 GB (90%) free of 465 GB
Total RAM: 4079 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:11:13, on 2.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\trend micro\Racocha.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-4019750325-1724433726-447755516-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4019750325-1724433726-447755516-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8410 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
WLIDSvcM.exe 2388
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5c92c98e-a13e-4292-ac0e-65c8855af29a -SystemEventPortName:HostProcess-16c11265-a9a1-471e-a05a-b4b43ca25102 -IoCancelEventPortName:HostProcess-eba87d8c-cf5b-4cd4-ac88-4d877c6134fc -NonStateChangingEventPortName:HostProcess-b7960285-1620-4b9e-bb9f-1067778905ae -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9af7c5ed-d544-4acf-84c5-c4a6914dbc76 -DeviceGroupId:WpdFsGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
taskeng.exe {C7A9E89F-9F8B-4E28-B705-3F15781D3603}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Users\Racocha\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-06 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-23 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-23 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [2010-11-17 514544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-11-25 240112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-04-02 13:11:06 ----D---- C:\rsit
2013-04-02 13:11:06 ----D---- C:\Program Files\trend micro
2013-04-02 13:09:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-02 12:48:32 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-04-02 12:48:30 ----D---- C:\Program Files\Microsoft Security Client
2013-04-02 12:41:01 ----SHD---- C:\$RECYCLE.BIN
2013-04-02 12:33:52 ----D---- C:\Windows\temp
2013-04-02 12:33:51 ----A---- C:\ComboFix.txt
2013-04-02 12:29:15 ----A---- C:\Windows\zip.exe
2013-04-02 12:29:15 ----A---- C:\Windows\SWSC.exe
2013-04-02 12:29:15 ----A---- C:\Windows\SWREG.exe
2013-04-02 12:29:15 ----A---- C:\Windows\sed.exe
2013-04-02 12:29:15 ----A---- C:\Windows\PEV.exe
2013-04-02 12:29:15 ----A---- C:\Windows\NIRCMD.exe
2013-04-02 12:29:15 ----A---- C:\Windows\MBR.exe
2013-04-02 12:29:15 ----A---- C:\Windows\grep.exe
2013-04-02 12:29:12 ----D---- C:\Qoobox
2013-04-02 12:29:03 ----D---- C:\Windows\erdnt
2013-04-02 12:16:13 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-04-02 09:28:41 ----D---- C:\Program Files\CCleaner
2013-04-02 08:52:25 ----D---- C:\Users\Racocha\AppData\Roaming\Malwarebytes
2013-04-02 08:52:12 ----D---- C:\ProgramData\Malwarebytes
2013-03-26 00:22:24 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-26 00:22:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-26 00:22:24 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-26 00:22:24 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-26 00:22:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-26 00:22:24 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-26 00:22:24 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-26 00:22:24 ----A---- C:\Windows\system32\elshyph.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-26 00:22:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-26 00:22:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-26 00:22:22 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\wininet.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\wextract.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\webcheck.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\vbscript.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\urlmon.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\url.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\occache.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\msrating.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\msls31.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\mshtml.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\mshta.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\jscript.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\inseng.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\imgutil.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\iexpress.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\iesetup.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\iertutil.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\iernonce.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\iepeers.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-26 00:22:22 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-26 00:22:22 ----A---- C:\Windows\system32\icardie.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-26 00:22:22 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-26 00:22:21 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-26 00:22:21 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-26 00:22:21 ----A---- C:\Windows\system32\jscript9.dll
2013-03-26 00:22:21 ----A---- C:\Windows\system32\ieui.dll
2013-03-26 00:22:21 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-26 00:22:21 ----A---- C:\Windows\system32\ieframe.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-26 00:21:16 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-03-26 00:21:16 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\XpsPrint.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\WMPhoto.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\FntCache.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\dxgi.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\DWrite.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\d3d11.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\d3d10warp.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\d3d10core.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\d3d10.dll
2013-03-26 00:21:16 ----A---- C:\Windows\system32\d2d1.dll
2013-03-26 00:21:15 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-03-26 00:21:15 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-03-26 00:21:15 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-03-26 00:21:15 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-03-26 00:21:15 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-03-26 00:21:15 ----A---- C:\Windows\system32\UIAnimation.dll
2013-03-26 00:21:15 ----A---- C:\Windows\system32\d3d10level9.dll
2013-03-26 00:21:15 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-03-26 00:21:15 ----A---- C:\Windows\system32\d3d10_1.dll
2013-03-26 00:17:36 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-18 21:25:53 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-03-13 04:00:49 ----D---- C:\Program Files\Microsoft Silverlight
======List of files/folders modified in the last 1 month======
2013-04-02 13:11:06 ----RD---- C:\Program Files
2013-04-02 13:09:21 ----D---- C:\Windows\system32\Tasks
2013-04-02 13:09:20 ----D---- C:\Windows\Tasks
2013-04-02 13:09:18 ----D---- C:\Windows\SysWOW64
2013-04-02 13:08:21 ----D---- C:\ProgramData\NVIDIA
2013-04-02 13:01:14 ----D---- C:\Windows\System32
2013-04-02 13:01:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-02 13:01:13 ----D---- C:\Windows\inf
2013-04-02 12:58:04 ----D---- C:\Windows\system32\config
2013-04-02 12:56:12 ----D---- C:\Windows\system32\catroot
2013-04-02 12:55:43 ----D---- C:\Windows\system32\drivers\etc
2013-04-02 12:51:48 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-02 12:48:37 ----SHD---- C:\Windows\Installer
2013-04-02 12:48:37 ----D---- C:\Config.Msi
2013-04-02 12:48:33 ----D---- C:\Windows\system32\drivers
2013-04-02 12:48:32 ----RD---- C:\Program Files (x86)
2013-04-02 12:46:01 ----SHD---- C:\System Volume Information
2013-04-02 12:33:52 ----D---- C:\Windows
2013-04-02 12:32:45 ----A---- C:\Windows\system.ini
2013-04-02 12:32:26 ----D---- C:\ProgramData
2013-04-02 12:31:15 ----D---- C:\Windows\SYSWOW64\drivers
2013-04-02 12:31:15 ----D---- C:\Windows\AppPatch
2013-04-02 12:31:15 ----D---- C:\Program Files (x86)\Common Files
2013-04-02 12:20:00 ----D---- C:\Windows\system32\wbem
2013-04-02 12:19:16 ----D---- C:\Windows\system32\catroot2
2013-04-02 12:16:08 ----D---- C:\Program Files\Google
2013-04-02 12:16:08 ----D---- C:\Program Files (x86)\Google
2013-04-02 12:14:35 ----D---- C:\Windows\system32\LogFiles
2013-04-02 12:14:34 ----D---- C:\Windows\panther
2013-04-02 12:14:34 ----D---- C:\Windows\Logs
2013-04-02 12:14:34 ----D---- C:\Windows\debug
2013-04-02 10:35:25 ----D---- C:\Windows\rescache
2013-04-02 08:52:49 ----D---- C:\ProgramData\Sonic
2013-03-28 10:30:01 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2013-03-28 10:27:25 ----D---- C:\Windows\winsxs
2013-03-28 10:27:11 ----D---- C:\Windows\PolicyDefinitions
2013-03-28 10:27:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-28 09:14:31 ----D---- C:\Windows\Prefetch
2013-03-26 00:29:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-26 00:29:14 ----D---- C:\Windows\system32\cs-CZ
2013-03-26 00:29:14 ----D---- C:\Program Files\Internet Explorer
2013-03-26 00:29:14 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-26 00:29:13 ----D---- C:\Windows\SYSWOW64\migration
2013-03-26 00:29:13 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\it-IT
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\es-ES
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\el-GR
2013-03-26 00:29:12 ----D---- C:\Windows\SYSWOW64\de-DE
2013-03-26 00:29:12 ----D---- C:\Windows\system32\migration
2013-03-26 00:29:12 ----D---- C:\Windows\system32\en-US
2013-03-26 00:29:11 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-03-26 00:29:11 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-03-26 00:29:11 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-03-26 00:29:11 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-03-26 00:29:11 ----D---- C:\Windows\SYSWOW64\da-DK
2013-03-26 00:29:11 ----D---- C:\Windows\system32\zh-TW
2013-03-26 00:29:11 ----D---- C:\Windows\system32\zh-HK
2013-03-26 00:29:11 ----D---- C:\Windows\system32\zh-CN
2013-03-26 00:29:11 ----D---- C:\Windows\system32\tr-TR
2013-03-26 00:29:11 ----D---- C:\Windows\system32\sv-SE
2013-03-26 00:29:11 ----D---- C:\Windows\system32\ru-RU
2013-03-26 00:29:11 ----D---- C:\Windows\system32\pt-PT
2013-03-26 00:29:11 ----D---- C:\Windows\system32\pt-BR
2013-03-26 00:29:11 ----D---- C:\Windows\system32\pl-PL
2013-03-26 00:29:11 ----D---- C:\Windows\system32\nl-NL
2013-03-26 00:29:11 ----D---- C:\Windows\system32\nb-NO
2013-03-26 00:29:11 ----D---- C:\Windows\system32\ko-KR
2013-03-26 00:29:11 ----D---- C:\Windows\system32\ja-JP
2013-03-26 00:29:11 ----D---- C:\Windows\system32\it-IT
2013-03-26 00:29:11 ----D---- C:\Windows\system32\hu-HU
2013-03-26 00:29:11 ----D---- C:\Windows\system32\fr-FR
2013-03-26 00:29:11 ----D---- C:\Windows\system32\fi-FI
2013-03-26 00:29:11 ----D---- C:\Windows\system32\es-ES
2013-03-26 00:29:11 ----D---- C:\Windows\system32\el-GR
2013-03-26 00:29:11 ----D---- C:\Windows\system32\de-DE
2013-03-26 00:29:11 ----D---- C:\Windows\system32\da-DK
2013-03-26 00:29:10 ----D---- C:\Windows\system32\DriverStore
2013-03-21 18:04:25 ----D---- C:\Program Files (x86)\FMS
2013-03-19 19:21:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-18 01:25:45 ----A---- C:\Windows\system32\MRT.exe
2013-03-18 01:24:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-17 14:06:04 ----D---- C:\Windows\system32\wfp
2013-03-17 14:05:46 ----D---- C:\Windows\registration
2013-03-17 14:05:28 ----D---- C:\Users\Racocha\AppData\Roaming\PCDr
2013-03-13 02:23:13 ----D---- C:\Users\Racocha\AppData\Roaming\SoftGrid Client
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-11 1576576]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-07-08 174184]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 10567680]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 204288]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-03 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-18 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-23 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2013-04-02 13:11:14
======Uninstall list======
-->MsiExec /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}
Adobe Flash Player 11 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -maintain activex
Adobe Reader X (10.1.6) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Aktualizace NVIDIA 1.10.8-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.Update
AMD Catalyst Install Manager-->msiexec /q/x{0BD776F3-057D-4C11-020C-4FA9B13D04F9} REBOOT=ReallySuppress
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -IH61Carwa.inf
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Dell Backup and Recovery Manager-->MsiExec.exe /I{50B4B603-A4C6-4739-AE96-6C76A0F8A388}
Dell Edoc Viewer-->MsiExec.exe /I{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}
Dell Support Center-->C:\Program Files\Dell Support Center\uninstaller.exe /arp
DirectX 9 Runtime-->MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}
HP Deskjet 2050 J510 series Nápověda-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}
Java(TM) 6 Update 24 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416024FF}
Java(TM) 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Klikni a spusť 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall
Microsoft Office Klikni a spusť 2010-->MsiExec.exe /I{90140000-006D-0405-1000-0000000FF1CE}
Microsoft Office Starter 2010 - čeština-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0405-0000-0000000FF1CE}
Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0405-0000-0000000FF1CE}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{DC911ADF-7B60-40F2-A112-FB1EB6402D07}
Microsoft Security Client-->MsiExec.exe /X{D954C6C2-544B-4091-A47F-11E77162883E}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 17.0.4 (x86 cs)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NVIDIA Ovladač 3D Vision 306.97-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.2.24.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 285.62-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 306.97-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.11.0621-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.0\NVI2.DLL",UninstallPackage Display.PhysX
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
PhoenixRC-->MsiExec.exe /X{545DF825-0A9A-499F-B9A8-2A1A355ED7FC}
PhotoShowExpress-->MsiExec.exe /I{3250260C-7A95-4632-893B-89657EB5545B}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
RBVirtualFolder64Inst-->MsiExec.exe /I{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}
Roxio Activation Module-->MsiExec.exe /I{A121EEDE-C68F-461D-91AA-D48BA226AF1C}
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio Burn-->MsiExec.exe /I{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}
Roxio Creator Starter-->C:\ProgramData\Uninstall\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}\setup.exe /x {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} /qb
Roxio Creator Starter-->MsiExec.exe /I{EF56258E-0326-48C5-A86C-3BAC26FC15DF}
Roxio Creator Starter-->MsiExec.exe /I{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}
Samsung_MonSetup-->C:\Program Files (x86)\InstallShield Installation Information\{8EA79DBF-D637-448A-89D6-410A087A4493}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8E6848A1-B790-34FE-921A-A5319258E254} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {BA941BCD-BC45-3D64-AB89-0F737907515C} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {C8B8456C-6A12-3725-95A8-1C9FBE1E3141} /parameterfolder Extended
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{9A00EC4E-27E1-42C4-98DD-662F32AC8870}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2600217)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Extended
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{027E5FAB-1476-4C59-AAB4-32EF28520399}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Základní software zařízení HP Deskjet 2050 J510 series-->MsiExec.exe /I{6390461E-D4C5-44ED-A783-9823ED17BF79}
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======System event log======
Computer Name: Racocha-PC
Event Code: 7036
Message: Stav služby Služba WinHTTP WPAD byl změněn na: Zastaveno
Record Number: 85491
Source Name: Service Control Manager
Time Written: 20120411221341.231208-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 7036
Message: Stav služby služba Zprostředkovatel softwaru služby Stínová kopie svazků byl změněn na: Spuštěno
Record Number: 85490
Source Name: Service Control Manager
Time Written: 20120411221117.554956-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 7036
Message: Stav služby Stínová kopie svazku byl změněn na: Spuštěno
Record Number: 85489
Source Name: Service Control Manager
Time Written: 20120411221117.539356-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 7045
Message: Do systému byla nainstalována služba.
Název služby: PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver
Název souboru služby: c:\program files\dell support center\pcdsrvc_x64.pkms
Typ služby: ovladač v režimu jádra
Typ spouštění služby: spouštění na vyžádání
Účet služby:
Record Number: 85488
Source Name: Service Control Manager
Time Written: 20120411221101.143727-000
Event Type: Informace
User: Racocha-PC\Racocha
Computer Name: Racocha-PC
Event Code: 7036
Message: Stav služby WMI Performance Adapter byl změněn na: Zastaveno
Record Number: 85487
Source Name: Service Control Manager
Time Written: 20120411221100.956527-000
Event Type: Informace
User:
=====Application event log=====
Computer Name: Racocha-PC
Event Code: 223
Message: WinMail (2668) WindowsMail0: Začíná zálohování souboru protokolu (rozsah C:\Users\Racocha\AppData\Local\Microsoft\Windows Mail\edb00001.log - C:\Users\Racocha\AppData\Local\Microsoft\Windows Mail\edb00001.log).
Record Number: 1433
Source Name: ESENT
Time Written: 20111221153903.000000-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 221
Message: WinMail (2668) WindowsMail0: Končí zálohování souboru C:\Users\Racocha\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore.
Record Number: 1432
Source Name: ESENT
Time Written: 20111221153902.000000-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 220
Message: WinMail (2668) WindowsMail0: Začíná zálohování souboru C:\Users\Racocha\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (velikost 2 Mb).
Record Number: 1431
Source Name: ESENT
Time Written: 20111221153902.000000-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 210
Message: WinMail (2668) WindowsMail0: Probíhá spouštění úplného zálohování.
Record Number: 1430
Source Name: ESENT
Time Written: 20111221153902.000000-000
Event Type: Informace
User:
Computer Name: Racocha-PC
Event Code: 102
Message: WinMail (2668) WindowsMail0: Databázový stroj (6.01.7601.0000) spustil novou instanci (0).
