Zdravím, pořídil jsem si nový počítač (sestavil jsem ho dle zdejších rad) a cca 10 dní zpět se mi oběvuje problém, po restartu či startu mi vyskočí hláška: Program mncvretf.exe přestal pracovat. Problém způsobil, že program přestal správně pracovat. Systém Windows program ukončí a oznámí vám, zda je k dispozici řešení. Nicméně, nikdy se řešení neukázalo. Díky za rady/vysvětlení. OS Win 7/64 Ultimate, sestava: Intel Core i5-4440, MSI B85-G43 - Intel B85, MSI R9 270X HAWK 2GB, Kingston HyperX PnP 8GB (2x4GB) 1600 DDR3, Seagate Barracuda 7200.14 - 1TB. Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:54, on 27.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\SysWOW64\WScript.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12902
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Ashampoo Core Tuner] "C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncvretfSrv] C:\Windows\inf\mncvretf.vbe
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [icq] C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Ashampoo CoreTuner Helper Service (acthelper) - Ashampoo Development GmbH & Co. KG - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SuperRAIDSvc - Unknown owner - C:\MSI\Super RAID\SuperRAIDSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18437 bytes
Doufám, že jsem to pochopil dobře a necpu sem něco jiného, díky za rady.
mncvretf.exe Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: mncvretf.exe
chápeš dobře.
to je možná nějaká nová nákaza..
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
to je možná nějaká nová nákaza..
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni AdwCleaner (by Xplode)
Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: mncvretf.exe
Tak jsem udělal vše dle návodu a tady jsou ty logy:
AdwCleaner:
# AdwCleaner v3.020 - Report created 27/02/2014 at 22:07:32
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Found : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\user.js
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\Tasks\AmiUpdXp.job
Folder Found C:\Program Files (x86)\driver-soft
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\WinZip Registry Optimizer
Folder Found C:\Users\Jarda\AppData\Local\genienext
Folder Found C:\Users\Jarda\AppData\Local\Mobogenie
Folder Found C:\Users\Jarda\AppData\Local\Pokki
Folder Found C:\Users\Jarda\AppData\Local\SwvUpdater
Folder Found C:\Users\Jarda\AppData\Roaming\Desktopicon
Folder Found C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Found C:\Users\Jarda\AppData\Roaming\newnext.me
Folder Found C:\Users\Jarda\AppData\Roaming\OpenCandy
Folder Found C:\Users\Jarda\Documents\Mobogenie
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B878FD4-8F19-46DB-94B1-4CABFF80679C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8BA495EF-6CD5-413A-8AEF-483631B98C4F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C71E394-2E6F-452A-AB7D-C17E78307083}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E54FBC83-9028-45AC-A5B9-D5DA828E59C2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{633AA60B-C339-46C3-951F-047F9822C473}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v27.0.1 (cs)
[ File : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\prefs.js ]
-\\ Google Chrome v33.0.1750.117
[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4403 octets] - [27/02/2014 22:02:19]
AdwCleaner[R1].txt - [4307 octets] - [27/02/2014 22:07:32]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4367 octets] ##########
A tady je Malwarebytes Anti-malware:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.27.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jarda :: JARDA-PC [administrátor]
27.2.2014 22:08:49
MBAM-log-2014-02-27 (22-12-22).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 220452
Uplynulý čas: 3 minut, 22 sekund
Nalezené procesy v paměti: 1
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> 6068 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 6
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Trojan.Agent.VBS) -> Data: C:\Windows\system32\msstp.vbe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NtVdmSrv (Malware.Trace) -> Data: C:\Windows\inf\ntvdm.vbe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 6
C:\Users\Jarda\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\OpenCandy\E8DD96EAF7274D2992A9F32C368826A5 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\bitstreams (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 26
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\msstp.vbe (Trojan.Agent.VBS) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\msstp.vbe (Trojan.Agent.VBS) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\OpenCandy\E8DD96EAF7274D2992A9F32C368826A5\pokkiInstaller.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\diablo130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\diakgcn121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libcurl-4.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libeay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libidn-11.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\librtmp.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libssh2.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\mncvretf.exe (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\phatk121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\poclbm130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\scrypt130511.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\ssleay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\zlib1.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
(konec)
A tomu, kdo se v tomhle vyzná patří můj obdiv. Díky Jarda.
AdwCleaner:
# AdwCleaner v3.020 - Report created 27/02/2014 at 22:07:32
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Found : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\user.js
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\Tasks\AmiUpdXp.job
Folder Found C:\Program Files (x86)\driver-soft
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Program Files (x86)\WinZip Registry Optimizer
Folder Found C:\Users\Jarda\AppData\Local\genienext
Folder Found C:\Users\Jarda\AppData\Local\Mobogenie
Folder Found C:\Users\Jarda\AppData\Local\Pokki
Folder Found C:\Users\Jarda\AppData\Local\SwvUpdater
Folder Found C:\Users\Jarda\AppData\Roaming\Desktopicon
Folder Found C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Found C:\Users\Jarda\AppData\Roaming\newnext.me
Folder Found C:\Users\Jarda\AppData\Roaming\OpenCandy
Folder Found C:\Users\Jarda\Documents\Mobogenie
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B878FD4-8F19-46DB-94B1-4CABFF80679C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8BA495EF-6CD5-413A-8AEF-483631B98C4F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C71E394-2E6F-452A-AB7D-C17E78307083}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E54FBC83-9028-45AC-A5B9-D5DA828E59C2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{633AA60B-C339-46C3-951F-047F9822C473}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v27.0.1 (cs)
[ File : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\prefs.js ]
-\\ Google Chrome v33.0.1750.117
[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4403 octets] - [27/02/2014 22:02:19]
AdwCleaner[R1].txt - [4307 octets] - [27/02/2014 22:07:32]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4367 octets] ##########
A tady je Malwarebytes Anti-malware:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.27.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jarda :: JARDA-PC [administrátor]
27.2.2014 22:08:49
MBAM-log-2014-02-27 (22-12-22).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 220452
Uplynulý čas: 3 minut, 22 sekund
Nalezené procesy v paměti: 1
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> 6068 -> Nebyla provedena žádná instrukce.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 6
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Trojan.Agent.VBS) -> Data: C:\Windows\system32\msstp.vbe -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NtVdmSrv (Malware.Trace) -> Data: C:\Windows\inf\ntvdm.vbe -> Nebyla provedena žádná instrukce.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 6
C:\Users\Jarda\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\OpenCandy\E8DD96EAF7274D2992A9F32C368826A5 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\bitstreams (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 26
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\msstp.vbe (Trojan.Agent.VBS) -> Nebyla provedena žádná instrukce.
C:\Windows\SysWOW64\msstp.vbe (Trojan.Agent.VBS) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\OpenCandy\E8DD96EAF7274D2992A9F32C368826A5\pokkiInstaller.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jarda\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\diablo130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\diakgcn121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libcurl-4.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libeay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libidn-11.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\librtmp.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\libssh2.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\mncvretf.exe (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\phatk121016.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\poclbm130302.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\scrypt130511.cl (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\ssleay32.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\zlib1.dll (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\mncvretf\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Nebyla provedena žádná instrukce.
(konec)
A tomu, kdo se v tomhle vyzná patří můj obdiv. Díky Jarda.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: mncvretf.exe
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: mncvretf.exe
AdwCleaner:
# AdwCleaner v3.020 - Report created 28/02/2014 at 13:38:44
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\Users\Jarda\AppData\Local\genienext
Folder Deleted : C:\Users\Jarda\AppData\Local\Mobogenie
[!] Folder Deleted : C:\Users\Jarda\AppData\Local\Pokki
Folder Deleted : C:\Users\Jarda\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Jarda\AppData\Roaming\Desktopicon
Folder Deleted : C:\Users\Jarda\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Jarda\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\Jarda\Documents\Mobogenie
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Deleted : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\user.js
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B878FD4-8F19-46DB-94B1-4CABFF80679C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BA495EF-6CD5-413A-8AEF-483631B98C4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C71E394-2E6F-452A-AB7D-C17E78307083}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E54FBC83-9028-45AC-A5B9-D5DA828E59C2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{633AA60B-C339-46C3-951F-047F9822C473}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v27.0.1 (cs)
[ File : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\prefs.js ]
-\\ Google Chrome v33.0.1750.117
[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4403 octets] - [27/02/2014 22:02:19]
AdwCleaner[R1].txt - [4463 octets] - [27/02/2014 22:07:32]
AdwCleaner[R2].txt - [4523 octets] - [28/02/2014 13:37:23]
AdwCleaner[S0].txt - [4523 octets] - [28/02/2014 13:38:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4583 octets] ##########
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Jarda on p 28.02.2014 at 13:47:00,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3AC1F3BF-2D9E-476C-ACD4-F51807CB6093}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Jarda\AppData\Roaming\mozilla\firefox\profiles\tetbttu4.default\minidumps [19 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 28.02.2014 at 13:50:39,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MbAM:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.27.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jarda :: JARDA-PC [administrátor]
28.2.2014 13:51:31
mbam-log-2014-02-28 (13-51-31).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 217450
Uplynulý čas: 2 minut, 38 sekund
Nalezené procesy v paměti: 1
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> 5868 -> Bude smazán při restartu.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Trojan.Agent.VBS) -> Data: C:\Windows\system32\msstp.vbe -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NtVdmSrv (Malware.Trace) -> Data: C:\Windows\inf\ntvdm.vbe -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 2
C:\Windows\inf\mncvretf (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\bitstreams (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
Nalezené soubory: 19
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> Bude smazán při restartu.
C:\Windows\System32\msstp.vbe (Trojan.Agent.VBS) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\msstp.vbe (Trojan.Agent.VBS) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\ntvdm.vbe (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\diablo130302.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\diakgcn121016.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libcurl-4.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libeay32.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libidn-11.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\librtmp.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libssh2.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\mncvretf.exe (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\phatk121016.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\poclbm130302.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\scrypt130511.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\ssleay32.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\zlib1.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
(konec)
RK:
RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Kontrola -- Datum : 02/28/2014 14:19:45
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\30338libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
¤¤¤ ¤¤¤ Záznamy Registrů: : 16 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM 003-1CH162 SCSI Disk Device +++++
--- User ---
[MBR] 038766c48a0a1c5818c87dca4147bce4
[BSP] 956b7dd5cdbc122b4bca262048a375c7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 249900 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512002048 | Size: 703867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_02282014_141945.txt >>
U RK mě zaujalo: Externí včelstvo, to sem se málem potento smíchy
# AdwCleaner v3.020 - Report created 28/02/2014 at 13:38:44
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\Users\Jarda\AppData\Local\genienext
Folder Deleted : C:\Users\Jarda\AppData\Local\Mobogenie
[!] Folder Deleted : C:\Users\Jarda\AppData\Local\Pokki
Folder Deleted : C:\Users\Jarda\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Jarda\AppData\Roaming\Desktopicon
Folder Deleted : C:\Users\Jarda\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Jarda\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki
Folder Deleted : C:\Users\Jarda\Documents\Mobogenie
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Deleted : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\user.js
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B878FD4-8F19-46DB-94B1-4CABFF80679C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BA495EF-6CD5-413A-8AEF-483631B98C4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C71E394-2E6F-452A-AB7D-C17E78307083}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E54FBC83-9028-45AC-A5B9-D5DA828E59C2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{633AA60B-C339-46C3-951F-047F9822C473}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKLM\Software\Driver-Soft
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v27.0.1 (cs)
[ File : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\prefs.js ]
-\\ Google Chrome v33.0.1750.117
[ File : C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4403 octets] - [27/02/2014 22:02:19]
AdwCleaner[R1].txt - [4463 octets] - [27/02/2014 22:07:32]
AdwCleaner[R2].txt - [4523 octets] - [28/02/2014 13:37:23]
AdwCleaner[S0].txt - [4523 octets] - [28/02/2014 13:38:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4583 octets] ##########
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Jarda on p 28.02.2014 at 13:47:00,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3AC1F3BF-2D9E-476C-ACD4-F51807CB6093}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Jarda\AppData\Roaming\mozilla\firefox\profiles\tetbttu4.default\minidumps [19 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 28.02.2014 at 13:50:39,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MbAM:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.27.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jarda :: JARDA-PC [administrátor]
28.2.2014 13:51:31
mbam-log-2014-02-28 (13-51-31).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 217450
Uplynulý čas: 2 minut, 38 sekund
Nalezené procesy v paměti: 1
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> 5868 -> Bude smazán při restartu.
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MSStp (Trojan.Agent.VBS) -> Data: C:\Windows\system32\msstp.vbe -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NtVdmSrv (Malware.Trace) -> Data: C:\Windows\inf\ntvdm.vbe -> Přesun do karantény a smazání se zdařilo.
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 2
C:\Windows\inf\mncvretf (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\bitstreams (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
Nalezené soubory: 19
C:\Windows\inf\msredn\msredn.exe (BitcoinMiner) -> Bude smazán při restartu.
C:\Windows\System32\msstp.vbe (Trojan.Agent.VBS) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\msstp.vbe (Trojan.Agent.VBS) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\ntvdm.vbe (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\diablo130302.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\diakgcn121016.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libcurl-4.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libeay32.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libidn-11.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\librtmp.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\libssh2.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\mncvretf.exe (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\phatk121016.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\poclbm130302.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\scrypt130511.cl (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\ssleay32.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\zlib1.dll (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\mncvretf\bitstreams\fpgaminer_top_fixed7_197MHz.ncd (Trojan.Agent.BCM) -> Přesun do karantény a smazání se zdařilo.
