Prosím o kontrolu logu

[Lyngam]

Zdravím, prosím o kontrolu logu u ntb, který je výrazně pomalý.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:04, on 11. 11. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gabrielka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\AppGraffiti\AppGraffiti.exe
C:\PROGRA~2\AppGraffiti\AppGraffiti.exe
C:\WINDOWS\syswow64\wwahost.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: BitTorrentControl_v12 - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files (x86)\BitTorrentControl_v12\prxtbBitT.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gabrielka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe
O4 - HKUS\S-1-5-21-616606610-2038691625-1780101643-1001\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'UpdatusUser')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11117 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Lyngam]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.11.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16384
Gabrielka :: GABRIELA [limited]

11. 11. 2013 17:00:41
MBAM-log-2013-11-11 (17-13-20).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 234620
Uplynulý čas: 11 minut, 22 sekund

Nalezené procesy v paměti: 4
C:\Program Files (x86)\APPGRAFFITI\APPGRAFFITI.EXE (PUP.Optional.AppGraffiti.A) -> 3336 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\APPGRAFFITI.EXE (PUP.Optional.AppGraffiti.A) -> 1108 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\APPGRAFFITI.EXE (PUP.Optional.AppGraffiti.A) -> 5808 -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\APPGRAFFITI.EXE (PUP.Optional.AppGraffiti.A) -> 5124 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 8
HKCR\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{022C9F90-2E96-47D6-A971-107650154563} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1 (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|AGupdate (PUP.Optional.AppGraffiti.A) -> Data: C:\Program Files (x86)\AppGraffiti\AGupdate.exe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 9
C:\ProgramData\IBUPDATERSERVICE (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\img (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\js (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\plugins (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\Update (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Users\Gabrielka\AppData\Roaming\OPENCANDY (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Gabrielka\AppData\Roaming\OPENCANDY\76FD8C119A0E4685900EE196A0CC156B (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 22
C:\Program Files (x86)\APPGRAFFITI\APPGRAFFITI.DLL (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Users\Gabrielka\AppData\Roaming\OpenCandy\76FD8C119A0E4685900EE196A0CC156B\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUPDATERSERVICE\REPOSITORY.XML (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\unins000.dat (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\AGupdate.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\AppGraffiti.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\unins000.exe (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\appgraffiti-chrome.pem (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\background.html (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\graff_chr.ver (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\manifest.json (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\img\128x128.png (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\img\16x16.png (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\img\48x48.png (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\js\background.js (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\js\facebook.js (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\js\getevent.js (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\js\myspace.js (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\js\twitter.js (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\APPGRAFFITI\chrome\plugins\npUniPlugin.dll (PUP.Optional.AppGraffiti.A) -> Nebyla provedena žádná instrukce.
C:\Users\Gabrielka\AppData\Roaming\OPENCANDY\76FD8C119A0E4685900EE196A0CC156B\6705.ico (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Gabrielka\AppData\Roaming\OPENCANDY\76FD8C119A0E4685900EE196A0CC156B\AppGraffitiSetup.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

[Lyngam]

# AdwCleaner v3.012 - Report created 11/11/2013 at 17:17:58
# Updated 11/11/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Gabrielka - GABRIELA
# Running from : C:\Users\Gabrielka\Desktop\Clean\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\WINDOWS\System32\roboot64.exe
Folder Found C:\Program Files (x86)\AppGraffiti
Folder Found C:\Program Files (x86)\BitTorrentControl_v12
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\TornTV.com
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\IBUpdaterService
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Found C:\Users\Gabrielka\AppData\LocalLow\AppGraffiti
Folder Found C:\Users\Gabrielka\AppData\LocalLow\BitTorrentControl_v12
Folder Found C:\Users\Gabrielka\AppData\LocalLow\Conduit
Folder Found C:\Users\Gabrielka\AppData\Roaming\OpenCandy
Folder Found C:\Users\Gabrielka\AppData\Roaming\PerformerSoft

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppGraffiti
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\AppGraffiti
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\CToolbar
Key Found : HKLM\Software\AppGraffiti
Key Found : HKLM\Software\BitTorrentControl_v12
Key Found : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D4D4142-1AB3-4595-8943-544101838597}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A8C7951-DC49-48EE-8471-5A097ADD40EC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Google Chrome v

[ File : C:\Users\Gabrielka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [323 octets] - [11/11/2013 17:16:28]
AdwCleaner[R1].txt - [5080 octets] - [11/11/2013 17:17:58]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [5140 octets] ##########