Record Number: 1429
Source Name: ESENT
Time Written: 20111221153902.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: Racocha-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 3
Nové přihlášení:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x22dd8
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x0
Název procesu: -
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: NtLmSsp
Balíček ověření: NTLM
Přenosové služby: -
Název balíčku (pouze NTLM): NTLM V1
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1310
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120105124611.206031-000
Event Type: Úspěšný audit
User:
Computer Name: Racocha-PC
Event Code: 5024
Message: Služba brány Windows Firewall byla úspěšně spuštěna.
Record Number: 1309
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120105124610.223229-000
Event Type: Úspěšný audit
User:
Computer Name: Racocha-PC
Event Code: 5033
Message: Ovladač brány Windows Firewall byl úspěšně spuštěn.
Record Number: 1308
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120105124610.004829-000
Event Type: Úspěšný audit
User:
Computer Name: Racocha-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1307
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120105124609.926828-000
Event Type: Úspěšný audit
User:
Computer Name: Racocha-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: RACOCHA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1f8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 1306
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120105124609.926828-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared;C:\Program Files (x86)\Roxio\OEM\AudioCore
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\
"RCAUTOPLAY"=C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\
"BURN_AUTOPLAY"=C:\Program Files (x86)\Roxio\OEM\Roxio Burn\
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
blokované centrum akcí, nejde internet
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
blokované centrum akcí, nejde internet
Usmívej se, bude hůř! 
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
Zdravim
Odinstaluj Spybot a vloz sem log z Combofix
mas to tu>>C:\ComboFix.txt
Odinstaluj Spybot a vloz sem log z Combofix
mas to tu>>C:\ComboFix.txt
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: blokované centrum akcí, nejde internet
provedeno
ComboFix 13-04-01.01 - Racocha 02.04.2013 12:29:52.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4079.2918 [GMT 2:00]
Spuštěný z: c:\users\Racocha\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\29c69113-ae90-4dbb-85ed-bacbc3a1827d
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.dll
c:\programdata\windows
c:\users\Racocha\AppData\Roaming\2df29e9c-7f0b-485d-9307-77ab8cf0fad3ad
c:\users\Racocha\AppData\Roaming\2df29e9c-7f0b-485d-9307-77ab8cf0fad3ad\dfecfbdabcffadad.exe
c:\users\Racocha\AppData\Roaming\skype.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 10:20 . 2013-04-02 10:20 -------- d-----w- c:\windows\system32\wbem\repository
2013-04-02 07:28 . 2013-04-02 07:28 -------- d-----w- c:\program files\CCleaner
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\users\Racocha\AppData\Roaming\Malwarebytes
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\programdata\Malwarebytes
2013-04-02 06:51 . 2013-04-02 06:51 -------- d-----w- c:\users\Racocha\AppData\Local\Programs
2013-03-25 22:21 . 2013-03-25 22:21 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-25 22:17 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-18 19:25 . 2013-03-18 22:57 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-03-13 02:00 . 2013-03-17 23:24 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-17 23:25 . 2011-12-23 00:52 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-17 12:52 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-17 12:52 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-17 12:52 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-17 12:52 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-14 07:02 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-14 07:02 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-14 07:02 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-14 07:01 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-14 07:01 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-14 07:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-14 07:01 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-14 07:01 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-14 07:01 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-14 07:01 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-14 07:01 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-14 07:01 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-14 07:01 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows\Tasks\Dxzgdqzj.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.centrum.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
SafeBoot-60733984.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-02 12:33:51
ComboFix-quarantined-files.txt 2013-04-02 10:33
.
Před spuštěním: Volných bajtů: 438 519 812 096
Po spuštění: Volných bajtů: 438 126 022 656
.
- - End Of File - - 2ECB95A732610142A551CDED09901405
ComboFix 13-04-01.01 - Racocha 02.04.2013 12:29:52.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4079.2918 [GMT 2:00]
Spuštěný z: c:\users\Racocha\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\29c69113-ae90-4dbb-85ed-bacbc3a1827d
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.dll
c:\programdata\windows
c:\users\Racocha\AppData\Roaming\2df29e9c-7f0b-485d-9307-77ab8cf0fad3ad
c:\users\Racocha\AppData\Roaming\2df29e9c-7f0b-485d-9307-77ab8cf0fad3ad\dfecfbdabcffadad.exe
c:\users\Racocha\AppData\Roaming\skype.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 10:20 . 2013-04-02 10:20 -------- d-----w- c:\windows\system32\wbem\repository
2013-04-02 07:28 . 2013-04-02 07:28 -------- d-----w- c:\program files\CCleaner
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\users\Racocha\AppData\Roaming\Malwarebytes
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\programdata\Malwarebytes
2013-04-02 06:51 . 2013-04-02 06:51 -------- d-----w- c:\users\Racocha\AppData\Local\Programs
2013-03-25 22:21 . 2013-03-25 22:21 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-25 22:17 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-18 19:25 . 2013-03-18 22:57 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-03-13 02:00 . 2013-03-17 23:24 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-17 23:25 . 2011-12-23 00:52 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-17 12:52 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-17 12:52 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-17 12:52 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-17 12:52 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:53 . 2013-02-14 07:02 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-14 07:02 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-14 07:02 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-14 07:01 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-14 07:01 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-14 07:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-14 07:01 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-14 07:01 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-14 07:01 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-14 07:01 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-14 07:01 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-14 07:01 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-14 07:01 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows\Tasks\Dxzgdqzj.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.centrum.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
SafeBoot-60733984.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-02 12:33:51
ComboFix-quarantined-files.txt 2013-04-02 10:33
.
Před spuštěním: Volných bajtů: 438 519 812 096
Po spuštění: Volných bajtů: 438 126 022 656
.
- - End Of File - - 2ECB95A732610142A551CDED09901405
Usmívej se, bude hůř!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
1:Spust RKILL, log vloz sem
http://www.viruskasino.com/2011/01/ako-zacat.html#RKILL
2:Spust RogueKiller log vloz sem, aj OPRAVA HOST a OPRAVA DNS
http://www.viruskasino.com/2010/12/prog ... ogueKiller
3:Spust JunkwareRemovalTool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log vloz sem
4:Spust prikazovy riadok ako spravca apostupne zadaj tieto prikazy:
ipconfig /flushdns a stlačíme Enter.
netsh winsock reset a stlačíme Enter.
AT/Delete / Yes a stlačíme Enter.
5:restart a napis ci vsetko je ok, ak nie budeme dalej riesit.
http://www.viruskasino.com/2011/01/ako-zacat.html#RKILL
2:Spust RogueKiller log vloz sem, aj OPRAVA HOST a OPRAVA DNS
http://www.viruskasino.com/2010/12/prog ... ogueKiller
3:Spust JunkwareRemovalTool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log vloz sem
4:Spust prikazovy riadok ako spravca apostupne zadaj tieto prikazy:
ipconfig /flushdns a stlačíme Enter.
netsh winsock reset a stlačíme Enter.
AT/Delete / Yes a stlačíme Enter.
5:restart a napis ci vsetko je ok, ak nie budeme dalej riesit.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: blokované centrum akcí, nejde internet
vse provedeno, zmena zadna.
Navic po odinstalaci Spybota se v system tray spousti jeho ikonka, ale program spustit nejde.
LOGY:
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 04/02/2013 02:29:22 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
20 out of 15348 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 04/02/2013 02:29:34 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Racocha [Práva správce]
Mód : Kontrola -- Datum : 04/02/2013 14:30:38
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500413AS ATA Device +++++
--- User ---
[MBR] a939a282e4aa674f11b8d97512d9cff9
[BSP] 468451aed439625e28d6b40723cbdd71 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12342 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25358336 | Size: 464557 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_04022013_02d1430.txt >>
RKreport[1]_S_04022013_02d1430.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.9 (04.01.2013:1)
OS: Windows 7 Professional x64
Ran by Racocha on Łt 02.04.2013 at 14:31:21,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{0015122A-84DC-4DD4-8FDA-47536DD20179}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{00D3C088-7044-4210-9A45-69234566E675}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{0994D129-8E36-4C6F-B81B-7E86F7A3AAB2}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{0A6996F3-C7A6-42BB-901C-58D98155B7E4}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{11CC5713-23BF-4B0D-BC43-63A7E42B73A2}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{1273499E-608D-4E96-8269-5E84C6BFE765}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{159523F0-0E72-4F8A-BA59-45A7B908CEAA}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{16C4CCDE-5A14-4025-A90E-DE9E521B8E30}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{182AEFF2-ED5E-458E-8B03-3DB5A7DCF11D}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{1E57CA9E-4E8C-4FC4-AB09-B99E22C53792}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{236C5959-F515-4B27-9021-F743E50C6EA8}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{24D292F3-8A14-41EA-BE18-AF14803EFF55}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{289F43C2-DDCB-4C08-853A-DF5FF029AA40}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{2B51B8DA-E34A-4B0E-B39D-D8A64E899396}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{2BCB806E-E323-449B-9E30-20E227346C37}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{30E75EFA-B3FD-487C-A544-E79C3CB84372}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{3B01AC79-C0E2-48D5-88B6-7EE7B09FE966}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{69D0AFFD-4BBA-40D1-A552-79CDF7DD9F5E}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{6A7B7015-38B7-419B-BDE5-3A5794ADEC07}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{6A9C76B8-DD12-419C-8ED3-C8704206E57F}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{6B99E822-C9B4-4499-AAC3-F0890DFF8D2C}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{70AEB7C4-B5F6-4658-B5C5-D7D0B7409F8B}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{9DC216E4-D545-496C-890E-5E9D348E382D}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{9F274858-D7D5-48A7-9DAF-07F130A5ACC1}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{A18E74A2-3D5D-4513-B4E5-D02AE935F43A}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{A72A60FB-C538-45FF-8392-7B8336550789}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{B6DAA3FD-E71A-4E1D-96FF-3422D2E5CEA0}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{B72F721C-7B3C-4EA5-9D11-CF32C45AE4A1}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{C118401C-3D83-4E8A-859A-6E97D729BCA8}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{D340DE48-B79F-4A03-B2A4-A7CBC7D94797}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{D97DFD62-0856-45AD-BC1F-9C0F3DD5AD45}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{E756D372-D676-41D1-80C9-8790191D8DA8}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{E7BD6546-7544-45D0-AC29-B3F6105FAF7E}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{E8C1FF24-072A-48FF-AADB-2F6A5198BC37}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{ED706520-7CD0-4AF7-B1D0-7268C11D41A2}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{FF1FB27B-48A9-4298-82AE-99A0E4474B65}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{FF33808E-472A-44D8-841A-A60DA333C9E2}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 02.04.2013 at 14:35:24,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Navic po odinstalaci Spybota se v system tray spousti jeho ikonka, ale program spustit nejde.
LOGY:
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 04/02/2013 02:29:22 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [Incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.
* HOSTS file entries found:
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
20 out of 15348 HOSTS entries shown.
Please review HOSTS file for further entries.
Program finished at: 04/02/2013 02:29:34 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Racocha [Práva správce]
Mód : Kontrola -- Datum : 04/02/2013 14:30:38
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500413AS ATA Device +++++
--- User ---
[MBR] a939a282e4aa674f11b8d97512d9cff9
[BSP] 468451aed439625e28d6b40723cbdd71 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12342 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25358336 | Size: 464557 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_04022013_02d1430.txt >>
RKreport[1]_S_04022013_02d1430.txt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.9 (04.01.2013:1)
OS: Windows 7 Professional x64
Ran by Racocha on Łt 02.04.2013 at 14:31:21,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{0015122A-84DC-4DD4-8FDA-47536DD20179}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{00D3C088-7044-4210-9A45-69234566E675}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{0994D129-8E36-4C6F-B81B-7E86F7A3AAB2}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{0A6996F3-C7A6-42BB-901C-58D98155B7E4}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{11CC5713-23BF-4B0D-BC43-63A7E42B73A2}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{1273499E-608D-4E96-8269-5E84C6BFE765}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{159523F0-0E72-4F8A-BA59-45A7B908CEAA}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{16C4CCDE-5A14-4025-A90E-DE9E521B8E30}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{182AEFF2-ED5E-458E-8B03-3DB5A7DCF11D}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{1E57CA9E-4E8C-4FC4-AB09-B99E22C53792}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{236C5959-F515-4B27-9021-F743E50C6EA8}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{24D292F3-8A14-41EA-BE18-AF14803EFF55}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{289F43C2-DDCB-4C08-853A-DF5FF029AA40}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{2B51B8DA-E34A-4B0E-B39D-D8A64E899396}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{2BCB806E-E323-449B-9E30-20E227346C37}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{30E75EFA-B3FD-487C-A544-E79C3CB84372}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{3B01AC79-C0E2-48D5-88B6-7EE7B09FE966}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{69D0AFFD-4BBA-40D1-A552-79CDF7DD9F5E}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{6A7B7015-38B7-419B-BDE5-3A5794ADEC07}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{6A9C76B8-DD12-419C-8ED3-C8704206E57F}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{6B99E822-C9B4-4499-AAC3-F0890DFF8D2C}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{70AEB7C4-B5F6-4658-B5C5-D7D0B7409F8B}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{9DC216E4-D545-496C-890E-5E9D348E382D}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{9F274858-D7D5-48A7-9DAF-07F130A5ACC1}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{A18E74A2-3D5D-4513-B4E5-D02AE935F43A}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{A72A60FB-C538-45FF-8392-7B8336550789}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{B6DAA3FD-E71A-4E1D-96FF-3422D2E5CEA0}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{B72F721C-7B3C-4EA5-9D11-CF32C45AE4A1}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{C118401C-3D83-4E8A-859A-6E97D729BCA8}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{D340DE48-B79F-4A03-B2A4-A7CBC7D94797}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{D97DFD62-0856-45AD-BC1F-9C0F3DD5AD45}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{E756D372-D676-41D1-80C9-8790191D8DA8}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{E7BD6546-7544-45D0-AC29-B3F6105FAF7E}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{E8C1FF24-072A-48FF-AADB-2F6A5198BC37}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{ED706520-7CD0-4AF7-B1D0-7268C11D41A2}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{FF1FB27B-48A9-4298-82AE-99A0E4474B65}
Successfully deleted: [Empty Folder] C:\Users\Racocha\appdata\local\{FF33808E-472A-44D8-841A-A60DA333C9E2}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 02.04.2013 at 14:35:24,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Usmívej se, bude hůř!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
Neponahlat sa a treba citat navod.v Rogue Killer treba pouzit tak ako je
Prehledat, potom Zmazat, Potom OPRAVAHOST, OPRAVA DNS, a zadat tie prikazy co som napisal a restart, takze znova spust ROGUEKILLER a logy vloz sem
Prehledat, potom Zmazat, Potom OPRAVAHOST, OPRAVA DNS, a zadat tie prikazy co som napisal a restart, takze znova spust ROGUEKILLER a logy vloz sem
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: blokované centrum akcí, nejde internet
omlouvam sepo provedeni inet krome domovske stranky nejede.