(konec)
RK:
RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Kontrola -- Datum : 02/28/2014 14:19:45
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\30338libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
¤¤¤ ¤¤¤ Záznamy Registrů: : 16 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM 003-1CH162 SCSI Disk Device +++++
--- User ---
[MBR] 038766c48a0a1c5818c87dca4147bce4
[BSP] 956b7dd5cdbc122b4bca262048a375c7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 249900 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512002048 | Size: 703867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_02282014_141945.txt >>
U RK mě zaujalo: Externí včelstvo, to sem se málem potento smíchy
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: mncvretf.exe
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: mncvretf.exe
Tak nemám vůbec ponětí, co to vlastně dělám, ale zatím mě to baví 
RK:
RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Odebrat -- Datum : 02/28/2014 21:27:32
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] icq.exe -- C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe [7] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 16 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM 003-1CH162 SCSI Disk Device +++++
--- User ---
[MBR] 038766c48a0a1c5818c87dca4147bce4
[BSP] 956b7dd5cdbc122b4bca262048a375c7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 249900 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512002048 | Size: 703867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_02282014_212732.txt >>
RKreport[0]_S_02282014_141945.txt;RKreport[0]_S_02282014_212728.txt
TDSSKiller:
21:34:21.0378 6108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:34:23.0279 6108 ============================================================
21:34:23.0279 6108 Current date / time: 2014/02/28 21:34:23.0279
21:34:23.0279 6108 SystemInfo:
21:34:23.0279 6108
21:34:23.0279 6108 OS Version: 6.1.7601 ServicePack: 1.0
21:34:23.0279 6108 Product type: Workstation
21:34:23.0279 6108 ComputerName: JARDA-PC
21:34:23.0279 6108 UserName: Jarda
21:34:23.0279 6108 Windows directory: C:\Windows
21:34:23.0279 6108 System windows directory: C:\Windows
21:34:23.0279 6108 Running under WOW64
21:34:23.0279 6108 Processor architecture: Intel x64
21:34:23.0279 6108 Number of processors: 4
21:34:23.0279 6108 Page size: 0x1000
21:34:23.0279 6108 Boot type: Normal boot
21:34:23.0279 6108 ============================================================
21:34:24.0328 6108 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:24.0345 6108 ============================================================
21:34:24.0345 6108 \Device\Harddisk0\DR0:
21:34:24.0345 6108 MBR partitions:
21:34:24.0345 6108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:34:24.0345 6108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000
21:34:24.0345 6108 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x55EBD800
21:34:24.0345 6108 ============================================================
21:34:24.0370 6108 C: <-> \Device\Harddisk0\DR0\Partition2
21:34:24.0411 6108 D: <-> \Device\Harddisk0\DR0\Partition3
21:34:24.0411 6108 ============================================================
21:34:24.0411 6108 Initialize success
21:34:24.0411 6108 ============================================================
21:34:26.0051 5644 ============================================================
21:34:26.0051 5644 Scan started
21:34:26.0051 5644 Mode: Manual;
21:34:26.0051 5644 ============================================================
21:34:27.0221 5644 ================ Scan system memory ========================
21:34:27.0221 5644 System memory - ok
21:34:27.0221 5644 ================ Scan services =============================
21:34:29.0007 5644 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:34:29.0010 5644 1394ohci - ok
21:34:29.0089 5644 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:34:29.0114 5644 ACPI - ok
21:34:29.0213 5644 [ 2EA3EB3E69B6480AB112E876F3096312 ] AcpiCtlDrv C:\Windows\system32\DRIVERS\AcpiCtlDrv.sys
21:34:29.0213 5644 AcpiCtlDrv - ok
21:34:29.0240 5644 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:34:29.0241 5644 AcpiPmi - ok
21:34:29.0369 5644 [ 125DC7C85E34A8B0483404E8024FE769 ] acthelper C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe
21:34:29.0402 5644 acthelper - ok
21:34:29.0436 5644 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:34:29.0438 5644 AdobeARMservice - ok
21:34:29.0606 5644 [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:34:29.0608 5644 AdobeFlashPlayerUpdateSvc - ok
21:34:29.0662 5644 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:34:29.0667 5644 adp94xx - ok
21:34:29.0722 5644 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:34:29.0726 5644 adpahci - ok
21:34:29.0743 5644 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:34:29.0745 5644 adpu320 - ok
21:34:29.0784 5644 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:34:29.0786 5644 AeLookupSvc - ok
21:34:29.0827 5644 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
21:34:29.0831 5644 AFD - ok
21:34:29.0878 5644 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:34:29.0880 5644 agp440 - ok
21:34:29.0919 5644 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:34:29.0920 5644 ALG - ok
21:34:29.0953 5644 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:34:29.0956 5644 aliide - ok
21:34:29.0991 5644 [ 99E061822198323D427901FDA293825C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:34:29.0993 5644 AMD External Events Utility - ok
21:34:30.0013 5644 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:34:30.0015 5644 amdide - ok
21:34:30.0040 5644 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:34:30.0041 5644 AmdK8 - ok
21:34:30.0322 5644 [ 454451A6A699C07040F406E44C457A50 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:34:30.0449 5644 amdkmdag - ok
21:34:30.0571 5644 [ 61FBDA851233587CE9C9B7020146359E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:34:30.0574 5644 amdkmdap - ok
21:34:30.0587 5644 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:34:30.0590 5644 AmdPPM - ok
21:34:30.0659 5644 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:34:30.0661 5644 amdsata - ok
21:34:30.0704 5644 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:34:30.0706 5644 amdsbs - ok
21:34:30.0722 5644 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:34:30.0722 5644 amdxata - ok
21:34:30.0774 5644 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:34:30.0776 5644 AppID - ok
21:34:30.0806 5644 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:34:30.0807 5644 AppIDSvc - ok
21:34:30.0889 5644 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
21:34:30.0891 5644 Appinfo - ok
21:34:30.0950 5644 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:34:30.0952 5644 AppMgmt - ok
21:34:30.0978 5644 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:34:30.0981 5644 arc - ok
21:34:31.0002 5644 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:34:31.0004 5644 arcsas - ok
21:34:31.0348 5644 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:34:31.0397 5644 aspnet_state - ok
21:34:31.0446 5644 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:34:31.0447 5644 AsyncMac - ok
21:34:31.0484 5644 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:34:31.0484 5644 atapi - ok
21:34:31.0581 5644 [ 4E5C72F003BFCB75701480DDCA5F0F09 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:34:31.0582 5644 AtiHDAudioService - ok
21:34:31.0690 5644 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:34:31.0712 5644 AudioEndpointBuilder - ok
21:34:31.0740 5644 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:34:31.0743 5644 AudioSrv - ok
21:34:31.0823 5644 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:34:31.0824 5644 AxInstSV - ok
21:34:31.0920 5644 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:34:31.0938 5644 b06bdrv - ok
21:34:31.0988 5644 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:34:31.0990 5644 b57nd60a - ok
21:34:32.0018 5644 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:34:32.0021 5644 BDESVC - ok
21:34:32.0053 5644 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:34:32.0069 5644 Beep - ok
21:34:32.0234 5644 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:34:32.0260 5644 BFE - ok
21:34:32.0285 5644 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:34:32.0291 5644 BITS - ok
21:34:32.0317 5644 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:34:32.0319 5644 blbdrive - ok
21:34:32.0366 5644 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:34:32.0368 5644 bowser - ok
21:34:32.0389 5644 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:34:32.0391 5644 BrFiltLo - ok
21:34:32.0422 5644 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:34:32.0424 5644 BrFiltUp - ok
21:34:32.0460 5644 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:34:32.0461 5644 Browser - ok
21:34:32.0527 5644 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:34:32.0546 5644 Brserid - ok
21:34:32.0563 5644 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:34:32.0566 5644 BrSerWdm - ok
21:34:32.0596 5644 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:34:32.0598 5644 BrUsbMdm - ok
21:34:32.0620 5644 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:34:32.0621 5644 BrUsbSer - ok
21:34:32.0640 5644 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:34:32.0643 5644 BTHMODEM - ok
21:34:32.0674 5644 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:34:32.0676 5644 bthserv - ok
21:34:32.0704 5644 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:34:32.0705 5644 cdfs - ok
21:34:32.0754 5644 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:34:32.0756 5644 cdrom - ok
21:34:32.0802 5644 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:34:32.0806 5644 CertPropSvc - ok
21:34:32.0822 5644 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:34:32.0823 5644 circlass - ok
21:34:32.0873 5644 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:34:32.0889 5644 CLFS - ok
21:34:33.0058 5644 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:34:33.0061 5644 clr_optimization_v2.0.50727_32 - ok
21:34:33.0227 5644 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:34:33.0248 5644 clr_optimization_v2.0.50727_64 - ok
21:34:33.0404 5644 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:34:33.0631 5644 clr_optimization_v4.0.30319_32 - ok
21:34:33.0653 5644 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:34:33.0750 5644 clr_optimization_v4.0.30319_64 - ok
21:34:33.0774 5644 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:34:33.0775 5644 CmBatt - ok
21:34:33.0823 5644 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:34:33.0840 5644 cmdide - ok
21:34:33.0895 5644 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
21:34:33.0899 5644 CNG - ok
21:34:33.0932 5644 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:34:33.0935 5644 Compbatt - ok
21:34:33.0989 5644 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:34:33.0991 5644 CompositeBus - ok
21:34:34.0017 5644 COMSysApp - ok
21:34:34.0051 5644 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:34:34.0053 5644 crcdisk - ok
21:34:34.0104 5644 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:34:34.0106 5644 CryptSvc - ok
21:34:34.0227 5644 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:34:34.0276 5644 CSC - ok
21:34:34.0336 5644 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:34:34.0393 5644 CscService - ok
21:34:34.0418 5644 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:34:34.0422 5644 DcomLaunch - ok
21:34:34.0497 5644 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:34:34.0520 5644 defragsvc - ok
21:34:34.0555 5644 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:34:34.0556 5644 DfsC - ok
21:34:34.0640 5644 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:34:34.0659 5644 Dhcp - ok
21:34:34.0706 5644 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:34:34.0707 5644 discache - ok
21:34:34.0724 5644 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:34:34.0725 5644 Disk - ok
21:34:34.0774 5644 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:34:34.0776 5644 Dnscache - ok
21:34:34.0835 5644 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:34:34.0859 5644 dot3svc - ok
21:34:34.0900 5644 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:34:34.0902 5644 DPS - ok
21:34:34.0949 5644 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:34:34.0966 5644 drmkaud - ok
21:34:35.0097 5644 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:34:35.0112 5644 dtsoftbus01 - ok
21:34:35.0299 5644 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:34:35.0302 5644 DXGKrnl - ok
21:34:35.0329 5644 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:34:35.0330 5644 EapHost - ok
21:34:35.0703 5644 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:34:35.0744 5644 ebdrv - ok
21:34:35.0797 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
21:34:35.0799 5644 EFS - ok
21:34:35.0915 5644 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:34:35.0919 5644 ehRecvr - ok
21:34:35.0943 5644 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:34:35.0945 5644 ehSched - ok
21:34:36.0029 5644 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:34:36.0048 5644 elxstor - ok
21:34:36.0084 5644 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:34:36.0085 5644 ErrDev - ok
21:34:36.0209 5644 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:34:36.0244 5644 EventSystem - ok
21:34:36.0295 5644 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:34:36.0298 5644 exfat - ok
21:34:36.0334 5644 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:34:36.0336 5644 fastfat - ok
21:34:36.0453 5644 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:34:36.0476 5644 Fax - ok
21:34:36.0521 5644 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:34:36.0523 5644 fdc - ok
21:34:36.0567 5644 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:34:36.0568 5644 fdPHost - ok
21:34:36.0586 5644 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:34:36.0590 5644 FDResPub - ok
21:34:36.0623 5644 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:34:36.0624 5644 FileInfo - ok
21:34:36.0644 5644 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:34:36.0660 5644 Filetrace - ok
21:34:36.0691 5644 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:34:36.0692 5644 flpydisk - ok
21:34:36.0735 5644 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:34:36.0737 5644 FltMgr - ok
21:34:36.0777 5644 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:34:36.0786 5644 FontCache - ok
21:34:36.0848 5644 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:34:36.0850 5644 FontCache3.0.0.0 - ok
21:34:36.0880 5644 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:34:36.0882 5644 FsDepends - ok
21:34:36.0929 5644 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:34:36.0930 5644 fssfltr - ok
21:34:36.0949 5644 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:34:36.0949 5644 Fs_Rec - ok
21:34:36.0985 5644 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:34:36.0987 5644 fvevol - ok
21:34:37.0047 5644 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:34:37.0049 5644 gagp30kx - ok
21:34:37.0140 5644 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:34:37.0165 5644 gpsvc - ok
21:34:37.0501 5644 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:34:37.0503 5644 gupdate - ok
21:34:37.0553 5644 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:34:37.0554 5644 gupdatem - ok
21:34:37.0615 5644 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:34:37.0617 5644 gusvc - ok
21:34:37.0653 5644 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:34:37.0656 5644 hcw85cir - ok
21:34:37.0719 5644 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:34:37.0723 5644 HdAudAddService - ok
21:34:37.0768 5644 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:34:37.0770 5644 HDAudBus - ok
21:34:37.0802 5644 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:34:37.0805 5644 HidBatt - ok
21:34:37.0829 5644 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:34:37.0831 5644 HidBth - ok
21:34:37.0857 5644 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:34:37.0875 5644 HidIr - ok
21:34:37.0924 5644 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:34:37.0925 5644 hidserv - ok
21:34:37.0984 5644 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:34:37.0985 5644 HidUsb - ok
21:34:38.0025 5644 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:34:38.0028 5644 hkmsvc - ok
21:34:38.0101 5644 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:34:38.0126 5644 HomeGroupListener - ok
21:34:38.0155 5644 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:34:38.0157 5644 HomeGroupProvider - ok
21:34:38.0241 5644 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:34:38.0244 5644 hpqcxs08 - ok
21:34:38.0275 5644 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:34:38.0276 5644 hpqddsvc - ok
21:34:38.0306 5644 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:34:38.0307 5644 HpSAMD - ok
21:34:38.0391 5644 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:34:38.0457 5644 HPSLPSVC - ok
21:34:38.0496 5644 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:34:38.0536 5644 HTTP - ok
21:34:38.0559 5644 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:34:38.0560 5644 hwpolicy - ok
21:34:38.0628 5644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:34:38.0630 5644 i8042prt - ok
21:34:38.0731 5644 [ 25555186E4FBDF0E30A5DBFC9B9A73F9 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
21:34:38.0733 5644 iaStorA - ok
21:34:38.0842 5644 [ 6241810294275CEA59EBA9733080E5EE ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:34:38.0843 5644 IAStorDataMgrSvc - ok
21:34:38.0880 5644 [ 10E79E366FA255318F5D1D0ED07F947D ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
21:34:38.0881 5644 iaStorF - ok
21:34:38.0918 5644 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:34:38.0922 5644 iaStorV - ok
21:34:39.0038 5644 [ D9A9FFC89F61CAD4AD9EF31FBB17E634 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:34:39.0039 5644 ICCS - ok
21:34:39.0104 5644 [ 55004F2386405B28471E09C2373ED0E0 ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
21:34:39.0104 5644 ICCWDT - ok
21:34:39.0194 5644 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:34:39.0196 5644 IDriverT - ok
21:34:39.0364 5644 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:34:39.0387 5644 idsvc - ok
21:34:39.0403 5644 IEEtwCollectorService - ok
21:34:39.0428 5644 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:34:39.0430 5644 iirsp - ok
21:34:39.0496 5644 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
21:34:39.0520 5644 IKEEXT - ok
21:34:39.0592 5644 [ 3F2BB021CB280880F8C1B7A6FEF9B447 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
21:34:39.0597 5644 INETMON - ok
21:34:40.0061 5644 [ 7A3585C4000C8340AE6B7FA08F9EF50F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:34:40.0074 5644 IntcAzAudAddService - ok
21:34:40.0136 5644 [ DAE6C3099D291EED8922A65C29ABCF52 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:34:40.0141 5644 Intel(R) Capability Licensing Service Interface - ok
21:34:40.0271 5644 [ D45226E3E7A25F1E7CE8DF8FD0A2A098 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:34:40.0312 5644 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:34:40.0347 5644 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:34:40.0350 5644 intelide - ok
21:34:40.0397 5644 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:34:40.0397 5644 intelppm - ok
21:34:40.0442 5644 [ 94E0CB0750C3E09E34257A4BEA582EED ] iocbios2 C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
21:34:40.0448 5644 iocbios2 - ok
21:34:40.0478 5644 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:34:40.0480 5644 IPBusEnum - ok
21:34:40.0500 5644 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:34:40.0502 5644 IpFilterDriver - ok
21:34:40.0563 5644 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:34:40.0567 5644 iphlpsvc - ok
21:34:40.0599 5644 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:34:40.0601 5644 IPMIDRV - ok
21:34:40.0635 5644 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:34:40.0636 5644 IPNAT - ok
21:34:40.0666 5644 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:34:40.0669 5644 IRENUM - ok
21:34:40.0724 5644 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:34:40.0728 5644 isapnp - ok
21:34:40.0774 5644 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:34:40.0777 5644 iScsiPrt - ok
21:34:40.0821 5644 [ 4EE2423C38F43D37F8497A672FD10BDC ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
21:34:40.0822 5644 ISCT - ok
21:34:40.0883 5644 [ 2A676B190889ACEDF3AA8D64C269F8AF ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:34:40.0886 5644 ISCTAgent - ok
