Trojan.Win32/ agent Trojan.Win32/Wundo

čauta zrejme má dosť velký problém. Pri scnovaní registru som zistil že môj register obsahuje zlošky Trojan.Win32/ agent a iné trojaní. Ako antivir som použival od Microsoftu esential. ten žiaden vír nenašiel. teraz som si stiahol AVG internet sekurity a ten našiel dve podozrivé programy. dal som ich vymazať. Ale po opetvnom spustení scenu registra, tie trojani sú tam stále
poradte prosím čo stým.
Pripájam scen registra.
ďakujem za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jan at 2012-12-10 07:35:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 187 GB (61%) free of 305 GB
Total RAM: 4078 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:35:37, on 10. 12. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASC.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jan\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10011&barid={76AE478E-AD39-11E1-A9B5-E89A8FDA6CB0}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: BHO_PROJECT - {82EA3E77-7BD2-4744-A8F2-670770767EC5} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE /FU "C:\Users\Jan\AppData\Local\Temp\E_SDEF8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: FreeRapid 0.9.lnk = C:\Users\Jan\Desktop\FRD\frd.exe
O4 - Global Startup: ALFA plus - rýchle spustenie.lnk = C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - (no file)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - KROS_20400 (FirebirdServerKROS_20400) - Firebird Project - C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 13412 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Crysis Wars(R) Updates.job
C:\Windows\tasks\FreeFileViewerUpdateChecker.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82EA3E77-7BD2-4744-A8F2-670770767EC5}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC}
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"=C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-12-11 286720]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17 651264]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-11-06 3143800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"EPSON Stylus SX200 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEFE.EXE [2007-12-13 221696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ALFA plus - rýchle spustenie.lnk - C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
FreeRapid 0.9.lnk - C:\Users\Jan\Desktop\FRD\frd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-12-10 07:35:28 ----D---- C:\rsit
2012-12-10 07:35:28 ----D---- C:\Program Files (x86)\trend micro
2012-12-08 15:56:02 ----D---- C:\Users\Jan\AppData\Roaming\AVG2013
2012-12-08 15:55:27 ----D---- C:\Users\Jan\AppData\Roaming\TuneUp Software
2012-12-08 15:54:28 ----HD---- C:\$AVG
2012-12-08 15:54:28 ----D---- C:\ProgramData\AVG2013
2012-12-08 15:54:04 ----D---- C:\Program Files (x86)\AVG
2012-12-08 15:49:35 ----HD---- C:\ProgramData\Common Files
2012-12-08 15:49:35 ----D---- C:\ProgramData\MFAData
2012-12-04 09:06:09 ----D---- C:\Windows\SoftwareDistribution
2012-11-25 15:36:46 ----HDC---- C:\ProgramData\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}
2012-11-14 14:48:17 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-11-14 14:48:16 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-11-14 14:48:16 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-11-14 14:48:15 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-11-14 14:48:15 ----A---- C:\Windows\SysWOW64\url.dll
2012-11-14 14:48:15 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-11-14 14:48:14 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-11-14 14:48:13 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-11-14 14:48:13 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-11-14 14:48:13 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-11-14 14:48:12 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-11-14 14:48:12 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-11-14 14:48:10 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-11-14 14:48:09 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-11-14 10:56:30 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-14 10:56:30 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-14 10:56:27 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2012-11-14 10:56:27 ----A---- C:\Windows\SysWOW64\netcorehc.dll
2012-11-14 10:56:27 ----A---- C:\Windows\SysWOW64\ncsi.dll
2012-11-14 10:56:26 ----A---- C:\Windows\SysWOW64\netevent.dll
2012-11-14 10:56:13 ----A---- C:\Windows\SysWOW64\synceng.dll
2012-11-13 20:10:53 ----D---- C:\ProgramData\boost_interprocess
2012-11-12 08:19:47 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-11-12 08:19:47 ----A---- C:\Windows\SysWOW64\javaw.exe
2012-11-12 08:19:47 ----A---- C:\Windows\SysWOW64\java.exe

======List of files/folders modified in the last 1 month======

2012-12-10 07:35:33 ----D---- C:\Windows\Temp
2012-12-10 07:35:28 ----RD---- C:\Program Files (x86)
2012-12-10 07:10:03 ----D---- C:\Users\Jan\AppData\Roaming\Winamp
2012-12-10 07:10:03 ----D---- C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite
2012-12-10 06:54:16 ----D---- C:\Windows\System32
2012-12-10 06:54:16 ----D---- C:\Windows\inf
2012-12-10 06:51:50 ----A---- C:\Windows\SysWOW64\log.txt
2012-12-10 06:50:49 ----D---- C:\ProgramData\firebird
2012-12-10 06:49:35 ----D---- C:\ProgramData\NVIDIA
2012-12-09 17:44:04 ----D---- C:\Users\Jan\AppData\Roaming\Skype
2012-12-09 16:10:43 ----SHD---- C:\Windows\Installer
2012-12-09 16:10:37 ----SHD---- C:\Config.Msi
2012-12-09 03:00:08 ----HDC---- C:\ProgramData\{0151C9FC-719D-4459-B1E2-4685CC6E62A8}
2012-12-09 02:01:24 ----D---- C:\Windows\SysWOW64
2012-12-08 15:54:28 ----HD---- C:\ProgramData
2012-12-08 15:54:14 ----SHD---- C:\System Volume Information
2012-12-06 06:37:45 ----D---- C:\ProgramData\IObit
2012-12-04 09:06:09 ----D---- C:\Windows
2012-12-02 14:33:19 ----D---- C:\Windows\Prefetch
2012-11-16 07:05:06 ----D---- C:\Windows\Microsoft.NET
2012-11-16 07:05:05 ----RSD---- C:\Windows\assembly
2012-11-15 07:57:23 ----D---- C:\Windows\winsxs
2012-11-15 07:55:22 ----D---- C:\Windows\SysWOW64\en-US
2012-11-15 07:55:15 ----D---- C:\Windows\SysWOW64\migration
2012-11-15 07:55:13 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-15 07:55:05 ----RSD---- C:\Windows\Fonts
2012-11-12 08:19:47 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys []
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS []
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys []
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\Windows\system32\DRIVERS\btfilter.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys []
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys []
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\drivers\QIOMem.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys []
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys []
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RTSUVSTOR.sys []
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys []
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys []
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys []
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys []
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys []
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys []
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys []
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys []
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys []
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys []
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\drivers\usb8023x.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-11-02 1340976]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 FirebirdServerKROS_20400;Firebird Server - KROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe []
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-07-23 66872]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-12-09 489384]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

cestu súboru poznáš ak hej tak sem napíš stiahni si http://www.bleepingcomputer.com/downloa ... x/combofix spust dávaj yes ok agree keď skonči vybehne poznámkový blok upni ho sem

musel som to rozdeliť na dve časti le bo sa my to meznestilo. NB sa reštartoval a zrušilo my to google chrome a IE. zapo spm winamp a naskočil IE.