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Racocha [Práva správce]
Mód : Odebrat -- Datum : 04/02/2013 14:54:15
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3500413AS ATA Device +++++
--- User ---
[MBR] a939a282e4aa674f11b8d97512d9cff9
[BSP] 468451aed439625e28d6b40723cbdd71 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12342 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25358336 | Size: 464557 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[5]_D_04022013_02d1454.txt >>
RKreport[1]_S_04022013_02d1430.txt ; RKreport[2]_H_04022013_02d1430.txt ; RKreport[3]_DN_04022013_02d1431.txt ; RKreport[4]_S_04022013_02d1453.txt ; RKreport[5]_D_04022013_02d1454.txt
Usmívej se, bude hůř!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
1:Ok, stiahni a spust TDSSKILLER, klikni na change parameters a zafajkni Detect TDLFS file system
a klikni na scan ,,po scane klikni na REPORT
Log vloz sem
http://www.viruskasino.com/2010/12/odst ... kitov.html
2:Spust Combofix a daj sem novy log.
a klikni na scan ,,po scane klikni na REPORT
Log vloz sem
http://www.viruskasino.com/2010/12/odst ... kitov.html
2:Spust Combofix a daj sem novy log.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: blokované centrum akcí, nejde internet
15:09:37.0244 3052 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:09:37.0353 3052 ============================================================
15:09:37.0353 3052 Current date / time: 2013/04/02 15:09:37.0353
15:09:37.0353 3052 SystemInfo:
15:09:37.0353 3052
15:09:37.0353 3052 OS Version: 6.1.7601 ServicePack: 1.0
15:09:37.0353 3052 Product type: Workstation
15:09:37.0353 3052 ComputerName: RACOCHA-PC
15:09:37.0353 3052 UserName: Racocha
15:09:37.0353 3052 Windows directory: C:\Windows
15:09:37.0353 3052 System windows directory: C:\Windows
15:09:37.0353 3052 Running under WOW64
15:09:37.0353 3052 Processor architecture: Intel x64
15:09:37.0353 3052 Number of processors: 4
15:09:37.0353 3052 Page size: 0x1000
15:09:37.0353 3052 Boot type: Normal boot
15:09:37.0353 3052 ============================================================
15:09:38.0804 3052 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:09:38.0820 3052 Drive \Device\Harddisk5\DR5 - Size: 0x1CDC7E800 (7.22 Gb), SectorSize: 0x200, Cylinders: 0x3AD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:09:38.0820 3052 ============================================================
15:09:38.0820 3052 \Device\Harddisk0\DR0:
15:09:38.0820 3052 MBR partitions:
15:09:38.0820 3052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x181B000
15:09:38.0820 3052 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x182F000, BlocksNum 0x38B56800
15:09:38.0820 3052 \Device\Harddisk5\DR5:
15:09:38.0820 3052 MBR partitions:
15:09:38.0820 3052 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xE6D800
15:09:38.0820 3052 ============================================================
15:09:38.0866 3052 C: <-> \Device\Harddisk0\DR0\Partition2
15:09:38.0866 3052 ============================================================
15:09:38.0866 3052 Initialize success
15:09:38.0866 3052 ============================================================
15:09:50.0130 0324 ============================================================
15:09:50.0130 0324 Scan started
15:09:50.0130 0324 Mode: Manual; TDLFS;
15:09:50.0130 0324 ============================================================
15:09:50.0426 0324 ================ Scan system memory ========================
15:09:50.0426 0324 System memory - ok
15:09:50.0426 0324 ================ Scan services =============================
15:09:50.0520 0324 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:09:50.0535 0324 1394ohci - ok
15:09:50.0551 0324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:09:50.0551 0324 ACPI - ok
15:09:50.0566 0324 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:09:50.0566 0324 AcpiPmi - ok
15:09:50.0629 0324 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:50.0629 0324 AdobeARMservice - ok
15:09:50.0722 0324 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:09:50.0722 0324 AdobeFlashPlayerUpdateSvc - ok
15:09:50.0754 0324 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:09:50.0769 0324 adp94xx - ok
15:09:50.0816 0324 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:09:50.0816 0324 adpahci - ok
15:09:50.0832 0324 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:09:50.0832 0324 adpu320 - ok
15:09:50.0847 0324 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:09:50.0878 0324 AeLookupSvc - ok
15:09:50.0910 0324 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:09:50.0925 0324 AFD - ok
15:09:50.0941 0324 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:09:50.0941 0324 agp440 - ok
15:09:50.0956 0324 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:09:50.0972 0324 ALG - ok
15:09:50.0988 0324 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:09:50.0988 0324 aliide - ok
15:09:51.0019 0324 [ 5EC60409BD50953BD4F892B18840039E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:09:51.0050 0324 AMD External Events Utility - ok
15:09:51.0066 0324 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:09:51.0066 0324 amdide - ok
15:09:51.0097 0324 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:09:51.0097 0324 AmdK8 - ok
15:09:51.0253 0324 [ 322E5C178990F116F00E3D923F4E6B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:09:51.0424 0324 amdkmdag - ok
15:09:51.0456 0324 [ 961A81A84FDD700E361E8294528A37BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:09:51.0471 0324 amdkmdap - ok
15:09:51.0487 0324 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:09:51.0487 0324 AmdPPM - ok
15:09:51.0518 0324 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:09:51.0518 0324 amdsata - ok
15:09:51.0549 0324 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:09:51.0549 0324 amdsbs - ok
15:09:51.0565 0324 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:09:51.0565 0324 amdxata - ok
15:09:51.0643 0324 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
15:09:51.0658 0324 AppHostSvc - ok
15:09:51.0690 0324 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:09:51.0705 0324 AppID - ok
15:09:51.0705 0324 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:09:51.0721 0324 AppIDSvc - ok
15:09:51.0736 0324 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:09:51.0736 0324 Appinfo - ok
15:09:51.0752 0324 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:09:51.0768 0324 AppMgmt - ok
15:09:51.0783 0324 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:09:51.0783 0324 arc - ok
15:09:51.0799 0324 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:09:51.0799 0324 arcsas - ok
15:09:51.0861 0324 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:09:51.0861 0324 aspnet_state - ok
15:09:51.0877 0324 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:09:51.0892 0324 AsyncMac - ok
15:09:51.0908 0324 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:09:51.0908 0324 atapi - ok
15:09:51.0939 0324 [ 230CF51113CD4B830B3BFD09B0D4C066 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:09:51.0955 0324 AtiHDAudioService - ok
15:09:51.0986 0324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:09:52.0017 0324 AudioEndpointBuilder - ok
15:09:52.0017 0324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:09:52.0017 0324 AudioSrv - ok
15:09:52.0048 0324 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:09:52.0080 0324 AxInstSV - ok
15:09:52.0095 0324 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:09:52.0111 0324 b06bdrv - ok
15:09:52.0142 0324 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:09:52.0158 0324 b57nd60a - ok
15:09:52.0173 0324 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:09:52.0204 0324 BDESVC - ok
15:09:52.0220 0324 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:09:52.0220 0324 Beep - ok
15:09:52.0236 0324 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:09:52.0251 0324 BFE - ok
15:09:52.0282 0324 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:09:52.0298 0324 BITS - ok
15:09:52.0314 0324 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:09:52.0329 0324 blbdrive - ok
15:09:52.0345 0324 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:09:52.0360 0324 bowser - ok
15:09:52.0376 0324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:09:52.0392 0324 BrFiltLo - ok
15:09:52.0407 0324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:09:52.0407 0324 BrFiltUp - ok
15:09:52.0454 0324 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:09:52.0470 0324 BridgeMP - ok
15:09:52.0485 0324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:09:52.0516 0324 Browser - ok
15:09:52.0532 0324 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:09:52.0579 0324 Brserid - ok
15:09:52.0657 0324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:09:52.0704 0324 BrSerWdm - ok
15:09:52.0750 0324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:09:52.0750 0324 BrUsbMdm - ok
15:09:52.0766 0324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:09:52.0766 0324 BrUsbSer - ok
15:09:52.0782 0324 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:09:52.0797 0324 BTHMODEM - ok
15:09:52.0828 0324 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:09:52.0844 0324 bthserv - ok
15:09:52.0875 0324 catchme - ok
15:09:52.0891 0324 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:09:52.0906 0324 cdfs - ok
15:09:52.0922 0324 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:09:52.0938 0324 cdrom - ok
15:09:52.0953 0324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:09:52.0969 0324 CertPropSvc - ok
15:09:52.0984 0324 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:09:52.0984 0324 circlass - ok
15:09:53.0016 0324 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:09:53.0016 0324 CLFS - ok
15:09:53.0062 0324 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:09:53.0062 0324 clr_optimization_v2.0.50727_32 - ok
15:09:53.0094 0324 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:09:53.0094 0324 clr_optimization_v2.0.50727_64 - ok
15:09:53.0140 0324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:09:53.0140 0324 clr_optimization_v4.0.30319_32 - ok
15:09:53.0156 0324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:09:53.0156 0324 clr_optimization_v4.0.30319_64 - ok
15:09:53.0187 0324 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:09:53.0203 0324 CmBatt - ok
15:09:53.0203 0324 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:09:53.0203 0324 cmdide - ok
15:09:53.0250 0324 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:09:53.0265 0324 CNG - ok
15:09:53.0296 0324 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:09:53.0312 0324 CnxtHdAudService - ok
15:09:53.0343 0324 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:09:53.0343 0324 Compbatt - ok
15:09:53.0359 0324 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:09:53.0359 0324 CompositeBus - ok
15:09:53.0374 0324 COMSysApp - ok
15:09:53.0390 0324 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:09:53.0390 0324 crcdisk - ok
15:09:53.0421 0324 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:09:53.0452 0324 CryptSvc - ok
15:09:53.0468 0324 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:09:53.0484 0324 CSC - ok
15:09:53.0515 0324 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:09:53.0546 0324 CscService - ok
15:09:53.0608 0324 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:09:53.0608 0324 cvhsvc - ok
15:09:53.0655 0324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:09:53.0655 0324 DcomLaunch - ok
15:09:53.0686 0324 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:09:53.0718 0324 defragsvc - ok
15:09:53.0749 0324 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:09:53.0764 0324 DfsC - ok
15:09:53.0796 0324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:09:53.0811 0324 Dhcp - ok
15:09:53.0811 0324 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:09:53.0827 0324 discache - ok
15:09:53.0842 0324 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:09:53.0842 0324 Disk - ok
15:09:53.0858 0324 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:09:53.0858 0324 dmvsc - ok
15:09:53.0889 0324 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:09:53.0920 0324 Dnscache - ok
15:09:53.0936 0324 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:09:53.0952 0324 dot3svc - ok
15:09:53.0967 0324 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:09:53.0983 0324 DPS - ok
15:09:53.0998 0324 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:09:53.0998 0324 drmkaud - ok
15:09:54.0030 0324 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:09:54.0030 0324 DXGKrnl - ok
15:09:54.0045 0324 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:09:54.0061 0324 EapHost - ok
15:09:54.0108 0324 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:09:54.0170 0324 ebdrv - ok
15:09:54.0201 0324 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:09:54.0217 0324 EFS - ok
15:09:54.0248 0324 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:09:54.0295 0324 ehRecvr - ok
15:09:54.0310 0324 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:09:54.0326 0324 ehSched - ok
15:09:54.0342 0324 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:09:54.0357 0324 elxstor - ok
15:09:54.0373 0324 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:09:54.0373 0324 ErrDev - ok
15:09:54.0404 0324 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:09:54.0404 0324 EventSystem - ok
15:09:54.0420 0324 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:09:54.0435 0324 exfat - ok
15:09:54.0451 0324 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:09:54.0451 0324 fastfat - ok
15:09:54.0466 0324 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:09:54.0482 0324 Fax - ok
15:09:54.0498 0324 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:09:54.0498 0324 fdc - ok
15:09:54.0513 0324 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:09:54.0529 0324 fdPHost - ok
15:09:54.0529 0324 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:09:54.0544 0324 FDResPub - ok
15:09:54.0560 0324 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:09:54.0560 0324 FileInfo - ok
15:09:54.0560 0324 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:09:54.0576 0324 Filetrace - ok
15:09:54.0591 0324 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:09:54.0591 0324 flpydisk - ok
15:09:54.0607 0324 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:09:54.0607 0324 FltMgr - ok
15:09:54.0654 0324 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:09:54.0700 0324 FontCache - ok
15:09:54.0747 0324 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:09:54.0763 0324 FontCache3.0.0.0 - ok
15:09:54.0778 0324 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:09:54.0778 0324 FsDepends - ok
15:09:54.0810 0324 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:09:54.0810 0324 Fs_Rec - ok
15:09:54.0825 0324 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:09:54.0825 0324 fvevol - ok
15:09:54.0841 0324 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:09:54.0841 0324 gagp30kx - ok
15:09:54.0872 0324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:09:54.0919 0324 gpsvc - ok
15:09:54.0966 0324 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:09:54.0981 0324 gusvc - ok
15:09:54.0981 0324 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:09:54.0997 0324 hcw85cir - ok
15:09:55.0028 0324 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:09:55.0044 0324 HdAudAddService - ok
15:09:55.0059 0324 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:09:55.0059 0324 HDAudBus - ok
15:09:55.0075 0324 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:09:55.0090 0324 HidBatt - ok
15:09:55.0090 0324 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:09:55.0106 0324 HidBth - ok
15:09:55.0137 0324 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:09:55.0153 0324 HidIr - ok
15:09:55.0168 0324 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:09:55.0184 0324 hidserv - ok
15:09:55.0231 0324 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:09:55.0246 0324 HidUsb - ok
15:09:55.0278 0324 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:09:55.0309 0324 hkmsvc - ok
15:09:55.0324 0324 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:09:55.0356 0324 HomeGroupListener - ok
15:09:55.0387 0324 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:09:55.0387 0324 HomeGroupProvider - ok
15:09:55.0387 0324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:09:55.0387 0324 HpSAMD - ok
15:09:55.0418 0324 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:09:55.0434 0324 HTTP - ok
15:09:55.0465 0324 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:09:55.0465 0324 hwpolicy - ok
15:09:55.0480 0324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:09:55.0496 0324 i8042prt - ok
15:09:55.0543 0324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:09:55.0543 0324 iaStorV - ok
15:09:55.0574 0324 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:09:55.0590 0324 idsvc - ok
15:09:55.0605 0324 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:09:55.0605 0324 iirsp - ok
15:09:55.0636 0324 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:09:55.0668 0324 IKEEXT - ok
15:09:55.0683 0324 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:09:55.0683 0324 intelide - ok
15:09:55.0699 0324 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:09:55.0699 0324 intelppm - ok
15:09:55.0714 0324 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:09:55.0746 0324 IPBusEnum - ok
15:09:55.0761 0324 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:55.0777 0324 IpFilterDriver - ok
15:09:55.0808 0324 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:09:55.0839 0324 iphlpsvc - ok
15:09:55.0839 0324 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:09:55.0855 0324 IPMIDRV - ok
15:09:55.0870 0324 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:09:55.0870 0324 IPNAT - ok
15:09:55.0886 0324 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:09:55.0902 0324 IRENUM - ok
15:09:55.0917 0324 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:09:55.0917 0324 isapnp - ok
15:09:55.0917 0324 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:09:55.0917 0324 iScsiPrt - ok
15:09:55.0933 0324 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:09:55.0933 0324 kbdclass - ok
15:09:55.0948 0324 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:09:55.0964 0324 kbdhid - ok
15:09:55.0980 0324 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:09:55.0980 0324 KeyIso - ok
15:09:56.0011 0324 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:09:56.0011 0324 KSecDD - ok
15:09:56.0042 0324 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:09:56.0042 0324 KSecPkg - ok
15:09:56.0042 0324 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:09:56.0058 0324 ksthunk - ok
15:09:56.0073 0324 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:09:56.0104 0324 KtmRm - ok
15:09:56.0136 0324 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:09:56.0167 0324 LanmanServer - ok
15:09:56.0182 0324 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:09:56.0198 0324 LanmanWorkstation - ok
15:09:56.0214 0324 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:09:56.0229 0324 lltdio - ok
15:09:56.0245 0324 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:09:56.0260 0324 lltdsvc - ok
15:09:56.0292 0324 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:09:56.0292 0324 lmhosts - ok
15:09:56.0323 0324 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:09:56.0323 0324 LSI_FC - ok
15:09:56.0323 0324 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:09:56.0338 0324 LSI_SAS - ok
15:09:56.0338 0324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:09:56.0354 0324 LSI_SAS2 - ok
15:09:56.0370 0324 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:09:56.0370 0324 LSI_SCSI - ok
15:09:56.0385 0324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:09:56.0401 0324 luafv - ok