21:34:40.0948 5644 [ 78D369F8A81A341109FBA1DB64B4C512 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:34:40.0948 5644 iusb3hcs - ok
21:34:40.0988 5644 [ 5B632ABA038CE2E2D5D2D1115C6B26D1 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:34:40.0990 5644 iusb3hub - ok
21:34:41.0051 5644 [ EA841584EF59528D11F20355770E427E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:34:41.0054 5644 iusb3xhc - ok
21:34:41.0139 5644 [ 52069AEB42D3D0F97CBCA1085EBF55E6 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:34:41.0141 5644 jhi_service - ok
21:34:41.0178 5644 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:34:41.0179 5644 kbdclass - ok
21:34:41.0197 5644 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:34:41.0198 5644 kbdhid - ok
21:34:41.0265 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
21:34:41.0266 5644 KeyIso - ok
21:34:41.0304 5644 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:34:41.0307 5644 KSecDD - ok
21:34:41.0326 5644 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:34:41.0328 5644 KSecPkg - ok
21:34:41.0343 5644 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:34:41.0344 5644 ksthunk - ok
21:34:41.0428 5644 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:34:41.0447 5644 KtmRm - ok
21:34:41.0540 5644 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:34:41.0564 5644 LanmanServer - ok
21:34:41.0616 5644 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:34:41.0618 5644 LanmanWorkstation - ok
21:34:41.0676 5644 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:34:41.0678 5644 lltdio - ok
21:34:41.0747 5644 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:34:41.0766 5644 lltdsvc - ok
21:34:41.0799 5644 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:34:41.0801 5644 lmhosts - ok
21:34:41.0957 5644 [ 08E2B577DB95156F9A658C988EE71F5D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:34:41.0973 5644 LMS - ok
21:34:42.0027 5644 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:34:42.0029 5644 LSI_FC - ok
21:34:42.0048 5644 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:34:42.0049 5644 LSI_SAS - ok
21:34:42.0077 5644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:34:42.0079 5644 LSI_SAS2 - ok
21:34:42.0097 5644 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:34:42.0099 5644 LSI_SCSI - ok
21:34:42.0116 5644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:34:42.0117 5644 luafv - ok
21:34:42.0141 5644 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:34:42.0141 5644 MBfilt - ok
21:34:42.0183 5644 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:34:42.0186 5644 Mcx2Svc - ok
21:34:42.0206 5644 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:34:42.0209 5644 megasas - ok
21:34:42.0260 5644 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:34:42.0262 5644 MegaSR - ok
21:34:42.0322 5644 [ E0EF6C1399A9B1AAA0B28590411BED04 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
21:34:42.0323 5644 MEIx64 - ok
21:34:42.0494 5644 Microsoft SharePoint Workspace Audit Service - ok
21:34:42.0522 5644 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:34:42.0523 5644 MMCSS - ok
21:34:42.0542 5644 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:34:42.0544 5644 Modem - ok
21:34:42.0590 5644 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:34:42.0590 5644 monitor - ok
21:34:42.0631 5644 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:34:42.0631 5644 mouclass - ok
21:34:42.0665 5644 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:34:42.0667 5644 mouhid - ok
21:34:42.0709 5644 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:34:42.0711 5644 mountmgr - ok
21:34:42.0798 5644 [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:34:42.0800 5644 MozillaMaintenance - ok
21:34:42.0853 5644 [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:34:42.0877 5644 MpFilter - ok
21:34:42.0907 5644 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:34:42.0909 5644 mpio - ok
21:34:42.0937 5644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:34:42.0940 5644 mpsdrv - ok
21:34:42.0975 5644 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:34:42.0981 5644 MpsSvc - ok
21:34:43.0030 5644 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:34:43.0032 5644 MRxDAV - ok
21:34:43.0073 5644 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:34:43.0074 5644 mrxsmb - ok
21:34:43.0098 5644 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:34:43.0101 5644 mrxsmb10 - ok
21:34:43.0116 5644 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:34:43.0117 5644 mrxsmb20 - ok
21:34:43.0148 5644 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:34:43.0148 5644 msahci - ok
21:34:43.0191 5644 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:34:43.0193 5644 msdsm - ok
21:34:43.0208 5644 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:34:43.0210 5644 MSDTC - ok
21:34:43.0225 5644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:34:43.0226 5644 Msfs - ok
21:34:43.0270 5644 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:34:43.0273 5644 mshidkmdf - ok
21:34:43.0720 5644 [ 9CEBDD8D9E37156A567D33AC97899219 ] MSIBIOSData_CC C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
21:34:43.0775 5644 MSIBIOSData_CC - ok
21:34:43.0777 5644 MSICDSetup - ok
21:34:43.0807 5644 [ 8F1F3CB2D5DFFF1E641C3346A3C5F1BE ] MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
21:34:43.0810 5644 MSIClock_CC - ok
21:34:44.0043 5644 [ CE903E18B2E1B2DB62A461787240429E ] MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
21:34:44.0118 5644 MSICOMM_CC - ok
21:34:44.0510 5644 [ 986F3BA2E1172FF9B59FEC7A04B0C016 ] MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
21:34:44.0563 5644 MSICPU_CC - ok
21:34:44.0874 5644 [ C862F92AA4E7B13B75C9396C6C8CE407 ] MSICTL_CC C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
21:34:44.0939 5644 MSICTL_CC - ok
21:34:45.0126 5644 [ DEC52680ED6728A3CD5191674B6CC7B4 ] MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
21:34:45.0168 5644 MSIDDR_CC - ok
21:34:45.0197 5644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:34:45.0198 5644 msisadrv - ok
21:34:45.0545 5644 [ C41A29D2EEF3390877558D07D74DB2CE ] MSISaveLoad_CC C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
21:34:45.0623 5644 MSISaveLoad_CC - ok
21:34:45.0701 5644 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:34:45.0703 5644 MSiSCSI - ok
21:34:45.0705 5644 msiserver - ok
21:34:45.0762 5644 [ 13037FA5EA2B57DDBD49BBA995C7469B ] MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
21:34:45.0764 5644 MSISMB_CC - ok
21:34:45.0890 5644 [ 75344ABB796AD37126D9020A8CE480E7 ] MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
21:34:45.0915 5644 MSISuperIO_CC - ok
21:34:46.0042 5644 [ D1E94CE40F6141550BB4B7E3863D413C ] MSIWMI_CC C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
21:34:46.0043 5644 MSIWMI_CC - ok
21:34:46.0099 5644 [ 629CC5BE3BD275ECD8BBDBEC412C3C8A ] MSI_FastBoot C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
21:34:46.0130 5644 MSI_FastBoot - ok
21:34:46.0248 5644 [ C92F541E27885AF79DA641418E74672D ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
21:34:46.0250 5644 MSI_SuperCharger - ok
21:34:46.0308 5644 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:34:46.0310 5644 MSKSSRV - ok
21:34:46.0399 5644 [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:34:46.0399 5644 MsMpSvc - ok
21:34:46.0426 5644 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:34:46.0429 5644 MSPCLOCK - ok
21:34:46.0456 5644 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:34:46.0459 5644 MSPQM - ok
21:34:46.0532 5644 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:34:46.0548 5644 MsRPC - ok
21:34:46.0573 5644 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:34:46.0574 5644 mssmbios - ok
21:34:46.0598 5644 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:34:46.0600 5644 MSTEE - ok
21:34:46.0623 5644 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:34:46.0640 5644 MTConfig - ok
21:34:46.0696 5644 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:34:46.0696 5644 Mup - ok
21:34:46.0768 5644 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:34:46.0793 5644 napagent - ok
21:34:46.0876 5644 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:34:46.0901 5644 NativeWifiP - ok
21:34:47.0007 5644 [ E59AFB64C2F6E0C99350E1C944C75088 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:34:47.0036 5644 NAUpdate - ok
21:34:47.0230 5644 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:34:47.0306 5644 NDIS - ok
21:34:47.0382 5644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:34:47.0386 5644 NdisCap - ok
21:34:47.0409 5644 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:34:47.0410 5644 NdisTapi - ok
21:34:47.0447 5644 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:34:47.0450 5644 Ndisuio - ok
21:34:47.0510 5644 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:34:47.0535 5644 NdisWan - ok
21:34:47.0565 5644 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:34:47.0566 5644 NDProxy - ok
21:34:47.0631 5644 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:34:47.0632 5644 Net Driver HPZ12 - ok
21:34:47.0681 5644 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:34:47.0682 5644 NetBIOS - ok
21:34:47.0738 5644 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:34:47.0754 5644 NetBT - ok
21:34:47.0774 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
21:34:47.0775 5644 Netlogon - ok
21:34:47.0848 5644 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:34:47.0851 5644 Netman - ok
21:34:48.0091 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0107 5644 NetMsmqActivator - ok
21:34:48.0118 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0119 5644 NetPipeActivator - ok
21:34:48.0135 5644 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:34:48.0139 5644 netprofm - ok
21:34:48.0148 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0149 5644 NetTcpActivator - ok
21:34:48.0152 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0153 5644 NetTcpPortSharing - ok
21:34:48.0193 5644 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:34:48.0194 5644 nfrd960 - ok
21:34:48.0235 5644 [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:34:48.0236 5644 NisDrv - ok
21:34:48.0296 5644 [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:34:48.0321 5644 NisSrv - ok
21:34:48.0396 5644 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:34:48.0414 5644 NlaSvc - ok
21:34:48.0421 5644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:34:48.0422 5644 Npfs - ok
21:34:48.0448 5644 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:34:48.0451 5644 nsi - ok
21:34:48.0472 5644 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:34:48.0473 5644 nsiproxy - ok
21:34:48.0780 5644 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:34:48.0804 5644 Ntfs - ok
21:34:48.0912 5644 [ C3FEA895FE95EA7A57D9F4D7ABED5E71 ] NTIOLib_1_0_1 C:\MSI\Super RAID\NTIOLib_X64.sys
21:34:48.0918 5644 NTIOLib_1_0_1 - ok
21:34:48.0998 5644 [ 23CF3DA010497EB2BF39A5C5A57E437C ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
21:34:49.0005 5644 NTIOLib_1_0_3 - ok
21:34:49.0135 5644 [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
21:34:49.0135 5644 NTIOLib_1_0_4 - ok
21:34:49.0136 5644 NTIOLib_1_0_C - ok
21:34:49.0185 5644 [ 992DED5B623BE3C228F32EDB4CA3F2D2 ] NTIOLib_FastBoot C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
21:34:49.0191 5644 NTIOLib_FastBoot - ok
21:34:49.0248 5644 [ 95E4C7B0384DA89DCE8EA6F31C3613D9 ] NTIOLib_MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys
RK:
RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jarda [Práva správce]
Mód : Odebrat -- Datum : 02/28/2014 21:27:32
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] icq.exe -- C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe [7] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 16 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Jarda\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : icq (C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe -CU [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\Run : uTorrent ("C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #3 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1394243904-1934234362-1952488102-1000\[...]\RunOnce : Application Restart #2 (C:\Users\Jarda\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Jarda\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM 003-1CH162 SCSI Disk Device +++++
--- User ---
[MBR] 038766c48a0a1c5818c87dca4147bce4
[BSP] 956b7dd5cdbc122b4bca262048a375c7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 249900 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512002048 | Size: 703867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_02282014_212732.txt >>
RKreport[0]_S_02282014_141945.txt;RKreport[0]_S_02282014_212728.txt
TDSSKiller:
21:34:21.0378 6108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:34:23.0279 6108 ============================================================
21:34:23.0279 6108 Current date / time: 2014/02/28 21:34:23.0279
21:34:23.0279 6108 SystemInfo:
21:34:23.0279 6108
21:34:23.0279 6108 OS Version: 6.1.7601 ServicePack: 1.0
21:34:23.0279 6108 Product type: Workstation
21:34:23.0279 6108 ComputerName: JARDA-PC
21:34:23.0279 6108 UserName: Jarda
21:34:23.0279 6108 Windows directory: C:\Windows
21:34:23.0279 6108 System windows directory: C:\Windows
21:34:23.0279 6108 Running under WOW64
21:34:23.0279 6108 Processor architecture: Intel x64
21:34:23.0279 6108 Number of processors: 4
21:34:23.0279 6108 Page size: 0x1000
21:34:23.0279 6108 Boot type: Normal boot
21:34:23.0279 6108 ============================================================
21:34:24.0328 6108 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:34:24.0345 6108 ============================================================
21:34:24.0345 6108 \Device\Harddisk0\DR0:
21:34:24.0345 6108 MBR partitions:
21:34:24.0345 6108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:34:24.0345 6108 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000
21:34:24.0345 6108 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x55EBD800
21:34:24.0345 6108 ============================================================
21:34:24.0370 6108 C: <-> \Device\Harddisk0\DR0\Partition2
21:34:24.0411 6108 D: <-> \Device\Harddisk0\DR0\Partition3
21:34:24.0411 6108 ============================================================
21:34:24.0411 6108 Initialize success
21:34:24.0411 6108 ============================================================
21:34:26.0051 5644 ============================================================
21:34:26.0051 5644 Scan started
21:34:26.0051 5644 Mode: Manual;
21:34:26.0051 5644 ============================================================
21:34:27.0221 5644 ================ Scan system memory ========================
21:34:27.0221 5644 System memory - ok
21:34:27.0221 5644 ================ Scan services =============================
21:34:29.0007 5644 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:34:29.0010 5644 1394ohci - ok
21:34:29.0089 5644 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:34:29.0114 5644 ACPI - ok
21:34:29.0213 5644 [ 2EA3EB3E69B6480AB112E876F3096312 ] AcpiCtlDrv C:\Windows\system32\DRIVERS\AcpiCtlDrv.sys
21:34:29.0213 5644 AcpiCtlDrv - ok
21:34:29.0240 5644 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:34:29.0241 5644 AcpiPmi - ok
21:34:29.0369 5644 [ 125DC7C85E34A8B0483404E8024FE769 ] acthelper C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe
21:34:29.0402 5644 acthelper - ok
21:34:29.0436 5644 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:34:29.0438 5644 AdobeARMservice - ok
21:34:29.0606 5644 [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:34:29.0608 5644 AdobeFlashPlayerUpdateSvc - ok
21:34:29.0662 5644 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:34:29.0667 5644 adp94xx - ok
21:34:29.0722 5644 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:34:29.0726 5644 adpahci - ok
21:34:29.0743 5644 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:34:29.0745 5644 adpu320 - ok
21:34:29.0784 5644 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:34:29.0786 5644 AeLookupSvc - ok
21:34:29.0827 5644 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
21:34:29.0831 5644 AFD - ok
21:34:29.0878 5644 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:34:29.0880 5644 agp440 - ok
21:34:29.0919 5644 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:34:29.0920 5644 ALG - ok
21:34:29.0953 5644 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:34:29.0956 5644 aliide - ok
21:34:29.0991 5644 [ 99E061822198323D427901FDA293825C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:34:29.0993 5644 AMD External Events Utility - ok
21:34:30.0013 5644 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:34:30.0015 5644 amdide - ok
21:34:30.0040 5644 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:34:30.0041 5644 AmdK8 - ok
21:34:30.0322 5644 [ 454451A6A699C07040F406E44C457A50 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:34:30.0449 5644 amdkmdag - ok
21:34:30.0571 5644 [ 61FBDA851233587CE9C9B7020146359E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:34:30.0574 5644 amdkmdap - ok
21:34:30.0587 5644 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:34:30.0590 5644 AmdPPM - ok
21:34:30.0659 5644 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:34:30.0661 5644 amdsata - ok
21:34:30.0704 5644 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:34:30.0706 5644 amdsbs - ok
21:34:30.0722 5644 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:34:30.0722 5644 amdxata - ok
21:34:30.0774 5644 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:34:30.0776 5644 AppID - ok
21:34:30.0806 5644 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:34:30.0807 5644 AppIDSvc - ok
21:34:30.0889 5644 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
21:34:30.0891 5644 Appinfo - ok
21:34:30.0950 5644 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:34:30.0952 5644 AppMgmt - ok
21:34:30.0978 5644 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:34:30.0981 5644 arc - ok
21:34:31.0002 5644 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:34:31.0004 5644 arcsas - ok
21:34:31.0348 5644 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:34:31.0397 5644 aspnet_state - ok
21:34:31.0446 5644 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:34:31.0447 5644 AsyncMac - ok
21:34:31.0484 5644 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:34:31.0484 5644 atapi - ok
21:34:31.0581 5644 [ 4E5C72F003BFCB75701480DDCA5F0F09 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:34:31.0582 5644 AtiHDAudioService - ok
21:34:31.0690 5644 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:34:31.0712 5644 AudioEndpointBuilder - ok
21:34:31.0740 5644 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:34:31.0743 5644 AudioSrv - ok
21:34:31.0823 5644 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:34:31.0824 5644 AxInstSV - ok
21:34:31.0920 5644 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:34:31.0938 5644 b06bdrv - ok
21:34:31.0988 5644 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:34:31.0990 5644 b57nd60a - ok
21:34:32.0018 5644 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:34:32.0021 5644 BDESVC - ok
21:34:32.0053 5644 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:34:32.0069 5644 Beep - ok
21:34:32.0234 5644 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:34:32.0260 5644 BFE - ok
21:34:32.0285 5644 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:34:32.0291 5644 BITS - ok
21:34:32.0317 5644 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:34:32.0319 5644 blbdrive - ok
21:34:32.0366 5644 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:34:32.0368 5644 bowser - ok
21:34:32.0389 5644 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:34:32.0391 5644 BrFiltLo - ok
21:34:32.0422 5644 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:34:32.0424 5644 BrFiltUp - ok
21:34:32.0460 5644 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:34:32.0461 5644 Browser - ok
21:34:32.0527 5644 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:34:32.0546 5644 Brserid - ok
21:34:32.0563 5644 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:34:32.0566 5644 BrSerWdm - ok
21:34:32.0596 5644 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:34:32.0598 5644 BrUsbMdm - ok
21:34:32.0620 5644 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:34:32.0621 5644 BrUsbSer - ok
21:34:32.0640 5644 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:34:32.0643 5644 BTHMODEM - ok
21:34:32.0674 5644 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:34:32.0676 5644 bthserv - ok
21:34:32.0704 5644 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:34:32.0705 5644 cdfs - ok