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Lyngam]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Gabrielka on Łt 12. 11. 2013 at 16:22:20,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{69E42C2D-8E62-4DF8-B29F-1C8485912269}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 12. 11. 2013 at 16:33:17,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Lyngam]

# AdwCleaner v3.012 - Report created 12/11/2013 at 16:09:51
# Updated 11/11/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Gabrielka - GABRIELA
# Running from : C:\Users\Gabrielka\Desktop\Clean\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
[!] Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\BitTorrentControl_v12
Folder Deleted : C:\Users\Gabrielka\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\Gabrielka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Gabrielka\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\Gabrielka\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Gabrielka\AppData\Roaming\PerformerSoft
File Deleted : C:\WINDOWS\System32\roboot64.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3225826
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D4D4142-1AB3-4595-8943-544101838597}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A8C7951-DC49-48EE-8471-5A097ADD40EC}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKLM\Software\AppGraffiti
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Google Chrome v

[ File : C:\Users\Gabrielka\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [323 octets] - [11/11/2013 17:16:28]
AdwCleaner[R1].txt - [5244 octets] - [11/11/2013 17:17:58]
AdwCleaner[R2].txt - [5304 octets] - [12/11/2013 15:50:05]
AdwCleaner[S0].txt - [5149 octets] - [12/11/2013 16:09:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5209 octets] ##########

[Lyngam]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.11.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16384
Gabrielka :: GABRIELA [limited]

12. 11. 2013 16:37:40
mbam-log-2013-11-12 (16-37-40).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 234695
Uplynulý čas: 8 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|AGupdate (PUP.Optional.AppGraffiti.A) -> Data: C:\Program Files (x86)\AppGraffiti\AGupdate.exe -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Lyngam]

RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Gabrielka [Práva správce]
Mód : Kontrola -- Datum : 11/12/2013 16:58:14
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\23477libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szninstall.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] szndesktop.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-616606610-2038691625-1780101643-1002\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-616606610-2038691625-1780101643-1002\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-35HXZT3 +++++
--- User ---
[MBR] fcf1f1562dec36485335b0b9adfb311b
[BSP] aab7ce1b130d41d0be9aaa44d99bf183 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11122013_165814.txt >>

[jaro3]

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[Lyngam]

RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Gabrielka [Práva správce]
Mód : Kontrola -- Datum : 11/12/2013 20:15:40
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\23477libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szninstall.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] szndesktop.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-616606610-2038691625-1780101643-1002\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-616606610-2038691625-1780101643-1002\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Gabrielka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD7500BPVT-35HXZT3 +++++
--- User ---
[MBR] fcf1f1562dec36485335b0b9adfb311b
[BSP] aab7ce1b130d41d0be9aaa44d99bf183 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11122013_201540.txt >>
RKreport[0]_S_11122013_165814.txt

[Lyngam]