15:09:56.0416 0324 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:09:56.0432 0324 Mcx2Svc - ok
15:09:56.0448 0324 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:09:56.0448 0324 megasas - ok
15:09:56.0479 0324 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:09:56.0479 0324 MegaSR - ok
15:09:56.0510 0324 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:09:56.0510 0324 MEIx64 - ok
15:09:56.0541 0324 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:09:56.0557 0324 MMCSS - ok
15:09:56.0572 0324 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:09:56.0572 0324 Modem - ok
15:09:56.0604 0324 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:09:56.0604 0324 monitor - ok
15:09:56.0619 0324 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:09:56.0619 0324 mouclass - ok
15:09:56.0635 0324 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:09:56.0650 0324 mouhid - ok
15:09:56.0666 0324 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:09:56.0666 0324 mountmgr - ok
15:09:56.0728 0324 [ 2024F4CC36D1954ECD00C07C3BCE6BE3 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:09:56.0728 0324 MozillaMaintenance - ok
15:09:56.0775 0324 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:09:56.0775 0324 MpFilter - ok
15:09:56.0775 0324 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:09:56.0791 0324 mpio - ok
15:09:56.0791 0324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:09:56.0806 0324 mpsdrv - ok
15:09:56.0822 0324 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:09:56.0853 0324 MpsSvc - ok
15:09:56.0853 0324 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:09:56.0869 0324 MRxDAV - ok
15:09:56.0884 0324 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:56.0916 0324 mrxsmb - ok
15:09:56.0931 0324 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:56.0931 0324 mrxsmb10 - ok
15:09:56.0947 0324 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:56.0962 0324 mrxsmb20 - ok
15:09:56.0978 0324 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:09:56.0978 0324 msahci - ok
15:09:56.0994 0324 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:09:56.0994 0324 msdsm - ok
15:09:56.0994 0324 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:09:57.0025 0324 MSDTC - ok
15:09:57.0040 0324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:09:57.0040 0324 Msfs - ok
15:09:57.0072 0324 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:09:57.0072 0324 mshidkmdf - ok
15:09:57.0072 0324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:09:57.0072 0324 msisadrv - ok
15:09:57.0103 0324 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:09:57.0118 0324 MSiSCSI - ok
15:09:57.0118 0324 msiserver - ok
15:09:57.0134 0324 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:09:57.0150 0324 MSKSSRV - ok
15:09:57.0212 0324 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:09:57.0212 0324 MsMpSvc - ok
15:09:57.0228 0324 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:57.0243 0324 MSPCLOCK - ok
15:09:57.0243 0324 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:09:57.0259 0324 MSPQM - ok
15:09:57.0274 0324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:09:57.0274 0324 MsRPC - ok
15:09:57.0274 0324 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:09:57.0290 0324 mssmbios - ok
15:09:57.0290 0324 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:09:57.0290 0324 MSTEE - ok
15:09:57.0306 0324 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:09:57.0306 0324 MTConfig - ok
15:09:57.0321 0324 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:09:57.0321 0324 Mup - ok
15:09:57.0352 0324 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:09:57.0352 0324 napagent - ok
15:09:57.0384 0324 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:09:57.0399 0324 NativeWifiP - ok
15:09:57.0415 0324 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:09:57.0430 0324 NDIS - ok
15:09:57.0446 0324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:57.0446 0324 NdisCap - ok
15:09:57.0462 0324 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:57.0477 0324 NdisTapi - ok
15:09:57.0493 0324 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:57.0493 0324 Ndisuio - ok
15:09:57.0508 0324 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:57.0524 0324 NdisWan - ok
15:09:57.0524 0324 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:09:57.0540 0324 NDProxy - ok
15:09:57.0540 0324 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:09:57.0555 0324 NetBIOS - ok
15:09:57.0555 0324 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:09:57.0571 0324 NetBT - ok
15:09:57.0586 0324 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:09:57.0586 0324 Netlogon - ok
15:09:57.0618 0324 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:09:57.0618 0324 Netman - ok
15:09:57.0649 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0649 0324 NetMsmqActivator - ok
15:09:57.0649 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0649 0324 NetPipeActivator - ok
15:09:57.0664 0324 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:09:57.0664 0324 netprofm - ok
15:09:57.0664 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0680 0324 NetTcpActivator - ok
15:09:57.0680 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0680 0324 NetTcpPortSharing - ok
15:09:57.0696 0324 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:09:57.0696 0324 nfrd960 - ok
15:09:57.0711 0324 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:09:57.0711 0324 NisDrv - ok
15:09:57.0789 0324 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:09:57.0805 0324 NisSrv - ok
15:09:57.0836 0324 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:09:57.0852 0324 NlaSvc - ok
15:09:57.0867 0324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:09:57.0867 0324 Npfs - ok
15:09:57.0883 0324 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:09:57.0898 0324 nsi - ok
15:09:57.0914 0324 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:09:57.0914 0324 nsiproxy - ok
15:09:57.0961 0324 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:09:57.0992 0324 Ntfs - ok
15:09:58.0008 0324 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:09:58.0023 0324 Null - ok
15:09:58.0070 0324 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:09:58.0070 0324 NVHDA - ok
15:09:58.0273 0324 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:09:58.0320 0324 nvlddmkm - ok
15:09:58.0335 0324 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:09:58.0335 0324 nvraid - ok
15:09:58.0366 0324 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:09:58.0366 0324 nvstor - ok
15:09:58.0413 0324 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
15:09:58.0413 0324 nvsvc - ok
15:09:58.0491 0324 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:09:58.0507 0324 nvUpdatusService - ok
15:09:58.0522 0324 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:09:58.0522 0324 nv_agp - ok
15:09:58.0538 0324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:09:58.0554 0324 ohci1394 - ok
15:09:58.0569 0324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:09:58.0569 0324 ose - ok
15:09:58.0678 0324 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:09:58.0725 0324 osppsvc - ok
15:09:58.0756 0324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:09:58.0772 0324 p2pimsvc - ok
15:09:58.0788 0324 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:09:58.0803 0324 p2psvc - ok
15:09:58.0819 0324 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:09:58.0819 0324 Parport - ok
15:09:58.0850 0324 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:09:58.0850 0324 partmgr - ok
15:09:58.0850 0324 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:09:58.0866 0324 PcaSvc - ok
15:09:58.0881 0324 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:09:58.0881 0324 pci - ok
15:09:58.0897 0324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:09:58.0897 0324 pciide - ok
15:09:58.0912 0324 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:09:58.0912 0324 pcmcia - ok
15:09:58.0928 0324 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:09:58.0928 0324 pcw - ok
15:09:58.0959 0324 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:09:58.0975 0324 PEAUTH - ok
15:09:59.0022 0324 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:09:59.0068 0324 PeerDistSvc - ok
15:09:59.0115 0324 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:09:59.0146 0324 PerfHost - ok
15:09:59.0178 0324 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:09:59.0209 0324 pla - ok
15:09:59.0240 0324 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:09:59.0271 0324 PlugPlay - ok
15:09:59.0271 0324 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:09:59.0287 0324 PNRPAutoReg - ok
15:09:59.0302 0324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:09:59.0302 0324 PNRPsvc - ok
15:09:59.0318 0324 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:09:59.0318 0324 PolicyAgent - ok
15:09:59.0349 0324 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:09:59.0349 0324 Power - ok
15:09:59.0380 0324 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:09:59.0380 0324 PptpMiniport - ok
15:09:59.0396 0324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:09:59.0396 0324 Processor - ok
15:09:59.0427 0324 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:09:59.0443 0324 ProfSvc - ok
15:09:59.0443 0324 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:09:59.0458 0324 ProtectedStorage - ok
15:09:59.0474 0324 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:09:59.0474 0324 Psched - ok
15:09:59.0505 0324 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:09:59.0505 0324 PxHlpa64 - ok
15:09:59.0552 0324 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:09:59.0568 0324 ql2300 - ok
15:09:59.0599 0324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:09:59.0599 0324 ql40xx - ok
15:09:59.0614 0324 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:09:59.0646 0324 QWAVE - ok
15:09:59.0661 0324 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:09:59.0677 0324 QWAVEdrv - ok
15:09:59.0692 0324 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:09:59.0692 0324 RasAcd - ok
15:09:59.0708 0324 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:09:59.0708 0324 RasAgileVpn - ok
15:09:59.0724 0324 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:09:59.0724 0324 RasAuto - ok
15:09:59.0739 0324 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:09:59.0755 0324 Rasl2tp - ok
15:09:59.0755 0324 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:09:59.0770 0324 RasMan - ok
15:09:59.0786 0324 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:59.0802 0324 RasPppoe - ok
15:09:59.0802 0324 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:09:59.0817 0324 RasSstp - ok
15:09:59.0833 0324 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:09:59.0833 0324 rdbss - ok
15:09:59.0848 0324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:09:59.0848 0324 rdpbus - ok
15:09:59.0880 0324 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:09:59.0880 0324 RDPCDD - ok
15:09:59.0895 0324 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:09:59.0911 0324 RDPDR - ok
15:09:59.0926 0324 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:09:59.0926 0324 RDPENCDD - ok
15:09:59.0926 0324 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:09:59.0942 0324 RDPREFMP - ok
15:09:59.0973 0324 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:59.0989 0324 RdpVideoMiniport - ok
15:10:00.0004 0324 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:10:00.0036 0324 RDPWD - ok
15:10:00.0067 0324 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:10:00.0067 0324 rdyboost - ok
15:10:00.0082 0324 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:10:00.0098 0324 RemoteAccess - ok
15:10:00.0129 0324 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:10:00.0145 0324 RemoteRegistry - ok
15:10:00.0207 0324 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:10:00.0238 0324 RoxMediaDB12OEM - ok
15:10:00.0254 0324 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:10:00.0254 0324 RoxWatch12 - ok
15:10:00.0254 0324 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:10:00.0270 0324 RpcEptMapper - ok
15:10:00.0285 0324 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:10:00.0301 0324 RpcLocator - ok
15:10:00.0316 0324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:10:00.0316 0324 RpcSs - ok
15:10:00.0348 0324 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:10:00.0363 0324 rspndr - ok
15:10:00.0394 0324 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:10:00.0394 0324 RTL8167 - ok
15:10:00.0410 0324 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:10:00.0426 0324 s3cap - ok
15:10:00.0441 0324 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:10:00.0441 0324 SamSs - ok
15:10:00.0457 0324 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:10:00.0457 0324 sbp2port - ok
15:10:00.0472 0324 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:10:00.0504 0324 SCardSvr - ok
15:10:00.0519 0324 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:10:00.0519 0324 scfilter - ok
15:10:00.0535 0324 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:10:00.0582 0324 Schedule - ok
15:10:00.0597 0324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:10:00.0597 0324 SCPolicySvc - ok
15:10:00.0613 0324 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:10:00.0613 0324 SDRSVC - ok
15:10:00.0644 0324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:10:00.0660 0324 secdrv - ok
15:10:00.0660 0324 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:10:00.0675 0324 seclogon - ok
15:10:00.0691 0324 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:10:00.0691 0324 SENS - ok
15:10:00.0722 0324 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:10:00.0722 0324 SensrSvc - ok
15:10:00.0753 0324 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:10:00.0753 0324 Serenum - ok
15:10:00.0753 0324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:10:00.0769 0324 Serial - ok
15:10:00.0784 0324 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:10:00.0800 0324 sermouse - ok
15:10:00.0816 0324 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:10:00.0816 0324 SessionEnv - ok
15:10:00.0831 0324 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:10:00.0831 0324 sffdisk - ok
15:10:00.0847 0324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:10:00.0847 0324 sffp_mmc - ok
15:10:00.0862 0324 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:10:00.0862 0324 sffp_sd - ok
15:10:00.0878 0324 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:10:00.0894 0324 sfloppy - ok
15:10:00.0925 0324 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:10:00.0925 0324 Sftfs - ok
15:10:00.0972 0324 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:10:00.0972 0324 sftlist - ok
15:10:01.0003 0324 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:10:01.0003 0324 Sftplay - ok
15:10:01.0018 0324 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:10:01.0018 0324 Sftredir - ok
15:10:01.0034 0324 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:10:01.0034 0324 Sftvol - ok
15:10:01.0050 0324 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:10:01.0050 0324 sftvsa - ok
15:10:01.0065 0324 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:10:01.0081 0324 SharedAccess - ok
15:10:01.0112 0324 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:10:01.0143 0324 ShellHWDetection - ok
15:10:01.0143 0324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:10:01.0159 0324 SiSRaid2 - ok
15:10:01.0159 0324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:10:01.0174 0324 SiSRaid4 - ok
15:10:01.0190 0324 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:10:01.0206 0324 Smb - ok
15:10:01.0221 0324 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:10:01.0237 0324 SNMPTRAP - ok
15:10:01.0237 0324 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:10:01.0237 0324 spldr - ok
15:10:01.0268 0324 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:10:01.0299 0324 Spooler - ok
15:10:01.0346 0324 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:10:01.0393 0324 sppsvc - ok
15:10:01.0408 0324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:10:01.0408 0324 sppuinotify - ok
15:10:01.0440 0324 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:10:01.0455 0324 srv - ok
15:10:01.0471 0324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:10:01.0471 0324 srv2 - ok
15:10:01.0486 0324 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:10:01.0502 0324 srvnet - ok
15:10:01.0518 0324 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:10:01.0518 0324 SSDPSRV - ok
15:10:01.0533 0324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:10:01.0533 0324 SstpSvc - ok
15:10:01.0596 0324 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:10:01.0596 0324 Stereo Service - ok
15:10:01.0611 0324 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:10:01.0627 0324 stexstor - ok
15:10:01.0658 0324 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:10:01.0689 0324 stisvc - ok
15:10:01.0720 0324 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:10:01.0736 0324 stllssvr - ok
15:10:01.0752 0324 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:10:01.0752 0324 storflt - ok
15:10:01.0767 0324 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:10:01.0783 0324 StorSvc - ok
15:10:01.0798 0324 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:10:01.0798 0324 storvsc - ok
15:10:01.0798 0324 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:10:01.0798 0324 swenum - ok
15:10:01.0814 0324 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:10:01.0830 0324 swprv - ok
15:10:01.0876 0324 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:10:01.0923 0324 SysMain - ok
15:10:01.0939 0324 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:10:01.0970 0324 TabletInputService - ok
15:10:01.0986 0324 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:10:02.0001 0324 TapiSrv - ok
15:10:02.0001 0324 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:10:02.0017 0324 TBS - ok
15:10:02.0079 0324 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:10:02.0110 0324 Tcpip - ok
15:10:02.0157 0324 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:10:02.0173 0324 TCPIP6 - ok
15:10:02.0188 0324 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:10:02.0204 0324 tcpipreg - ok
15:10:02.0220 0324 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:10:02.0220 0324 TDPIPE - ok
15:10:02.0235 0324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:10:02.0251 0324 TDTCP - ok
15:10:02.0266 0324 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:10:02.0282 0324 tdx - ok
15:10:02.0298 0324 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:10:02.0298 0324 TermDD - ok
15:10:02.0329 0324 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:10:02.0360 0324 TermService - ok
15:10:02.0376 0324 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:10:02.0407 0324 Themes - ok
15:10:02.0407 0324 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:10:02.0422 0324 THREADORDER - ok
15:10:02.0422 0324 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:10:02.0438 0324 TrkWks - ok
15:10:02.0469 0324 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:10:02.0485 0324 TrustedInstaller - ok
15:10:02.0500 0324 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:10:02.0500 0324 tssecsrv - ok
15:10:02.0532 0324 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:10:02.0532 0324 TsUsbFlt - ok
15:10:02.0563 0324 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:10:02.0563 0324 TsUsbGD - ok
15:10:02.0578 0324 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:10:02.0610 0324 tunnel - ok
15:10:02.0610 0324 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:10:02.0610 0324 uagp35 - ok
15:10:02.0625 0324 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:10:02.0641 0324 udfs - ok