ComboFix 12-12-10.01 - Jan . 12. 2012 6:58.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4078.1455 [GMT 1:00]
Running from: c:\users\Jan\Downloads\ComboFix.exe
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPlyTune.dll
c:\users\Jan\AppData\Local\Temp\7zOE727.tmp
c:\users\Jan\AppData\Local\Temp\7zOE727.tmp\Crysis 2 - BETA - 32 Bit - Trainer +4 .exe
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-11 to 2012-12-11 )))))))))))))))))))))))))))))))
.
.
2012-12-10 06:57 . 2012-12-10 06:57 -------- d-----w- c:\users\Jan\AppData\Roaming\QuickScan
2012-12-10 06:35 . 2012-12-10 06:35 -------- d-----w- C:\rsit
2012-12-10 06:35 . 2012-12-10 06:35 -------- d-----w- c:\program files (x86)\trend micro
2012-12-09 15:09 . 2012-12-09 15:09 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-12-09 01:04 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15458E36-9A41-47CB-A6F8-FC328F415362}\mpengine.dll
2012-12-08 14:56 . 2012-12-08 14:56 -------- d-----w- c:\users\Jan\AppData\Roaming\AVG2013
2012-12-08 14:55 . 2012-12-08 14:55 -------- d-----w- c:\users\Jan\AppData\Roaming\TuneUp Software
2012-12-08 14:54 . 2012-12-08 14:55 -------- d-----w- c:\programdata\AVG2013
2012-12-08 14:54 . 2012-12-08 14:54 -------- d-----w- C:\$AVG
2012-12-08 14:54 . 2012-12-08 14:56 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Avg2013
2012-12-08 14:54 . 2012-12-08 14:54 -------- d-----w- c:\program files (x86)\AVG
2012-12-08 14:49 . 2012-12-11 05:48 -------- d-----w- c:\programdata\MFAData
2012-12-08 14:49 . 2012-12-08 14:59 -------- d-----w- c:\users\Jan\AppData\Local\Avg2013
2012-12-08 14:49 . 2012-12-08 14:49 -------- d--h--w- c:\programdata\Common Files
2012-12-08 14:49 . 2012-12-08 14:49 -------- d-----w- c:\users\Jan\AppData\Local\MFAData
2012-12-03 06:19 . 2012-10-23 05:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0047159-6ECB-4872-8DE2-DE040ECB20BB}\gapaengine.dll
2012-12-03 06:19 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-25 14:36 . 2012-11-25 14:36 -------- dc-h--w- c:\programdata\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}
2012-11-14 13:52 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-14 13:52 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 13:52 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 13:52 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 13:46 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 13:46 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 13:46 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 13:46 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 13:46 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 13:46 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 13:46 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-13 19:10 . 2012-11-13 19:10 -------- d-----w- c:\programdata\boost_interprocess
2012-11-12 07:19 . 2012-09-24 22:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 13:46 . 2012-01-04 18:03 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-10 09:13 . 2012-06-29 11:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-11-03 14:23 . 2012-02-24 19:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-03 14:23 . 2012-02-24 19:19 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-11-03 10:40 . 2012-07-07 04:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-03 10:40 . 2011-08-03 12:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-01 07:53 . 2012-02-13 09:34 972192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2012-10-13 08:09 . 2012-09-13 15:15 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-09 17:58 . 2012-06-01 22:47 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 17:58 . 2012-06-01 22:47 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-09-21 02:46 . 2012-09-21 02:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-09-21 02:46 . 2012-09-21 02:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys
2012-09-14 19:19 . 2012-10-31 13:10 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-31 13:10 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-14 02:05 . 2012-09-14 02:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 13:03 1310040 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
FreeRapid 0.9.lnk - c:\users\Jan\Desktop\FRD\frd.exe [2012-11-3 35840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ALFA plus - rýchle spustenie.lnk - c:\program files (x86)\KROS\ALFA plus\!System\ALFAplus.exe [2012-8-3 3282816]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-08 307304]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-04 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-10-31 14544]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-11-01 1340976]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 FirebirdServerKROS_20400;Firebird Server - KROS_20400;c:\program files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2009-06-15 12800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-01 17:58]
.
2012-12-09 c:\windows\Tasks\Crysis Wars(R) Updates.job
- c:\windows\Installer\Crysis Wars(R) Updates for All Users.lnk [2012-07-23 14:04]
.
2012-12-11 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2012-09-19 13:24]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 12:01]
.
2012-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 12:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={76AE478E-AD39-11E1-A9B5-E89A8FDA6CB0}
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
TCP: DhcpNameServer = 192.168.1.104 192.168.1.102 192.168.1.100
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{82EA3E77-7BD2-4744-A8F2-670770767EC5} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET CLR Networking 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\1394ohci]
"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ACPI]
"ImagePath"="system32\drivers\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AcpiPmi]
"ImagePath"="\SystemRoot\system32\drivers\acpipmi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AdobeARMservice]
"ImagePath"="\"c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adp94xx]
"ImagePath"="\SystemRoot\system32\drivers\adp94xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adpahci]
"ImagePath"="\SystemRoot\system32\drivers\adpahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adpu320]
"ImagePath"="\SystemRoot\system32\drivers\adpu320.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\adsi]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AdvancedSystemCareService5]
"ImagePath"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AeLookupSvc]
"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AFD]
"ImagePath"="\SystemRoot\system32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\agp440]
"ImagePath"="\SystemRoot\system32\drivers\agp440.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\aliide]
"ImagePath"="\SystemRoot\system32\drivers\aliide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdide]
"ImagePath"="\SystemRoot\system32\drivers\amdide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AmdK8]
"ImagePath"="\SystemRoot\system32\drivers\amdk8.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AmdPPM]
"ImagePath"="\SystemRoot\system32\drivers\amdppm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdsata]
"ImagePath"="\SystemRoot\system32\drivers\amdsata.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdsbs]
"ImagePath"="\SystemRoot\system32\drivers\amdsbs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\amdxata]
"ImagePath"="system32\drivers\amdxata.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AppID]
"ImagePath"="\SystemRoot\system32\drivers\appid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AppIDSvc]
"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Appinfo]
"ServiceDll"="%SystemRoot%\System32\appinfo.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\arc]
"ImagePath"="\SystemRoot\system32\drivers\arc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\arcsas]
"ImagePath"="\SystemRoot\system32\drivers\arcsas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ASP.NET_1.1.4322]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\aspnet_state]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\atapi]
"ImagePath"="system32\drivers\atapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\athr]
"ImagePath"="system32\DRIVERS\athrx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AudioEndpointBuilder]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avg]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgfwfd]
"ImagePath"="system32\DRIVERS\avgfwd6a.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\avgfws]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgfws.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AVGIDSAgent]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgidsagent.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AVGIDSDriver]
"ImagePath"="system32\DRIVERS\avgidsdrivera.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AVGIDSHA]
"ImagePath"="system32\DRIVERS\avgidsha.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgldx64]
"ImagePath"="system32\DRIVERS\avgldx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgloga]
"ImagePath"="system32\DRIVERS\avgloga.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgmfx64]
"ImagePath"="system32\DRIVERS\avgmfx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgrkx64]
"ImagePath"="system32\DRIVERS\avgrkx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Avgtdia]
"ImagePath"="system32\DRIVERS\avgtdia.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\avgwd]
"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\AxInstSV]
"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\b06bdrv]
"ImagePath"="\SystemRoot\system32\drivers\bxvbda.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\b57nd60a]
"ImagePath"="system32\DRIVERS\b57nd60a.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BattC]
"MofImagePath"="system32\drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BDESVC]
"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Beep]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BFE]
"ServiceDll"="%SystemRoot%\System32\bfe.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\blbdrive]
"ImagePath"="\SystemRoot\system32\drivers\blbdrive.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\bowser]
"ImagePath"="system32\DRIVERS\bowser.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrFiltLo]
"ImagePath"="\SystemRoot\system32\drivers\BrFiltLo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrFiltUp]
"ImagePath"="\SystemRoot\system32\drivers\BrFiltUp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BridgeMP]
"ImagePath"="system32\DRIVERS\bridge.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Brserid]
"ImagePath"="\SystemRoot\System32\Drivers\Brserid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrSerWdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrSerWdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrUsbMdm]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbMdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BrUsbSer]
"ImagePath"="\SystemRoot\System32\Drivers\BrUsbSer.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BtFilter]
"ImagePath"="system32\DRIVERS\btfilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BTHMODEM]
"ImagePath"="\SystemRoot\system32\drivers\bthmodem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\BTHPORT]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\bthserv]
"ServiceDll"="%SystemRoot%\system32\bthserv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\catchme]
"ImagePath"="\??\c:\combofix\catchme.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cdfs]
"ImagePath"="system32\DRIVERS\cdfs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CertPropSvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cfWiMAXService]
"ImagePath"="\"c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\circlass]
"ImagePath"="\SystemRoot\system32\drivers\circlass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CLFS]
"ImagePath"="System32\CLFS.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v2.0.50727_32]
"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v2.0.50727_64]
"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v4.0.30319_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\clr_optimization_v4.0.30319_64]
"ImagePath"="c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmBatt]
"ImagePath"="\SystemRoot\system32\drivers\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cmdide]
"ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CNG]
"ImagePath"="System32\Drivers\cng.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CnxtHdAudService]
"ImagePath"="system32\drivers\CHDRT64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Compbatt]
"ImagePath"="system32\drivers\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CompositeBus]
"ImagePath"="\SystemRoot\system32\drivers\CompositeBus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ConfigFree Service]
"ImagePath"="\"c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\crcdisk]
"ImagePath"="\SystemRoot\system32\drivers\crcdisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\crypt32]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CryptSvc]
"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CscService]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cvhsvc]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DCLocator]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\defragsvc]
"ServiceDll"="%Systemroot%\System32\defragsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DfsC]
"ImagePath"="System32\Drivers\dfsc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\dg_ssudbus]
"ImagePath"="system32\DRIVERS\ssudbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Dhcp]
"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\discache]
"ImagePath"="System32\drivers\discache.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Disk]
"ImagePath"="system32\drivers\disk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DPS]
"ServiceDll"="%SystemRoot%\system32\dps.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\DXGKrnl]
"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ebdrv]
"ImagePath"="\SystemRoot\system32\drivers\evbda.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EFS]
"ImagePath"="%SystemRoot%\System32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ehRecvr]
"ImagePath"="%systemroot%\ehome\ehRecvr.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ehSched]
"ImagePath"="%systemroot%\ehome\ehsched.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\elxstor]
"ImagePath"="\SystemRoot\system32\drivers\elxstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ErrDev]
"ImagePath"="\SystemRoot\system32\drivers\errdev.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ESENT]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\eventlog]
"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EventSystem]
"ServiceDll"="%systemroot%\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ewusbnet]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\exfat]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fastfat]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Fax]
"ImagePath"="%systemroot%\system32\fxssvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fdc]
"ImagePath"="\SystemRoot\system32\drivers\fdc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fdPHost]
"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FDResPub]
"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FileInfo]
"ImagePath"="system32\drivers\fileinfo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Filetrace]
"ImagePath"="system32\drivers\filetrace.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FirebirdServerKROS_20400]
"ImagePath"="\"c:\program files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe\" -s KROS_20400"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\flpydisk]
"ImagePath"="\SystemRoot\system32\drivers\flpydisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FontCache]
"ServiceDll"="%SystemRoot%\system32\FntCache.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FontCache3.0.0.0]
"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\FsDepends]
"ImagePath"="System32\drivers\FsDepends.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fvevol]
"ImagePath"="System32\DRIVERS\fvevol.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gagp30kx]
"ImagePath"="\SystemRoot\system32\drivers\gagp30kx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gpsvc]
"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gupdate]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\gupdatem]
"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /medsvc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hcw85cir]
"ImagePath"="\SystemRoot\system32\drivers\hcw85cir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HdAudAddService]
"ImagePath"="system32\drivers\HdAudio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidBatt]
"ImagePath"="\SystemRoot\system32\drivers\HidBatt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidBth]
"ImagePath"="\SystemRoot\system32\drivers\hidbth.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidIr]
"ImagePath"="\SystemRoot\system32\drivers\hidir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hidserv]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hkmsvc]
"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HomeGroupListener]
"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HomeGroupProvider]
"ServiceDll"="%SystemRoot%\system32\provsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HpSAMD]
"ImagePath"="\SystemRoot\system32\drivers\HpSAMD.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HTCAND64]
"ImagePath"="System32\Drivers\ANDROIDUSB.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\htcnprot]
"ImagePath"="system32\DRIVERS\htcnprot.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HTTP]
"ImagePath"="system32\drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Huawei]
"ImagePath"="system32\DRIVERS\ewdcsc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwcdcmdm0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwdatacard]
"ImagePath"="system32\DRIVERS\ewusbmdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwpolicy]
"ImagePath"="System32\drivers\hwpolicy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwusbapp]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwusbdev]
"ImagePath"="system32\DRIVERS\ewusbdev.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\hwusbser]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iaStor]
"ImagePath"="system32\DRIVERS\iaStor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iaStorV]
"ImagePath"="\SystemRoot\system32\drivers\iaStorV.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IDriverT]
"ImagePath"="\"c:\program files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\idsvc]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iirsp]
"ImagePath"="\SystemRoot\system32\drivers\iirsp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IKEEXT]
"ServiceDll"="%SystemRoot%\System32\ikeext.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\inetaccs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\intelide]
"ImagePath"="\SystemRoot\system32\drivers\intelide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IPBusEnum]
"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iphlpsvc]
"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IPMIDRV]
"ImagePath"="\SystemRoot\system32\drivers\IPMIDrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IPNAT]
"ImagePath"="System32\drivers\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\IRENUM]
"ImagePath"="system32\drivers\irenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\isapnp]
"ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\iScsiPrt]
"ImagePath"="\SystemRoot\system32\drivers\msiscsi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KeyIso]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KSecDD]
"ImagePath"="System32\Drivers\ksecdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KSecPkg]
"ImagePath"="System32\Drivers\ksecpkg.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ksthunk]
"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\KtmRm]
"ServiceDll"="%systemroot%\system32\msdtckrm.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\L1C]
"ImagePath"="system32\DRIVERS\L1C62x64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LanmanWorkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ldap]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\lltdio]
"ImagePath"="system32\DRIVERS\lltdio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\lltdsvc]
"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\lmhosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LMS]
"ImagePath"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Lsa]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_FC]
"ImagePath"="\SystemRoot\system32\drivers\lsi_fc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_SAS]
"ImagePath"="\SystemRoot\system32\drivers\lsi_sas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_SAS2]
"ImagePath"="\SystemRoot\system32\drivers\lsi_sas2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\LSI_SCSI]
"ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\luafv]
"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\massfilter]
"ImagePath"="system32\drivers\massfilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MAV Client PerfMon Provider]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Mcx2Svc]
"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\megasas]
"ImagePath"="\SystemRoot\system32\drivers\megasas.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MegaSR]
"ImagePath"="\SystemRoot\system32\drivers\MegaSR.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEIx64]
"ImagePath"="system32\DRIVERS\HECIx64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MMCSS]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Modem]
"ImagePath"="system32\drivers\modem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\monitor]
"ImagePath"="system32\DRIVERS\monitor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mountmgr]
"ImagePath"="System32\drivers\mountmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MpFilter]
"ImagePath"="system32\DRIVERS\MpFilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mpio]
"ImagePath"="\SystemRoot\system32\drivers\mpio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mpsdrv]
"ImagePath"="System32\drivers\mpsdrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MpsSvc]
"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MRxDAV]
"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mrxsmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mrxsmb10]
"ImagePath"="system32\DRIVERS\mrxsmb10.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mrxsmb20]
"ImagePath"="system32\DRIVERS\mrxsmb20.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msahci]
"ImagePath"="system32\DRIVERS\msahci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msdsm]
"ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSDTC]
"ImagePath"="%SystemRoot%\System32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSDTC Bridge 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Msfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mshidkmdf]
"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msisadrv]
"ImagePath"="system32\drivers\msisadrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSiSCSI]
"ServiceDll"="%systemroot%\system32\iscsiexe.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MsMpSvc]
"ImagePath"="\"c:\program files\Microsoft Security Client\MsMpEng.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"

tu je druhá časť:

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MsRPC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\mssmbios]
"ImagePath"="\SystemRoot\system32\drivers\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MTConfig]
"ImagePath"="\SystemRoot\system32\drivers\MTConfig.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Mup]
"ImagePath"="System32\Drivers\mup.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\napagent]
"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NativeWifiP]
"ImagePath"="system32\DRIVERS\nwifi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NDIS]
"ImagePath"="system32\drivers\ndis.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NdisCap]
"ImagePath"="system32\DRIVERS\ndiscap.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NDProxy]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NetBT]
"ImagePath"="System32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\netprofm]
"ServiceDll"="%SystemRoot%\System32\netprofm.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NetTcpPortSharing]
"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nfrd960]
"ImagePath"="\SystemRoot\system32\drivers\nfrd960.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NisDrv]
"ImagePath"="system32\DRIVERS\NisDrvWFP.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NisSrv]
"ImagePath"="\"c:\program files\Microsoft Security Client\NisSrv.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NlaSvc]
"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Npfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nsi]
"ServiceDll"="%systemroot%\system32\nsisvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nsiproxy]
"ImagePath"="system32\drivers\nsiproxy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NTDS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Ntfs]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Null]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nusb3hub]
"ImagePath"="system32\DRIVERS\nusb3hub.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nusb3xhc]
"ImagePath"="system32\DRIVERS\nusb3xhc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NVHDA]
"ImagePath"="system32\drivers\nvhda64v.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvlddmkm]
"ImagePath"="system32\DRIVERS\nvlddmkm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvraid]
"ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nvstor]
"ImagePath"="\SystemRoot\system32\drivers\nvstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NVSvc]
"ImagePath"="%SystemRoot%\system32\nvvsvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\nv_agp]
"ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ohci1394]
"ImagePath"="\SystemRoot\system32\drivers\ohci1394.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ose]
"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\osppsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\p2pimsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\p2psvc]
"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Parport]
"ImagePath"="\SystemRoot\system32\drivers\parport.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\partmgr]
"ImagePath"="System32\drivers\partmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PassThru Service]
"ImagePath"="c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PcaSvc]
"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pci]
"ImagePath"="system32\drivers\pci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pciide]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pcmcia]
"ImagePath"="\SystemRoot\system32\drivers\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pcw]
"ImagePath"="System32\drivers\pcw.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PEAUTH]
"ImagePath"="system32\drivers\peauth.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PeerDistSvc]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfHost]
"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfNet]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfOS]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PerfProc]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PGEffect]
"ImagePath"="system32\DRIVERS\pgeffect.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pla]
"ServiceDll"="%systemroot%\system32\pla.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PlugPlay]
"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PnkBstrA]
"ImagePath"="c:\windows\system32\PnkBstrA.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PNRPAutoReg]
"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PNRPsvc]
"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PolicyAgent]
"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PortProxy]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Power]
"ServiceDll"="%SystemRoot%\system32\umpo.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Processor]
"ImagePath"="\SystemRoot\system32\drivers\processr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ProfSvc]
"ServiceDll"="%systemroot%\system32\profsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Psched]
"ImagePath"="system32\DRIVERS\pacer.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\QIOMem]
"ImagePath"="\SystemRoot\system32\drivers\QIOMem.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ql2300]
"ImagePath"="\SystemRoot\system32\drivers\ql2300.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ql40xx]
"ImagePath"="\SystemRoot\system32\drivers\ql40xx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\QWAVE]
"ServiceDll"="%windir%\system32\qwave.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\QWAVEdrv]
"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasAcd]
"ImagePath"="System32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasAgileVpn]
"ImagePath"="system32\DRIVERS\AgileVpn.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RasSstp]
"ImagePath"="system32\DRIVERS\rassstp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rdpbus]
"ImagePath"="\SystemRoot\system32\drivers\rdpbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPENCDD]
"ImagePath"="system32\drivers\rdpencdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPNP]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPREFMP]
"ImagePath"="system32\drivers\rdprefmp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RDPWD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rdyboost]
"ImagePath"="System32\drivers\rdyboost.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RemoteAccess]
"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RpcEptMapper]
"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RpcSs]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RSUSBSTOR]
"ImagePath"="System32\Drivers\RtsUStor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\RSUSBVSTOR]
"ImagePath"="System32\Drivers\RTSUVSTOR.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039bus]
"ImagePath"="system32\DRIVERS\s1039bus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039mdfl]
"ImagePath"="system32\DRIVERS\s1039mdfl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039mdm]
"ImagePath"="system32\DRIVERS\s1039mdm.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039mgmt]
"ImagePath"="system32\DRIVERS\s1039mgmt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039nd5]
"ImagePath"="system32\DRIVERS\s1039nd5.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039obex]
"ImagePath"="system32\DRIVERS\s1039obex.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\s1039unic]
"ImagePath"="system32\DRIVERS\s1039unic.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sbp2port]
"ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SCardSvr]
"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\scfilter]
"ImagePath"="System32\DRIVERS\scfilter.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Schedule]
"ServiceDll"="%systemroot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SCPolicySvc]
"ServiceDll"="%SystemRoot%\System32\certprop.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SDRSVC]
"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\secdrv]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\seclogon]
"ServiceDll"="%windir%\system32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SensrSvc]
"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Serenum]
"ImagePath"="\SystemRoot\system32\drivers\serenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Serial]
"ImagePath"="\SystemRoot\system32\drivers\serial.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sermouse]
"ImagePath"="\SystemRoot\system32\drivers\sermouse.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SessionEnv]
"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sffdisk]
"ImagePath"="\SystemRoot\system32\drivers\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sffp_mmc]
"ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sffp_sd]
"ImagePath"="\SystemRoot\system32\drivers\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sfloppy]
"ImagePath"="\SystemRoot\system32\drivers\sfloppy.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Sftfs]
"ImagePath"="system32\DRIVERS\Sftfslh.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sftlist]
"ImagePath"="\"c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Sftplay]
"ImagePath"="system32\DRIVERS\Sftplaylh.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Sftredir]
"ImagePath"="system32\DRIVERS\Sftredirlh.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Sftvol]
"ImagePath"="system32\DRIVERS\Sftvollh.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sftvsa]
"ImagePath"="\"c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SiSRaid2]
"ImagePath"="\SystemRoot\system32\drivers\SiSRaid2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SiSRaid4]
"ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SkypeUpdate]
"ImagePath"="\"c:\program files (x86)\Skype\Updater\Updater.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Smb]
"ImagePath"="system32\DRIVERS\smb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SMSvcHost 4.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SNMPTRAP]
"ImagePath"="%SystemRoot%\System32\snmptrap.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\spldr]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Spooler]
"ImagePath"="%SystemRoot%\System32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sppsvc]
"ImagePath"="%SystemRoot%\system32\sppsvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sppuinotify]
"ServiceDll"="%SystemRoot%\system32\sppuinotify.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\sptd]
"ImagePath"="\SystemRoot\System32\Drivers\sptd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\srv]
"ImagePath"="System32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\srv2]
"ImagePath"="System32\DRIVERS\srv2.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\srvnet]
"ImagePath"="System32\DRIVERS\srvnet.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SstpSvc]
"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Stereo Service]
"ImagePath"="c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\stexstor]
"ImagePath"="\SystemRoot\system32\drivers\stexstor.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\stisvc]
"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\swenum]
"ImagePath"="\SystemRoot\system32\drivers\swenum.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\swprv]
"ServiceDll"="%Systemroot%\System32\swprv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SysMain]
"ServiceDll"="%systemroot%\system32\sysmain.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TabletInputService]
"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TBS]
"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Tcpip]
"ImagePath"="System32\drivers\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TCPIP6]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TCPIP6TUNNEL]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tcpipreg]
"ImagePath"="System32\drivers\tcpipreg.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TCPIPTUNNEL]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tdcmdpst]
"ImagePath"="system32\DRIVERS\tdcmdpst.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TDPIPE]
"ImagePath"="system32\drivers\tdpipe.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TDTCP]
"ImagePath"="system32\drivers\tdtcp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tdx]
"ImagePath"="system32\DRIVERS\tdx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TemproMonitoringService]
"ImagePath"="\"c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TermDD]
"ImagePath"="\SystemRoot\system32\drivers\termdd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Themes]
"ServiceDll"="%SystemRoot%\system32\themeservice.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\THREADORDER]
"ServiceDll"="%SystemRoot%\system32\mmcss.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TMachInfo]
"ImagePath"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TODDSrv]
"ImagePath"="c:\windows\system32\TODDSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TosCoSrv]
"ImagePath"="\"c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TOSHIBA Bluetooth Service]
"ImagePath"="c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TOSHIBA eco Utility Service]
"ImagePath"="\"c:\program files\TOSHIBA\TECO\TecoService.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TOSHIBA HDD SSD Alert Service]
"ImagePath"="\"c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tosporte]
"ImagePath"="system32\DRIVERS\tosporte.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tosrfbd]
"ImagePath"="system32\DRIVERS\tosrfbd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tosrfbnp]
"ImagePath"="System32\Drivers\tosrfbnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Tosrfcom]
"ImagePath"="System32\Drivers\tosrfcom.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tosrfec]
"ImagePath"="system32\DRIVERS\tosrfec.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Tosrfhid]
"ImagePath"="system32\DRIVERS\Tosrfhid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tosrfnds]
"ImagePath"="system32\DRIVERS\tosrfnds.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TosRfSnd]
"ImagePath"="system32\drivers\tosrfsnd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Tosrfusb]
"ImagePath"="system32\DRIVERS\tosrfusb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TPCHSrv]
"ImagePath"="\"c:\program files\TOSHIBA\TPHM\TPCHSrv.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrkWks]
"ServiceDll"="%SystemRoot%\System32\trkwks.dll"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrustedInstaller]
"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TSDDD]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tssecsrv]
"ImagePath"="System32\DRIVERS\tssecsrv.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TsUsbFlt]
"ImagePath"="system32\drivers\tsusbflt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TsUsbGD]
"ImagePath"="\SystemRoot\system32\drivers\TsUsbGD.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\tunnel]
"ImagePath"="system32\DRIVERS\tunnel.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TVALZ]
"ImagePath"="system32\DRIVERS\TVALZ_O.SYS"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TVALZFL]
"ImagePath"="system32\DRIVERS\TVALZFL.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\uagp35]
"ImagePath"="\SystemRoot\system32\drivers\uagp35.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\udfs]
"ImagePath"="system32\DRIVERS\udfs.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UGatherer]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UI0Detect]
"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\uliagpkx]
"ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\umbus]
"ImagePath"="system32\DRIVERS\umbus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UmPass]
"ImagePath"="\SystemRoot\system32\drivers\umpass.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UNS]
"ImagePath"="\"c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbcir]
"ImagePath"="\SystemRoot\system32\drivers\usbcir.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbohci]
"ImagePath"="\SystemRoot\system32\drivers\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbuhci]
"ImagePath"="\SystemRoot\system32\drivers\usbuhci.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usbvideo]
"ImagePath"="System32\Drivers\usbvideo.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\usb_rndisx]
"ImagePath"="\SystemRoot\system32\drivers\usb8023x.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\UxSms]
"ServiceDll"="%SystemRoot%\System32\uxsms.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VaultSvc]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vdrvroot]
"ImagePath"="system32\drivers\vdrvroot.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vds]
"ImagePath"="%SystemRoot%\System32\vds.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vga]
"ImagePath"="system32\DRIVERS\vgapnp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vhdmp]
"ImagePath"="\SystemRoot\system32\drivers\vhdmp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\viaide]
"ImagePath"="\SystemRoot\system32\drivers\viaide.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\volmgr]
"ImagePath"="system32\drivers\volmgr.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\volmgrx]
"ImagePath"="System32\drivers\volmgrx.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\volsnap]
"ImagePath"="system32\drivers\volsnap.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vsmraid]
"ImagePath"="\SystemRoot\system32\drivers\vsmraid.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\VSS]
"ImagePath"="%systemroot%\system32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vwifibus]
"ImagePath"="system32\DRIVERS\vwifibus.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vwififlt]
"ImagePath"="system32\DRIVERS\vwififlt.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\vwifimp]
"ImagePath"="system32\DRIVERS\vwifimp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\W3SVC]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WacomPen]
"ImagePath"="\SystemRoot\system32\drivers\wacompen.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WANARP]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wanarpv6]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WatAdminSvc]
"ImagePath"="%SystemRoot%\system32\Wat\WatAdminSvc.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wbengine]
"ImagePath"="\"%systemroot%\system32\wbengine.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WbioSrvc]
"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wcncsvc]
"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WcsPlugInService]
"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wd]
"ImagePath"="system32\drivers\wd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wdf01000]
"ImagePath"="system32\drivers\Wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WdiServiceHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WdiSystemHost]
"ServiceDll"="%SystemRoot%\system32\wdi.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wecsvc]
"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wercplsupport]
"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WerSvc]
"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WfpLwf]
"ImagePath"="system32\DRIVERS\wfplwf.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WIMMount]
"ImagePath"="system32\drivers\wimmount.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinDefend]
"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinHttpAutoProxySvc]
"ServiceDll"="winhttp.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRing0_1_2_0]
"ImagePath"="\??\c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Winsock]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinSock2]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WinUsb]
"ImagePath"="system32\DRIVERS\WinUsb.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Wlansvc]
"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wlcrasvc]
"ImagePath"="\"c:\program files\Windows Live\Mesh\wlcrasvc.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wlidsvc]
"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WmiAcpi]
"ImagePath"="\SystemRoot\system32\drivers\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wmiApSrv]
"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WMPNetworkSvc]
"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WPCSvc]
"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WPDBusEnum]
"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ws2ifsl]
"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WSearch]
"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuaueng.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WudfPf]
"ImagePath"="system32\drivers\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WUDFRd]
"ImagePath"="system32\DRIVERS\WUDFRd.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wudfsvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\WwanSvc]
"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xmlprov]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ZTEusbmdm6k]
"ImagePath"="system32\DRIVERS\ZTEusbmdm6k.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ZTEusbnmea]
"ImagePath"="system32\DRIVERS\ZTEusbnmea.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ZTEusbser6k]
"ImagePath"="system32\DRIVERS\ZTEusbser6k.sys"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{0EADEB99-09E2-4A7D-BCAC-24038A46153F}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{33DB737A-2C68-406B-BA5F-F7F4E4294D8E}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{7CB206A3-290E-4773-B772-D03B06C08B54}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{A322D0B5-10DA-4461-BE95-66C5B7F8ABF1}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{B1FEB40A-26AA-444B-9664-5E659D4864C7}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{C9D3E82D-EAC1-41F4-81B8-978B5A18D21F}]
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\{F3EFB1CC-7481-4790-9788-F63066A9F1E1}]
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:28,e3,83,ca,57,07,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,67,b0,1a,12,cb,a3,a0,44,b6,84,d5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,67,b0,1a,12,cb,a3,a0,44,b6,84,d5,\
.
[HKEY_USERS\S-1-5-21-3225326084-4038000581-472732411-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:2f,79,b5,77,7a,a6,da,ec,31,2c,fd,f9,b5,dd,b0,72,ac,70,0d,f0,db,f1,61,
89,57,18,0b,35,4b,4a,4d,4b,71,36,43,d7,d0,74,67,79,e1,a4,34,9a,1a,91,eb,c8,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-3225326084-4038000581-472732411-1000\Software\SecuROM\License information*]
"datasecu"=hex:19,1f,0a,b7,da,e6,8a,ae,7f,7c,64,3e,d3,df,78,27,07,0f,3a,14,ac,
7e,af,b5,31,25,3f,42,cb,f7,d0,39,2a,0f,b3,ec,31,a4,6c,d1,d6,f3,51,33,44,9c,\
"rkeysecu"=hex:75,52,f2,dc,6c,c3,db,af,8a,e1,59,ec,f1,95,c1,63
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Completion time: 2012-12-11 07:09:30 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-11 06:09
.
Pre-Run: 209 000 099 840 bytes free
Post-Run: 212 430 385 152 bytes free
.
- - End Of File - - 69AF0B870CA449164BFB9022752400C6

pri otvorení gogle chrome vypisuje :
vyskytol sa pokus o nepovolenú operáciu s klúčom databázi registry .................