21:34:32.0754 5644 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:34:32.0756 5644 cdrom - ok
21:34:32.0802 5644 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:34:32.0806 5644 CertPropSvc - ok
21:34:32.0822 5644 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:34:32.0823 5644 circlass - ok
21:34:32.0873 5644 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:34:32.0889 5644 CLFS - ok
21:34:33.0058 5644 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:34:33.0061 5644 clr_optimization_v2.0.50727_32 - ok
21:34:33.0227 5644 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:34:33.0248 5644 clr_optimization_v2.0.50727_64 - ok
21:34:33.0404 5644 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:34:33.0631 5644 clr_optimization_v4.0.30319_32 - ok
21:34:33.0653 5644 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:34:33.0750 5644 clr_optimization_v4.0.30319_64 - ok
21:34:33.0774 5644 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:34:33.0775 5644 CmBatt - ok
21:34:33.0823 5644 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:34:33.0840 5644 cmdide - ok
21:34:33.0895 5644 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
21:34:33.0899 5644 CNG - ok
21:34:33.0932 5644 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:34:33.0935 5644 Compbatt - ok
21:34:33.0989 5644 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:34:33.0991 5644 CompositeBus - ok
21:34:34.0017 5644 COMSysApp - ok
21:34:34.0051 5644 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:34:34.0053 5644 crcdisk - ok
21:34:34.0104 5644 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:34:34.0106 5644 CryptSvc - ok
21:34:34.0227 5644 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
21:34:34.0276 5644 CSC - ok
21:34:34.0336 5644 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
21:34:34.0393 5644 CscService - ok
21:34:34.0418 5644 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:34:34.0422 5644 DcomLaunch - ok
21:34:34.0497 5644 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:34:34.0520 5644 defragsvc - ok
21:34:34.0555 5644 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:34:34.0556 5644 DfsC - ok
21:34:34.0640 5644 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:34:34.0659 5644 Dhcp - ok
21:34:34.0706 5644 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:34:34.0707 5644 discache - ok
21:34:34.0724 5644 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:34:34.0725 5644 Disk - ok
21:34:34.0774 5644 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:34:34.0776 5644 Dnscache - ok
21:34:34.0835 5644 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:34:34.0859 5644 dot3svc - ok
21:34:34.0900 5644 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:34:34.0902 5644 DPS - ok
21:34:34.0949 5644 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:34:34.0966 5644 drmkaud - ok
21:34:35.0097 5644 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:34:35.0112 5644 dtsoftbus01 - ok
21:34:35.0299 5644 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:34:35.0302 5644 DXGKrnl - ok
21:34:35.0329 5644 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:34:35.0330 5644 EapHost - ok
21:34:35.0703 5644 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:34:35.0744 5644 ebdrv - ok
21:34:35.0797 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
21:34:35.0799 5644 EFS - ok
21:34:35.0915 5644 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:34:35.0919 5644 ehRecvr - ok
21:34:35.0943 5644 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:34:35.0945 5644 ehSched - ok
21:34:36.0029 5644 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:34:36.0048 5644 elxstor - ok
21:34:36.0084 5644 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:34:36.0085 5644 ErrDev - ok
21:34:36.0209 5644 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:34:36.0244 5644 EventSystem - ok
21:34:36.0295 5644 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:34:36.0298 5644 exfat - ok
21:34:36.0334 5644 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:34:36.0336 5644 fastfat - ok
21:34:36.0453 5644 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:34:36.0476 5644 Fax - ok
21:34:36.0521 5644 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:34:36.0523 5644 fdc - ok
21:34:36.0567 5644 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:34:36.0568 5644 fdPHost - ok
21:34:36.0586 5644 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:34:36.0590 5644 FDResPub - ok
21:34:36.0623 5644 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:34:36.0624 5644 FileInfo - ok
21:34:36.0644 5644 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:34:36.0660 5644 Filetrace - ok
21:34:36.0691 5644 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:34:36.0692 5644 flpydisk - ok
21:34:36.0735 5644 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:34:36.0737 5644 FltMgr - ok
21:34:36.0777 5644 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
21:34:36.0786 5644 FontCache - ok
21:34:36.0848 5644 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:34:36.0850 5644 FontCache3.0.0.0 - ok
21:34:36.0880 5644 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:34:36.0882 5644 FsDepends - ok
21:34:36.0929 5644 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:34:36.0930 5644 fssfltr - ok
21:34:36.0949 5644 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:34:36.0949 5644 Fs_Rec - ok
21:34:36.0985 5644 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:34:36.0987 5644 fvevol - ok
21:34:37.0047 5644 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:34:37.0049 5644 gagp30kx - ok
21:34:37.0140 5644 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:34:37.0165 5644 gpsvc - ok
21:34:37.0501 5644 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:34:37.0503 5644 gupdate - ok
21:34:37.0553 5644 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:34:37.0554 5644 gupdatem - ok
21:34:37.0615 5644 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:34:37.0617 5644 gusvc - ok
21:34:37.0653 5644 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:34:37.0656 5644 hcw85cir - ok
21:34:37.0719 5644 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:34:37.0723 5644 HdAudAddService - ok
21:34:37.0768 5644 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:34:37.0770 5644 HDAudBus - ok
21:34:37.0802 5644 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:34:37.0805 5644 HidBatt - ok
21:34:37.0829 5644 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:34:37.0831 5644 HidBth - ok
21:34:37.0857 5644 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:34:37.0875 5644 HidIr - ok
21:34:37.0924 5644 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:34:37.0925 5644 hidserv - ok
21:34:37.0984 5644 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:34:37.0985 5644 HidUsb - ok
21:34:38.0025 5644 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:34:38.0028 5644 hkmsvc - ok
21:34:38.0101 5644 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:34:38.0126 5644 HomeGroupListener - ok
21:34:38.0155 5644 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:34:38.0157 5644 HomeGroupProvider - ok
21:34:38.0241 5644 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:34:38.0244 5644 hpqcxs08 - ok
21:34:38.0275 5644 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:34:38.0276 5644 hpqddsvc - ok
21:34:38.0306 5644 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:34:38.0307 5644 HpSAMD - ok
21:34:38.0391 5644 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:34:38.0457 5644 HPSLPSVC - ok
21:34:38.0496 5644 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:34:38.0536 5644 HTTP - ok
21:34:38.0559 5644 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:34:38.0560 5644 hwpolicy - ok
21:34:38.0628 5644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:34:38.0630 5644 i8042prt - ok
21:34:38.0731 5644 [ 25555186E4FBDF0E30A5DBFC9B9A73F9 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
21:34:38.0733 5644 iaStorA - ok
21:34:38.0842 5644 [ 6241810294275CEA59EBA9733080E5EE ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:34:38.0843 5644 IAStorDataMgrSvc - ok
21:34:38.0880 5644 [ 10E79E366FA255318F5D1D0ED07F947D ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
21:34:38.0881 5644 iaStorF - ok
21:34:38.0918 5644 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:34:38.0922 5644 iaStorV - ok
21:34:39.0038 5644 [ D9A9FFC89F61CAD4AD9EF31FBB17E634 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:34:39.0039 5644 ICCS - ok
21:34:39.0104 5644 [ 55004F2386405B28471E09C2373ED0E0 ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
21:34:39.0104 5644 ICCWDT - ok
21:34:39.0194 5644 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:34:39.0196 5644 IDriverT - ok
21:34:39.0364 5644 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:34:39.0387 5644 idsvc - ok
21:34:39.0403 5644 IEEtwCollectorService - ok
21:34:39.0428 5644 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:34:39.0430 5644 iirsp - ok
21:34:39.0496 5644 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
21:34:39.0520 5644 IKEEXT - ok
21:34:39.0592 5644 [ 3F2BB021CB280880F8C1B7A6FEF9B447 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
21:34:39.0597 5644 INETMON - ok
21:34:40.0061 5644 [ 7A3585C4000C8340AE6B7FA08F9EF50F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:34:40.0074 5644 IntcAzAudAddService - ok
21:34:40.0136 5644 [ DAE6C3099D291EED8922A65C29ABCF52 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:34:40.0141 5644 Intel(R) Capability Licensing Service Interface - ok
21:34:40.0271 5644 [ D45226E3E7A25F1E7CE8DF8FD0A2A098 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:34:40.0312 5644 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:34:40.0347 5644 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:34:40.0350 5644 intelide - ok
21:34:40.0397 5644 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:34:40.0397 5644 intelppm - ok
21:34:40.0442 5644 [ 94E0CB0750C3E09E34257A4BEA582EED ] iocbios2 C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
21:34:40.0448 5644 iocbios2 - ok
21:34:40.0478 5644 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:34:40.0480 5644 IPBusEnum - ok
21:34:40.0500 5644 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:34:40.0502 5644 IpFilterDriver - ok
21:34:40.0563 5644 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:34:40.0567 5644 iphlpsvc - ok
21:34:40.0599 5644 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:34:40.0601 5644 IPMIDRV - ok
21:34:40.0635 5644 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:34:40.0636 5644 IPNAT - ok
21:34:40.0666 5644 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:34:40.0669 5644 IRENUM - ok
21:34:40.0724 5644 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:34:40.0728 5644 isapnp - ok
21:34:40.0774 5644 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:34:40.0777 5644 iScsiPrt - ok
21:34:40.0821 5644 [ 4EE2423C38F43D37F8497A672FD10BDC ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
21:34:40.0822 5644 ISCT - ok
21:34:40.0883 5644 [ 2A676B190889ACEDF3AA8D64C269F8AF ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:34:40.0886 5644 ISCTAgent - ok
21:34:40.0948 5644 [ 78D369F8A81A341109FBA1DB64B4C512 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:34:40.0948 5644 iusb3hcs - ok
21:34:40.0988 5644 [ 5B632ABA038CE2E2D5D2D1115C6B26D1 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:34:40.0990 5644 iusb3hub - ok
21:34:41.0051 5644 [ EA841584EF59528D11F20355770E427E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:34:41.0054 5644 iusb3xhc - ok
21:34:41.0139 5644 [ 52069AEB42D3D0F97CBCA1085EBF55E6 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:34:41.0141 5644 jhi_service - ok
21:34:41.0178 5644 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:34:41.0179 5644 kbdclass - ok
21:34:41.0197 5644 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:34:41.0198 5644 kbdhid - ok
21:34:41.0265 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
21:34:41.0266 5644 KeyIso - ok
21:34:41.0304 5644 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:34:41.0307 5644 KSecDD - ok
21:34:41.0326 5644 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:34:41.0328 5644 KSecPkg - ok
21:34:41.0343 5644 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:34:41.0344 5644 ksthunk - ok
21:34:41.0428 5644 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:34:41.0447 5644 KtmRm - ok
21:34:41.0540 5644 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:34:41.0564 5644 LanmanServer - ok
21:34:41.0616 5644 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:34:41.0618 5644 LanmanWorkstation - ok
21:34:41.0676 5644 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:34:41.0678 5644 lltdio - ok
21:34:41.0747 5644 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:34:41.0766 5644 lltdsvc - ok
21:34:41.0799 5644 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:34:41.0801 5644 lmhosts - ok
21:34:41.0957 5644 [ 08E2B577DB95156F9A658C988EE71F5D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:34:41.0973 5644 LMS - ok
21:34:42.0027 5644 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:34:42.0029 5644 LSI_FC - ok
21:34:42.0048 5644 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:34:42.0049 5644 LSI_SAS - ok
21:34:42.0077 5644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:34:42.0079 5644 LSI_SAS2 - ok
21:34:42.0097 5644 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:34:42.0099 5644 LSI_SCSI - ok
21:34:42.0116 5644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:34:42.0117 5644 luafv - ok
21:34:42.0141 5644 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
21:34:42.0141 5644 MBfilt - ok
21:34:42.0183 5644 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:34:42.0186 5644 Mcx2Svc - ok
21:34:42.0206 5644 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:34:42.0209 5644 megasas - ok
21:34:42.0260 5644 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:34:42.0262 5644 MegaSR - ok
21:34:42.0322 5644 [ E0EF6C1399A9B1AAA0B28590411BED04 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
21:34:42.0323 5644 MEIx64 - ok
21:34:42.0494 5644 Microsoft SharePoint Workspace Audit Service - ok
21:34:42.0522 5644 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:34:42.0523 5644 MMCSS - ok
21:34:42.0542 5644 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:34:42.0544 5644 Modem - ok
21:34:42.0590 5644 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:34:42.0590 5644 monitor - ok
21:34:42.0631 5644 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:34:42.0631 5644 mouclass - ok
21:34:42.0665 5644 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:34:42.0667 5644 mouhid - ok
21:34:42.0709 5644 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:34:42.0711 5644 mountmgr - ok
21:34:42.0798 5644 [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:34:42.0800 5644 MozillaMaintenance - ok
21:34:42.0853 5644 [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
21:34:42.0877 5644 MpFilter - ok
21:34:42.0907 5644 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:34:42.0909 5644 mpio - ok
21:34:42.0937 5644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:34:42.0940 5644 mpsdrv - ok
21:34:42.0975 5644 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:34:42.0981 5644 MpsSvc - ok
21:34:43.0030 5644 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:34:43.0032 5644 MRxDAV - ok
21:34:43.0073 5644 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:34:43.0074 5644 mrxsmb - ok
21:34:43.0098 5644 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:34:43.0101 5644 mrxsmb10 - ok
21:34:43.0116 5644 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:34:43.0117 5644 mrxsmb20 - ok
21:34:43.0148 5644 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:34:43.0148 5644 msahci - ok
21:34:43.0191 5644 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:34:43.0193 5644 msdsm - ok
21:34:43.0208 5644 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:34:43.0210 5644 MSDTC - ok
21:34:43.0225 5644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:34:43.0226 5644 Msfs - ok
21:34:43.0270 5644 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:34:43.0273 5644 mshidkmdf - ok
21:34:43.0720 5644 [ 9CEBDD8D9E37156A567D33AC97899219 ] MSIBIOSData_CC C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
21:34:43.0775 5644 MSIBIOSData_CC - ok
21:34:43.0777 5644 MSICDSetup - ok
21:34:43.0807 5644 [ 8F1F3CB2D5DFFF1E641C3346A3C5F1BE ] MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
21:34:43.0810 5644 MSIClock_CC - ok
21:34:44.0043 5644 [ CE903E18B2E1B2DB62A461787240429E ] MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
21:34:44.0118 5644 MSICOMM_CC - ok
21:34:44.0510 5644 [ 986F3BA2E1172FF9B59FEC7A04B0C016 ] MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
21:34:44.0563 5644 MSICPU_CC - ok
21:34:44.0874 5644 [ C862F92AA4E7B13B75C9396C6C8CE407 ] MSICTL_CC C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
21:34:44.0939 5644 MSICTL_CC - ok
21:34:45.0126 5644 [ DEC52680ED6728A3CD5191674B6CC7B4 ] MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
21:34:45.0168 5644 MSIDDR_CC - ok
21:34:45.0197 5644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:34:45.0198 5644 msisadrv - ok
21:34:45.0545 5644 [ C41A29D2EEF3390877558D07D74DB2CE ] MSISaveLoad_CC C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
21:34:45.0623 5644 MSISaveLoad_CC - ok
21:34:45.0701 5644 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:34:45.0703 5644 MSiSCSI - ok
21:34:45.0705 5644 msiserver - ok
21:34:45.0762 5644 [ 13037FA5EA2B57DDBD49BBA995C7469B ] MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
21:34:45.0764 5644 MSISMB_CC - ok
21:34:45.0890 5644 [ 75344ABB796AD37126D9020A8CE480E7 ] MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
21:34:45.0915 5644 MSISuperIO_CC - ok
21:34:46.0042 5644 [ D1E94CE40F6141550BB4B7E3863D413C ] MSIWMI_CC C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
21:34:46.0043 5644 MSIWMI_CC - ok
21:34:46.0099 5644 [ 629CC5BE3BD275ECD8BBDBEC412C3C8A ] MSI_FastBoot C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
21:34:46.0130 5644 MSI_FastBoot - ok
21:34:46.0248 5644 [ C92F541E27885AF79DA641418E74672D ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
21:34:46.0250 5644 MSI_SuperCharger - ok
21:34:46.0308 5644 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:34:46.0310 5644 MSKSSRV - ok
21:34:46.0399 5644 [ 7675E15D1B2180745E4DA4D26AAD7385 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:34:46.0399 5644 MsMpSvc - ok
21:34:46.0426 5644 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:34:46.0429 5644 MSPCLOCK - ok
21:34:46.0456 5644 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:34:46.0459 5644 MSPQM - ok
21:34:46.0532 5644 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:34:46.0548 5644 MsRPC - ok
21:34:46.0573 5644 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:34:46.0574 5644 mssmbios - ok
21:34:46.0598 5644 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:34:46.0600 5644 MSTEE - ok
21:34:46.0623 5644 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:34:46.0640 5644 MTConfig - ok
21:34:46.0696 5644 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:34:46.0696 5644 Mup - ok
21:34:46.0768 5644 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:34:46.0793 5644 napagent - ok
21:34:46.0876 5644 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:34:46.0901 5644 NativeWifiP - ok
21:34:47.0007 5644 [ E59AFB64C2F6E0C99350E1C944C75088 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:34:47.0036 5644 NAUpdate - ok
21:34:47.0230 5644 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:34:47.0306 5644 NDIS - ok
21:34:47.0382 5644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:34:47.0386 5644 NdisCap - ok
21:34:47.0409 5644 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:34:47.0410 5644 NdisTapi - ok
21:34:47.0447 5644 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:34:47.0450 5644 Ndisuio - ok
21:34:47.0510 5644 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:34:47.0535 5644 NdisWan - ok
21:34:47.0565 5644 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:34:47.0566 5644 NDProxy - ok
21:34:47.0631 5644 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:34:47.0632 5644 Net Driver HPZ12 - ok
21:34:47.0681 5644 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:34:47.0682 5644 NetBIOS - ok
21:34:47.0738 5644 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:34:47.0754 5644 NetBT - ok
21:34:47.0774 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
21:34:47.0775 5644 Netlogon - ok
21:34:47.0848 5644 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:34:47.0851 5644 Netman - ok
21:34:48.0091 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0107 5644 NetMsmqActivator - ok