15:10:02.0656 0324 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:10:02.0672 0324 UI0Detect - ok
15:10:02.0688 0324 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:10:02.0688 0324 uliagpkx - ok
15:10:02.0703 0324 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:10:02.0703 0324 umbus - ok
15:10:02.0719 0324 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:10:02.0719 0324 UmPass - ok
15:10:02.0734 0324 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:10:02.0750 0324 UmRdpService - ok
15:10:02.0766 0324 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:10:02.0766 0324 upnphost - ok
15:10:02.0781 0324 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:02.0797 0324 usbccgp - ok
15:10:02.0797 0324 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:10:02.0812 0324 usbcir - ok
15:10:02.0812 0324 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:10:02.0828 0324 usbehci - ok
15:10:02.0859 0324 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:10:02.0875 0324 usbhub - ok
15:10:02.0875 0324 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:10:02.0890 0324 usbohci - ok
15:10:02.0906 0324 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:10:02.0906 0324 usbprint - ok
15:10:02.0922 0324 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:10:02.0922 0324 usbscan - ok
15:10:02.0937 0324 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:02.0953 0324 USBSTOR - ok
15:10:02.0953 0324 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:10:02.0968 0324 usbuhci - ok
15:10:02.0984 0324 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:10:03.0000 0324 UxSms - ok
15:10:03.0000 0324 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:10:03.0000 0324 VaultSvc - ok
15:10:03.0015 0324 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:10:03.0015 0324 vdrvroot - ok
15:10:03.0031 0324 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:10:03.0046 0324 vds - ok
15:10:03.0062 0324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:03.0078 0324 vga - ok
15:10:03.0078 0324 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:10:03.0093 0324 VgaSave - ok
15:10:03.0109 0324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:10:03.0109 0324 vhdmp - ok
15:10:03.0109 0324 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:10:03.0109 0324 viaide - ok
15:10:03.0124 0324 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:10:03.0124 0324 vmbus - ok
15:10:03.0140 0324 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:10:03.0156 0324 VMBusHID - ok
15:10:03.0171 0324 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:10:03.0171 0324 volmgr - ok
15:10:03.0187 0324 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:10:03.0187 0324 volmgrx - ok
15:10:03.0202 0324 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:10:03.0202 0324 volsnap - ok
15:10:03.0202 0324 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:10:03.0218 0324 vsmraid - ok
15:10:03.0265 0324 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:10:03.0312 0324 VSS - ok
15:10:03.0327 0324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:10:03.0343 0324 vwifibus - ok
15:10:03.0374 0324 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:10:03.0390 0324 W32Time - ok
15:10:03.0405 0324 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:10:03.0421 0324 WacomPen - ok
15:10:03.0436 0324 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0452 0324 WANARP - ok
15:10:03.0452 0324 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0452 0324 Wanarpv6 - ok
15:10:03.0514 0324 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
15:10:03.0546 0324 WAS - ok
15:10:03.0592 0324 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:10:03.0624 0324 WatAdminSvc - ok
15:10:03.0655 0324 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:10:03.0748 0324 wbengine - ok
15:10:03.0764 0324 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:10:03.0780 0324 WbioSrvc - ok
15:10:03.0795 0324 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:10:03.0811 0324 wcncsvc - ok
15:10:03.0811 0324 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:10:03.0826 0324 WcsPlugInService - ok
15:10:03.0842 0324 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:10:03.0842 0324 Wd - ok
15:10:03.0873 0324 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:10:03.0889 0324 Wdf01000 - ok
15:10:03.0904 0324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:10:03.0920 0324 WdiServiceHost - ok
15:10:03.0920 0324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:10:03.0920 0324 WdiSystemHost - ok
15:10:03.0936 0324 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:10:03.0951 0324 WebClient - ok
15:10:03.0967 0324 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:10:03.0982 0324 Wecsvc - ok
15:10:03.0998 0324 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:10:03.0998 0324 wercplsupport - ok
15:10:04.0014 0324 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:10:04.0029 0324 WerSvc - ok
15:10:04.0045 0324 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:10:04.0045 0324 WfpLwf - ok
15:10:04.0060 0324 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:10:04.0060 0324 WIMMount - ok
15:10:04.0076 0324 WinDefend - ok
15:10:04.0076 0324 WinHttpAutoProxySvc - ok
15:10:04.0123 0324 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:10:04.0138 0324 Winmgmt - ok
15:10:04.0185 0324 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:10:04.0232 0324 WinRM - ok
15:10:04.0248 0324 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:10:04.0263 0324 WinUsb - ok
15:10:04.0294 0324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:10:04.0326 0324 Wlansvc - ok
15:10:04.0357 0324 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:10:04.0357 0324 wlcrasvc - ok
15:10:04.0435 0324 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:10:04.0450 0324 wlidsvc - ok
15:10:04.0482 0324 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:10:04.0482 0324 WmiAcpi - ok
15:10:04.0497 0324 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:10:04.0513 0324 wmiApSrv - ok
15:10:04.0528 0324 WMPNetworkSvc - ok
15:10:04.0544 0324 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:10:04.0560 0324 WPCSvc - ok
15:10:04.0591 0324 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:10:04.0591 0324 WPDBusEnum - ok
15:10:04.0622 0324 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:10:04.0622 0324 ws2ifsl - ok
15:10:04.0622 0324 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:10:04.0638 0324 wscsvc - ok
15:10:04.0638 0324 WSearch - ok
15:10:04.0684 0324 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:10:04.0716 0324 wuauserv - ok
15:10:04.0747 0324 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:10:04.0747 0324 WudfPf - ok
15:10:04.0762 0324 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:04.0762 0324 WUDFRd - ok
15:10:04.0778 0324 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:10:04.0778 0324 wudfsvc - ok
15:10:04.0794 0324 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:10:04.0809 0324 WwanSvc - ok
15:10:04.0825 0324 ================ Scan global ===============================
15:10:04.0840 0324 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:10:04.0872 0324 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:10:04.0887 0324 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:10:04.0903 0324 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:10:04.0918 0324 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:10:04.0934 0324 [Global] - ok
15:10:04.0934 0324 ================ Scan MBR ==================================
15:10:04.0950 0324 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:10:05.0371 0324 \Device\Harddisk0\DR0 - ok
15:10:05.0371 0324 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk5\DR5
15:10:10.0706 0324 \Device\Harddisk5\DR5 - ok
15:10:10.0706 0324 ================ Scan VBR ==================================
15:10:10.0722 0324 [ 5001BF7BE71A0C96B1F8056A797C351D ] \Device\Harddisk0\DR0\Partition1
15:10:10.0722 0324 \Device\Harddisk0\DR0\Partition1 - ok
15:10:10.0737 0324 [ 3591860448DEAFBB0704FC164F695BB8 ] \Device\Harddisk0\DR0\Partition2
15:10:10.0737 0324 \Device\Harddisk0\DR0\Partition2 - ok
15:10:10.0737 0324 [ 71B6704593561EDB19772F984ED68990 ] \Device\Harddisk5\DR5\Partition1
15:10:10.0737 0324 \Device\Harddisk5\DR5\Partition1 - ok
15:10:10.0737 0324 ============================================================
15:10:10.0737 0324 Scan finished
15:10:10.0737 0324 ============================================================
15:10:10.0753 3612 Detected object count: 0
15:10:10.0753 3612 Actual detected object count: 0
15:09:37.0353 3052 ============================================================
15:09:37.0353 3052 Current date / time: 2013/04/02 15:09:37.0353
15:09:37.0353 3052 SystemInfo:
15:09:37.0353 3052
15:09:37.0353 3052 OS Version: 6.1.7601 ServicePack: 1.0
15:09:37.0353 3052 Product type: Workstation
15:09:37.0353 3052 ComputerName: RACOCHA-PC
15:09:37.0353 3052 UserName: Racocha
15:09:37.0353 3052 Windows directory: C:\Windows
15:09:37.0353 3052 System windows directory: C:\Windows
15:09:37.0353 3052 Running under WOW64
15:09:37.0353 3052 Processor architecture: Intel x64
15:09:37.0353 3052 Number of processors: 4
15:09:37.0353 3052 Page size: 0x1000
15:09:37.0353 3052 Boot type: Normal boot
15:09:37.0353 3052 ============================================================
15:09:38.0804 3052 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:09:38.0820 3052 Drive \Device\Harddisk5\DR5 - Size: 0x1CDC7E800 (7.22 Gb), SectorSize: 0x200, Cylinders: 0x3AD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:09:38.0820 3052 ============================================================
15:09:38.0820 3052 \Device\Harddisk0\DR0:
15:09:38.0820 3052 MBR partitions:
15:09:38.0820 3052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x181B000
15:09:38.0820 3052 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x182F000, BlocksNum 0x38B56800
15:09:38.0820 3052 \Device\Harddisk5\DR5:
15:09:38.0820 3052 MBR partitions:
15:09:38.0820 3052 \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xE6D800
15:09:38.0820 3052 ============================================================
15:09:38.0866 3052 C: <-> \Device\Harddisk0\DR0\Partition2
15:09:38.0866 3052 ============================================================
15:09:38.0866 3052 Initialize success
15:09:38.0866 3052 ============================================================
15:09:50.0130 0324 ============================================================
15:09:50.0130 0324 Scan started
15:09:50.0130 0324 Mode: Manual; TDLFS;
15:09:50.0130 0324 ============================================================
15:09:50.0426 0324 ================ Scan system memory ========================
15:09:50.0426 0324 System memory - ok
15:09:50.0426 0324 ================ Scan services =============================
15:09:50.0520 0324 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:09:50.0535 0324 1394ohci - ok
15:09:50.0551 0324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:09:50.0551 0324 ACPI - ok
15:09:50.0566 0324 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:09:50.0566 0324 AcpiPmi - ok
15:09:50.0629 0324 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:50.0629 0324 AdobeARMservice - ok
15:09:50.0722 0324 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:09:50.0722 0324 AdobeFlashPlayerUpdateSvc - ok
15:09:50.0754 0324 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:09:50.0769 0324 adp94xx - ok
15:09:50.0816 0324 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:09:50.0816 0324 adpahci - ok
15:09:50.0832 0324 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:09:50.0832 0324 adpu320 - ok
15:09:50.0847 0324 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:09:50.0878 0324 AeLookupSvc - ok
15:09:50.0910 0324 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:09:50.0925 0324 AFD - ok
15:09:50.0941 0324 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:09:50.0941 0324 agp440 - ok
15:09:50.0956 0324 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:09:50.0972 0324 ALG - ok
15:09:50.0988 0324 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:09:50.0988 0324 aliide - ok
15:09:51.0019 0324 [ 5EC60409BD50953BD4F892B18840039E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:09:51.0050 0324 AMD External Events Utility - ok
15:09:51.0066 0324 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:09:51.0066 0324 amdide - ok
15:09:51.0097 0324 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:09:51.0097 0324 AmdK8 - ok
15:09:51.0253 0324 [ 322E5C178990F116F00E3D923F4E6B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:09:51.0424 0324 amdkmdag - ok
15:09:51.0456 0324 [ 961A81A84FDD700E361E8294528A37BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:09:51.0471 0324 amdkmdap - ok
15:09:51.0487 0324 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:09:51.0487 0324 AmdPPM - ok
15:09:51.0518 0324 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:09:51.0518 0324 amdsata - ok
15:09:51.0549 0324 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:09:51.0549 0324 amdsbs - ok
15:09:51.0565 0324 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:09:51.0565 0324 amdxata - ok
15:09:51.0643 0324 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
15:09:51.0658 0324 AppHostSvc - ok
15:09:51.0690 0324 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:09:51.0705 0324 AppID - ok
15:09:51.0705 0324 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:09:51.0721 0324 AppIDSvc - ok
15:09:51.0736 0324 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:09:51.0736 0324 Appinfo - ok
15:09:51.0752 0324 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:09:51.0768 0324 AppMgmt - ok
15:09:51.0783 0324 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:09:51.0783 0324 arc - ok
15:09:51.0799 0324 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:09:51.0799 0324 arcsas - ok
15:09:51.0861 0324 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:09:51.0861 0324 aspnet_state - ok
15:09:51.0877 0324 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:09:51.0892 0324 AsyncMac - ok
15:09:51.0908 0324 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:09:51.0908 0324 atapi - ok
15:09:51.0939 0324 [ 230CF51113CD4B830B3BFD09B0D4C066 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:09:51.0955 0324 AtiHDAudioService - ok
15:09:51.0986 0324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:09:52.0017 0324 AudioEndpointBuilder - ok
15:09:52.0017 0324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:09:52.0017 0324 AudioSrv - ok
15:09:52.0048 0324 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:09:52.0080 0324 AxInstSV - ok
15:09:52.0095 0324 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:09:52.0111 0324 b06bdrv - ok
15:09:52.0142 0324 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:09:52.0158 0324 b57nd60a - ok
15:09:52.0173 0324 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:09:52.0204 0324 BDESVC - ok
15:09:52.0220 0324 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:09:52.0220 0324 Beep - ok
15:09:52.0236 0324 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:09:52.0251 0324 BFE - ok
15:09:52.0282 0324 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:09:52.0298 0324 BITS - ok
15:09:52.0314 0324 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:09:52.0329 0324 blbdrive - ok
15:09:52.0345 0324 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:09:52.0360 0324 bowser - ok
15:09:52.0376 0324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:09:52.0392 0324 BrFiltLo - ok
15:09:52.0407 0324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:09:52.0407 0324 BrFiltUp - ok
15:09:52.0454 0324 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:09:52.0470 0324 BridgeMP - ok
15:09:52.0485 0324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:09:52.0516 0324 Browser - ok
15:09:52.0532 0324 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:09:52.0579 0324 Brserid - ok
15:09:52.0657 0324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:09:52.0704 0324 BrSerWdm - ok
15:09:52.0750 0324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:09:52.0750 0324 BrUsbMdm - ok
15:09:52.0766 0324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:09:52.0766 0324 BrUsbSer - ok
15:09:52.0782 0324 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:09:52.0797 0324 BTHMODEM - ok
15:09:52.0828 0324 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:09:52.0844 0324 bthserv - ok
15:09:52.0875 0324 catchme - ok
15:09:52.0891 0324 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:09:52.0906 0324 cdfs - ok
15:09:52.0922 0324 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:09:52.0938 0324 cdrom - ok
15:09:52.0953 0324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:09:52.0969 0324 CertPropSvc - ok
15:09:52.0984 0324 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:09:52.0984 0324 circlass - ok
15:09:53.0016 0324 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:09:53.0016 0324 CLFS - ok
15:09:53.0062 0324 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:09:53.0062 0324 clr_optimization_v2.0.50727_32 - ok
15:09:53.0094 0324 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:09:53.0094 0324 clr_optimization_v2.0.50727_64 - ok
15:09:53.0140 0324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:09:53.0140 0324 clr_optimization_v4.0.30319_32 - ok
15:09:53.0156 0324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:09:53.0156 0324 clr_optimization_v4.0.30319_64 - ok
15:09:53.0187 0324 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:09:53.0203 0324 CmBatt - ok
15:09:53.0203 0324 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:09:53.0203 0324 cmdide - ok
15:09:53.0250 0324 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:09:53.0265 0324 CNG - ok
15:09:53.0296 0324 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:09:53.0312 0324 CnxtHdAudService - ok
15:09:53.0343 0324 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:09:53.0343 0324 Compbatt - ok
15:09:53.0359 0324 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:09:53.0359 0324 CompositeBus - ok
15:09:53.0374 0324 COMSysApp - ok
15:09:53.0390 0324 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:09:53.0390 0324 crcdisk - ok
15:09:53.0421 0324 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:09:53.0452 0324 CryptSvc - ok
15:09:53.0468 0324 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:09:53.0484 0324 CSC - ok
15:09:53.0515 0324 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:09:53.0546 0324 CscService - ok
15:09:53.0608 0324 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:09:53.0608 0324 cvhsvc - ok
15:09:53.0655 0324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:09:53.0655 0324 DcomLaunch - ok
15:09:53.0686 0324 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:09:53.0718 0324 defragsvc - ok
15:09:53.0749 0324 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:09:53.0764 0324 DfsC - ok
15:09:53.0796 0324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:09:53.0811 0324 Dhcp - ok
15:09:53.0811 0324 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:09:53.0827 0324 discache - ok
15:09:53.0842 0324 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:09:53.0842 0324 Disk - ok
15:09:53.0858 0324 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:09:53.0858 0324 dmvsc - ok
15:09:53.0889 0324 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:09:53.0920 0324 Dnscache - ok
15:09:53.0936 0324 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:09:53.0952 0324 dot3svc - ok
15:09:53.0967 0324 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:09:53.0983 0324 DPS - ok
15:09:53.0998 0324 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:09:53.0998 0324 drmkaud - ok
15:09:54.0030 0324 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:09:54.0030 0324 DXGKrnl - ok