počuj neviem takmer nič spustiť na NB čo sa deje?

v prvom rade odištaluj avg

ulož combofix na plochu stiahni si cfscript zhttp://www.ulozto.sk/xfQaD5M/cfscript-txt uloz ho na plochu pretiahni cfscript cez combofix aplikuje sa script posli log.

pre hladaný výraz neboli najdené žiadne dokumenty

killall::
seccenter::
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
folder::
C:\Program Files (x86)\IObit
C:\Program Files (x86)\SweetIM
file::
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup ALFA plus - rýchle spustenie.lnk
C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup FreeRapid 0.9.lnk
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Crysis Wars(R) Updates.job
C:\Windows\tasks\FreeFileViewerUpdateChecker.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
registry::
[-HKEY_LOCAL_MACHINE\software\McAfee]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82EA3E77-7BD2-4744-A8F2-670770767EC5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"Adobe ARM"=-
"Sweetpacks Communicator"=-
"SweetIM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Sidebar"=-
driver::
AdobeFlashPlayerUpdateSvc
skypeupdate
gupdatem
AdobeARMservice
gupdate
dds::
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={76AE478E-AD39-11E1-A9B5-E89A8FDA6CB0}
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html


reglock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\McAfee]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
regnull::
[HKEY_USERS\S-1-5-21-3225326084-4038000581-472732411-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-3225326084-4038000581-472732411-1000\Software\SecuROM\License information*]
clearjavacache::
reboot::

prečo mi tu dávaš cfscript to maš pretiahnuť cez combofix

ja tomu vôbec nerozumiem čo stým mám robiť. dal som vyhladať ten ( combofix ) a chcel som do neho vložiť ten výpis s csf script a nič sa nedeje.
to je úúplne niekde ........

combofix máš tu c:\users\Jan\Downloads\ComboFix.exe presun ho na plochu uloz na plochu cfscript pretiahni cfscript cez combofix http://img229.imageshack.us/img229/2154/cfscriptzu1.gif aplikuje sa script znova dávaš yes ok agree keď sa bude ta combofix pýtať vyhodí ty poznámkový blok potom budeš ho mať na C:combofix.txt

to kombofix.exe je na XP a 2000 ja mám W7
čo v čul

to funguje pre všetky systemy to kde si nabral ved ty to uz šlo v pc http://www.bleepingcomputer.com/download/combofix/

Max spyware detector dovland manager to je ono?

máš postupovať podľa inštrukci aplokovať cfscript pre combofix

No vieš čo Naozaj ti ďakujem za tvoju snahu som tvojím dlžníkom ale kašlen na to.
Ďík .

a čo je na tom taky problem pretiahnut cfscript cez combofix nemam rad ked sa ludia vzdávajúcu pre nič za nič

no. dúfam že je to to čo potrebuješ:

ComboFix 12-12-14.01 - Jan . 12. 2012 15:32:59.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4078.2547 [GMT 1:00]
Running from: c:\users\Jan\Downloads\AA.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPlyTune.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-14 to 2012-12-14 )))))))))))))))))))))))))))))))
.
.
2012-12-14 13:45 . 2012-12-14 13:45 -------- d-----w- c:\programdata\Max Secure
2012-12-14 13:42 . 2012-12-14 13:42 -------- d-----w- c:\users\Jan\AppData\Local\Programs
2012-12-13 21:35 . 2012-12-13 21:35 -------- d-----w- c:\program files\ESET
2012-12-13 21:33 . 2012-12-13 21:33 -------- d-----w- c:\users\Jan\AppData\Local\Max Secure Software
2012-12-13 21:13 . 2012-12-13 21:20 -------- d-----w- c:\users\Jan\AppData\Roaming\GetRightToGo
2012-12-13 21:03 . 2012-12-13 21:15 -------- d-----w- c:\users\Jan\AppData\Local\ESET
2012-12-13 17:39 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA571721-FDEF-4BE4-944C-E8C36FA1ED3D}\mpengine.dll
2012-12-13 08:53 . 2012-12-13 08:45 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87838708-5038-4115-B1F3-F7847ADA21CD}\gapaengine.dll
2012-12-13 08:50 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 08:50 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 08:41 . 2012-12-14 14:27 -------- d-----w- c:\users\Jan\AppData\Local\Htc
2012-12-13 08:39 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-13 04:02 . 2012-12-13 04:02 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Avg2013
2012-12-13 04:02 . 2012-12-13 04:02 -------- d-----w- c:\users\Jan\AppData\Local\Avg2013
2012-12-11 23:46 . 2012-12-11 23:46 -------- d-----w- c:\users\Jan\AppData\Roaming\AVG
2012-12-11 23:46 . 2012-12-11 23:47 -------- d-----w- c:\programdata\AVG
2012-12-10 06:57 . 2012-12-10 06:57 -------- d-----w- c:\users\Jan\AppData\Roaming\QuickScan
2012-12-10 06:35 . 2012-12-13 08:34 -------- d-----w- c:\program files (x86)\trend micro
2012-12-10 06:35 . 2012-12-10 06:35 -------- d-----w- C:\rsit
2012-12-09 15:09 . 2012-12-09 15:09 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-12-08 14:55 . 2012-12-11 23:51 -------- d-----w- c:\users\Jan\AppData\Roaming\TuneUp Software
2012-12-08 14:54 . 2012-12-13 04:03 -------- d-----w- c:\program files (x86)\AVG
2012-12-08 14:49 . 2012-12-13 08:34 -------- d-----w- c:\programdata\MFAData
2012-12-08 14:49 . 2012-12-08 14:49 -------- d--h--w- c:\programdata\Common Files
2012-12-08 14:49 . 2012-12-08 14:49 -------- d-----w- c:\users\Jan\AppData\Local\MFAData
2012-12-04 08:06 . 2012-12-13 08:56 -------- d-----w- c:\windows\softwaredistribution.bak1
2012-11-28 08:07 . 2012-11-28 08:07 57904 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-11-25 14:36 . 2012-12-13 08:35 -------- d--h--w- c:\programdata\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 08:58 . 2012-06-01 22:47 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 08:58 . 2012-06-01 22:47 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-13 08:56 . 2012-01-04 18:03 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-10 09:13 . 2012-06-29 11:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-11-03 14:23 . 2012-02-24 19:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-03 14:23 . 2012-02-24 19:19 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-11-03 10:40 . 2012-07-07 04:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-03 10:40 . 2011-08-03 12:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-01 07:53 . 2012-02-13 09:34 972192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-16 08:38 . 2012-12-13 08:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-13 08:49 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-13 08:49 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-13 08:09 . 2012-09-13 15:15 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-09 18:17 . 2012-11-14 09:56 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 09:56 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 09:56 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 09:56 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 189208 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 149592 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 211344 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-04 16:40 . 2012-12-13 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 09:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 09:56 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 09:56 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 09:56 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 09:56 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 09:56 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 09:56 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 09:56 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 09:56 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 09:56 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 09:56 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-14 09:56 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-14 09:56 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-24 22:16 . 2012-11-12 07:19 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-11 1298816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2007-12-11 286720]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ALFA plus - rýchle spustenie.lnk - c:\program files (x86)\KROS\ALFA plus\!System\ALFAplus.exe [2012-8-3 3282816]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-08 307304]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-04 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-10-31 14544]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 57904]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]
S2 FirebirdServerKROS_20400;Firebird Server - KROS_20400;c:\program files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2009-06-15 12800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-01 08:58]
.
2012-11-25 c:\windows\Tasks\Crysis Wars(R) Updates.job
- c:\windows\Installer\Crysis Wars(R) Updates for All Users.lnk [2012-07-23 14:04]
.
2012-12-14 c:\windows\Tasks\FreeFileViewerUpdateChecker.job
- c:\program files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2012-09-19 13:24]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 12:01]
.
2012-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 12:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-26 6325936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={76AE478E-AD39-11E1-A9B5-E89A8FDA6CB0}
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
TCP: DhcpNameServer = 192.168.1.104 192.168.1.102 192.168.1.100
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{82EA3E77-7BD2-4744-A8F2-670770767EC5} - (no file)
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:28,e3,83,ca,57,07,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,67,b0,1a,12,cb,a3,a0,44,b6,84,d5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,67,b0,1a,12,cb,a3,a0,44,b6,84,d5,\
.
[HKEY_USERS\S-1-5-21-3225326084-4038000581-472732411-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:2f,79,b5,77,7a,a6,da,ec,31,2c,fd,f9,b5,dd,b0,72,ac,70,0d,f0,db,f1,61,
89,57,18,0b,35,4b,4a,4d,4b,71,36,43,d7,d0,74,67,79,e1,a4,34,9a,1a,91,eb,c8,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-3225326084-4038000581-472732411-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,ab,47,35,d8,2c,36,90,c9,4b,af,a1,93,70,c4,d6,f2,e0,3b,9d,b9,
e2,ce,4d,b6,27,1b,b6,7a,72,dd,ae,2f,15,18,01,e5,21,dd,ed,fe,e5,8b,1c,62,a3,\
"rkeysecu"=hex:2e,10,08,7c,79,23,31,16,ae,bf,f1,55,ac,d3,cb,c6
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-12-14 15:45:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-14 14:45
.
Pre-Run: 211 541 798 912 bytes free
Post-Run: 211 010 441 216 bytes free
.
- - End Of File - - 2EC66BDB1DBD64D7BBC439426809AFA3

odinštaluj eset chceš aby ty spadol system .Neviem prečo si inštaloval eset v mojich inštrukciach nebola inštalacia esetu .a prečo si combofix premenoval na AA to v inštrukciach tak tiež nebolo mal si to presun na plochu a aplikovať cfscript pretiahnutim .ulož combofix na plochu stiahni si cfscript http://www.ulozto.sk/xfQaD5M/cfscript-txt uloz ho na plochu pretiahni cfscript cez combofix aplikuje sa script posli log.