21:34:48.0118 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0119 5644 NetPipeActivator - ok
21:34:48.0135 5644 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:34:48.0139 5644 netprofm - ok
21:34:48.0148 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0149 5644 NetTcpActivator - ok
21:34:48.0152 5644 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:48.0153 5644 NetTcpPortSharing - ok
21:34:48.0193 5644 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:34:48.0194 5644 nfrd960 - ok
21:34:48.0235 5644 [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:34:48.0236 5644 NisDrv - ok
21:34:48.0296 5644 [ 6247E8B31ED0A9D6BC5A26276E49BEB3 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
21:34:48.0321 5644 NisSrv - ok
21:34:48.0396 5644 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:34:48.0414 5644 NlaSvc - ok
21:34:48.0421 5644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:34:48.0422 5644 Npfs - ok
21:34:48.0448 5644 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:34:48.0451 5644 nsi - ok
21:34:48.0472 5644 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:34:48.0473 5644 nsiproxy - ok
21:34:48.0780 5644 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:34:48.0804 5644 Ntfs - ok
21:34:48.0912 5644 [ C3FEA895FE95EA7A57D9F4D7ABED5E71 ] NTIOLib_1_0_1 C:\MSI\Super RAID\NTIOLib_X64.sys
21:34:48.0918 5644 NTIOLib_1_0_1 - ok
21:34:48.0998 5644 [ 23CF3DA010497EB2BF39A5C5A57E437C ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
21:34:49.0005 5644 NTIOLib_1_0_3 - ok
21:34:49.0135 5644 [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4 C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
21:34:49.0135 5644 NTIOLib_1_0_4 - ok
21:34:49.0136 5644 NTIOLib_1_0_C - ok
21:34:49.0185 5644 [ 992DED5B623BE3C228F32EDB4CA3F2D2 ] NTIOLib_FastBoot C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys
21:34:49.0191 5644 NTIOLib_FastBoot - ok
21:34:49.0248 5644 [ 95E4C7B0384DA89DCE8EA6F31C3613D9 ] NTIOLib_MSIClock_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys
Re: mncvretf.exe
Pokračování:
21:34:49.0279 5644 NTIOLib_MSIClock_CC - ok
21:34:49.0326 5644 [ A711E6AB17802FABF2E69E0CD57C54CD ] NTIOLib_MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys
21:34:49.0372 5644 NTIOLib_MSICOMM_CC - ok
21:34:49.0418 5644 [ E9A30EDEF1105B8A64218F892B2E56ED ] NTIOLib_MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys
21:34:49.0423 5644 NTIOLib_MSICPU_CC - ok
21:34:49.0447 5644 [ 6CCE5BB9C8C2A8293DF2D3B1897941A2 ] NTIOLib_MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys
21:34:49.0453 5644 NTIOLib_MSIDDR_CC - ok
21:34:49.0491 5644 [ 63E333D64A8716E1AE59F914CB686AE8 ] NTIOLib_MSIFrequency_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys
21:34:49.0497 5644 NTIOLib_MSIFrequency_CC - ok
21:34:49.0509 5644 [ 68DDE686D6999AD2E5D182B20403240B ] NTIOLib_MSIRatio_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys
21:34:49.0515 5644 NTIOLib_MSIRatio_CC - ok
21:34:49.0528 5644 [ 3DBF69F935EA48571EA6B0F5A2878896 ] NTIOLib_MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys
21:34:49.0533 5644 NTIOLib_MSISMB_CC - ok
21:34:49.0576 5644 [ DD04CD3DE0C19BEDE84E9C95A86B3CA8 ] NTIOLib_MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys
21:34:49.0581 5644 NTIOLib_MSISuperIO_CC - ok
21:34:49.0604 5644 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:34:49.0607 5644 Null - ok
21:34:49.0686 5644 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:34:49.0688 5644 nvraid - ok
21:34:49.0720 5644 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:34:49.0721 5644 nvstor - ok
21:34:49.0769 5644 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:34:49.0770 5644 nv_agp - ok
21:34:49.0815 5644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:34:49.0817 5644 ohci1394 - ok
21:34:50.0540 5644 [ 3BE73D3CACA24068D015E47AE78B08B4 ] OnlineStorageService C:\Program Files\Trend Micro SafeSync\hrfscore.exe
21:34:50.0641 5644 OnlineStorageService - ok
21:34:50.0689 5644 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:34:50.0691 5644 ose64 - ok
21:34:51.0145 5644 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:34:51.0236 5644 osppsvc - ok
21:34:51.0265 5644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:34:51.0268 5644 p2pimsvc - ok
21:34:51.0352 5644 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:34:51.0369 5644 p2psvc - ok
21:34:51.0415 5644 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:34:51.0418 5644 Parport - ok
21:34:51.0466 5644 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:34:51.0468 5644 partmgr - ok
21:34:51.0511 5644 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:34:51.0513 5644 PcaSvc - ok
21:34:51.0536 5644 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:34:51.0538 5644 pci - ok
21:34:51.0599 5644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:34:51.0602 5644 pciide - ok
21:34:51.0647 5644 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:34:51.0649 5644 pcmcia - ok
21:34:51.0713 5644 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:34:51.0713 5644 pcw - ok
21:34:51.0836 5644 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:34:51.0861 5644 PEAUTH - ok
21:34:52.0129 5644 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:34:52.0159 5644 PeerDistSvc - ok
21:34:53.0069 5644 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:34:53.0071 5644 PerfHost - ok
21:34:53.0235 5644 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:34:53.0276 5644 pla - ok
21:34:53.0392 5644 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:34:53.0409 5644 PlugPlay - ok
21:34:53.0467 5644 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:34:53.0469 5644 Pml Driver HPZ12 - ok
21:34:53.0512 5644 PnkBstrA - ok
21:34:53.0533 5644 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:34:53.0535 5644 PNRPAutoReg - ok
21:34:53.0564 5644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:34:53.0566 5644 PNRPsvc - ok
21:34:53.0638 5644 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:34:53.0687 5644 PolicyAgent - ok
21:34:53.0710 5644 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:34:53.0713 5644 Power - ok
21:34:53.0778 5644 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:34:53.0779 5644 PptpMiniport - ok
21:34:53.0811 5644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:34:53.0813 5644 Processor - ok
21:34:53.0877 5644 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:34:53.0879 5644 ProfSvc - ok
21:34:53.0899 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
21:34:53.0900 5644 ProtectedStorage - ok
21:34:53.0994 5644 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:34:53.0995 5644 Psched - ok
21:34:54.0293 5644 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:34:54.0316 5644 ql2300 - ok
21:34:54.0357 5644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:34:54.0358 5644 ql40xx - ok
21:34:54.0407 5644 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:34:54.0423 5644 QWAVE - ok
21:34:54.0444 5644 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:34:54.0447 5644 QWAVEdrv - ok
21:34:54.0474 5644 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:34:54.0476 5644 RasAcd - ok
21:34:54.0508 5644 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:34:54.0511 5644 RasAgileVpn - ok
21:34:54.0547 5644 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:34:54.0549 5644 RasAuto - ok
21:34:54.0575 5644 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:34:54.0576 5644 Rasl2tp - ok
21:34:54.0656 5644 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:34:54.0680 5644 RasMan - ok
21:34:54.0710 5644 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:34:54.0713 5644 RasPppoe - ok
21:34:54.0726 5644 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:34:54.0727 5644 RasSstp - ok
21:34:54.0820 5644 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:34:54.0830 5644 rdbss - ok
21:34:54.0837 5644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:34:54.0838 5644 rdpbus - ok
21:34:54.0864 5644 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:34:54.0867 5644 RDPCDD - ok
21:34:54.0930 5644 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:34:54.0932 5644 RDPDR - ok
21:34:54.0985 5644 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:34:54.0986 5644 RDPENCDD - ok
21:34:54.0992 5644 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:34:54.0993 5644 RDPREFMP - ok
21:34:55.0082 5644 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:34:55.0085 5644 RdpVideoMiniport - ok
21:34:55.0152 5644 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:34:55.0176 5644 RDPWD - ok
21:34:55.0224 5644 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:34:55.0226 5644 rdyboost - ok
21:34:55.0265 5644 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:34:55.0267 5644 RemoteAccess - ok
21:34:55.0309 5644 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:34:55.0311 5644 RemoteRegistry - ok
21:34:55.0338 5644 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:34:55.0342 5644 RpcEptMapper - ok
21:34:55.0383 5644 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:34:55.0385 5644 RpcLocator - ok
21:34:55.0469 5644 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:34:55.0471 5644 RpcSs - ok
21:34:55.0494 5644 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:34:55.0496 5644 rspndr - ok
21:34:55.0574 5644 [ 6FA271B6816AFFAEF640808FC51AC8AF ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
21:34:55.0601 5644 RTCore64 - ok
21:34:55.0677 5644 [ 130DD683DCC902F47A4AC35201D07E2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:34:55.0680 5644 RTL8167 - ok
21:34:55.0804 5644 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
21:34:55.0807 5644 RTL8192su - ok
21:34:55.0828 5644 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:34:55.0829 5644 s3cap - ok
21:34:55.0841 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
21:34:55.0842 5644 SamSs - ok
21:34:55.0876 5644 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:34:55.0878 5644 sbp2port - ok
21:34:55.0914 5644 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:34:55.0916 5644 SCardSvr - ok
21:34:55.0959 5644 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:34:55.0962 5644 scfilter - ok
21:34:56.0018 5644 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:34:56.0051 5644 Schedule - ok
21:34:56.0080 5644 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:34:56.0080 5644 SCPolicySvc - ok
21:34:56.0092 5644 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:34:56.0095 5644 SDRSVC - ok
21:34:56.0124 5644 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:34:56.0127 5644 secdrv - ok
21:34:56.0170 5644 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:34:56.0173 5644 seclogon - ok
21:34:56.0225 5644 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:34:56.0228 5644 SENS - ok
21:34:56.0246 5644 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:34:56.0247 5644 SensrSvc - ok
21:34:56.0288 5644 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:34:56.0289 5644 Serenum - ok
21:34:56.0306 5644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:34:56.0309 5644 Serial - ok
21:34:56.0367 5644 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:34:56.0368 5644 sermouse - ok
21:34:56.0402 5644 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:34:56.0405 5644 SessionEnv - ok
21:34:56.0441 5644 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:34:56.0443 5644 sffdisk - ok
21:34:56.0460 5644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:34:56.0461 5644 sffp_mmc - ok
21:34:56.0480 5644 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:34:56.0482 5644 sffp_sd - ok
21:34:56.0516 5644 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:34:56.0519 5644 sfloppy - ok
21:34:56.0582 5644 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:34:56.0598 5644 SharedAccess - ok
21:34:56.0696 5644 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:34:56.0721 5644 ShellHWDetection - ok
21:34:56.0759 5644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:34:56.0762 5644 SiSRaid2 - ok
21:34:56.0796 5644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:34:56.0799 5644 SiSRaid4 - ok
21:34:56.0859 5644 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:34:56.0860 5644 SkypeUpdate - ok
21:34:56.0875 5644 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:34:56.0876 5644 Smb - ok
21:34:56.0903 5644 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:34:56.0905 5644 SNMPTRAP - ok
21:34:56.0917 5644 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:34:56.0917 5644 spldr - ok
21:34:57.0021 5644 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:34:57.0040 5644 Spooler - ok
21:34:57.0376 5644 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:34:57.0427 5644 sppsvc - ok
21:34:57.0443 5644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:34:57.0446 5644 sppuinotify - ok
21:34:57.0481 5644 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:34:57.0485 5644 srv - ok
21:34:57.0510 5644 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:34:57.0513 5644 srv2 - ok
21:34:57.0540 5644 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:34:57.0542 5644 srvnet - ok
21:34:57.0614 5644 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:34:57.0616 5644 SSDPSRV - ok
21:34:57.0941 5644 [ E855AC5D4B09F651CE96415C557FF92D ] ssinstall C:\Windows\SysWOW64\ssins.exe
21:34:57.0978 5644 ssinstall - ok
21:34:57.0993 5644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:34:57.0996 5644 SstpSvc - ok
21:34:58.0034 5644 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:34:58.0037 5644 stexstor - ok
21:34:58.0095 5644 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:34:58.0096 5644 StillCam - ok
21:34:58.0206 5644 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:34:58.0223 5644 stisvc - ok
21:34:58.0231 5644 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:34:58.0231 5644 storflt - ok
21:34:58.0241 5644 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:34:58.0243 5644 storvsc - ok
21:34:58.0280 5644 [ 4CE715F312BD2A9184F3DB86D2532451 ] SuperRAIDSvc C:\MSI\Super RAID\SuperRAIDSvc.exe
21:34:58.0281 5644 SuperRAIDSvc - ok
21:34:58.0288 5644 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:34:58.0289 5644 swenum - ok
21:34:58.0401 5644 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:34:58.0451 5644 swprv - ok
21:34:58.0468 5644 Synth3dVsc - ok
21:34:58.0745 5644 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:34:58.0800 5644 SysMain - ok
21:34:58.0823 5644 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:34:58.0825 5644 TabletInputService - ok
21:34:58.0885 5644 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:34:58.0901 5644 TapiSrv - ok
21:34:58.0928 5644 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:34:58.0931 5644 TBS - ok
21:34:59.0195 5644 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:34:59.0253 5644 Tcpip - ok
21:34:59.0440 5644 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:34:59.0447 5644 TCPIP6 - ok
21:34:59.0488 5644 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:34:59.0491 5644 tcpipreg - ok
21:34:59.0523 5644 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:34:59.0526 5644 TDPIPE - ok
21:34:59.0567 5644 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:34:59.0584 5644 TDTCP - ok
21:34:59.0634 5644 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:34:59.0636 5644 tdx - ok
21:34:59.0666 5644 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:34:59.0667 5644 TermDD - ok
21:34:59.0814 5644 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:34:59.0836 5644 TermService - ok
21:34:59.0853 5644 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:34:59.0855 5644 Themes - ok
21:34:59.0899 5644 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:34:59.0899 5644 THREADORDER - ok
21:34:59.0936 5644 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:34:59.0938 5644 TrkWks - ok
21:35:00.0041 5644 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:00.0043 5644 TrustedInstaller - ok
21:35:00.0078 5644 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:00.0081 5644 tssecsrv - ok
21:35:00.0110 5644 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:35:00.0112 5644 TsUsbFlt - ok
21:35:00.0113 5644 tsusbhub - ok
21:35:00.0561 5644 [ 1BF1343581DE5B4A36619DA0BB7F3C2B ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
21:35:00.0602 5644 TuneUp.UtilitiesSvc - ok
21:35:00.0659 5644 [ 45427C4B8CAC6B241478F149B935CD80 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
21:35:00.0659 5644 TuneUpUtilitiesDrv - ok
21:35:00.0714 5644 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:35:00.0716 5644 tunnel - ok
21:35:00.0742 5644 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:35:00.0745 5644 uagp35 - ok
21:35:00.0801 5644 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:35:00.0804 5644 udfs - ok
21:35:00.0817 5644 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:35:00.0819 5644 UI0Detect - ok
21:35:00.0863 5644 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:35:00.0865 5644 uliagpkx - ok
21:35:00.0923 5644 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:35:00.0926 5644 umbus - ok
21:35:00.0990 5644 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:35:00.0992 5644 UmPass - ok
21:35:01.0038 5644 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:35:01.0040 5644 UmRdpService - ok
21:35:01.0105 5644 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:35:01.0129 5644 upnphost - ok
21:35:01.0179 5644 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:01.0182 5644 usbccgp - ok
21:35:01.0213 5644 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:35:01.0215 5644 usbcir - ok
21:35:01.0243 5644 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:35:01.0246 5644 usbehci - ok
21:35:01.0284 5644 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:35:01.0286 5644 usbhub - ok
21:35:01.0300 5644 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:35:01.0300 5644 usbohci - ok
21:35:01.0326 5644 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:35:01.0328 5644 usbprint - ok
21:35:01.0359 5644 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:01.0362 5644 USBSTOR - ok
21:35:01.0397 5644 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:35:01.0401 5644 usbuhci - ok
21:35:01.0429 5644 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:35:01.0433 5644 UxSms - ok
21:35:01.0459 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
21:35:01.0460 5644 VaultSvc - ok
21:35:01.0483 5644 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:35:01.0483 5644 vdrvroot - ok
21:35:01.0572 5644 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:35:01.0590 5644 vds - ok
21:35:01.0618 5644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:01.0619 5644 vga - ok
21:35:01.0640 5644 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:35:01.0643 5644 VgaSave - ok
21:35:01.0644 5644 VGPU - ok
21:35:01.0690 5644 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:35:01.0692 5644 vhdmp - ok
21:35:01.0708 5644 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:35:01.0709 5644 viaide - ok
21:35:01.0734 5644 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:35:01.0736 5644 vmbus - ok
21:35:01.0759 5644 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:35:01.0760 5644 VMBusHID - ok
21:35:01.0767 5644 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:35:01.0768 5644 volmgr - ok
21:35:01.0863 5644 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:35:01.0888 5644 volmgrx - ok
21:35:01.0905 5644 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:35:01.0908 5644 volsnap - ok
21:35:01.0972 5644 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:35:01.0973 5644 vsmraid - ok
21:35:02.0024 5644 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:35:02.0037 5644 VSS - ok
21:35:02.0053 5644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:35:02.0055 5644 vwifibus - ok
21:35:02.0073 5644 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:35:02.0076 5644 vwififlt - ok
21:35:02.0141 5644 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:35:02.0144 5644 vwifimp - ok
21:35:02.0191 5644 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:35:02.0194 5644 W32Time - ok
21:35:02.0206 5644 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:35:02.0207 5644 WacomPen - ok
21:35:02.0224 5644 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:35:02.0225 5644 WANARP - ok
21:35:02.0259 5644 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:35:02.0260 5644 Wanarpv6 - ok
21:35:02.0465 5644 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:35:02.0499 5644 WatAdminSvc - ok
21:35:02.0545 5644 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:35:02.0557 5644 wbengine - ok
21:35:02.0590 5644 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:35:02.0593 5644 WbioSrvc - ok