15:09:54.0045 0324 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:09:54.0061 0324 EapHost - ok
15:09:54.0108 0324 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:09:54.0170 0324 ebdrv - ok
15:09:54.0201 0324 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:09:54.0217 0324 EFS - ok
15:09:54.0248 0324 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:09:54.0295 0324 ehRecvr - ok
15:09:54.0310 0324 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:09:54.0326 0324 ehSched - ok
15:09:54.0342 0324 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:09:54.0357 0324 elxstor - ok
15:09:54.0373 0324 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:09:54.0373 0324 ErrDev - ok
15:09:54.0404 0324 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:09:54.0404 0324 EventSystem - ok
15:09:54.0420 0324 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:09:54.0435 0324 exfat - ok
15:09:54.0451 0324 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:09:54.0451 0324 fastfat - ok
15:09:54.0466 0324 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:09:54.0482 0324 Fax - ok
15:09:54.0498 0324 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:09:54.0498 0324 fdc - ok
15:09:54.0513 0324 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:09:54.0529 0324 fdPHost - ok
15:09:54.0529 0324 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:09:54.0544 0324 FDResPub - ok
15:09:54.0560 0324 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:09:54.0560 0324 FileInfo - ok
15:09:54.0560 0324 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:09:54.0576 0324 Filetrace - ok
15:09:54.0591 0324 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:09:54.0591 0324 flpydisk - ok
15:09:54.0607 0324 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:09:54.0607 0324 FltMgr - ok
15:09:54.0654 0324 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:09:54.0700 0324 FontCache - ok
15:09:54.0747 0324 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:09:54.0763 0324 FontCache3.0.0.0 - ok
15:09:54.0778 0324 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:09:54.0778 0324 FsDepends - ok
15:09:54.0810 0324 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:09:54.0810 0324 Fs_Rec - ok
15:09:54.0825 0324 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:09:54.0825 0324 fvevol - ok
15:09:54.0841 0324 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:09:54.0841 0324 gagp30kx - ok
15:09:54.0872 0324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:09:54.0919 0324 gpsvc - ok
15:09:54.0966 0324 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:09:54.0981 0324 gusvc - ok
15:09:54.0981 0324 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:09:54.0997 0324 hcw85cir - ok
15:09:55.0028 0324 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:09:55.0044 0324 HdAudAddService - ok
15:09:55.0059 0324 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:09:55.0059 0324 HDAudBus - ok
15:09:55.0075 0324 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:09:55.0090 0324 HidBatt - ok
15:09:55.0090 0324 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:09:55.0106 0324 HidBth - ok
15:09:55.0137 0324 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:09:55.0153 0324 HidIr - ok
15:09:55.0168 0324 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:09:55.0184 0324 hidserv - ok
15:09:55.0231 0324 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:09:55.0246 0324 HidUsb - ok
15:09:55.0278 0324 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:09:55.0309 0324 hkmsvc - ok
15:09:55.0324 0324 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:09:55.0356 0324 HomeGroupListener - ok
15:09:55.0387 0324 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:09:55.0387 0324 HomeGroupProvider - ok
15:09:55.0387 0324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:09:55.0387 0324 HpSAMD - ok
15:09:55.0418 0324 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:09:55.0434 0324 HTTP - ok
15:09:55.0465 0324 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:09:55.0465 0324 hwpolicy - ok
15:09:55.0480 0324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:09:55.0496 0324 i8042prt - ok
15:09:55.0543 0324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:09:55.0543 0324 iaStorV - ok
15:09:55.0574 0324 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:09:55.0590 0324 idsvc - ok
15:09:55.0605 0324 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:09:55.0605 0324 iirsp - ok
15:09:55.0636 0324 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:09:55.0668 0324 IKEEXT - ok
15:09:55.0683 0324 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:09:55.0683 0324 intelide - ok
15:09:55.0699 0324 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:09:55.0699 0324 intelppm - ok
15:09:55.0714 0324 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:09:55.0746 0324 IPBusEnum - ok
15:09:55.0761 0324 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:55.0777 0324 IpFilterDriver - ok
15:09:55.0808 0324 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:09:55.0839 0324 iphlpsvc - ok
15:09:55.0839 0324 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:09:55.0855 0324 IPMIDRV - ok
15:09:55.0870 0324 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:09:55.0870 0324 IPNAT - ok
15:09:55.0886 0324 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:09:55.0902 0324 IRENUM - ok
15:09:55.0917 0324 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:09:55.0917 0324 isapnp - ok
15:09:55.0917 0324 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:09:55.0917 0324 iScsiPrt - ok
15:09:55.0933 0324 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:09:55.0933 0324 kbdclass - ok
15:09:55.0948 0324 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:09:55.0964 0324 kbdhid - ok
15:09:55.0980 0324 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:09:55.0980 0324 KeyIso - ok
15:09:56.0011 0324 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:09:56.0011 0324 KSecDD - ok
15:09:56.0042 0324 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:09:56.0042 0324 KSecPkg - ok
15:09:56.0042 0324 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:09:56.0058 0324 ksthunk - ok
15:09:56.0073 0324 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:09:56.0104 0324 KtmRm - ok
15:09:56.0136 0324 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:09:56.0167 0324 LanmanServer - ok
15:09:56.0182 0324 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:09:56.0198 0324 LanmanWorkstation - ok
15:09:56.0214 0324 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:09:56.0229 0324 lltdio - ok
15:09:56.0245 0324 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:09:56.0260 0324 lltdsvc - ok
15:09:56.0292 0324 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:09:56.0292 0324 lmhosts - ok
15:09:56.0323 0324 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:09:56.0323 0324 LSI_FC - ok
15:09:56.0323 0324 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:09:56.0338 0324 LSI_SAS - ok
15:09:56.0338 0324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:09:56.0354 0324 LSI_SAS2 - ok
15:09:56.0370 0324 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:09:56.0370 0324 LSI_SCSI - ok
15:09:56.0385 0324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:09:56.0401 0324 luafv - ok
15:09:56.0416 0324 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:09:56.0432 0324 Mcx2Svc - ok
15:09:56.0448 0324 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:09:56.0448 0324 megasas - ok
15:09:56.0479 0324 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:09:56.0479 0324 MegaSR - ok
15:09:56.0510 0324 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:09:56.0510 0324 MEIx64 - ok
15:09:56.0541 0324 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:09:56.0557 0324 MMCSS - ok
15:09:56.0572 0324 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:09:56.0572 0324 Modem - ok
15:09:56.0604 0324 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:09:56.0604 0324 monitor - ok
15:09:56.0619 0324 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:09:56.0619 0324 mouclass - ok
15:09:56.0635 0324 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:09:56.0650 0324 mouhid - ok
15:09:56.0666 0324 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:09:56.0666 0324 mountmgr - ok
15:09:56.0728 0324 [ 2024F4CC36D1954ECD00C07C3BCE6BE3 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:09:56.0728 0324 MozillaMaintenance - ok
15:09:56.0775 0324 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:09:56.0775 0324 MpFilter - ok
15:09:56.0775 0324 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:09:56.0791 0324 mpio - ok
15:09:56.0791 0324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:09:56.0806 0324 mpsdrv - ok
15:09:56.0822 0324 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:09:56.0853 0324 MpsSvc - ok
15:09:56.0853 0324 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:09:56.0869 0324 MRxDAV - ok
15:09:56.0884 0324 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:56.0916 0324 mrxsmb - ok
15:09:56.0931 0324 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:56.0931 0324 mrxsmb10 - ok
15:09:56.0947 0324 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:56.0962 0324 mrxsmb20 - ok
15:09:56.0978 0324 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:09:56.0978 0324 msahci - ok
15:09:56.0994 0324 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:09:56.0994 0324 msdsm - ok
15:09:56.0994 0324 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:09:57.0025 0324 MSDTC - ok
15:09:57.0040 0324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:09:57.0040 0324 Msfs - ok
15:09:57.0072 0324 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:09:57.0072 0324 mshidkmdf - ok
15:09:57.0072 0324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:09:57.0072 0324 msisadrv - ok
15:09:57.0103 0324 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:09:57.0118 0324 MSiSCSI - ok
15:09:57.0118 0324 msiserver - ok
15:09:57.0134 0324 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:09:57.0150 0324 MSKSSRV - ok
15:09:57.0212 0324 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:09:57.0212 0324 MsMpSvc - ok
15:09:57.0228 0324 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:57.0243 0324 MSPCLOCK - ok
15:09:57.0243 0324 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:09:57.0259 0324 MSPQM - ok
15:09:57.0274 0324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:09:57.0274 0324 MsRPC - ok
15:09:57.0274 0324 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:09:57.0290 0324 mssmbios - ok
15:09:57.0290 0324 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:09:57.0290 0324 MSTEE - ok
15:09:57.0306 0324 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:09:57.0306 0324 MTConfig - ok
15:09:57.0321 0324 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:09:57.0321 0324 Mup - ok
15:09:57.0352 0324 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:09:57.0352 0324 napagent - ok
15:09:57.0384 0324 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:09:57.0399 0324 NativeWifiP - ok
15:09:57.0415 0324 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:09:57.0430 0324 NDIS - ok
15:09:57.0446 0324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:57.0446 0324 NdisCap - ok
15:09:57.0462 0324 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:57.0477 0324 NdisTapi - ok
15:09:57.0493 0324 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:57.0493 0324 Ndisuio - ok
15:09:57.0508 0324 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:57.0524 0324 NdisWan - ok
15:09:57.0524 0324 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:09:57.0540 0324 NDProxy - ok
15:09:57.0540 0324 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:09:57.0555 0324 NetBIOS - ok
15:09:57.0555 0324 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:09:57.0571 0324 NetBT - ok
15:09:57.0586 0324 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:09:57.0586 0324 Netlogon - ok
15:09:57.0618 0324 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:09:57.0618 0324 Netman - ok
15:09:57.0649 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0649 0324 NetMsmqActivator - ok
15:09:57.0649 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0649 0324 NetPipeActivator - ok
15:09:57.0664 0324 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:09:57.0664 0324 netprofm - ok
15:09:57.0664 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0680 0324 NetTcpActivator - ok
15:09:57.0680 0324 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:57.0680 0324 NetTcpPortSharing - ok
15:09:57.0696 0324 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:09:57.0696 0324 nfrd960 - ok
15:09:57.0711 0324 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:09:57.0711 0324 NisDrv - ok
15:09:57.0789 0324 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:09:57.0805 0324 NisSrv - ok
15:09:57.0836 0324 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:09:57.0852 0324 NlaSvc - ok
15:09:57.0867 0324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:09:57.0867 0324 Npfs - ok
15:09:57.0883 0324 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:09:57.0898 0324 nsi - ok
15:09:57.0914 0324 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:09:57.0914 0324 nsiproxy - ok
15:09:57.0961 0324 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:09:57.0992 0324 Ntfs - ok
15:09:58.0008 0324 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:09:58.0023 0324 Null - ok
15:09:58.0070 0324 [ 10204955027011E08A9DC27737A48A54 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:09:58.0070 0324 NVHDA - ok
15:09:58.0273 0324 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:09:58.0320 0324 nvlddmkm - ok
15:09:58.0335 0324 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:09:58.0335 0324 nvraid - ok
15:09:58.0366 0324 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:09:58.0366 0324 nvstor - ok
15:09:58.0413 0324 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
15:09:58.0413 0324 nvsvc - ok
15:09:58.0491 0324 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:09:58.0507 0324 nvUpdatusService - ok
15:09:58.0522 0324 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:09:58.0522 0324 nv_agp - ok
15:09:58.0538 0324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:09:58.0554 0324 ohci1394 - ok
15:09:58.0569 0324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:09:58.0569 0324 ose - ok
15:09:58.0678 0324 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:09:58.0725 0324 osppsvc - ok
15:09:58.0756 0324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:09:58.0772 0324 p2pimsvc - ok
15:09:58.0788 0324 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:09:58.0803 0324 p2psvc - ok
15:09:58.0819 0324 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:09:58.0819 0324 Parport - ok
15:09:58.0850 0324 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:09:58.0850 0324 partmgr - ok
15:09:58.0850 0324 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:09:58.0866 0324 PcaSvc - ok
15:09:58.0881 0324 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:09:58.0881 0324 pci - ok
15:09:58.0897 0324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:09:58.0897 0324 pciide - ok
15:09:58.0912 0324 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:09:58.0912 0324 pcmcia - ok
15:09:58.0928 0324 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:09:58.0928 0324 pcw - ok
15:09:58.0959 0324 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:09:58.0975 0324 PEAUTH - ok
15:09:59.0022 0324 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:09:59.0068 0324 PeerDistSvc - ok
15:09:59.0115 0324 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:09:59.0146 0324 PerfHost - ok
15:09:59.0178 0324 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:09:59.0209 0324 pla - ok
15:09:59.0240 0324 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:09:59.0271 0324 PlugPlay - ok
15:09:59.0271 0324 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:09:59.0287 0324 PNRPAutoReg - ok
15:09:59.0302 0324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:09:59.0302 0324 PNRPsvc - ok
15:09:59.0318 0324 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:09:59.0318 0324 PolicyAgent - ok
15:09:59.0349 0324 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:09:59.0349 0324 Power - ok
15:09:59.0380 0324 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:09:59.0380 0324 PptpMiniport - ok
15:09:59.0396 0324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:09:59.0396 0324 Processor - ok
15:09:59.0427 0324 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:09:59.0443 0324 ProfSvc - ok
15:09:59.0443 0324 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:09:59.0458 0324 ProtectedStorage - ok
15:09:59.0474 0324 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:09:59.0474 0324 Psched - ok
15:09:59.0505 0324 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:09:59.0505 0324 PxHlpa64 - ok
15:09:59.0552 0324 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:09:59.0568 0324 ql2300 - ok
15:09:59.0599 0324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:09:59.0599 0324 ql40xx - ok
15:09:59.0614 0324 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:09:59.0646 0324 QWAVE - ok
15:09:59.0661 0324 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:09:59.0677 0324 QWAVEdrv - ok
15:09:59.0692 0324 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:09:59.0692 0324 RasAcd - ok
15:09:59.0708 0324 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:09:59.0708 0324 RasAgileVpn - ok
15:09:59.0724 0324 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:09:59.0724 0324 RasAuto - ok
15:09:59.0739 0324 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:09:59.0755 0324 Rasl2tp - ok
15:09:59.0755 0324 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:09:59.0770 0324 RasMan - ok
15:09:59.0786 0324 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:59.0802 0324 RasPppoe - ok
15:09:59.0802 0324 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:09:59.0817 0324 RasSstp - ok
15:09:59.0833 0324 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:09:59.0833 0324 rdbss - ok
15:09:59.0848 0324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:09:59.0848 0324 rdpbus - ok
15:09:59.0880 0324 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:09:59.0880 0324 RDPCDD - ok
15:09:59.0895 0324 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:09:59.0911 0324 RDPDR - ok
15:09:59.0926 0324 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:09:59.0926 0324 RDPENCDD - ok
15:09:59.0926 0324 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:09:59.0942 0324 RDPREFMP - ok
15:09:59.0973 0324 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:59.0989 0324 RdpVideoMiniport - ok
15:10:00.0004 0324 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:10:00.0036 0324 RDPWD - ok
15:10:00.0067 0324 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:10:00.0067 0324 rdyboost - ok
15:10:00.0082 0324 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:10:00.0098 0324 RemoteAccess - ok
15:10:00.0129 0324 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:10:00.0145 0324 RemoteRegistry - ok
15:10:00.0207 0324 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:10:00.0238 0324 RoxMediaDB12OEM - ok
15:10:00.0254 0324 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:10:00.0254 0324 RoxWatch12 - ok
15:10:00.0254 0324 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:10:00.0270 0324 RpcEptMapper - ok
15:10:00.0285 0324 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:10:00.0301 0324 RpcLocator - ok
15:10:00.0316 0324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:10:00.0316 0324 RpcSs - ok
15:10:00.0348 0324 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:10:00.0363 0324 rspndr - ok
15:10:00.0394 0324 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:10:00.0394 0324 RTL8167 - ok