ComboFix 12-12-17.01 - Jan . 12. 2012 7:34.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4078.2392 [GMT 1:00]
Running from: c:\users\Jan\Desktop\ComboFix.exe
Command switches used :: c:\users\Jan\Downloads\cfscript (1).txt
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup ALFA plus - rýchle spustenie.lnk"
"c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup FreeRapid 0.9.lnk"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\Crysis Wars(R) Updates.job"
"c:\windows\tasks\FreeFileViewerUpdateChecker.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\IObit
c:\program files (x86)\IObit\Advanced SystemCare 5\About.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\ActiveBoost.db
c:\program files (x86)\IObit\Advanced SystemCare 5\ASC.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCInit.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCInit.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-02.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-03.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-04.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-05.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-06.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-07.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-08.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-09.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-10.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-11.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-12.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-13.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-14.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-15.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-16.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-17.log
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTooltips.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCUpgrade.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCv5ComputerMenu.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCv5ComputerMenu_64.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCv5ExtMenu_64.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\ASCv5ExtMenu_64.tmp
c:\program files (x86)\IObit\Advanced SystemCare 5\AutoCare.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\AutoSweep.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\AutoUpdate.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\Backup\common\Bluetooth Manager.lnk
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\Backup\common\Toshiba Places Icon Utility.lnk
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-13 22-39-40
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-14 07-54-24
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-14 15-36-42
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-14 16-03-55
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-15 06-07-29
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-15 17-34-09
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-16 03-50-27
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-17 06-54-51
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-17 07-09-35
c:\program files (x86)\IObit\Advanced SystemCare 5\Boottime\path.ini
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-03-01(14-34-44).log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-04-06(13-10-58).log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-05-04(19-39-54).log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-05-24(20-21-51).log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-07-31(20-44-48).log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-09-22(08-03-53).log
c:\program files (x86)\IObit\Advanced SystemCare 5\BootTimeLog\Defrag2012-11-21(12-26-56).log
c:\program files (x86)\IObit\Advanced SystemCare 5\Cus.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\cxLibraryD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\datastate.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\Def.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\DelayLoad.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\diskhelper.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\DiskMap.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\DiskScan.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\DriverData.db
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\win7_amd64\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\win7_x86\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\wlh_amd64\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\wlh_x86\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\wnet_amd64\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\wnet_x86\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\wxp_amd64\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\drivers\wxp_x86\RegistryDefragBootTime.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\dxBarD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxComnD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxCoreD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxDockingD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxGDIPlusD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxhelper.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\dxSkinOffice2007BlueD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxSkinsCoreD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\dxThemeD12.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\EULA.rtf
c:\program files (x86)\IObit\Advanced SystemCare 5\Ext.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\fav.ico
c:\program files (x86)\IObit\Advanced SystemCare 5\FfSweep.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\help.html
c:\program files (x86)\IObit\Advanced SystemCare 5\checkinfo.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\christmas.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\ignore.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\dcScreen.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\dcScreen.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\dcScreen2.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\dcScreen2.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-dc.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-dc.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-qc.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-qc.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-tb.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-tb.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-tbox.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\icon-tbox.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\main.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\main.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\mainPro.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\mainPro.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\toolboxscreen.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\toolboxscreen.png
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\turboboost.jpg
c:\program files (x86)\IObit\Advanced SystemCare 5\Images\turboboost.png
c:\program files (x86)\IObit\Advanced SystemCare 5\IObitCommunities.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\IObitLogon.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Arabic.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Belarusian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Bulgarian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Czech.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Danish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Dutch.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\English.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Finnish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\French.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\German.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Greek.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Hebrew.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Hungarian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Italian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\japanese.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Korean.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Nederlands.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Polish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Romanian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Russian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Serbian (latin).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Slovenian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Spanish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Swedish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Turkish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Language\Vietnamese.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\LatestNews\imagenews.png
c:\program files (x86)\IObit\Advanced SystemCare 5\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Advanced SystemCare 5\License.dat
c:\program files (x86)\IObit\Advanced SystemCare 5\madbasic_.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\maddisAsm_.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\madexcept_.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\NtfsData.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\OFCommon.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\OFCommon3.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\PerformUpdate.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\PMonitor.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Promote.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Reg.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\Register.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Register.log
c:\program files (x86)\IObit\Advanced SystemCare 5\Reminder.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Report.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\RescueCenter.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Restore.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\rtl120.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\Scan.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2604115.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2604121.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2639308.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2656405.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2656411.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2658846.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2659262.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2660649.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2676562.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2688338.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2690533.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2690729.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2691905.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHole_Backup\KB2695962.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\SecurityHoleScan.log
c:\program files (x86)\IObit\Advanced SystemCare 5\sh.dat
c:\program files (x86)\IObit\Advanced SystemCare 5\skin\black.rcc
c:\program files (x86)\IObit\Advanced SystemCare 5\skin\classic.rcc
c:\program files (x86)\IObit\Advanced SystemCare 5\skin\cute.rcc
c:\program files (x86)\IObit\Advanced SystemCare 5\skin\metal.rcc
c:\program files (x86)\IObit\Advanced SystemCare 5\skin\public.rcc
c:\program files (x86)\IObit\Advanced SystemCare 5\skin\white.rcc
c:\program files (x86)\IObit\Advanced SystemCare 5\sqlite3.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\Suc10_RegistryCleaner.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suc11_PrivacySweeper.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suc13_DiskCleaner.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suc14_FileShredder.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sun10_ClonedFilesScanner.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sun11_AutoShutdown.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sun12_DiskExplorer.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sun13_SystemInformation.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sun14_EmptyFolderScanner.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sun15_SystemControl.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suo11_InternetBooster.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suo12_StartupManager.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suo13_RegistryDefrag.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suo14_SmartDefrag.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Suo15_GameBooster.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sur10_Undelete.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sur11_ShortcutFixer.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sur12_DiskDoctor.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sur13_WinFix.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sur14_IEHelper.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sus10_SysExplorer.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sus11_SecurityHolesScanner.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sus12_ProcessManager.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Sus13_DriverManager.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\SysExplorer.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\taskmgr.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\TbFfSweep.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\TbFileSweep.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\ie9-windows6.1-kb2647516-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\ndp40-kb2600217-x64.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\ndp40-kb2633870-x64.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\silverlight.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2607576-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2633873-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2640148-v2-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2645640-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2654428-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2660075-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\temp\windows6.1-kb2660465-x64.cab
c:\program files (x86)\IObit\Advanced SystemCare 5\test.log
c:\program files (x86)\IObit\Advanced SystemCare 5\toolbar.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\ToolBox.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Arabic.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Belarusian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Bulgarian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Czech.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Danish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Dutch.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\English.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Finnish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\French.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\German.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Greek.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Hebrew.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Hungarian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\ChineseSimp.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\ChineseTrad.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Italian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\japanese.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Korean.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Nederlands.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Polish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Portuguese(PT-BR).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Portuguese(PT-PT).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Romanian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Russian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Serbian (latin).lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Slovenian.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Spanish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Swedish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Turkish.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\Toolbox_Language\Vietnamese.lng
c:\program files (x86)\IObit\Advanced SystemCare 5\TurboBoost.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\TurboBoostGame.dbd
c:\program files (x86)\IObit\Advanced SystemCare 5\Undelete.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\unins000.dat
c:\program files (x86)\IObit\Advanced SystemCare 5\unins000.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\unins000.msg
c:\program files (x86)\IObit\Advanced SystemCare 5\Uninstall.log
c:\program files (x86)\IObit\Advanced SystemCare 5\UninstallPromote.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\Update History.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\Update.dat
c:\program files (x86)\IObit\Advanced SystemCare 5\Update\LastCheck.Ini
c:\program files (x86)\IObit\Advanced SystemCare 5\Update\Update.Ini
c:\program files (x86)\IObit\Advanced SystemCare 5\UpdateHistory.txt
c:\program files (x86)\IObit\Advanced SystemCare 5\UPdateTest.log
c:\program files (x86)\IObit\Advanced SystemCare 5\UpgradeTip.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\vcl120.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\vclx120.bpl
c:\program files (x86)\IObit\Advanced SystemCare 5\WebUI.dll
c:\program files (x86)\IObit\Advanced SystemCare 5\Wizard.exe
c:\program files (x86)\IObit\Advanced SystemCare 5\zlibwapi.dll
c:\program files (x86)\IObit\Game Booster 3\AutoUpdate.exe
c:\program files (x86)\IObit\Game Booster 3\Boost.exe
c:\program files (x86)\IObit\Game Booster 3\Boost.log
c:\program files (x86)\IObit\Game Booster 3\Cus.dbd
c:\program files (x86)\IObit\Game Booster 3\D3DCompiler_43.dll
c:\program files (x86)\IObit\Game Booster 3\d3dx10_43.dll
c:\program files (x86)\IObit\Game Booster 3\d3dx11_43.dll
c:\program files (x86)\IObit\Game Booster 3\D3DX8Wrapper.dll
c:\program files (x86)\IObit\Game Booster 3\D3DX9_43.dll
c:\program files (x86)\IObit\Game Booster 3\diskhelper.dll
c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0.sys
c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
c:\program files (x86)\IObit\Game Booster 3\dxhelper.dll
c:\program files (x86)\IObit\Game Booster 3\EULA.rtf
c:\program files (x86)\IObit\Game Booster 3\fav.ico
c:\program files (x86)\IObit\Game Booster 3\FPS.dll
c:\program files (x86)\IObit\Game Booster 3\FPSClient.exe
c:\program files (x86)\IObit\Game Booster 3\FPSSource.dll
c:\program files (x86)\IObit\Game Booster 3\Freeware\FreeSoftwareDownload\ASCSetup.exe
c:\program files (x86)\IObit\Game Booster 3\Freeware\GB_FreeSoftwareDownloader.exe
c:\program files (x86)\IObit\Game Booster 3\Freeware\Check.dll
c:\program files (x86)\IObit\Game Booster 3\GameBooster.exe
c:\program files (x86)\IObit\Game Booster 3\GameBooster.log
c:\program files (x86)\IObit\Game Booster 3\gb.bmp
c:\program files (x86)\IObit\Game Booster 3\gbtray.exe
c:\program files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll
c:\program files (x86)\IObit\Game Booster 3\GBV3ContextMenu.dll.bak
c:\program files (x86)\IObit\Game Booster 3\GForum.ico
c:\program files (x86)\IObit\Game Booster 3\IObitCommunities.exe
c:\program files (x86)\IObit\Game Booster 3\lame.ax
c:\program files (x86)\IObit\Game Booster 3\Language\Arabic.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Azerbaijani.lng
c:\program files (x86)\IObit\Game Booster 3\Language\BrazilianPortuguese.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Czech.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Danish.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Dutch.lng
c:\program files (x86)\IObit\Game Booster 3\Language\English.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Finnish.lng
c:\program files (x86)\IObit\Game Booster 3\Language\French.lng
c:\program files (x86)\IObit\Game Booster 3\Language\German.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Greek.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Hungarian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\ChineseSimp.lng