21:35:02.0690 5644 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:35:02.0714 5644 wcncsvc - ok
21:35:02.0746 5644 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:02.0749 5644 WcsPlugInService - ok
21:35:02.0773 5644 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:35:02.0790 5644 Wd - ok
21:35:02.0872 5644 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:35:02.0901 5644 Wdf01000 - ok
21:35:02.0920 5644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:35:02.0923 5644 WdiServiceHost - ok
21:35:02.0935 5644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:35:02.0936 5644 WdiSystemHost - ok
21:35:02.0997 5644 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
21:35:03.0021 5644 WebClient - ok
21:35:03.0086 5644 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:35:03.0089 5644 Wecsvc - ok
21:35:03.0112 5644 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:35:03.0113 5644 wercplsupport - ok
21:35:03.0161 5644 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:35:03.0163 5644 WerSvc - ok
21:35:03.0180 5644 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:35:03.0183 5644 WfpLwf - ok
21:35:03.0211 5644 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:35:03.0214 5644 WIMMount - ok
21:35:03.0253 5644 WinDefend - ok
21:35:03.0256 5644 WinHttpAutoProxySvc - ok
21:35:03.0501 5644 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:35:03.0525 5644 Winmgmt - ok
21:35:03.0825 5644 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:35:03.0889 5644 WinRM - ok
21:35:03.0948 5644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:35:03.0955 5644 Wlansvc - ok
21:35:03.0983 5644 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:35:03.0986 5644 WmiAcpi - ok
21:35:04.0022 5644 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:35:04.0024 5644 wmiApSrv - ok
21:35:04.0066 5644 WMPNetworkSvc - ok
21:35:04.0092 5644 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:35:04.0094 5644 WPCSvc - ok
21:35:04.0107 5644 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:35:04.0108 5644 WPDBusEnum - ok
21:35:04.0139 5644 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:35:04.0141 5644 ws2ifsl - ok
21:35:04.0171 5644 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:35:04.0174 5644 wscsvc - ok
21:35:04.0226 5644 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:35:04.0227 5644 WSDPrintDevice - ok
21:35:04.0229 5644 WSearch - ok
21:35:04.0539 5644 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:35:04.0584 5644 wuauserv - ok
21:35:04.0608 5644 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:35:04.0610 5644 WudfPf - ok
21:35:04.0657 5644 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:04.0659 5644 WUDFRd - ok
21:35:04.0699 5644 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:35:04.0701 5644 wudfsvc - ok
21:35:04.0758 5644 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:35:04.0761 5644 WwanSvc - ok
21:35:04.0851 5644 [ 2A3D2E1651F3C9FC2E52881E4DF7A758 ] XTU3SERVICE C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
21:35:04.0854 5644 XTU3SERVICE - ok
21:35:04.0878 5644 ================ Scan global ===============================
21:35:04.0922 5644 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:35:04.0989 5644 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:35:05.0035 5644 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:35:05.0060 5644 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:35:05.0078 5644 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:35:05.0081 5644 [Global] - ok
21:35:05.0081 5644 ================ Scan MBR ==================================
21:35:05.0099 5644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:06.0991 5644 \Device\Harddisk0\DR0 - ok
21:35:06.0992 5644 ================ Scan VBR ==================================
21:35:06.0993 5644 [ F77E1269E0CF164028210BCAB6E13393 ] \Device\Harddisk0\DR0\Partition1
21:35:06.0997 5644 \Device\Harddisk0\DR0\Partition1 - ok
21:35:07.0010 5644 [ 1A3087DDB72A5BD1A234EEBC286E717E ] \Device\Harddisk0\DR0\Partition2
21:35:07.0012 5644 \Device\Harddisk0\DR0\Partition2 - ok
21:35:07.0031 5644 [ 2F0A16801F500F91898D03CAFA7DC208 ] \Device\Harddisk0\DR0\Partition3
21:35:07.0033 5644 \Device\Harddisk0\DR0\Partition3 - ok
21:35:07.0034 5644 ============================================================
21:35:07.0034 5644 Scan finished
21:35:07.0034 5644 ============================================================
21:35:07.0038 4468 Detected object count: 0
21:35:07.0038 4468 Actual detected object count: 0
21:35:39.0071 1764 Deinitialize success
21:34:49.0279 5644 NTIOLib_MSIClock_CC - ok
21:34:49.0326 5644 [ A711E6AB17802FABF2E69E0CD57C54CD ] NTIOLib_MSICOMM_CC C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys
21:34:49.0372 5644 NTIOLib_MSICOMM_CC - ok
21:34:49.0418 5644 [ E9A30EDEF1105B8A64218F892B2E56ED ] NTIOLib_MSICPU_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys
21:34:49.0423 5644 NTIOLib_MSICPU_CC - ok
21:34:49.0447 5644 [ 6CCE5BB9C8C2A8293DF2D3B1897941A2 ] NTIOLib_MSIDDR_CC C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys
21:34:49.0453 5644 NTIOLib_MSIDDR_CC - ok
21:34:49.0491 5644 [ 63E333D64A8716E1AE59F914CB686AE8 ] NTIOLib_MSIFrequency_CC C:\Program Files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys
21:34:49.0497 5644 NTIOLib_MSIFrequency_CC - ok
21:34:49.0509 5644 [ 68DDE686D6999AD2E5D182B20403240B ] NTIOLib_MSIRatio_CC C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys
21:34:49.0515 5644 NTIOLib_MSIRatio_CC - ok
21:34:49.0528 5644 [ 3DBF69F935EA48571EA6B0F5A2878896 ] NTIOLib_MSISMB_CC C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys
21:34:49.0533 5644 NTIOLib_MSISMB_CC - ok
21:34:49.0576 5644 [ DD04CD3DE0C19BEDE84E9C95A86B3CA8 ] NTIOLib_MSISuperIO_CC C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys
21:34:49.0581 5644 NTIOLib_MSISuperIO_CC - ok
21:34:49.0604 5644 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:34:49.0607 5644 Null - ok
21:34:49.0686 5644 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:34:49.0688 5644 nvraid - ok
21:34:49.0720 5644 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:34:49.0721 5644 nvstor - ok
21:34:49.0769 5644 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:34:49.0770 5644 nv_agp - ok
21:34:49.0815 5644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:34:49.0817 5644 ohci1394 - ok
21:34:50.0540 5644 [ 3BE73D3CACA24068D015E47AE78B08B4 ] OnlineStorageService C:\Program Files\Trend Micro SafeSync\hrfscore.exe
21:34:50.0641 5644 OnlineStorageService - ok
21:34:50.0689 5644 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:34:50.0691 5644 ose64 - ok
21:34:51.0145 5644 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:34:51.0236 5644 osppsvc - ok
21:34:51.0265 5644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:34:51.0268 5644 p2pimsvc - ok
21:34:51.0352 5644 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:34:51.0369 5644 p2psvc - ok
21:34:51.0415 5644 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:34:51.0418 5644 Parport - ok
21:34:51.0466 5644 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:34:51.0468 5644 partmgr - ok
21:34:51.0511 5644 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:34:51.0513 5644 PcaSvc - ok
21:34:51.0536 5644 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:34:51.0538 5644 pci - ok
21:34:51.0599 5644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:34:51.0602 5644 pciide - ok
21:34:51.0647 5644 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:34:51.0649 5644 pcmcia - ok
21:34:51.0713 5644 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:34:51.0713 5644 pcw - ok
21:34:51.0836 5644 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:34:51.0861 5644 PEAUTH - ok
21:34:52.0129 5644 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:34:52.0159 5644 PeerDistSvc - ok
21:34:53.0069 5644 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:34:53.0071 5644 PerfHost - ok
21:34:53.0235 5644 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:34:53.0276 5644 pla - ok
21:34:53.0392 5644 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:34:53.0409 5644 PlugPlay - ok
21:34:53.0467 5644 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:34:53.0469 5644 Pml Driver HPZ12 - ok
21:34:53.0512 5644 PnkBstrA - ok
21:34:53.0533 5644 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:34:53.0535 5644 PNRPAutoReg - ok
21:34:53.0564 5644 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:34:53.0566 5644 PNRPsvc - ok
21:34:53.0638 5644 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:34:53.0687 5644 PolicyAgent - ok
21:34:53.0710 5644 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:34:53.0713 5644 Power - ok
21:34:53.0778 5644 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:34:53.0779 5644 PptpMiniport - ok
21:34:53.0811 5644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:34:53.0813 5644 Processor - ok
21:34:53.0877 5644 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:34:53.0879 5644 ProfSvc - ok
21:34:53.0899 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
21:34:53.0900 5644 ProtectedStorage - ok
21:34:53.0994 5644 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:34:53.0995 5644 Psched - ok
21:34:54.0293 5644 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:34:54.0316 5644 ql2300 - ok
21:34:54.0357 5644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:34:54.0358 5644 ql40xx - ok
21:34:54.0407 5644 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:34:54.0423 5644 QWAVE - ok
21:34:54.0444 5644 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:34:54.0447 5644 QWAVEdrv - ok
21:34:54.0474 5644 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:34:54.0476 5644 RasAcd - ok
21:34:54.0508 5644 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:34:54.0511 5644 RasAgileVpn - ok
21:34:54.0547 5644 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:34:54.0549 5644 RasAuto - ok
21:34:54.0575 5644 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:34:54.0576 5644 Rasl2tp - ok
21:34:54.0656 5644 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:34:54.0680 5644 RasMan - ok
21:34:54.0710 5644 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:34:54.0713 5644 RasPppoe - ok
21:34:54.0726 5644 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:34:54.0727 5644 RasSstp - ok
21:34:54.0820 5644 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:34:54.0830 5644 rdbss - ok
21:34:54.0837 5644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:34:54.0838 5644 rdpbus - ok
21:34:54.0864 5644 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:34:54.0867 5644 RDPCDD - ok
21:34:54.0930 5644 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:34:54.0932 5644 RDPDR - ok
21:34:54.0985 5644 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:34:54.0986 5644 RDPENCDD - ok
21:34:54.0992 5644 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:34:54.0993 5644 RDPREFMP - ok
21:34:55.0082 5644 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:34:55.0085 5644 RdpVideoMiniport - ok
21:34:55.0152 5644 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:34:55.0176 5644 RDPWD - ok
21:34:55.0224 5644 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:34:55.0226 5644 rdyboost - ok
21:34:55.0265 5644 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:34:55.0267 5644 RemoteAccess - ok
21:34:55.0309 5644 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:34:55.0311 5644 RemoteRegistry - ok
21:34:55.0338 5644 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:34:55.0342 5644 RpcEptMapper - ok
21:34:55.0383 5644 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:34:55.0385 5644 RpcLocator - ok
21:34:55.0469 5644 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:34:55.0471 5644 RpcSs - ok
21:34:55.0494 5644 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:34:55.0496 5644 rspndr - ok
21:34:55.0574 5644 [ 6FA271B6816AFFAEF640808FC51AC8AF ] RTCore64 C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
21:34:55.0601 5644 RTCore64 - ok
21:34:55.0677 5644 [ 130DD683DCC902F47A4AC35201D07E2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:34:55.0680 5644 RTL8167 - ok
21:34:55.0804 5644 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
21:34:55.0807 5644 RTL8192su - ok
21:34:55.0828 5644 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:34:55.0829 5644 s3cap - ok
21:34:55.0841 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\Windows\system32\lsass.exe
21:34:55.0842 5644 SamSs - ok
21:34:55.0876 5644 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:34:55.0878 5644 sbp2port - ok
21:34:55.0914 5644 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:34:55.0916 5644 SCardSvr - ok
21:34:55.0959 5644 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:34:55.0962 5644 scfilter - ok
21:34:56.0018 5644 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:34:56.0051 5644 Schedule - ok
21:34:56.0080 5644 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:34:56.0080 5644 SCPolicySvc - ok
21:34:56.0092 5644 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:34:56.0095 5644 SDRSVC - ok
21:34:56.0124 5644 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:34:56.0127 5644 secdrv - ok
21:34:56.0170 5644 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:34:56.0173 5644 seclogon - ok
21:34:56.0225 5644 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:34:56.0228 5644 SENS - ok
21:34:56.0246 5644 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:34:56.0247 5644 SensrSvc - ok
21:34:56.0288 5644 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:34:56.0289 5644 Serenum - ok
21:34:56.0306 5644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:34:56.0309 5644 Serial - ok
21:34:56.0367 5644 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:34:56.0368 5644 sermouse - ok
21:34:56.0402 5644 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:34:56.0405 5644 SessionEnv - ok
21:34:56.0441 5644 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:34:56.0443 5644 sffdisk - ok
21:34:56.0460 5644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:34:56.0461 5644 sffp_mmc - ok
21:34:56.0480 5644 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:34:56.0482 5644 sffp_sd - ok
21:34:56.0516 5644 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:34:56.0519 5644 sfloppy - ok
21:34:56.0582 5644 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:34:56.0598 5644 SharedAccess - ok
21:34:56.0696 5644 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:34:56.0721 5644 ShellHWDetection - ok
21:34:56.0759 5644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:34:56.0762 5644 SiSRaid2 - ok
21:34:56.0796 5644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:34:56.0799 5644 SiSRaid4 - ok
21:34:56.0859 5644 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:34:56.0860 5644 SkypeUpdate - ok
21:34:56.0875 5644 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:34:56.0876 5644 Smb - ok
21:34:56.0903 5644 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:34:56.0905 5644 SNMPTRAP - ok
21:34:56.0917 5644 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:34:56.0917 5644 spldr - ok
21:34:57.0021 5644 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:34:57.0040 5644 Spooler - ok
21:34:57.0376 5644 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:34:57.0427 5644 sppsvc - ok
21:34:57.0443 5644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:34:57.0446 5644 sppuinotify - ok
21:34:57.0481 5644 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:34:57.0485 5644 srv - ok
21:34:57.0510 5644 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:34:57.0513 5644 srv2 - ok
21:34:57.0540 5644 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:34:57.0542 5644 srvnet - ok
21:34:57.0614 5644 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:34:57.0616 5644 SSDPSRV - ok
21:34:57.0941 5644 [ E855AC5D4B09F651CE96415C557FF92D ] ssinstall C:\Windows\SysWOW64\ssins.exe
21:34:57.0978 5644 ssinstall - ok
21:34:57.0993 5644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:34:57.0996 5644 SstpSvc - ok
21:34:58.0034 5644 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:34:58.0037 5644 stexstor - ok
21:34:58.0095 5644 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:34:58.0096 5644 StillCam - ok
21:34:58.0206 5644 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:34:58.0223 5644 stisvc - ok
21:34:58.0231 5644 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:34:58.0231 5644 storflt - ok
21:34:58.0241 5644 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:34:58.0243 5644 storvsc - ok
21:34:58.0280 5644 [ 4CE715F312BD2A9184F3DB86D2532451 ] SuperRAIDSvc C:\MSI\Super RAID\SuperRAIDSvc.exe
21:34:58.0281 5644 SuperRAIDSvc - ok
21:34:58.0288 5644 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:34:58.0289 5644 swenum - ok
21:34:58.0401 5644 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:34:58.0451 5644 swprv - ok
21:34:58.0468 5644 Synth3dVsc - ok
21:34:58.0745 5644 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:34:58.0800 5644 SysMain - ok
21:34:58.0823 5644 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:34:58.0825 5644 TabletInputService - ok
21:34:58.0885 5644 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:34:58.0901 5644 TapiSrv - ok
21:34:58.0928 5644 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:34:58.0931 5644 TBS - ok
21:34:59.0195 5644 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:34:59.0253 5644 Tcpip - ok
21:34:59.0440 5644 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:34:59.0447 5644 TCPIP6 - ok
21:34:59.0488 5644 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:34:59.0491 5644 tcpipreg - ok
21:34:59.0523 5644 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:34:59.0526 5644 TDPIPE - ok
21:34:59.0567 5644 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:34:59.0584 5644 TDTCP - ok
21:34:59.0634 5644 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:34:59.0636 5644 tdx - ok
21:34:59.0666 5644 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:34:59.0667 5644 TermDD - ok
21:34:59.0814 5644 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:34:59.0836 5644 TermService - ok
21:34:59.0853 5644 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:34:59.0855 5644 Themes - ok
21:34:59.0899 5644 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:34:59.0899 5644 THREADORDER - ok
21:34:59.0936 5644 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:34:59.0938 5644 TrkWks - ok
21:35:00.0041 5644 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:00.0043 5644 TrustedInstaller - ok
21:35:00.0078 5644 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:00.0081 5644 tssecsrv - ok
21:35:00.0110 5644 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:35:00.0112 5644 TsUsbFlt - ok
21:35:00.0113 5644 tsusbhub - ok
21:35:00.0561 5644 [ 1BF1343581DE5B4A36619DA0BB7F3C2B ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
21:35:00.0602 5644 TuneUp.UtilitiesSvc - ok
21:35:00.0659 5644 [ 45427C4B8CAC6B241478F149B935CD80 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
21:35:00.0659 5644 TuneUpUtilitiesDrv - ok
21:35:00.0714 5644 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:35:00.0716 5644 tunnel - ok
21:35:00.0742 5644 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:35:00.0745 5644 uagp35 - ok
21:35:00.0801 5644 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:35:00.0804 5644 udfs - ok
21:35:00.0817 5644 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:35:00.0819 5644 UI0Detect - ok
21:35:00.0863 5644 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:35:00.0865 5644 uliagpkx - ok
21:35:00.0923 5644 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:35:00.0926 5644 umbus - ok
21:35:00.0990 5644 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:35:00.0992 5644 UmPass - ok
21:35:01.0038 5644 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
21:35:01.0040 5644 UmRdpService - ok
21:35:01.0105 5644 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:35:01.0129 5644 upnphost - ok
21:35:01.0179 5644 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:01.0182 5644 usbccgp - ok
21:35:01.0213 5644 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:35:01.0215 5644 usbcir - ok
21:35:01.0243 5644 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:35:01.0246 5644 usbehci - ok
21:35:01.0284 5644 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:35:01.0286 5644 usbhub - ok
21:35:01.0300 5644 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:35:01.0300 5644 usbohci - ok
21:35:01.0326 5644 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:35:01.0328 5644 usbprint - ok
21:35:01.0359 5644 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:01.0362 5644 USBSTOR - ok
21:35:01.0397 5644 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:35:01.0401 5644 usbuhci - ok