15:10:00.0410 0324 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:10:00.0426 0324 s3cap - ok
15:10:00.0441 0324 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:10:00.0441 0324 SamSs - ok
15:10:00.0457 0324 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:10:00.0457 0324 sbp2port - ok
15:10:00.0472 0324 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:10:00.0504 0324 SCardSvr - ok
15:10:00.0519 0324 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:10:00.0519 0324 scfilter - ok
15:10:00.0535 0324 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:10:00.0582 0324 Schedule - ok
15:10:00.0597 0324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:10:00.0597 0324 SCPolicySvc - ok
15:10:00.0613 0324 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:10:00.0613 0324 SDRSVC - ok
15:10:00.0644 0324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:10:00.0660 0324 secdrv - ok
15:10:00.0660 0324 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:10:00.0675 0324 seclogon - ok
15:10:00.0691 0324 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:10:00.0691 0324 SENS - ok
15:10:00.0722 0324 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:10:00.0722 0324 SensrSvc - ok
15:10:00.0753 0324 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:10:00.0753 0324 Serenum - ok
15:10:00.0753 0324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:10:00.0769 0324 Serial - ok
15:10:00.0784 0324 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:10:00.0800 0324 sermouse - ok
15:10:00.0816 0324 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:10:00.0816 0324 SessionEnv - ok
15:10:00.0831 0324 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:10:00.0831 0324 sffdisk - ok
15:10:00.0847 0324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:10:00.0847 0324 sffp_mmc - ok
15:10:00.0862 0324 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:10:00.0862 0324 sffp_sd - ok
15:10:00.0878 0324 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:10:00.0894 0324 sfloppy - ok
15:10:00.0925 0324 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:10:00.0925 0324 Sftfs - ok
15:10:00.0972 0324 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:10:00.0972 0324 sftlist - ok
15:10:01.0003 0324 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:10:01.0003 0324 Sftplay - ok
15:10:01.0018 0324 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:10:01.0018 0324 Sftredir - ok
15:10:01.0034 0324 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:10:01.0034 0324 Sftvol - ok
15:10:01.0050 0324 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:10:01.0050 0324 sftvsa - ok
15:10:01.0065 0324 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:10:01.0081 0324 SharedAccess - ok
15:10:01.0112 0324 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:10:01.0143 0324 ShellHWDetection - ok
15:10:01.0143 0324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:10:01.0159 0324 SiSRaid2 - ok
15:10:01.0159 0324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:10:01.0174 0324 SiSRaid4 - ok
15:10:01.0190 0324 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:10:01.0206 0324 Smb - ok
15:10:01.0221 0324 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:10:01.0237 0324 SNMPTRAP - ok
15:10:01.0237 0324 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:10:01.0237 0324 spldr - ok
15:10:01.0268 0324 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:10:01.0299 0324 Spooler - ok
15:10:01.0346 0324 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:10:01.0393 0324 sppsvc - ok
15:10:01.0408 0324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:10:01.0408 0324 sppuinotify - ok
15:10:01.0440 0324 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:10:01.0455 0324 srv - ok
15:10:01.0471 0324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:10:01.0471 0324 srv2 - ok
15:10:01.0486 0324 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:10:01.0502 0324 srvnet - ok
15:10:01.0518 0324 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:10:01.0518 0324 SSDPSRV - ok
15:10:01.0533 0324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:10:01.0533 0324 SstpSvc - ok
15:10:01.0596 0324 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:10:01.0596 0324 Stereo Service - ok
15:10:01.0611 0324 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:10:01.0627 0324 stexstor - ok
15:10:01.0658 0324 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:10:01.0689 0324 stisvc - ok
15:10:01.0720 0324 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
15:10:01.0736 0324 stllssvr - ok
15:10:01.0752 0324 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:10:01.0752 0324 storflt - ok
15:10:01.0767 0324 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:10:01.0783 0324 StorSvc - ok
15:10:01.0798 0324 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:10:01.0798 0324 storvsc - ok
15:10:01.0798 0324 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:10:01.0798 0324 swenum - ok
15:10:01.0814 0324 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:10:01.0830 0324 swprv - ok
15:10:01.0876 0324 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:10:01.0923 0324 SysMain - ok
15:10:01.0939 0324 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:10:01.0970 0324 TabletInputService - ok
15:10:01.0986 0324 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:10:02.0001 0324 TapiSrv - ok
15:10:02.0001 0324 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:10:02.0017 0324 TBS - ok
15:10:02.0079 0324 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:10:02.0110 0324 Tcpip - ok
15:10:02.0157 0324 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:10:02.0173 0324 TCPIP6 - ok
15:10:02.0188 0324 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:10:02.0204 0324 tcpipreg - ok
15:10:02.0220 0324 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:10:02.0220 0324 TDPIPE - ok
15:10:02.0235 0324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:10:02.0251 0324 TDTCP - ok
15:10:02.0266 0324 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:10:02.0282 0324 tdx - ok
15:10:02.0298 0324 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:10:02.0298 0324 TermDD - ok
15:10:02.0329 0324 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:10:02.0360 0324 TermService - ok
15:10:02.0376 0324 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:10:02.0407 0324 Themes - ok
15:10:02.0407 0324 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:10:02.0422 0324 THREADORDER - ok
15:10:02.0422 0324 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:10:02.0438 0324 TrkWks - ok
15:10:02.0469 0324 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:10:02.0485 0324 TrustedInstaller - ok
15:10:02.0500 0324 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:10:02.0500 0324 tssecsrv - ok
15:10:02.0532 0324 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:10:02.0532 0324 TsUsbFlt - ok
15:10:02.0563 0324 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:10:02.0563 0324 TsUsbGD - ok
15:10:02.0578 0324 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:10:02.0610 0324 tunnel - ok
15:10:02.0610 0324 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:10:02.0610 0324 uagp35 - ok
15:10:02.0625 0324 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:10:02.0641 0324 udfs - ok
15:10:02.0656 0324 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:10:02.0672 0324 UI0Detect - ok
15:10:02.0688 0324 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:10:02.0688 0324 uliagpkx - ok
15:10:02.0703 0324 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:10:02.0703 0324 umbus - ok
15:10:02.0719 0324 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:10:02.0719 0324 UmPass - ok
15:10:02.0734 0324 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:10:02.0750 0324 UmRdpService - ok
15:10:02.0766 0324 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:10:02.0766 0324 upnphost - ok
15:10:02.0781 0324 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:02.0797 0324 usbccgp - ok
15:10:02.0797 0324 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:10:02.0812 0324 usbcir - ok
15:10:02.0812 0324 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:10:02.0828 0324 usbehci - ok
15:10:02.0859 0324 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:10:02.0875 0324 usbhub - ok
15:10:02.0875 0324 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:10:02.0890 0324 usbohci - ok
15:10:02.0906 0324 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:10:02.0906 0324 usbprint - ok
15:10:02.0922 0324 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:10:02.0922 0324 usbscan - ok
15:10:02.0937 0324 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:02.0953 0324 USBSTOR - ok
15:10:02.0953 0324 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:10:02.0968 0324 usbuhci - ok
15:10:02.0984 0324 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:10:03.0000 0324 UxSms - ok
15:10:03.0000 0324 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:10:03.0000 0324 VaultSvc - ok
15:10:03.0015 0324 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:10:03.0015 0324 vdrvroot - ok
15:10:03.0031 0324 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:10:03.0046 0324 vds - ok
15:10:03.0062 0324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:03.0078 0324 vga - ok
15:10:03.0078 0324 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:10:03.0093 0324 VgaSave - ok
15:10:03.0109 0324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:10:03.0109 0324 vhdmp - ok
15:10:03.0109 0324 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:10:03.0109 0324 viaide - ok
15:10:03.0124 0324 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:10:03.0124 0324 vmbus - ok
15:10:03.0140 0324 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:10:03.0156 0324 VMBusHID - ok
15:10:03.0171 0324 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:10:03.0171 0324 volmgr - ok
15:10:03.0187 0324 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:10:03.0187 0324 volmgrx - ok
15:10:03.0202 0324 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:10:03.0202 0324 volsnap - ok
15:10:03.0202 0324 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:10:03.0218 0324 vsmraid - ok
15:10:03.0265 0324 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:10:03.0312 0324 VSS - ok
15:10:03.0327 0324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:10:03.0343 0324 vwifibus - ok
15:10:03.0374 0324 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:10:03.0390 0324 W32Time - ok
15:10:03.0405 0324 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:10:03.0421 0324 WacomPen - ok
15:10:03.0436 0324 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0452 0324 WANARP - ok
15:10:03.0452 0324 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0452 0324 Wanarpv6 - ok
15:10:03.0514 0324 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
15:10:03.0546 0324 WAS - ok
15:10:03.0592 0324 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:10:03.0624 0324 WatAdminSvc - ok
15:10:03.0655 0324 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:10:03.0748 0324 wbengine - ok
15:10:03.0764 0324 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:10:03.0780 0324 WbioSrvc - ok
15:10:03.0795 0324 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:10:03.0811 0324 wcncsvc - ok
15:10:03.0811 0324 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:10:03.0826 0324 WcsPlugInService - ok
15:10:03.0842 0324 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:10:03.0842 0324 Wd - ok
15:10:03.0873 0324 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:10:03.0889 0324 Wdf01000 - ok
15:10:03.0904 0324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:10:03.0920 0324 WdiServiceHost - ok
15:10:03.0920 0324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:10:03.0920 0324 WdiSystemHost - ok
15:10:03.0936 0324 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:10:03.0951 0324 WebClient - ok
15:10:03.0967 0324 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:10:03.0982 0324 Wecsvc - ok
15:10:03.0998 0324 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:10:03.0998 0324 wercplsupport - ok
15:10:04.0014 0324 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:10:04.0029 0324 WerSvc - ok
15:10:04.0045 0324 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:10:04.0045 0324 WfpLwf - ok
15:10:04.0060 0324 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:10:04.0060 0324 WIMMount - ok
15:10:04.0076 0324 WinDefend - ok
15:10:04.0076 0324 WinHttpAutoProxySvc - ok
15:10:04.0123 0324 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:10:04.0138 0324 Winmgmt - ok
15:10:04.0185 0324 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:10:04.0232 0324 WinRM - ok
15:10:04.0248 0324 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:10:04.0263 0324 WinUsb - ok
15:10:04.0294 0324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:10:04.0326 0324 Wlansvc - ok
15:10:04.0357 0324 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:10:04.0357 0324 wlcrasvc - ok
15:10:04.0435 0324 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:10:04.0450 0324 wlidsvc - ok
15:10:04.0482 0324 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:10:04.0482 0324 WmiAcpi - ok
15:10:04.0497 0324 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:10:04.0513 0324 wmiApSrv - ok
15:10:04.0528 0324 WMPNetworkSvc - ok
15:10:04.0544 0324 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:10:04.0560 0324 WPCSvc - ok
15:10:04.0591 0324 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:10:04.0591 0324 WPDBusEnum - ok
15:10:04.0622 0324 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:10:04.0622 0324 ws2ifsl - ok
15:10:04.0622 0324 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:10:04.0638 0324 wscsvc - ok
15:10:04.0638 0324 WSearch - ok
15:10:04.0684 0324 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:10:04.0716 0324 wuauserv - ok
15:10:04.0747 0324 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:10:04.0747 0324 WudfPf - ok
15:10:04.0762 0324 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:04.0762 0324 WUDFRd - ok
15:10:04.0778 0324 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:10:04.0778 0324 wudfsvc - ok
15:10:04.0794 0324 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:10:04.0809 0324 WwanSvc - ok
15:10:04.0825 0324 ================ Scan global ===============================
15:10:04.0840 0324 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:10:04.0872 0324 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:10:04.0887 0324 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:10:04.0903 0324 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:10:04.0918 0324 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:10:04.0934 0324 [Global] - ok
15:10:04.0934 0324 ================ Scan MBR ==================================
15:10:04.0950 0324 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:10:05.0371 0324 \Device\Harddisk0\DR0 - ok
15:10:05.0371 0324 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk5\DR5
15:10:10.0706 0324 \Device\Harddisk5\DR5 - ok
15:10:10.0706 0324 ================ Scan VBR ==================================
15:10:10.0722 0324 [ 5001BF7BE71A0C96B1F8056A797C351D ] \Device\Harddisk0\DR0\Partition1
15:10:10.0722 0324 \Device\Harddisk0\DR0\Partition1 - ok
15:10:10.0737 0324 [ 3591860448DEAFBB0704FC164F695BB8 ] \Device\Harddisk0\DR0\Partition2
15:10:10.0737 0324 \Device\Harddisk0\DR0\Partition2 - ok
15:10:10.0737 0324 [ 71B6704593561EDB19772F984ED68990 ] \Device\Harddisk5\DR5\Partition1
15:10:10.0737 0324 \Device\Harddisk5\DR5\Partition1 - ok
15:10:10.0737 0324 ============================================================
15:10:10.0737 0324 Scan finished
15:10:10.0737 0324 ============================================================
15:10:10.0753 3612 Detected object count: 0
15:10:10.0753 3612 Actual detected object count: 0
Usmívej se, bude hůř!
Re: blokované centrum akcí, nejde internet
ComboFix 13-04-01.01 - Racocha 02.04.2013 15:12:31.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4079.2812 [GMT 2:00]
Spuštěný z: c:\users\Racocha\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 13:15 . 2013-04-02 13:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-02 13:15 . 2013-04-02 13:15 -------- d-----w- c:\users\UpdatusUser.Racocha-PC\AppData\Local\temp
2013-04-02 13:15 . 2013-04-02 13:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-02 12:31 . 2013-04-02 12:31 -------- d-----w- c:\windows\ERUNT
2013-04-02 12:31 . 2013-04-02 12:31 -------- d-----w- C:\JRT
2013-04-02 11:11 . 2013-04-02 11:11 -------- d-----w- C:\rsit
2013-04-02 11:11 . 2013-04-02 11:11 -------- d-----w- c:\program files\trend micro
2013-04-02 11:09 . 2013-04-02 11:09 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-02 10:51 . 2012-10-23 05:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E4977AB8-9526-4E39-B7CA-EED3F00F63FA}\gapaengine.dll
2013-04-02 10:50 . 2013-03-19 03:50 9311288 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D29FB4D1-9A98-4D79-B894-2F66D84E6E95}\mpengine.dll
2013-04-02 10:48 . 2013-04-02 10:48 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-04-02 10:48 . 2013-04-02 10:48 -------- d-----w- c:\program files\Microsoft Security Client
2013-04-02 10:44 . 2013-03-19 03:50 9311288 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DA96CE8-E71F-41BA-884F-28EAAE69C6F3}\mpengine.dll
2013-04-02 10:20 . 2013-04-02 12:56 -------- d-----w- c:\windows\system32\wbem\repository
2013-04-02 07:28 . 2013-04-02 07:28 -------- d-----w- c:\program files\CCleaner
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\users\Racocha\AppData\Roaming\Malwarebytes
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\programdata\Malwarebytes
2013-04-02 06:51 . 2013-04-02 06:51 -------- d-----w- c:\users\Racocha\AppData\Local\Programs
2013-03-25 22:21 . 2013-03-25 22:21 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-25 22:17 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-18 19:25 . 2013-03-18 22:57 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-03-13 02:00 . 2013-03-17 23:24 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 11:09 . 2012-02-16 21:01 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-17 23:25 . 2011-12-23 00:52 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-17 12:52 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-17 12:52 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-17 12:52 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-17 12:52 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 03:00 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 13:59 . 2013-01-20 13:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 13:59 . 2013-01-20 13:59 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:53 . 2013-02-14 07:02 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-14 07:02 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-14 07:02 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-14 07:01 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-14 07:01 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-14 07:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-14 07:01 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-14 07:01 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-14 07:01 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-14 07:01 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-14 07:01 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-14 07:01 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-14 07:01 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 64380557
*Deregistered* - 64380557
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 11:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.centrum.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-02 15:16:22
ComboFix-quarantined-files.txt 2013-04-02 13:16
ComboFix2.txt 2013-04-02 10:33
.