c:\program files (x86)\IObit\Game Booster 3\Language\ChineseTrad.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Italian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Japanese.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Korean.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Macedonian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Mongolian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Norwegian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Persian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Polish.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Portuguese(Portugal).lng
c:\program files (x86)\IObit\Game Booster 3\Language\Russian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Serbian (cyrillic).lng
c:\program files (x86)\IObit\Game Booster 3\Language\Serbian (latin).lng
c:\program files (x86)\IObit\Game Booster 3\Language\Slovenian.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Spanish.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Swedish.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Turkish.lng
c:\program files (x86)\IObit\Game Booster 3\Language\Vietnamese.lng
c:\program files (x86)\IObit\Game Booster 3\LatestGames\LatestGames.ini
c:\program files (x86)\IObit\Game Booster 3\LatestNews\LatestNews.ini
c:\program files (x86)\IObit\Game Booster 3\libmp3lame.dll
c:\program files (x86)\IObit\Game Booster 3\Licenses\WinRing0.License.txt
c:\program files (x86)\IObit\Game Booster 3\madbasic_.bpl
c:\program files (x86)\IObit\Game Booster 3\maddisAsm_.bpl
c:\program files (x86)\IObit\Game Booster 3\madexcept_.bpl
c:\program files (x86)\IObit\Game Booster 3\MatroskaMuxer.ax
c:\program files (x86)\IObit\Game Booster 3\MatroskaSplitter.ax
c:\program files (x86)\IObit\Game Booster 3\msvcr100.dll
c:\program files (x86)\IObit\Game Booster 3\PowerConfig.dll
c:\program files (x86)\IObit\Game Booster 3\rtl120.bpl
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\Boost_Bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\BoostButton_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\BoostButton_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\BoostButton_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\ConfigButton_Click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\ConfigButton_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\ConfigButton_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\Start.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Boost\Stop.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Bottom_Border.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Bottom_Client.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Bottom_Left.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Bottom_Right.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Left_Border.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Right_Border.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Right_Bottom.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Top_Border.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Top_Client.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Top_Left.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Border\Top_Right.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\close_click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\close_hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\close_normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\max_click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\max_hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\max_normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\min_click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\min_hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\min_normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\restore_click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\restore_hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\button\restore_normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Button_Disabled.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Button_Pannel_bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\CancelButton_Click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\CancelButton_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\CancelButton_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Config.ini
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\DefaultButton_Click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\DefaultButton_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\DefaultButton_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\1.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\10.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\2.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\3.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\4.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\5.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\6.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\7.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\8.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag\9.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Defrag_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Drivers_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Drivers_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Fold_Bg_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Fold_Bg_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Fold_Bg_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Fold_DownBtn.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Fold_UpBtn.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Forum_Btn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Forum_Btn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Forum_Btn_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Header_Bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Header_SepLine.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\HideLatestNew.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\CheckBox_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\CheckBox_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Icon_System.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\input_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\input_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Item_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Item_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\ItemButton_Click.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\ItemButton_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\ItemButton_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Navi_Bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Navi_Btn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Navi_Btn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Navi_Btn_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Navi_Config_Bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\News\Center.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\News\Left.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\News\Right.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Operate_Panel_Bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\OptButtonClick.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\OptButtonHover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\OptButtonNormal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\OptionButton_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\OptionButton_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\OptionButton_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Performance\After_Center.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Performance\After_Left.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Performance\After_Right.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Performance\Before_Center.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Performance\Before_Left.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Performance\Before_Right.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bar_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bar_Left_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bar_Left_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bar_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bar_Right_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bar_Right_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_Bg_Center.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_LeftBtn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_LeftBtn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_RightBtn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\HorScroll_RightBtn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bar_Bottom_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bar_Bottom_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bar_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bar_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bar_Top_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bar_Top_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_Bg_Center.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_DownBtn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_DownBtn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_UpBtn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Scroll\VerScroll_UpBtn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Setting_Button_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Setting_Button_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Setting_Button_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\ShowLatestNew.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\SwitchGameBoxHover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\SwitchGameBoxNormal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\SwitchGameBoxSelect.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\SwitchHomeHover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\SwitchHomeNormal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\SwitchHomeSelect.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\TipIcon.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\TitlePanel_Bg.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tools_Btn_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tools_Btn_Normal.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tools_Btn_Select.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\1.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\10.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\11.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\2.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\3.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\4.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\5.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\6.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\7.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\8.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweak\9.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweaks_Hover.png
c:\program files (x86)\IObit\Game Booster 3\Skin\Default\Tweaks_Normal.png
c:\program files (x86)\IObit\Game Booster 3\sqlite3.dll
c:\program files (x86)\IObit\Game Booster 3\taskMgr.dll
c:\program files (x86)\IObit\Game Booster 3\unins000.dat
c:\program files (x86)\IObit\Game Booster 3\unins000.exe
c:\program files (x86)\IObit\Game Booster 3\unins000.msg
c:\program files (x86)\IObit\Game Booster 3\Update\Update.Ini
c:\program files (x86)\IObit\Game Booster 3\vcl120.bpl
c:\program files (x86)\IObit\Game Booster 3\vclx120.bpl
c:\program files (x86)\SweetIM
c:\program files (x86)\SweetIM\Communicator\mgcommon.dll
c:\program files (x86)\SweetIM\Communicator\mgcommunication.dll
c:\program files (x86)\SweetIM\Communicator\mgsimcommon.dll
c:\program files (x86)\SweetIM\Communicator\mgxml_wrapper.dll
c:\program files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcm90.dll
c:\program files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcp90.dll
c:\program files (x86)\SweetIM\Communicator\Microsoft.VC90.CRT\msvcr90.dll
c:\program files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll
c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
c:\program files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files (x86)\SweetIM\Messenger\mgArchive.dll
c:\program files (x86)\SweetIM\Messenger\mgcommon.dll
c:\program files (x86)\SweetIM\Messenger\mgcommunication.dll
c:\program files (x86)\SweetIM\Messenger\mgconfig.dll
c:\program files (x86)\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files (x86)\SweetIM\Messenger\mghooking.dll
c:\program files (x86)\SweetIM\Messenger\mgICQAuto.dll
c:\program files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files (x86)\SweetIM\Messenger\mglogger.dll
c:\program files (x86)\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files (x86)\SweetIM\Messenger\mgMsnAuto.dll
c:\program files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files (x86)\SweetIM\Messenger\mgsimcommon.dll
c:\program files (x86)\SweetIM\Messenger\mgSweetIM.dll
c:\program files (x86)\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files (x86)\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files (x86)\SweetIM\Messenger\mgYahooAuto.dll
c:\program files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files (x86)\SweetIM\Messenger\msvcp71.dll
c:\program files (x86)\SweetIM\Messenger\msvcr71.dll
c:\program files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files (x86)\SweetIM\Messenger\SweetIM.exe
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\Crysis Wars(R) Updates.job
c:\windows\tasks\FreeFileViewerUpdateChecker.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
-------\Legacy_WinRing0_1_2_0
-------\Legacy_WinRing0_1_2_0
-------\Service_AdvancedSystemCareService5
-------\Service_WinRing0_1_2_0
-------\Service_AdvancedSystemCareService5
-------\Service_WinRing0_1_2_0
.
.
((((((((((((((((((((((((( Files Created from 2012-11-17 to 2012-12-17 )))))))))))))))))))))))))))))))
.
.
2012-12-17 06:38 . 2012-12-17 06:38 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-12-17 06:38 . 2012-12-17 06:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-14 13:45 . 2012-12-14 13:45 -------- d-----w- c:\programdata\Max Secure
2012-12-14 13:42 . 2012-12-14 13:42 -------- d-----w- c:\users\Jan\AppData\Local\Programs
2012-12-13 21:33 . 2012-12-13 21:33 -------- d-----w- c:\users\Jan\AppData\Local\Max Secure Software
2012-12-13 21:13 . 2012-12-13 21:20 -------- d-----w- c:\users\Jan\AppData\Roaming\GetRightToGo
2012-12-13 21:03 . 2012-12-13 21:15 -------- d-----w- c:\users\Jan\AppData\Local\ESET
2012-12-13 17:39 . 2012-11-08 17:24 9125352 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA571721-FDEF-4BE4-944C-E8C36FA1ED3D}\mpengine.dll
2012-12-13 08:50 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-13 08:50 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-13 08:41 . 2012-12-17 06:02 -------- d-----w- c:\users\Jan\AppData\Local\Htc
2012-12-13 04:02 . 2012-12-13 04:02 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Avg2013
2012-12-13 04:02 . 2012-12-13 04:02 -------- d-----w- c:\users\Jan\AppData\Local\Avg2013
2012-12-11 23:46 . 2012-12-11 23:46 -------- d-----w- c:\users\Jan\AppData\Roaming\AVG
2012-12-11 23:46 . 2012-12-11 23:47 -------- d-----w- c:\programdata\AVG
2012-12-10 06:57 . 2012-12-10 06:57 -------- d-----w- c:\users\Jan\AppData\Roaming\QuickScan
2012-12-10 06:35 . 2012-12-13 08:34 -------- d-----w- c:\program files (x86)\trend micro
2012-12-10 06:35 . 2012-12-10 06:35 -------- d-----w- C:\rsit
2012-12-09 15:09 . 2012-12-09 15:09 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2012-12-08 14:55 . 2012-12-11 23:51 -------- d-----w- c:\users\Jan\AppData\Roaming\TuneUp Software
2012-12-08 14:54 . 2012-12-13 04:03 -------- d-----w- c:\program files (x86)\AVG
2012-12-08 14:49 . 2012-12-13 08:34 -------- d-----w- c:\programdata\MFAData
2012-12-08 14:49 . 2012-12-08 14:49 -------- d--h--w- c:\programdata\Common Files
2012-12-08 14:49 . 2012-12-08 14:49 -------- d-----w- c:\users\Jan\AppData\Local\MFAData
2012-12-04 08:06 . 2012-12-13 08:56 -------- d-----w- c:\windows\softwaredistribution.bak1
2012-11-25 14:36 . 2012-12-13 08:35 -------- d--h--w- c:\programdata\{5794CDCB-FAB7-4C15-9069-4D8AC02592DE}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 08:58 . 2012-06-01 22:47 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-13 08:58 . 2012-06-01 22:47 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-13 08:56 . 2012-01-04 18:03 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-10 09:13 . 2012-06-29 11:54 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-11-03 14:23 . 2012-02-24 19:20 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-03 14:23 . 2012-02-24 19:19 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-11-03 10:40 . 2012-07-07 04:45 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-03 10:40 . 2011-08-03 12:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-16 08:38 . 2012-12-13 08:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-13 08:49 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-13 08:49 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-13 08:09 . 2012-09-13 15:15 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-09 18:17 . 2012-11-14 09:56 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 09:56 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 09:56 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 09:56 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-08 07:21 . 2012-10-08 07:21 59440 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-04 16:40 . 2012-12-13 08:49 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 09:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 09:56 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 09:56 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 09:56 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 09:56 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 09:56 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 09:56 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 09:56 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 09:56 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 09:56 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 09:56 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-14 09:56 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-14 09:56 95744 ----a-w- c:\windows\system32\synceng.dll
2012-09-24 22:16 . 2012-11-12 07:19 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-11 1298816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2007-12-11 286720]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HTC Sync Loader"="c:\program files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ALFA plus - rýchle spustenie.lnk - c:\program files (x86)\KROS\ALFA plus\!System\ALFAplus.exe [2012-8-3 3282816]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-01 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2011-07-08 307304]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 19568]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 161904]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 141424]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 34416]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 137328]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 158320]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 FirebirdServerKROS_20400;Firebird Server - KROS_20400;c:\program files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [2011-10-11 3764224]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2011-09-15 88576]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2009-06-15 12800]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={76AE478E-AD39-11E1-A9B5-E89A8FDA6CB0}
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.104 192.168.1.102 192.168.1.100
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{82EA3E77-7BD2-4744-A8F2-670770767EC5} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Sweetpacks Communicator - c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
Wow6432Node-HKLM-Run-SweetIM - c:\program files (x86)\SweetIM\Messenger\SweetIM.exe
AddRemove-Advanced SystemCare 5_is1 - c:\program files (x86)\IObit\Advanced SystemCare 5\unins000.exe
AddRemove-Game Booster_is1 - c:\program files (x86)\IObit\Game Booster 3\unins000.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-12-17 07:44:08 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-17 06:44
ComboFix2.txt 2012-12-17 06:28
ComboFix3.txt 2012-12-14 14:45
.
Pre-Run: 206 914 076 672 bytes free
Post-Run: 206 649 507 840 bytes free
.
- - End Of File - - 73FF09004B4E44E733C47D5B6A85B033