21:35:01.0429 5644 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:35:01.0433 5644 UxSms - ok
21:35:01.0459 5644 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\Windows\system32\lsass.exe
21:35:01.0460 5644 VaultSvc - ok
21:35:01.0483 5644 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:35:01.0483 5644 vdrvroot - ok
21:35:01.0572 5644 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:35:01.0590 5644 vds - ok
21:35:01.0618 5644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:01.0619 5644 vga - ok
21:35:01.0640 5644 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:35:01.0643 5644 VgaSave - ok
21:35:01.0644 5644 VGPU - ok
21:35:01.0690 5644 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:35:01.0692 5644 vhdmp - ok
21:35:01.0708 5644 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:35:01.0709 5644 viaide - ok
21:35:01.0734 5644 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:35:01.0736 5644 vmbus - ok
21:35:01.0759 5644 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:35:01.0760 5644 VMBusHID - ok
21:35:01.0767 5644 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:35:01.0768 5644 volmgr - ok
21:35:01.0863 5644 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:35:01.0888 5644 volmgrx - ok
21:35:01.0905 5644 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:35:01.0908 5644 volsnap - ok
21:35:01.0972 5644 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:35:01.0973 5644 vsmraid - ok
21:35:02.0024 5644 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:35:02.0037 5644 VSS - ok
21:35:02.0053 5644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:35:02.0055 5644 vwifibus - ok
21:35:02.0073 5644 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:35:02.0076 5644 vwififlt - ok
21:35:02.0141 5644 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:35:02.0144 5644 vwifimp - ok
21:35:02.0191 5644 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:35:02.0194 5644 W32Time - ok
21:35:02.0206 5644 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:35:02.0207 5644 WacomPen - ok
21:35:02.0224 5644 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:35:02.0225 5644 WANARP - ok
21:35:02.0259 5644 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:35:02.0260 5644 Wanarpv6 - ok
21:35:02.0465 5644 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:35:02.0499 5644 WatAdminSvc - ok
21:35:02.0545 5644 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:35:02.0557 5644 wbengine - ok
21:35:02.0590 5644 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:35:02.0593 5644 WbioSrvc - ok
21:35:02.0690 5644 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:35:02.0714 5644 wcncsvc - ok
21:35:02.0746 5644 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:02.0749 5644 WcsPlugInService - ok
21:35:02.0773 5644 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:35:02.0790 5644 Wd - ok
21:35:02.0872 5644 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:35:02.0901 5644 Wdf01000 - ok
21:35:02.0920 5644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:35:02.0923 5644 WdiServiceHost - ok
21:35:02.0935 5644 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:35:02.0936 5644 WdiSystemHost - ok
21:35:02.0997 5644 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\Windows\System32\webclnt.dll
21:35:03.0021 5644 WebClient - ok
21:35:03.0086 5644 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:35:03.0089 5644 Wecsvc - ok
21:35:03.0112 5644 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:35:03.0113 5644 wercplsupport - ok
21:35:03.0161 5644 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:35:03.0163 5644 WerSvc - ok
21:35:03.0180 5644 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:35:03.0183 5644 WfpLwf - ok
21:35:03.0211 5644 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:35:03.0214 5644 WIMMount - ok
21:35:03.0253 5644 WinDefend - ok
21:35:03.0256 5644 WinHttpAutoProxySvc - ok
21:35:03.0501 5644 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:35:03.0525 5644 Winmgmt - ok
21:35:03.0825 5644 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:35:03.0889 5644 WinRM - ok
21:35:03.0948 5644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:35:03.0955 5644 Wlansvc - ok
21:35:03.0983 5644 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:35:03.0986 5644 WmiAcpi - ok
21:35:04.0022 5644 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:35:04.0024 5644 wmiApSrv - ok
21:35:04.0066 5644 WMPNetworkSvc - ok
21:35:04.0092 5644 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:35:04.0094 5644 WPCSvc - ok
21:35:04.0107 5644 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:35:04.0108 5644 WPDBusEnum - ok
21:35:04.0139 5644 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:35:04.0141 5644 ws2ifsl - ok
21:35:04.0171 5644 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:35:04.0174 5644 wscsvc - ok
21:35:04.0226 5644 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
21:35:04.0227 5644 WSDPrintDevice - ok
21:35:04.0229 5644 WSearch - ok
21:35:04.0539 5644 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:35:04.0584 5644 wuauserv - ok
21:35:04.0608 5644 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:35:04.0610 5644 WudfPf - ok
21:35:04.0657 5644 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:04.0659 5644 WUDFRd - ok
21:35:04.0699 5644 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:35:04.0701 5644 wudfsvc - ok
21:35:04.0758 5644 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:35:04.0761 5644 WwanSvc - ok
21:35:04.0851 5644 [ 2A3D2E1651F3C9FC2E52881E4DF7A758 ] XTU3SERVICE C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
21:35:04.0854 5644 XTU3SERVICE - ok
21:35:04.0878 5644 ================ Scan global ===============================
21:35:04.0922 5644 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:35:04.0989 5644 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:35:05.0035 5644 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
21:35:05.0060 5644 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:35:05.0078 5644 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:35:05.0081 5644 [Global] - ok
21:35:05.0081 5644 ================ Scan MBR ==================================
21:35:05.0099 5644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:06.0991 5644 \Device\Harddisk0\DR0 - ok
21:35:06.0992 5644 ================ Scan VBR ==================================
21:35:06.0993 5644 [ F77E1269E0CF164028210BCAB6E13393 ] \Device\Harddisk0\DR0\Partition1
21:35:06.0997 5644 \Device\Harddisk0\DR0\Partition1 - ok
21:35:07.0010 5644 [ 1A3087DDB72A5BD1A234EEBC286E717E ] \Device\Harddisk0\DR0\Partition2
21:35:07.0012 5644 \Device\Harddisk0\DR0\Partition2 - ok
21:35:07.0031 5644 [ 2F0A16801F500F91898D03CAFA7DC208 ] \Device\Harddisk0\DR0\Partition3
21:35:07.0033 5644 \Device\Harddisk0\DR0\Partition3 - ok
21:35:07.0034 5644 ============================================================
21:35:07.0034 5644 Scan finished
21:35:07.0034 5644 ============================================================
21:35:07.0038 4468 Detected object count: 0
21:35:07.0038 4468 Actual detected object count: 0
21:35:39.0071 1764 Deinitialize success
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: mncvretf.exe
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: mncvretf.exe
ComboFix 14-02-24.02 - Jarda 01.03.2014 17:32:15.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8120.6262 [GMT 1:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-01 do 2014-03-01 )))))))))))))))))))))))))))))))
.
.
2014-03-01 16:35 . 2014-03-01 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-01 09:08 . 2014-03-01 09:08 -------- d-----w- c:\users\Jarda\AppData\Local\Adobe
2014-02-28 14:06 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C811A528-6854-4E21-AA6B-060AB25289BC}\mpengine.dll
2014-02-28 12:46 . 2014-02-28 12:46 -------- d-----w- c:\windows\ERUNT
2014-02-28 05:52 . 2014-02-20 05:35 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3CA9C46D-33FE-413F-A08B-58C6B0FF5174}\gapaengine.dll
2014-02-27 21:08 . 2014-02-28 12:42 -------- d-----w- c:\users\Jarda\AppData\Local\CrashDumps
2014-02-27 21:02 . 2014-02-28 12:43 -------- d-----w- C:\AdwCleaner
2014-02-27 20:53 . 2014-02-27 20:53 -------- d-----w- c:\users\Jarda\AppData\Roaming\Malwarebytes
2014-02-27 20:53 . 2014-02-27 20:53 -------- d-----w- c:\programdata\Malwarebytes
2014-02-27 20:53 . 2014-02-27 20:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-27 20:53 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-27 11:05 . 2014-02-27 11:05 -------- d-----w- c:\users\Jarda\AppData\Local\ATI
2014-02-27 09:23 . 2014-02-27 09:23 388096 ----a-r- c:\users\Jarda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-02-27 09:23 . 2014-02-27 09:23 -------- d-----w- c:\program files (x86)\Trend Micro
2014-02-27 02:28 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-26 02:01 . 2014-02-26 02:01 -------- d-----w- c:\windows\Migration
2014-02-23 06:29 . 2014-02-23 06:29 -------- d-----w- c:\program files (x86)\Setup Files
2014-02-23 06:28 . 2013-09-17 02:19 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-02-23 06:28 . 2013-09-17 02:19 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-02-23 06:27 . 2014-02-26 02:21 -------- d-----w- C:\MSIServiceCfg_CC
2014-02-21 19:59 . 2014-02-21 19:59 17858952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-17 13:57 . 2014-02-17 13:57 -------- d-----w- c:\programdata\Electronic Arts
2014-02-15 23:18 . 2014-02-15 23:18 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-02-15 23:17 . 2014-02-18 00:11 -------- dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2014-02-12 02:01 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 02:01 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-11 23:35 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-09 15:51 . 2014-02-18 20:03 -------- d-----w- c:\users\Jarda\AppData\Roaming\calibre
2014-02-09 15:51 . 2014-02-09 15:51 -------- d-----w- c:\program files\Calibre2
2014-02-08 08:01 . 2014-02-12 13:21 -------- d-----w- c:\program files (x86)\FormatFactory 2.20 v CZ na pedlvn film
2014-02-01 10:17 . 2014-02-01 10:17 -------- d-----w- c:\users\Jarda\AppData\Roaming\Nico Mak Computing
2014-02-01 10:15 . 2014-02-08 08:01 -------- d-----w- c:\program files (x86)\FreeTime
2014-01-30 21:11 . 2014-01-30 21:11 -------- d-----w- c:\users\Jarda\AppData\Local\GameSpy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 19:59 . 2014-01-13 16:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 19:59 . 2014-01-13 16:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 05:35 . 2014-01-27 11:45 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-17 02:00 . 2014-01-13 17:59 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-01-29 18:51 . 2014-01-29 18:51 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-29 18:51 . 2014-01-29 18:51 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-29 18:51 . 2014-01-29 18:51 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-01-19 07:33 . 2014-01-13 16:55 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-17 08:17 . 2014-01-17 08:17 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-01-17 08:17 . 2014-01-17 08:17 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-01-17 08:17 . 2014-01-17 08:17 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-01-17 08:17 . 2014-01-17 08:17 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-01-17 02:02 . 2014-01-17 02:02 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-01-17 02:02 . 2014-01-17 02:02 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-01-17 02:02 . 2014-01-17 02:02 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-01-17 02:02 . 2014-01-17 02:02 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-01-17 02:02 . 2014-01-17 02:02 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-01-17 02:02 . 2014-01-17 02:02 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-01-17 02:02 . 2014-01-17 02:02 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-01-17 02:02 . 2014-01-17 02:02 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-01-17 02:02 . 2014-01-17 02:02 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-01-17 02:02 . 2014-01-17 02:02 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-01-17 02:02 . 2014-01-17 02:02 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-01-17 02:02 . 2014-01-17 02:02 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-01-17 02:02 . 2014-01-17 02:02 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-01-17 02:02 . 2014-01-17 02:02 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-01-17 02:02 . 2014-01-17 02:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-01-17 02:02 . 2014-01-17 02:02 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-01-17 02:02 . 2014-01-17 02:02 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-01-17 02:02 . 2014-01-17 02:02 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-01-17 02:02 . 2014-01-17 02:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-01-17 02:02 . 2014-01-17 02:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-01-17 02:02 . 2014-01-17 02:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-01-17 02:02 . 2014-01-17 02:02 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-01-17 02:02 . 2014-01-17 02:02 413696 ----a-w- c:\windows\system32\html.iec
2014-01-17 02:02 . 2014-01-17 02:02 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-01-17 02:02 . 2014-01-17 02:02 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-01-17 02:02 . 2014-01-17 02:02 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-01-17 02:02 . 2014-01-17 02:02 247808 ----a-w- c:\windows\system32\msls31.dll
2014-01-17 02:02 . 2014-01-17 02:02 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-01-17 02:02 . 2014-01-17 02:02 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-01-17 02:02 . 2014-01-17 02:02 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-01-17 02:02 . 2014-01-17 02:02 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-01-17 02:02 . 2014-01-17 02:02 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-01-17 02:02 . 2014-01-17 02:02 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-01-17 02:02 . 2014-01-17 02:02 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-01-17 02:02 . 2014-01-17 02:02 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-01-17 02:02 . 2014-01-17 02:02 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-01-17 02:02 . 2014-01-17 02:02 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-01-17 02:02 . 2014-01-17 02:02 81408 ----a-w- c:\windows\system32\icardie.dll
2014-01-17 02:02 . 2014-01-17 02:02 774144 ----a-w- c:\windows\system32\jscript.dll
2014-01-17 02:02 . 2014-01-17 02:02 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-01-17 02:02 . 2014-01-17 02:02 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-01-17 02:02 . 2014-01-17 02:02 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-01-17 02:02 . 2014-01-17 02:02 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-01-17 02:02 . 2014-01-17 02:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-01-17 02:02 . 2014-01-17 02:02 235520 ----a-w- c:\windows\system32\url.dll
2014-01-17 02:02 . 2014-01-17 02:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-01-17 02:02 . 2014-01-17 02:02 147968 ----a-w- c:\windows\system32\occache.dll
2014-01-17 02:02 . 2014-01-17 02:02 143872 ----a-w- c:\windows\system32\wextract.exe
2014-01-17 02:02 . 2014-01-17 02:02 13824 ----a-w- c:\windows\system32\mshta.exe
2014-01-17 02:02 . 2014-01-17 02:02 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-01-17 02:02 . 2014-01-17 02:02 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-01-17 02:02 . 2014-01-17 02:02 101376 ----a-w- c:\windows\system32\inseng.dll
2014-01-16 20:34 . 2014-01-16 20:34 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-15 18:44 . 2014-01-15 18:44 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-01-15 18:44 . 2014-01-15 18:44 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-01-15 18:44 . 2014-01-15 18:44 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-01-15 18:44 . 2014-01-15 18:44 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-01-15 18:44 . 2014-01-15 18:44 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-01-15 18:44 . 2014-01-15 18:44 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-01-15 18:44 . 2014-01-15 18:44 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-01-15 18:44 . 2014-01-15 18:44 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-01-15 18:44 . 2014-01-15 18:44 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-01-15 18:44 . 2014-01-15 18:44 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-01-15 18:44 . 2014-01-15 18:44 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-01-15 18:44 . 2014-01-15 18:44 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-01-15 18:44 . 2014-01-15 18:44 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-01-15 18:44 . 2014-01-15 18:44 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-01-15 18:44 . 2014-01-15 18:44 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-01-15 18:44 . 2014-01-15 18:44 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-01-15 18:44 . 2014-01-15 18:44 1643520 ----a-w- c:\windows\system32\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-01-13 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2013-12-06 389120]
"Comrade.exe"="c:\program files (x86)\GameSpy\Comrade\Comrade.exe" [2007-06-29 36864]
"uTorrent"="c:\users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [2013-12-29 393728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-17 134616]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-06-04 676608]
"Ashampoo Core Tuner"="c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe" [2010-02-15 428376]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-08-13 490480]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"mncvretfSrv"="c:\windows\inf\mncvretf.vbe" [2014-01-19 1342]
"Live Update 5"="c:\program files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe" [2012-01-30 315392]
"CommandCenter"="c:\program files (x86)\MSI\CommandCenter\StartCommandCenter.exe" [2014-01-07 809968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
ISCTSystray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-12-4 5545448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [x]
R3 MSICDSetup;MSICDSetup;g:\ovladač 2\CDriver64.sys;g:\ovladač 2\CDriver64.sys [x]
R3 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [x]
R3 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe [x]
R3 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [x]
R3 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [x]
R3 MSISaveLoad_CC;MSISaveLoad_CC;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [x]
R3 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [x]
R3 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [x]
R3 MSIWMI_CC;MSIWMI_CC;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;g:\ovladač 2\NTIOLib_X64.sys;g:\ovladač 2\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 acthelper;Ashampoo CoreTuner Helper Service;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 SuperRAIDSvc;SuperRAIDSvc;c:\msi\Super RAID\SuperRAIDSvc.exe;c:\msi\Super RAID\SuperRAIDSvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\msi\Super RAID\NTIOLib_X64.sys;c:\msi\Super RAID\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [x]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [x]
S3 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 88254591
*NewlyCreated* - NTIOLIB_MSICPU_CC
*NewlyCreated* - NTIOLIB_MSISUPERIO_CC
*Deregistered* - 88254591
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 17:52 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-13 19:59]
.
2014-02-28 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-01-14 08:00]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 16:30]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 16:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-12-03 7205592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"Ashampoo Core Tuner"="c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe" [2010-02-15 428376]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-11-21 36352]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12902
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-eBay Icon - c:\users\Jarda\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1 - d:\world_of_tanks_ct\unins000.exe
AddRemove-{7353BAE6-5E49-46C4-A9B5-8A269A313789} - c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1394243904-1934234362-1952488102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1394243904-1934234362-1952488102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-01 17:36:46
ComboFix-quarantined-files.txt 2014-03-01 16:36
.