Před spuštěním: Volných bajtů: 438 816 292 864
Po spuštění: Volných bajtů: 438 492 131 328
.
- - End Of File - - 6B243D96C1F4754C311D22DD35CE6B34
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4079.2812 [GMT 2:00]
Spuštěný z: c:\users\Racocha\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-02 do 2013-04-02 )))))))))))))))))))))))))))))))
.
.
2013-04-02 13:15 . 2013-04-02 13:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-02 13:15 . 2013-04-02 13:15 -------- d-----w- c:\users\UpdatusUser.Racocha-PC\AppData\Local\temp
2013-04-02 13:15 . 2013-04-02 13:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-02 12:31 . 2013-04-02 12:31 -------- d-----w- c:\windows\ERUNT
2013-04-02 12:31 . 2013-04-02 12:31 -------- d-----w- C:\JRT
2013-04-02 11:11 . 2013-04-02 11:11 -------- d-----w- C:\rsit
2013-04-02 11:11 . 2013-04-02 11:11 -------- d-----w- c:\program files\trend micro
2013-04-02 11:09 . 2013-04-02 11:09 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-02 10:51 . 2012-10-23 05:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E4977AB8-9526-4E39-B7CA-EED3F00F63FA}\gapaengine.dll
2013-04-02 10:50 . 2013-03-19 03:50 9311288 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D29FB4D1-9A98-4D79-B894-2F66D84E6E95}\mpengine.dll
2013-04-02 10:48 . 2013-04-02 10:48 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-04-02 10:48 . 2013-04-02 10:48 -------- d-----w- c:\program files\Microsoft Security Client
2013-04-02 10:44 . 2013-03-19 03:50 9311288 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8DA96CE8-E71F-41BA-884F-28EAAE69C6F3}\mpengine.dll
2013-04-02 10:20 . 2013-04-02 12:56 -------- d-----w- c:\windows\system32\wbem\repository
2013-04-02 07:28 . 2013-04-02 07:28 -------- d-----w- c:\program files\CCleaner
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\users\Racocha\AppData\Roaming\Malwarebytes
2013-04-02 06:52 . 2013-04-02 06:52 -------- d-----w- c:\programdata\Malwarebytes
2013-04-02 06:51 . 2013-04-02 06:51 -------- d-----w- c:\users\Racocha\AppData\Local\Programs
2013-03-25 22:21 . 2013-03-25 22:21 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-25 22:17 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-18 19:25 . 2013-03-18 22:57 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-03-13 02:00 . 2013-03-17 23:24 -------- d-----w- c:\program files\Microsoft Silverlight
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 11:09 . 2012-02-16 21:01 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-17 23:25 . 2011-12-23 00:52 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-17 12:52 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-17 12:52 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-17 12:52 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-17 12:52 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-17 12:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 03:00 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 13:59 . 2013-01-20 13:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 13:59 . 2013-01-20 13:59 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-05 05:53 . 2013-02-14 07:02 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-14 07:02 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-14 07:02 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:46 . 2013-02-14 07:01 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-14 07:01 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-14 07:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-14 07:01 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-14 07:01 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-14 07:01 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-14 07:01 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-14 07:01 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 06:00 . 2013-02-14 07:01 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-14 07:01 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-12-18 38112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 64380557
*Deregistered* - 64380557
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 11:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.centrum.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-04-02 15:16:22
ComboFix-quarantined-files.txt 2013-04-02 13:16
ComboFix2.txt 2013-04-02 10:33
.
Před spuštěním: Volných bajtů: 438 816 292 864
Po spuštění: Volných bajtů: 438 492 131 328
.
- - End Of File - - 6B243D96C1F4754C311D22DD35CE6B34
Usmívej se, bude hůř!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
Ten program c:\program files (x86)\Spybot>>treba odinstalovat.
2: sprav batak a spust. PING>>Navod
http://www.viruskasino.com/2013/01/post ... stemu.html
Tento batak spravis
Ping a ipconfig /all
log vloz sem,
2: sprav batak a spust. PING>>Navod
http://www.viruskasino.com/2013/01/post ... stemu.html
Tento batak spravis
Ping a ipconfig /all
log vloz sem,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: blokované centrum akcí, nejde internet
Spybot jsem odinstaloval pres polozku Uninstall. Ve slozce stale zustal soubor SDWinSec a TeaTimer, al ev Pridat/odebrat programy uz neni, ani CCleaner (kde jsem poustel i cisteni registru) ho nevidi. Jak to mam tedy odinstalovat?
Konfigurace protokolu IP syst‚mu Windows
N zev hostitele . . . . . . . . . : Racocha-PC
Prim rnˇ pýˇpona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : hybridnˇ
Povoleno smŘrov nˇ IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Prohled vacˇ seznam pýˇpon DNS. . : agi
Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:
Pýˇpona DNS podle pýipojenˇ . . . : agi
Popis . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fyzick Adresa. . . . . . . . . . : F0-4D-A2-F3-AE-80
Protokol DHCP povolen . . . . . . : Ano
Automatick konfigurace povolena : Ano
Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80:
7bc2:980e:23b1%11(Preferovan‚)
Adresa IPv4 . . . . . . . . . . . : 192.168.1.188(Preferovan‚)
Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0
Zap…jźeno . . . . . . . . . . . . : 2. dubna 2013 14:56:44
Z p…jźka vyprçˇ . . . . . . . . . : 2. dubna 2013 21:48:38
Věchozˇ br na . . . . . . . . . . : 192.168.1.1
Server DHCP . . . . . . . . . . . : 192.168.1.1
IAID DHCPv6 . . . . . . . . . . : 250629538
DUID klienta DHCPv6. . . . . . . : 00-01-00-01-15-7E-43-1F-F0-4D-A2-F3-AE-80
Servery DNS . . . . . . . . . . . : 192.168.1.1
Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno
Adapt‚r pro tunelov‚ pýipojenˇ isatap.agi:
Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . : agi
Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti*:
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
IPv6 adresa. . . . . . . . . . . : 2001:0:5ef5:79fb
237d
fe43(Preferovan‚)
Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80:237dfe43%12(Preferovan‚)
Věchozˇ br na . . . . . . . . . . : ::
NetBIOS nad TCP/IP. . . . . . . . : zak z no
Adapt‚r pro tunelov‚ pýipojenˇ 6TO4 Adapter:
Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
Server: UnKnown
Address: 192.168.1.1
Nazev: facebook.com
Addresses: 2a03
2110:df01:face:b00c:0:8
173.252.110.27
Pýˇkaz PING na facebook.com [173.252.110.27] - 32 bajt… dat:
OdpovŘÔ od 173.252.110.27: bajty=32 źas=120ms TTL=243
OdpovŘÔ od 173.252.110.27: bajty=32 źas=121ms TTL=243
OdpovŘÔ od 173.252.110.27: bajty=32 źas=120ms TTL=243
Statistika ping pro 173.252.110.27:
Pakety: Odeslan‚ = 3, Pýijat‚ = 3, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n doba do pýijetˇ odezvy v milisekund ch:
Minimum = 120ms, Maximum = 121ms, Pr…mŘr = 120ms
===========================================================================
Seznam rozhranˇ
11...f0 4d a2 f3 ae 80 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================
IPv4 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.188 21
127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306
127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306
127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
192.168.1.0 255.255.255.0 Propojen‚ 192.168.1.188 276
192.168.1.188 255.255.255.255 Propojen‚ 192.168.1.188 276
192.168.1.255 255.255.255.255 Propojen‚ 192.168.1.188 276
224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 192.168.1.188 276
255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
255.255.255.255 255.255.255.255 Propojen‚ 192.168.1.188 276
===========================================================================
Trval‚ trasy:
¦ dn‚
IPv6 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Rozhranˇ Metrika Cˇl v sˇti Br na
12 58 ::/0 Propojen‚
1 306 ::1/128 Propojen‚
12 58 2001::/32 Propojen‚
12 306 2001:0:5ef5:79fb237dfe43/128
Propojen‚
11 276 fe80::/64 Propojen‚
12 306 fe80::/64 Propojen‚
12 306 fe80:237dfe43/128
Propojen‚
11 276 fe80:7bc2:980e:23b1/128
Propojen‚
1 306 ff00::/8 Propojen‚
12 306 ff00::/8 Propojen‚
11 276 ff00::/8 Propojen‚
===========================================================================
Trval‚ trasy:
¦ dn‚
Konfigurace protokolu IP syst‚mu Windows
N zev hostitele . . . . . . . . . : Racocha-PC
Prim rnˇ pýˇpona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : hybridnˇ
Povoleno smŘrov nˇ IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Prohled vacˇ seznam pýˇpon DNS. . : agi
Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:
Pýˇpona DNS podle pýipojenˇ . . . : agi
Popis . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fyzick Adresa. . . . . . . . . . : F0-4D-A2-F3-AE-80
Protokol DHCP povolen . . . . . . : Ano
Automatick konfigurace povolena : Ano
Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80:
7bc2:980e:23b1%11(Preferovan‚) Adresa IPv4 . . . . . . . . . . . : 192.168.1.188(Preferovan‚)
Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0
Zap…jźeno . . . . . . . . . . . . : 2. dubna 2013 14:56:44
Z p…jźka vyprçˇ . . . . . . . . . : 2. dubna 2013 21:48:38
Věchozˇ br na . . . . . . . . . . : 192.168.1.1
Server DHCP . . . . . . . . . . . : 192.168.1.1
IAID DHCPv6 . . . . . . . . . . : 250629538
DUID klienta DHCPv6. . . . . . . : 00-01-00-01-15-7E-43-1F-F0-4D-A2-F3-AE-80
Servery DNS . . . . . . . . . . . : 192.168.1.1
Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno
Adapt‚r pro tunelov‚ pýipojenˇ isatap.agi:
Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . : agi
Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti*:
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
IPv6 adresa. . . . . . . . . . . : 2001:0:5ef5:79fb
237d
fe43(Preferovan‚) Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80:
237dfe43%12(Preferovan‚) Věchozˇ br na . . . . . . . . . . : ::
NetBIOS nad TCP/IP. . . . . . . . : zak z no
Adapt‚r pro tunelov‚ pýipojenˇ 6TO4 Adapter:
Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
Server: UnKnown
Address: 192.168.1.1
Nazev: facebook.com
Addresses: 2a03
2110:df01:face:b00c:0:8173.252.110.27
Pýˇkaz PING na facebook.com [173.252.110.27] - 32 bajt… dat:
OdpovŘÔ od 173.252.110.27: bajty=32 źas=120ms TTL=243
OdpovŘÔ od 173.252.110.27: bajty=32 źas=121ms TTL=243
OdpovŘÔ od 173.252.110.27: bajty=32 źas=120ms TTL=243
Statistika ping pro 173.252.110.27:
Pakety: Odeslan‚ = 3, Pýijat‚ = 3, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n doba do pýijetˇ odezvy v milisekund ch:
Minimum = 120ms, Maximum = 121ms, Pr…mŘr = 120ms
===========================================================================
Seznam rozhranˇ
11...f0 4d a2 f3 ae 80 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
===========================================================================
IPv4 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.188 21
127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306
127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306
127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
192.168.1.0 255.255.255.0 Propojen‚ 192.168.1.188 276
192.168.1.188 255.255.255.255 Propojen‚ 192.168.1.188 276
192.168.1.255 255.255.255.255 Propojen‚ 192.168.1.188 276
224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 192.168.1.188 276
255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
255.255.255.255 255.255.255.255 Propojen‚ 192.168.1.188 276
===========================================================================
Trval‚ trasy:
¦ dn‚
IPv6 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Rozhranˇ Metrika Cˇl v sˇti Br na
12 58 ::/0 Propojen‚
1 306 ::1/128 Propojen‚
12 58 2001::/32 Propojen‚
12 306 2001:0:5ef5:79fb
237dfe43/128Propojen‚
11 276 fe80::/64 Propojen‚
12 306 fe80::/64 Propojen‚
12 306 fe80:
237dfe43/128Propojen‚
11 276 fe80:
7bc2:980e:23b1/128Propojen‚
1 306 ff00::/8 Propojen‚
12 306 ff00::/8 Propojen‚
11 276 ff00::/8 Propojen‚
===========================================================================
Trval‚ trasy:
¦ dn‚
Usmívej se, bude hůř!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
V akej zlozke??Programfiles/spybot?? ak ano tak zmaz celu zlozku spybot.Ve slozce stale zustal soubor SDWinSec a TeaTimer
Tu je vsetko v poriadku, vidim ze mas tam le InternetExplorer.
Skontroluj ci smejd nenastavil PROXY
http://www.viruskasino.com/2012/02/zaka ... proxy.html
Ak ano tak to odstran.
Ak problem pretrvava, tak napis ze aku chybu vypisuje IE, ked chces otvorit internetovu stranku.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Re: blokované centrum akcí, nejde internet
je to C:\Program Files (x86)\Spybot - Search & Destroy
mam smazat?
Proxy nastavena neni.
Kdyz ie spustim, nacte to aktualni stranku centrum.cz, ale jakmile kliknu na nejaky odkaz na ni, tak se adresa zmeni na konkretni clanek, ale okno zustane pouze bile bez textu a obrazku.
Kdyz kliknu na nektere oblibene nic se nedeje.
Kdyz napisu jakoukoliv adresu, tak tam jen blika kurzor jako kdyz ceka jestli jeste neco napisu a nic se nedeje.
mam smazat?
Proxy nastavena neni.
Kdyz ie spustim, nacte to aktualni stranku centrum.cz, ale jakmile kliknu na nejaky odkaz na ni, tak se adresa zmeni na konkretni clanek, ale okno zustane pouze bile bez textu a obrazku.
Kdyz kliknu na nektere oblibene nic se nedeje.
Kdyz napisu jakoukoliv adresu, tak tam jen blika kurzor jako kdyz ceka jestli jeste neco napisu a nic se nedeje.
Usmívej se, bude hůř!
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: blokované centrum akcí, nejde internet
Ano, tuto zlozku zmaz
Spybot - Search & Destroy
Obnov povodne nastavenie Internetu explorer.
Do poľa Vyhľadať zadajte nasledujúci príkaz a potom stlačte kláves Enter:
inetcpl.cpl
Zobrazí sa dialógové okno Možnosti siete Internet.
Kliknite na kartu Spresnenie.
V časti Obnoviť pôvodné nastavenia programu Internet Explorer kliknite na tlačidlo Obnoviť. Ešte raz kliknite na tlačidlo Obnoviť.
A odstran aj toto:
Ak chcete odstrániť aj údaje histórie prehľadávania, poskytovateľov vyhľadávania, urýchľovačov, domovských stránok, funkcie Ochrana pred sledovaním a filtrovania prvkov ActiveX, začiarknite políčko Odstrániť osobné nastavenie.
Keď program Internet Explorer dokončí obnovu nastavení, kliknite na tlačidlo Zavrieť v dialógovom okne Internet Explorer – obnovenie pôvodného nastavenia.
Spustite program Internet Explorer znova.
http://support.microsoft.com/kb/923737/sk#method2
Spybot - Search & Destroy
Obnov povodne nastavenie Internetu explorer.
Do poľa Vyhľadať zadajte nasledujúci príkaz a potom stlačte kláves Enter:
inetcpl.cpl
Zobrazí sa dialógové okno Možnosti siete Internet.
Kliknite na kartu Spresnenie.
V časti Obnoviť pôvodné nastavenia programu Internet Explorer kliknite na tlačidlo Obnoviť. Ešte raz kliknite na tlačidlo Obnoviť.
A odstran aj toto:
Ak chcete odstrániť aj údaje histórie prehľadávania, poskytovateľov vyhľadávania, urýchľovačov, domovských stránok, funkcie Ochrana pred sledovaním a filtrovania prvkov ActiveX, začiarknite políčko Odstrániť osobné nastavenie.
Keď program Internet Explorer dokončí obnovu nastavení, kliknite na tlačidlo Zavrieť v dialógovom okne Internet Explorer – obnovenie pôvodného nastavenia.
Spustite program Internet Explorer znova.
http://support.microsoft.com/kb/923737/sk#method2
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Přispějete na provoz fóra?