stiahni si MBAM http://download.cnet.com/Malwarebytes-A ... tag=button nainštaluj spusť prekontroluj všetky disky daj plnu kontrolu predom nič nemaž pošli log z protokolov kontroly

Malwarebytes Anti-Malware (Skúšobná verzia) 1.65.1.1000
www.malwarebytes.org

Verzia databázy: v2012.12.18.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jan :: JAN-TOSH22 [administrátor]

Ochrana: Zapnuté

18. 12. 2012 7:34:47
mbam-log-2012-12-18 (08-16-50).txt

Typ kontroly: Úplná kontrola (C:\|D:\|Q:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 385456
Uplynutý čas: 38 min, 12 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 5
HKCR\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE} (Trojan.BHO) -> Žiadna úloha nevykonaná.
HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E5D5D4A1-17F0-41D7-B1C6-0979F91E6F46} (Adware.BDSearch) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

Dobre daj kontrolu uplnu a všetko zmaž

veľkéééé Dík ti .

odinštaluj MBAM
Stiahni si http://support.kaspersky.com/downloads/ ... killer.exe tdsskiller spusť daj scan predom nič nemaž pošli následne report tdskiller z C:

prvá časť:


12:41:06.0338 4172 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:41:06.0463 4172 ============================================================
12:41:06.0463 4172 Current date / time: 2012/12/19 12:41:06.0463
12:41:06.0463 4172 SystemInfo:
12:41:06.0463 4172
12:41:06.0463 4172 OS Version: 6.1.7601 ServicePack: 1.0
12:41:06.0463 4172 Product type: Workstation
12:41:06.0463 4172 ComputerName: JAN-TOSH22
12:41:06.0463 4172 UserName: Jan
12:41:06.0463 4172 Windows directory: C:\Windows
12:41:06.0463 4172 System windows directory: C:\Windows
12:41:06.0463 4172 Running under WOW64
12:41:06.0463 4172 Processor architecture: Intel x64
12:41:06.0463 4172 Number of processors: 4
12:41:06.0463 4172 Page size: 0x1000
12:41:06.0463 4172 Boot type: Normal boot
12:41:06.0463 4172 ============================================================
12:41:07.0570 4172 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:41:07.0586 4172 ============================================================
12:41:07.0586 4172 \Device\Harddisk0\DR0:
12:41:07.0586 4172 MBR partitions:
12:41:07.0586 4172 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8000, BlocksNum 0x252E6800
12:41:07.0586 4172 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x253AE800, BlocksNum 0x254A9800
12:41:07.0586 4172 ============================================================
12:41:07.0617 4172 C: <-> \Device\Harddisk0\DR0\Partition1
12:41:07.0695 4172 D: <-> \Device\Harddisk0\DR0\Partition2
12:41:07.0695 4172 ============================================================
12:41:07.0695 4172 Initialize success
12:41:07.0695 4172 ============================================================
12:41:17.0507 1092 ============================================================
12:41:17.0507 1092 Scan started
12:41:17.0507 1092 Mode: Manual;
12:41:17.0507 1092 ============================================================
12:41:18.0475 1092 ================ Scan system memory ========================
12:41:18.0475 1092 System memory - ok
12:41:18.0475 1092 ================ Scan services =============================
12:41:18.0677 1092 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:41:18.0677 1092 1394ohci - ok
12:41:18.0693 1092 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:41:18.0709 1092 ACPI - ok
12:41:18.0724 1092 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:41:18.0740 1092 AcpiPmi - ok
12:41:18.0771 1092 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:41:18.0787 1092 adp94xx - ok
12:41:18.0802 1092 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:41:18.0802 1092 adpahci - ok
12:41:18.0818 1092 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:41:18.0818 1092 adpu320 - ok
12:41:18.0849 1092 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:41:18.0849 1092 AeLookupSvc - ok
12:41:18.0880 1092 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:41:18.0880 1092 AFD - ok
12:41:18.0911 1092 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:41:18.0911 1092 agp440 - ok
12:41:18.0927 1092 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:41:18.0927 1092 ALG - ok
12:41:18.0943 1092 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:41:18.0943 1092 aliide - ok
12:41:18.0958 1092 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:41:18.0958 1092 amdide - ok
12:41:18.0989 1092 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:41:18.0989 1092 AmdK8 - ok
12:41:19.0005 1092 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:41:19.0005 1092 AmdPPM - ok
12:41:19.0036 1092 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:41:19.0036 1092 amdsata - ok
12:41:19.0052 1092 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:41:19.0052 1092 amdsbs - ok
12:41:19.0067 1092 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:41:19.0067 1092 amdxata - ok
12:41:19.0083 1092 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:41:19.0114 1092 AppID - ok
12:41:19.0145 1092 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:41:19.0145 1092 AppIDSvc - ok
12:41:19.0161 1092 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:41:19.0161 1092 Appinfo - ok
12:41:19.0223 1092 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:41:19.0223 1092 arc - ok
12:41:19.0239 1092 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:41:19.0239 1092 arcsas - ok
12:41:19.0255 1092 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:41:19.0255 1092 AsyncMac - ok
12:41:19.0270 1092 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:41:19.0270 1092 atapi - ok
12:41:19.0364 1092 [ B2931C83CFB12A3223A47B180473AE1A ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:41:19.0395 1092 athr - ok
12:41:19.0426 1092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:41:19.0426 1092 AudioEndpointBuilder - ok
12:41:19.0442 1092 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:41:19.0442 1092 AudioSrv - ok
12:41:19.0473 1092 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:41:19.0473 1092 AxInstSV - ok
12:41:19.0520 1092 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:41:19.0535 1092 b06bdrv - ok
12:41:19.0551 1092 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:41:19.0551 1092 b57nd60a - ok
12:41:19.0582 1092 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:41:19.0582 1092 BDESVC - ok
12:41:19.0598 1092 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:41:19.0598 1092 Beep - ok
12:41:19.0629 1092 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:41:19.0645 1092 BFE - ok
12:41:19.0707 1092 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:41:19.0707 1092 BITS - ok
12:41:19.0738 1092 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:41:19.0738 1092 blbdrive - ok
12:41:19.0769 1092 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:41:19.0769 1092 bowser - ok
12:41:19.0785 1092 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:41:19.0785 1092 BrFiltLo - ok
12:41:19.0801 1092 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:41:19.0801 1092 BrFiltUp - ok
12:41:19.0816 1092 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:41:19.0816 1092 BridgeMP - ok
12:41:19.0847 1092 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:41:19.0847 1092 Browser - ok
12:41:19.0879 1092 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:41:19.0879 1092 Brserid - ok
12:41:19.0894 1092 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:41:19.0894 1092 BrSerWdm - ok
12:41:19.0910 1092 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:41:19.0910 1092 BrUsbMdm - ok
12:41:19.0925 1092 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:41:19.0925 1092 BrUsbSer - ok
12:41:19.0957 1092 [ 2347ABBD13BADA65826FDAB4CAAFE357 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
12:41:19.0957 1092 BtFilter - ok
12:41:19.0988 1092 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:41:19.0988 1092 BTHMODEM - ok
12:41:20.0035 1092 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:41:20.0035 1092 bthserv - ok
12:41:20.0066 1092 catchme - ok
12:41:20.0081 1092 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:41:20.0081 1092 cdfs - ok
12:41:20.0113 1092 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:41:20.0113 1092 cdrom - ok
12:41:20.0128 1092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:41:20.0128 1092 CertPropSvc - ok
12:41:20.0253 1092 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
12:41:20.0269 1092 cfWiMAXService - ok
12:41:20.0284 1092 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:41:20.0284 1092 circlass - ok
12:41:20.0331 1092 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:41:20.0331 1092 CLFS - ok
12:41:20.0378 1092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:41:20.0378 1092 clr_optimization_v2.0.50727_32 - ok
12:41:20.0456 1092 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:41:20.0456 1092 clr_optimization_v2.0.50727_64 - ok
12:41:20.0471 1092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:41:20.0518 1092 clr_optimization_v4.0.30319_32 - ok
12:41:20.0581 1092 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:41:20.0581 1092 clr_optimization_v4.0.30319_64 - ok
12:41:20.0612 1092 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:41:20.0612 1092 CmBatt - ok
12:41:20.0612 1092 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:41:20.0612 1092 cmdide - ok
12:41:20.0643 1092 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:41:20.0643 1092 CNG - ok
12:41:20.0705 1092 [ 66847C979893A11CFCC2280E772D7EA1 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
12:41:20.0705 1092 CnxtHdAudService - ok
12:41:20.0721 1092 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:41:20.0721 1092 Compbatt - ok
12:41:20.0737 1092 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:41:20.0752 1092 CompositeBus - ok
12:41:20.0752 1092 COMSysApp - ok
12:41:20.0783 1092 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
12:41:20.0783 1092 ConfigFree Service - ok
12:41:20.0799 1092 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:41:20.0799 1092 crcdisk - ok
12:41:20.0830 1092 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:41:20.0830 1092 CryptSvc - ok
12:41:20.0924 1092 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:41:20.0924 1092 cvhsvc - ok
12:41:20.0955 1092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:41:20.0971 1092 DcomLaunch - ok
12:41:21.0017 1092 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:41:21.0017 1092 defragsvc - ok
12:41:21.0017 1092 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:41:21.0033 1092 DfsC - ok
12:41:21.0049 1092 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
12:41:21.0049 1092 dg_ssudbus - ok
12:41:21.0080 1092 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:41:21.0080 1092 Dhcp - ok
12:41:21.0111 1092 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:41:21.0111 1092 discache - ok
12:41:21.0142 1092 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:41:21.0142 1092 Disk - ok
12:41:21.0142 1092 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:41:21.0158 1092 Dnscache - ok
12:41:21.0173 1092 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:41:21.0189 1092 dot3svc - ok
12:41:21.0205 1092 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:41:21.0205 1092 DPS - ok
12:41:21.0220 1092 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:41:21.0220 1092 drmkaud - ok
12:41:21.0267 1092 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:41:21.0267 1092 DXGKrnl - ok
12:41:21.0298 1092 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:41:21.0298 1092 EapHost - ok
12:41:21.0376 1092 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:41:21.0454 1092 ebdrv - ok
12:41:21.0485 1092 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:41:21.0485 1092 EFS - ok
12:41:21.0548 1092 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:41:21.0548 1092 ehRecvr - ok
12:41:21.0563 1092 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:41:21.0563 1092 ehSched - ok
12:41:21.0603 1092 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:41:21.0603 1092 elxstor - ok
12:41:21.0613 1092 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:41:21.0613 1092 ErrDev - ok
12:41:21.0653 1092 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:41:21.0663 1092 EventSystem - ok
12:41:21.0683 1092 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:41:21.0683 1092 exfat - ok
12:41:21.0703 1092 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:41:21.0713 1092 fastfat - ok
12:41:21.0743 1092 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:41:21.0743 1092 Fax - ok
12:41:21.0753 1092 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:41:21.0763 1092 fdc - ok
12:41:21.0783 1092 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:41:21.0783 1092 fdPHost - ok
12:41:21.0793 1092 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:41:21.0793 1092 FDResPub - ok
12:41:21.0833 1092 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:41:21.0833 1092 FileInfo - ok
12:41:21.0843 1092 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:41:21.0843 1092 Filetrace - ok
12:41:21.0963 1092 [ 7D22E48510A807062210E20E17AAB97D ] FirebirdServerKROS_20400 C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
12:41:22.0013 1092 FirebirdServerKROS_20400 - ok
12:41:22.0033 1092 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:41:22.0033 1092 flpydisk - ok
12:41:22.0043 1092 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:41:22.0043 1092 FltMgr - ok
12:41:22.0093 1092 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:41:22.0103 1092 FontCache - ok
12:41:22.0153 1092 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:41:22.0153 1092 FontCache3.0.0.0 - ok
12:41:22.0173 1092 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:41:22.0183 1092 FsDepends - ok
12:41:22.0203 1092 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:41:22.0203 1092 Fs_Rec - ok
12:41:22.0223 1092 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:41:22.0223 1092 fvevol - ok
12:41:22.0253 1092 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:41:22.0253 1092 gagp30kx - ok
12:41:22.0293 1092 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:41:22.0293 1092 gpsvc - ok
12:41:22.0303 1092 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:41:22.0313 1092 hcw85cir - ok
12:41:22.0333 1092 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:41:22.0343 1092 HdAudAddService - ok
12:41:22.0353 1092 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:41:22.0353 1092 HDAudBus - ok
12:41:22.0373 1092 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:41:22.0373 1092 HidBatt - ok
12:41:22.0403 1092 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:41:22.0403 1092 HidBth - ok
12:41:22.0423 1092 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:41:22.0423 1092 HidIr - ok
12:41:22.0443 1092 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:41:22.0443 1092 hidserv - ok
12:41:22.0463 1092 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:41:22.0463 1092 HidUsb - ok
12:41:22.0493 1092 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:41:22.0493 1092 hkmsvc - ok
12:41:22.0523 1092 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:41:22.0523 1092 HomeGroupListener - ok
12:41:22.0553 1092 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:41:22.0553 1092 HomeGroupProvider - ok
12:41:22.0573 1092 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:41:22.0583 1092 HpSAMD - ok
12:41:22.0613 1092 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
12:41:22.0613 1092 HTCAND64 - ok
12:41:22.0643 1092 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
12:41:22.0643 1092 htcnprot - ok
12:41:22.0713 1092 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:41:22.0723 1092 HTTP - ok
12:41:22.0723 1092 Huawei - ok
12:41:22.0733 1092 hwdatacard - ok
12:41:22.0743 1092 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:41:22.0743 1092 hwpolicy - ok
12:41:22.0753 1092 hwusbdev - ok
12:41:22.0773 1092 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:41:22.0773 1092 i8042prt - ok
12:41:22.0813 1092 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:41:22.0813 1092 iaStor - ok
12:41:22.0833 1092 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:41:22.0843 1092 iaStorV - ok
12:41:22.0893 1092 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:41:22.0893 1092 IDriverT - ok
12:41:22.0953 1092 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:41:22.0963 1092 idsvc - ok
12:41:22.0993 1092 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:41:22.0993 1092 iirsp - ok
12:41:23.0033 1092 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:41:23.0043 1092 IKEEXT - ok
12:41:23.0083 1092 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:41:23.0083 1092 intelide - ok
12:41:23.0103 1092 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:41:23.0113 1092 intelppm - ok
12:41:23.0133 1092 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:41:23.0133 1092 IPBusEnum - ok
12:41:23.0153 1092 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:41:23.0153 1092 IpFilterDriver - ok
12:41:23.0183 1092 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:41:23.0193 1092 iphlpsvc - ok
12:41:23.0203 1092 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:41:23.0203 1092 IPMIDRV - ok
12:41:23.0223 1092 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:41:23.0233 1092 IPNAT - ok
12:41:23.0243 1092 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:41:23.0243 1092 IRENUM - ok
12:41:23.0253 1092 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:41:23.0263 1092 isapnp - ok
12:41:23.0283 1092 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:41:23.0293 1092 iScsiPrt - ok
12:41:23.0313 1092 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:41:23.0313 1092 kbdclass - ok
12:41:23.0323 1092 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:41:23.0323 1092 kbdhid - ok
12:41:23.0343 1092 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:41:23.0343 1092 KeyIso - ok
12:41:23.0373 1092 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:41:23.0373 1092 KSecDD - ok