Před spuštěním: Volných bajtů: 54 663 585 792
Po spuštění: Volných bajtů: 57 322 868 736
.
- - End Of File - - 623106F05B6E8C1E5A188A9DDF84D6BB
A36C5E4F47E84449FF07ED3517B43A31
Pro úplnost podotýkám, že se ta hláška už nezobrazuje. Klidně budu pokračovat, tomu co tu děláme nerozumím, ale asi to ten můj komp potřebuje, jak koza drbání
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8120.6262 [GMT 1:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-01 do 2014-03-01 )))))))))))))))))))))))))))))))
.
.
2014-03-01 16:35 . 2014-03-01 16:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-01 09:08 . 2014-03-01 09:08 -------- d-----w- c:\users\Jarda\AppData\Local\Adobe
2014-02-28 14:06 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C811A528-6854-4E21-AA6B-060AB25289BC}\mpengine.dll
2014-02-28 12:46 . 2014-02-28 12:46 -------- d-----w- c:\windows\ERUNT
2014-02-28 05:52 . 2014-02-20 05:35 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3CA9C46D-33FE-413F-A08B-58C6B0FF5174}\gapaengine.dll
2014-02-27 21:08 . 2014-02-28 12:42 -------- d-----w- c:\users\Jarda\AppData\Local\CrashDumps
2014-02-27 21:02 . 2014-02-28 12:43 -------- d-----w- C:\AdwCleaner
2014-02-27 20:53 . 2014-02-27 20:53 -------- d-----w- c:\users\Jarda\AppData\Roaming\Malwarebytes
2014-02-27 20:53 . 2014-02-27 20:53 -------- d-----w- c:\programdata\Malwarebytes
2014-02-27 20:53 . 2014-02-27 20:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-02-27 20:53 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-27 11:05 . 2014-02-27 11:05 -------- d-----w- c:\users\Jarda\AppData\Local\ATI
2014-02-27 09:23 . 2014-02-27 09:23 388096 ----a-r- c:\users\Jarda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-02-27 09:23 . 2014-02-27 09:23 -------- d-----w- c:\program files (x86)\Trend Micro
2014-02-27 02:28 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-26 02:01 . 2014-02-26 02:01 -------- d-----w- c:\windows\Migration
2014-02-23 06:29 . 2014-02-23 06:29 -------- d-----w- c:\program files (x86)\Setup Files
2014-02-23 06:28 . 2013-09-17 02:19 99288 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2014-02-23 06:28 . 2013-09-17 02:19 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-02-23 06:27 . 2014-02-26 02:21 -------- d-----w- C:\MSIServiceCfg_CC
2014-02-21 19:59 . 2014-02-21 19:59 17858952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-17 13:57 . 2014-02-17 13:57 -------- d-----w- c:\programdata\Electronic Arts
2014-02-15 23:18 . 2014-02-15 23:18 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-02-15 23:17 . 2014-02-18 00:11 -------- dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2014-02-12 02:01 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 02:01 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-11 23:35 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-09 15:51 . 2014-02-18 20:03 -------- d-----w- c:\users\Jarda\AppData\Roaming\calibre
2014-02-09 15:51 . 2014-02-09 15:51 -------- d-----w- c:\program files\Calibre2
2014-02-08 08:01 . 2014-02-12 13:21 -------- d-----w- c:\program files (x86)\FormatFactory 2.20 v CZ na pedlvn film
2014-02-01 10:17 . 2014-02-01 10:17 -------- d-----w- c:\users\Jarda\AppData\Roaming\Nico Mak Computing
2014-02-01 10:15 . 2014-02-08 08:01 -------- d-----w- c:\program files (x86)\FreeTime
2014-01-30 21:11 . 2014-01-30 21:11 -------- d-----w- c:\users\Jarda\AppData\Local\GameSpy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 19:59 . 2014-01-13 16:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 19:59 . 2014-01-13 16:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 05:35 . 2014-01-27 11:45 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-17 02:00 . 2014-01-13 17:59 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-01-29 18:51 . 2014-01-29 18:51 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-29 18:51 . 2014-01-29 18:51 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-29 18:51 . 2014-01-29 18:51 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-01-19 07:33 . 2014-01-13 16:55 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-17 08:17 . 2014-01-17 08:17 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-01-17 08:17 . 2014-01-17 08:17 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-01-17 08:17 . 2014-01-17 08:17 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-01-17 08:17 . 2014-01-17 08:17 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-01-17 02:02 . 2014-01-17 02:02 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-01-17 02:02 . 2014-01-17 02:02 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-01-17 02:02 . 2014-01-17 02:02 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-01-17 02:02 . 2014-01-17 02:02 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-01-17 02:02 . 2014-01-17 02:02 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-01-17 02:02 . 2014-01-17 02:02 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-01-17 02:02 . 2014-01-17 02:02 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-01-17 02:02 . 2014-01-17 02:02 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-01-17 02:02 . 2014-01-17 02:02 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-01-17 02:02 . 2014-01-17 02:02 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-01-17 02:02 . 2014-01-17 02:02 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-01-17 02:02 . 2014-01-17 02:02 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-01-17 02:02 . 2014-01-17 02:02 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-01-17 02:02 . 2014-01-17 02:02 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-01-17 02:02 . 2014-01-17 02:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-01-17 02:02 . 2014-01-17 02:02 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-01-17 02:02 . 2014-01-17 02:02 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-01-17 02:02 . 2014-01-17 02:02 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-01-17 02:02 . 2014-01-17 02:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-01-17 02:02 . 2014-01-17 02:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-01-17 02:02 . 2014-01-17 02:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-01-17 02:02 . 2014-01-17 02:02 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-01-17 02:02 . 2014-01-17 02:02 413696 ----a-w- c:\windows\system32\html.iec
2014-01-17 02:02 . 2014-01-17 02:02 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-01-17 02:02 . 2014-01-17 02:02 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-01-17 02:02 . 2014-01-17 02:02 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-01-17 02:02 . 2014-01-17 02:02 247808 ----a-w- c:\windows\system32\msls31.dll
2014-01-17 02:02 . 2014-01-17 02:02 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-01-17 02:02 . 2014-01-17 02:02 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-01-17 02:02 . 2014-01-17 02:02 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-01-17 02:02 . 2014-01-17 02:02 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-01-17 02:02 . 2014-01-17 02:02 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-01-17 02:02 . 2014-01-17 02:02 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-01-17 02:02 . 2014-01-17 02:02 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-01-17 02:02 . 2014-01-17 02:02 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-01-17 02:02 . 2014-01-17 02:02 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-01-17 02:02 . 2014-01-17 02:02 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-01-17 02:02 . 2014-01-17 02:02 81408 ----a-w- c:\windows\system32\icardie.dll
2014-01-17 02:02 . 2014-01-17 02:02 774144 ----a-w- c:\windows\system32\jscript.dll
2014-01-17 02:02 . 2014-01-17 02:02 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-01-17 02:02 . 2014-01-17 02:02 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-01-17 02:02 . 2014-01-17 02:02 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-01-17 02:02 . 2014-01-17 02:02 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-01-17 02:02 . 2014-01-17 02:02 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-01-17 02:02 . 2014-01-17 02:02 235520 ----a-w- c:\windows\system32\url.dll
2014-01-17 02:02 . 2014-01-17 02:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-01-17 02:02 . 2014-01-17 02:02 147968 ----a-w- c:\windows\system32\occache.dll
2014-01-17 02:02 . 2014-01-17 02:02 143872 ----a-w- c:\windows\system32\wextract.exe
2014-01-17 02:02 . 2014-01-17 02:02 13824 ----a-w- c:\windows\system32\mshta.exe
2014-01-17 02:02 . 2014-01-17 02:02 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-01-17 02:02 . 2014-01-17 02:02 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-01-17 02:02 . 2014-01-17 02:02 101376 ----a-w- c:\windows\system32\inseng.dll
2014-01-16 20:34 . 2014-01-16 20:34 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-15 18:44 . 2014-01-15 18:44 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-01-15 18:44 . 2014-01-15 18:44 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-01-15 18:44 . 2014-01-15 18:44 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-01-15 18:44 . 2014-01-15 18:44 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-01-15 18:44 . 2014-01-15 18:44 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-01-15 18:44 . 2014-01-15 18:44 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-01-15 18:44 . 2014-01-15 18:44 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-01-15 18:44 . 2014-01-15 18:44 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-01-15 18:44 . 2014-01-15 18:44 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-01-15 18:44 . 2014-01-15 18:44 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-01-15 18:44 . 2014-01-15 18:44 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-01-15 18:44 . 2014-01-15 18:44 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-01-15 18:44 . 2014-01-15 18:44 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-01-15 18:44 . 2014-01-15 18:44 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-01-15 18:44 . 2014-01-15 18:44 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-01-15 18:44 . 2014-01-15 18:44 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-01-15 18:44 . 2014-01-15 18:44 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-01-15 18:44 . 2014-01-15 18:44 1643520 ----a-w- c:\windows\system32\DWrite.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22 1186616 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-01-13 39408]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2013-12-06 389120]
"Comrade.exe"="c:\program files (x86)\GameSpy\Comrade\Comrade.exe" [2007-06-29 36864]
"uTorrent"="c:\users\Jarda\AppData\Roaming\uTorrent\utorrent.exe" [2013-12-29 393728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-17 134616]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-06-04 676608]
"Ashampoo Core Tuner"="c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe" [2010-02-15 428376]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-08-13 490480]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"mncvretfSrv"="c:\windows\inf\mncvretf.vbe" [2014-01-19 1342]
"Live Update 5"="c:\program files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe" [2012-01-30 315392]
"CommandCenter"="c:\program files (x86)\MSI\CommandCenter\StartCommandCenter.exe" [2014-01-07 809968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
ISCTSystray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-12-4 5545448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [x]
R3 MSICDSetup;MSICDSetup;g:\ovladač 2\CDriver64.sys;g:\ovladač 2\CDriver64.sys [x]
R3 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [x]
R3 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe [x]
R3 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [x]
R3 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [x]
R3 MSISaveLoad_CC;MSISaveLoad_CC;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [x]
R3 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [x]
R3 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [x]
R3 MSIWMI_CC;MSIWMI_CC;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;g:\ovladač 2\NTIOLib_X64.sys;g:\ovladač 2\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 acthelper;Ashampoo CoreTuner Helper Service;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe;c:\windows\SysWOW64\ssins.exe [x]
S2 SuperRAIDSvc;SuperRAIDSvc;c:\msi\Super RAID\SuperRAIDSvc.exe;c:\msi\Super RAID\SuperRAIDSvc.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_1;NTIOLib_1_0_1;c:\msi\Super RAID\NTIOLib_X64.sys;c:\msi\Super RAID\NTIOLib_X64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [x]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [x]
S3 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 88254591
*NewlyCreated* - NTIOLIB_MSICPU_CC
*NewlyCreated* - NTIOLIB_MSISUPERIO_CC
*Deregistered* - 88254591
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 17:52 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-13 19:59]
.
2014-02-28 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2014-01-14 08:00]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 16:30]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13 16:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23 1748280 ----a-w- c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-12-03 7205592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"Ashampoo Core Tuner"="c:\program files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe" [2010-02-15 428376]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-11-21 36352]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12902
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\tetbttu4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-eBay Icon - c:\users\Jarda\AppData\Roaming\Desktopicon\uninst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1 - d:\world_of_tanks_ct\unins000.exe
AddRemove-{7353BAE6-5E49-46C4-A9B5-8A269A313789} - c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1394243904-1934234362-1952488102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1394243904-1934234362-1952488102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-01 17:36:46
ComboFix-quarantined-files.txt 2014-03-01 16:36
.
Před spuštěním: Volných bajtů: 54 663 585 792
Po spuštění: Volných bajtů: 57 322 868 736
.
- - End Of File - - 623106F05B6E8C1E5A188A9DDF84D6BB
A36C5E4F47E84449FF07ED3517B43A31
Pro úplnost podotýkám, že se ta hláška už nezobrazuje. Klidně budu pokračovat, tomu co tu děláme nerozumím, ale asi to ten můj komp potřebuje, jak koza drbání
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: mncvretf.exe
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
+ nový log z HJT
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt
+ nový log z HJT
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: mncvretf.exe
Log z DelFix:
# DelFix v10.6 - Logfile created 01/03/2014 at 23:26:46
# Updated 11/11/2013 by Xplode
# Username : Jarda - JARDA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\Users\Jarda\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.2.8.16.0_28.02.2014_21.29.37_log.txt
Deleted : C:\TDSSKiller.2.8.16.0_28.02.2014_21.30.01_log.txt
Deleted : C:\TDSSKiller.2.8.16.0_28.02.2014_21.34.21_log.txt
Deleted : C:\Users\Jarda\Desktop\adwcleaner.exe
Deleted : C:\Users\Jarda\Desktop\ComboFix.exe
Deleted : C:\Users\Jarda\Desktop\JRT.exe
Deleted : C:\Users\Jarda\Desktop\JRT.txt
Deleted : C:\Users\Jarda\Desktop\HiJackThis.lnk
Deleted : C:\Users\Jarda\Desktop\RKreport[0]_D_02282014_212732.txt
Deleted : C:\Users\Jarda\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Jarda\Desktop\TDSSKiller.exe
Deleted : C:\Users\Jarda\Downloads\JRT.exe
Deleted : C:\Users\Jarda\Downloads\HiJackThis.msi
Deleted : C:\Users\Jarda\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Jarda\Downloads\tdsskiller.zip
Deleted : C:\Users\Jarda\Downloads\TFC.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~ Cleaning system restore ...
Deleted : RP #72 [Windows Update | 02/27/2014 02:00:10]
Deleted : RP #73 [Installed HiJackThis | 02/27/2014 09:22:57]
Deleted : RP #74 [ComboFix created restore point | 03/01/2014 16:31:00]
New restore point created !
########## - EOF - ##########
Log z HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:35:34, on 1.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Users\Jarda\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12902
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Ashampoo Core Tuner] "C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [mncvretfSrv] C:\Windows\inf\mncvretf.vbe
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Ashampoo CoreTuner Helper Service (acthelper) - Ashampoo Development GmbH & Co. KG - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SuperRAIDSvc - Unknown owner - C:\MSI\Super RAID\SuperRAIDSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14500 bytes
# DelFix v10.6 - Logfile created 01/03/2014 at 23:26:46
# Updated 11/11/2013 by Xplode
# Username : Jarda - JARDA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\Users\Jarda\Desktop\RK_Quarantine
Deleted : C:\Program Files (x86)\Trend Micro\Hijackthis
Deleted : C:\ComboFix.txt
Deleted : C:\TDSSKiller.2.8.16.0_28.02.2014_21.29.37_log.txt
Deleted : C:\TDSSKiller.2.8.16.0_28.02.2014_21.30.01_log.txt
Deleted : C:\TDSSKiller.2.8.16.0_28.02.2014_21.34.21_log.txt
Deleted : C:\Users\Jarda\Desktop\adwcleaner.exe
Deleted : C:\Users\Jarda\Desktop\ComboFix.exe
Deleted : C:\Users\Jarda\Desktop\JRT.exe
Deleted : C:\Users\Jarda\Desktop\JRT.txt
Deleted : C:\Users\Jarda\Desktop\HiJackThis.lnk
Deleted : C:\Users\Jarda\Desktop\RKreport[0]_D_02282014_212732.txt
Deleted : C:\Users\Jarda\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Jarda\Desktop\TDSSKiller.exe
Deleted : C:\Users\Jarda\Downloads\JRT.exe
Deleted : C:\Users\Jarda\Downloads\HiJackThis.msi
Deleted : C:\Users\Jarda\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Jarda\Downloads\tdsskiller.zip
Deleted : C:\Users\Jarda\Downloads\TFC.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
~ Cleaning system restore ...
Deleted : RP #72 [Windows Update | 02/27/2014 02:00:10]
Deleted : RP #73 [Installed HiJackThis | 02/27/2014 09:22:57]
Deleted : RP #74 [ComboFix created restore point | 03/01/2014 16:31:00]
New restore point created !
########## - EOF - ##########
Log z HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:35:34, on 1.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files (x86)\MSI\Live Update 5\LU5.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Users\Jarda\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12902
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Ashampoo Core Tuner] "C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [mncvretfSrv] C:\Windows\inf\mncvretf.vbe
O4 - HKLM\..\Run: [Live Update 5] C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
O4 - HKLM\..\Run: [CommandCenter] C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Jarda\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Jarda\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Ashampoo CoreTuner Helper Service (acthelper) - Ashampoo Development GmbH & Co. KG - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSIBIOSData_CC - MSI - C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe
O23 - Service: MSIClock_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe
O23 - Service: MSICOMM_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe
O23 - Service: MSICPU_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
O23 - Service: MSICTL_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
O23 - Service: MSIDDR_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe
O23 - Service: MSISaveLoad_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe
O23 - Service: MSISMB_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe
O23 - Service: MSISuperIO_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
O23 - Service: MSIWMI_CC - Unknown owner - C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe
O23 - Service: MSI_FastBoot - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SuperRAIDSvc - Unknown owner - C:\MSI\Super RAID\SuperRAIDSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14500 bytes
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 100 hostů