12:41:23.0383 1092 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:41:23.0383 1092 KSecPkg - ok
12:41:23.0413 1092 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:41:23.0413 1092 ksthunk - ok
12:41:23.0443 1092 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:41:23.0443 1092 KtmRm - ok
12:41:23.0473 1092 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
12:41:23.0473 1092 L1C - ok
12:41:23.0503 1092 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:41:23.0503 1092 LanmanServer - ok
12:41:23.0553 1092 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:41:23.0553 1092 LanmanWorkstation - ok
12:41:23.0573 1092 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:41:23.0573 1092 lltdio - ok
12:41:23.0603 1092 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:41:23.0603 1092 lltdsvc - ok
12:41:23.0713 1092 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:41:23.0713 1092 lmhosts - ok
12:41:23.0843 1092 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:41:24.0053 1092 LMS - ok
12:41:24.0079 1092 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:41:24.0079 1092 LSI_FC - ok
12:41:24.0141 1092 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:41:24.0157 1092 LSI_SAS - ok
12:41:24.0188 1092 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:41:24.0188 1092 LSI_SAS2 - ok
12:41:24.0266 1092 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:41:24.0266 1092 LSI_SCSI - ok
12:41:24.0297 1092 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:41:24.0297 1092 luafv - ok
12:41:24.0297 1092 massfilter - ok
12:41:24.0407 1092 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:41:24.0407 1092 Mcx2Svc - ok
12:41:24.0469 1092 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:41:24.0469 1092 megasas - ok
12:41:24.0500 1092 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:41:24.0531 1092 MegaSR - ok
12:41:24.0625 1092 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:41:24.0625 1092 MEIx64 - ok
12:41:24.0687 1092 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:41:24.0687 1092 MMCSS - ok
12:41:24.0719 1092 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:41:24.0719 1092 Modem - ok
12:41:24.0765 1092 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:41:24.0781 1092 monitor - ok
12:41:24.0781 1092 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:41:24.0781 1092 mouclass - ok
12:41:24.0812 1092 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:41:24.0812 1092 mouhid - ok
12:41:24.0828 1092 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:41:24.0843 1092 mountmgr - ok
12:41:24.0875 1092 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:41:24.0875 1092 MpFilter - ok
12:41:24.0890 1092 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:41:24.0890 1092 mpio - ok
12:41:24.0921 1092 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:41:24.0921 1092 mpsdrv - ok
12:41:25.0015 1092 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:41:25.0031 1092 MpsSvc - ok
12:41:25.0062 1092 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:41:25.0062 1092 MRxDAV - ok
12:41:25.0093 1092 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:41:25.0093 1092 mrxsmb - ok
12:41:25.0155 1092 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:41:25.0171 1092 mrxsmb10 - ok
12:41:25.0187 1092 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:41:25.0187 1092 mrxsmb20 - ok
12:41:25.0218 1092 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
12:41:25.0218 1092 msahci - ok
12:41:25.0233 1092 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:41:25.0233 1092 msdsm - ok
12:41:25.0249 1092 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:41:25.0265 1092 MSDTC - ok
12:41:25.0311 1092 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:41:25.0311 1092 Msfs - ok
12:41:25.0343 1092 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:41:25.0343 1092 mshidkmdf - ok
12:41:25.0343 1092 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:41:25.0358 1092 msisadrv - ok
12:41:25.0374 1092 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:41:25.0374 1092 MSiSCSI - ok
12:41:25.0389 1092 msiserver - ok
12:41:25.0436 1092 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:41:25.0436 1092 MSKSSRV - ok
12:41:25.0499 1092 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:41:25.0499 1092 MsMpSvc - ok
12:41:25.0514 1092 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:41:25.0514 1092 MSPCLOCK - ok
12:41:25.0545 1092 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:41:25.0545 1092 MSPQM - ok
12:41:25.0577 1092 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:41:25.0577 1092 MsRPC - ok
12:41:25.0670 1092 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:41:25.0670 1092 mssmbios - ok
12:41:25.0686 1092 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:41:25.0686 1092 MSTEE - ok
12:41:25.0701 1092 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:41:25.0701 1092 MTConfig - ok
12:41:25.0717 1092 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:41:25.0717 1092 Mup - ok
12:41:25.0764 1092 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:41:25.0764 1092 napagent - ok
12:41:25.0811 1092 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:41:25.0811 1092 NativeWifiP - ok
12:41:25.0857 1092 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:41:25.0873 1092 NDIS - ok
12:41:25.0889 1092 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:41:25.0904 1092 NdisCap - ok
12:41:25.0935 1092 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:41:25.0935 1092 NdisTapi - ok
12:41:25.0935 1092 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:41:25.0951 1092 Ndisuio - ok
12:41:25.0951 1092 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:41:25.0951 1092 NdisWan - ok
12:41:25.0992 1092 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:41:25.0992 1092 NDProxy - ok
12:41:26.0022 1092 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:41:26.0022 1092 NetBIOS - ok
12:41:26.0032 1092 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:41:26.0032 1092 NetBT - ok
12:41:26.0062 1092 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:41:26.0062 1092 Netlogon - ok
12:41:26.0102 1092 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:41:26.0102 1092 Netman - ok
12:41:26.0132 1092 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:41:26.0142 1092 netprofm - ok
12:41:26.0162 1092 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:41:26.0172 1092 NetTcpPortSharing - ok
12:41:26.0192 1092 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:41:26.0192 1092 nfrd960 - ok
12:41:26.0212 1092 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:41:26.0212 1092 NlaSvc - ok
12:41:26.0232 1092 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:41:26.0232 1092 Npfs - ok
12:41:26.0262 1092 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:41:26.0262 1092 nsi - ok
12:41:26.0292 1092 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:41:26.0292 1092 nsiproxy - ok
12:41:26.0352 1092 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:41:26.0362 1092 Ntfs - ok
12:41:26.0402 1092 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:41:26.0402 1092 Null - ok
12:41:26.0442 1092 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:41:26.0442 1092 nusb3hub - ok
12:41:26.0462 1092 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:41:26.0462 1092 nusb3xhc - ok
12:41:26.0472 1092 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:41:26.0472 1092 NVHDA - ok
12:41:26.0712 1092 [ FB2DC1985AC763AAC1B293441695BA34 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:41:26.0772 1092 nvlddmkm - ok
12:41:26.0802 1092 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:41:26.0802 1092 nvraid - ok
12:41:26.0822 1092 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:41:26.0832 1092 nvstor - ok
12:41:26.0882 1092 [ 0C0EE3E423AE115363E6C497D6D430E1 ] NVSvc C:\Windows\system32\nvvsvc.exe
12:41:26.0892 1092 NVSvc - ok
12:41:26.0902 1092 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:41:26.0912 1092 nv_agp - ok
12:41:26.0922 1092 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:41:26.0922 1092 ohci1394 - ok
12:41:26.0952 1092 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:41:26.0952 1092 ose - ok
12:41:27.0082 1092 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:41:27.0212 1092 osppsvc - ok
12:41:27.0242 1092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:41:27.0242 1092 p2pimsvc - ok
12:41:27.0262 1092 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:41:27.0272 1092 p2psvc - ok
12:41:27.0292 1092 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:41:27.0292 1092 Parport - ok
12:41:27.0312 1092 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:41:27.0322 1092 partmgr - ok
12:41:27.0372 1092 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
12:41:27.0372 1092 PassThru Service - ok
12:41:27.0402 1092 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:41:27.0402 1092 PcaSvc - ok
12:41:27.0422 1092 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:41:27.0422 1092 pci - ok
12:41:27.0442 1092 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
12:41:27.0442 1092 pciide - ok
12:41:27.0462 1092 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:41:27.0462 1092 pcmcia - ok
12:41:27.0472 1092 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:41:27.0482 1092 pcw - ok
12:41:27.0502 1092 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:41:27.0502 1092 PEAUTH - ok
12:41:27.0572 1092 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:41:27.0702 1092 PerfHost - ok
12:41:27.0742 1092 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
12:41:27.0742 1092 PGEffect - ok
12:41:27.0782 1092 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:41:27.0792 1092 pla - ok
12:41:27.0832 1092 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:41:27.0842 1092 PlugPlay - ok
12:41:27.0842 1092 PnkBstrA - ok
12:41:27.0882 1092 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:41:27.0882 1092 PNRPAutoReg - ok
12:41:27.0892 1092 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:41:27.0892 1092 PNRPsvc - ok
12:41:27.0932 1092 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:41:27.0932 1092 PolicyAgent - ok
12:41:27.0972 1092 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:41:27.0972 1092 Power - ok
12:41:28.0002 1092 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:41:28.0002 1092 PptpMiniport - ok
12:41:28.0022 1092 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:41:28.0032 1092 Processor - ok
12:41:28.0062 1092 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:41:28.0062 1092 ProfSvc - ok
12:41:28.0078 1092 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:41:28.0078 1092 ProtectedStorage - ok
12:41:28.0093 1092 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:41:28.0093 1092 Psched - ok
12:41:28.0125 1092 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\Windows\system32\drivers\QIOMem.sys
12:41:28.0125 1092 QIOMem - ok
12:41:28.0187 1092 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:41:28.0203 1092 ql2300 - ok
12:41:28.0234 1092 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:41:28.0234 1092 ql40xx - ok
12:41:28.0265 1092 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:41:28.0265 1092 QWAVE - ok
12:41:28.0296 1092 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:41:28.0296 1092 QWAVEdrv - ok
12:41:28.0312 1092 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:41:28.0312 1092 RasAcd - ok
12:41:28.0343 1092 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:41:28.0343 1092 RasAgileVpn - ok
12:41:28.0374 1092 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:41:28.0374 1092 RasAuto - ok
12:41:28.0390 1092 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:41:28.0390 1092 Rasl2tp - ok
12:41:28.0437 1092 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:41:28.0437 1092 RasMan - ok
12:41:28.0468 1092 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:41:28.0468 1092 RasPppoe - ok
12:41:28.0483 1092 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:41:28.0483 1092 RasSstp - ok
12:41:28.0499 1092 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:41:28.0499 1092 rdbss - ok
12:41:28.0530 1092 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:41:28.0530 1092 rdpbus - ok
12:41:28.0546 1092 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:41:28.0546 1092 RDPCDD - ok
12:41:28.0561 1092 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:41:28.0561 1092 RDPENCDD - ok
12:41:28.0577 1092 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:41:28.0577 1092 RDPREFMP - ok
12:41:28.0624 1092 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:41:28.0624 1092 RDPWD - ok
12:41:28.0671 1092 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:41:28.0671 1092 rdyboost - ok
12:41:28.0733 1092 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:41:28.0733 1092 RemoteAccess - ok
12:41:28.0749 1092 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:41:28.0749 1092 RemoteRegistry - ok
12:41:28.0811 1092 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:41:28.0811 1092 ROOTMODEM - ok
12:41:28.0858 1092 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:41:28.0858 1092 RpcEptMapper - ok
12:41:28.0873 1092 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:41:28.0889 1092 RpcLocator - ok
12:41:28.0905 1092 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:41:28.0905 1092 RpcSs - ok
12:41:28.0936 1092 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:41:28.0936 1092 rspndr - ok
12:41:28.0967 1092 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:41:28.0967 1092 RSUSBSTOR - ok
12:41:28.0983 1092 [ E5DC911D0FEB72CAFF2BBDD6E7C3672F ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
12:41:28.0998 1092 RSUSBVSTOR - ok
12:41:29.0029 1092 [ 6C66E50DEC6110295E695D0DC6D688AA ] s1039bus C:\Windows\system32\DRIVERS\s1039bus.sys
12:41:29.0029 1092 s1039bus - ok
12:41:29.0045 1092 [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl C:\Windows\system32\DRIVERS\s1039mdfl.sys
12:41:29.0045 1092 s1039mdfl - ok
12:41:29.0076 1092 [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm C:\Windows\system32\DRIVERS\s1039mdm.sys
12:41:29.0076 1092 s1039mdm - ok
12:41:29.0107 1092 [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt C:\Windows\system32\DRIVERS\s1039mgmt.sys
12:41:29.0107 1092 s1039mgmt - ok
12:41:29.0139 1092 [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5 C:\Windows\system32\DRIVERS\s1039nd5.sys
12:41:29.0139 1092 s1039nd5 - ok
12:41:29.0170 1092 [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex C:\Windows\system32\DRIVERS\s1039obex.sys
12:41:29.0170 1092 s1039obex - ok
12:41:29.0201 1092 [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic C:\Windows\system32\DRIVERS\s1039unic.sys
12:41:29.0217 1092 s1039unic - ok
12:41:29.0232 1092 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:41:29.0232 1092 SamSs - ok
12:41:29.0248 1092 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:41:29.0248 1092 sbp2port - ok
12:41:29.0279 1092 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:41:29.0279 1092 SCardSvr - ok
12:41:29.0310 1092 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:41:29.0310 1092 scfilter - ok
12:41:29.0357 1092 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:41:29.0373 1092 Schedule - ok
12:41:29.0404 1092 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:41:29.0404 1092 SCPolicySvc - ok
12:41:29.0435 1092 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:41:29.0435 1092 SDRSVC - ok
12:41:29.0466 1092 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:41:29.0466 1092 secdrv - ok
12:41:29.0482 1092 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:41:29.0482 1092 seclogon - ok
12:41:29.0497 1092 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:41:29.0497 1092 SENS - ok
12:41:29.0529 1092 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:41:29.0529 1092 SensrSvc - ok
12:41:29.0544 1092 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
12:41:29.0544 1092 Serenum - ok
12:41:29.0560 1092 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
12:41:29.0575 1092 Serial - ok
12:41:29.0575 1092 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:41:29.0575 1092 sermouse - ok
12:41:29.0622 1092 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:41:29.0622 1092 SessionEnv - ok
12:41:29.0653 1092 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:41:29.0653 1092 sffdisk - ok
12:41:29.0653 1092 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:41:29.0653 1092 sffp_mmc - ok
12:41:29.0669 1092 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:41:29.0669 1092 sffp_sd - ok
12:41:29.0685 1092 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:41:29.0685 1092 sfloppy - ok
12:41:29.0731 1092 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
12:41:29.0731 1092 Sftfs - ok
12:41:29.0809 1092 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:41:29.0809 1092 sftlist - ok
12:41:29.0841 1092 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:41:29.0841 1092 Sftplay - ok
12:41:29.0856 1092 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:41:29.0856 1092 Sftredir - ok
12:41:29.0856 1092 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
12:41:29.0856 1092 Sftvol - ok
12:41:29.0887 1092 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:41:29.0887 1092 sftvsa - ok
12:41:29.0950 1092 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:41:29.0950 1092 SharedAccess - ok
12:41:29.0981 1092 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:41:29.0997 1092 ShellHWDetection - ok
12:41:30.0028 1092 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:41:30.0028 1092 SiSRaid2 - ok
12:41:30.0028 1092 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:41:30.0028 1092 SiSRaid4 - ok
12:41:30.0043 1092 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:41:30.0059 1092 Smb - ok
12:41:30.0075 1092 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:41:30.0090 1092 SNMPTRAP - ok
12:41:30.0090 1092 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:41:30.0106 1092 spldr - ok