20:21:32.0482 3320 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:21:32.0482 3320 UEFI system
20:21:36.0810 3320 ============================================================
20:21:36.0810 3320 Current date / time: 2013/11/12 20:21:36.0810
20:21:36.0810 3320 SystemInfo:
20:21:36.0810 3320
20:21:36.0810 3320 OS Version: 6.2.9200 ServicePack: 0.0
20:21:36.0810 3320 Product type: Workstation
20:21:36.0810 3320 ComputerName: GABRIELA
20:21:36.0810 3320 UserName: Gabrielka
20:21:36.0810 3320 Windows directory: C:\WINDOWS
20:21:36.0810 3320 System windows directory: C:\WINDOWS
20:21:36.0810 3320 Running under WOW64
20:21:36.0810 3320 Processor architecture: Intel x64
20:21:36.0810 3320 Number of processors: 4
20:21:36.0810 3320 Page size: 0x1000
20:21:36.0810 3320 Boot type: Normal boot
20:21:36.0810 3320 ============================================================
20:21:38.0435 3320 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:21:38.0451 3320 ============================================================
20:21:38.0451 3320 \Device\Harddisk0\DR0:
20:21:38.0451 3320 GPT partitions:
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1ADF824F-C5BA-4260-BEF0-544DE31284F1}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DF415E49-CE80-4A25-AFCB-B2F973E1E2C1}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F1F44D88-18E3-4262-9807-DE6A6CF9F480}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {16C894C7-0B64-4560-8946-B9A58404DA78}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x5426A001
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {75DFDF3A-B69F-4D6E-A571-9B3F8B03368D}, Name: , StartLBA 0x5443B000, BlocksNum 0xAE800
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {19250E95-3319-4701-8895-A3C61FCA1F66}, Name: Basic data partition, StartLBA 0x544E9801, BlocksNum 0x2E5C800
20:21:38.0451 3320 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4E020B66-BA64-429F-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346001, BlocksNum 0x200000
20:21:38.0451 3320 MBR partitions:
20:21:38.0451 3320 ============================================================
20:21:38.0482 3320 C: <-> \Device\Harddisk0\DR0\Partition4
20:21:38.0482 3320 ============================================================
20:21:38.0482 3320 Initialize success
20:21:38.0482 3320 ============================================================
20:21:40.0545 4392 ============================================================
20:21:40.0545 4392 Scan started
20:21:40.0545 4392 Mode: Manual;
20:21:40.0545 4392 ============================================================
20:21:42.0926 4392 ================ Scan system memory ========================
20:21:42.0926 4392 System memory - ok
20:21:42.0926 4392 ================ Scan services =============================
20:21:43.0276 4392 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:21:43.0276 4392 1394ohci - ok
20:21:43.0307 4392 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:21:43.0307 4392 3ware - ok
20:21:43.0354 4392 [ E19D921EBBD1A2CA4C48D7B5F1685B30 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:21:43.0370 4392 ACPI - ok
20:21:43.0448 4392 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:21:43.0448 4392 acpiex - ok
20:21:43.0495 4392 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:21:43.0495 4392 acpipagr - ok
20:21:43.0526 4392 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:21:43.0542 4392 AcpiPmi - ok
20:21:43.0557 4392 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:21:43.0557 4392 acpitime - ok
20:21:43.0698 4392 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:21:43.0698 4392 AdobeARMservice - ok
20:21:43.0760 4392 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:21:43.0776 4392 ADP80XX - ok
20:21:43.0823 4392 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:21:43.0823 4392 AeLookupSvc - ok
20:21:43.0870 4392 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:21:43.0885 4392 AFD - ok
20:21:43.0948 4392 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:21:43.0948 4392 agp440 - ok
20:21:43.0963 4392 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:21:43.0963 4392 ahcache - ok
20:21:44.0010 4392 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
20:21:44.0010 4392 ALG - ok
20:21:44.0042 4392 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:21:44.0042 4392 AmdK8 - ok
20:21:44.0057 4392 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:21:44.0057 4392 AmdPPM - ok
20:21:44.0213 4392 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:21:44.0213 4392 amdsata - ok
20:21:44.0588 4392 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:21:44.0588 4392 amdsbs - ok
20:21:44.0651 4392 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:21:44.0651 4392 amdxata - ok
20:21:44.0729 4392 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:21:44.0729 4392 AppID - ok
20:21:44.0776 4392 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:21:44.0792 4392 AppIDSvc - ok
20:21:44.0823 4392 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:21:44.0838 4392 Appinfo - ok
20:21:44.0870 4392 [ EF0EE63BE56D2CAC3FA07850770326F1 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
20:21:44.0885 4392 AppReadiness - ok
20:21:44.0932 4392 [ AF361C58D23BB967C7B4DF6BDDD57744 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
20:21:45.0010 4392 AppXSvc - ok
20:21:45.0010 4392 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:21:45.0010 4392 arcsas - ok
20:21:45.0042 4392 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:21:45.0042 4392 atapi - ok
20:21:45.0104 4392 [ 7CA5397A47843B0BD36898F32F2D403B ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:21:45.0104 4392 AtherosSvc - ok
20:21:45.0385 4392 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:21:45.0448 4392 athr - ok
20:21:45.0495 4392 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:21:45.0526 4392 AudioEndpointBuilder - ok
20:21:45.0573 4392 [ 86DD7884124D363A63CCE7A11FDEBBED ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:21:45.0604 4392 Audiosrv - ok
20:21:45.0635 4392 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:21:45.0635 4392 AxInstSV - ok
20:21:45.0682 4392 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:21:45.0698 4392 b06bdrv - ok
20:21:45.0745 4392 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:21:45.0745 4392 BasicDisplay - ok
20:21:45.0776 4392 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:21:45.0776 4392 BasicRender - ok
20:21:45.0889 4392 [ 369C1928C9BBED65C9E347448BD376B0 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
20:21:45.0889 4392 BBSvc - ok
20:21:45.0920 4392 [ 54949AFAC5CE6FA2E4D7846D4362BAB3 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
20:21:45.0951 4392 BBUpdate - ok
20:21:45.0982 4392 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
20:21:45.0982 4392 bcmfn2 - ok
20:21:46.0045 4392 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:21:46.0060 4392 BDESVC - ok
20:21:46.0092 4392 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:21:46.0092 4392 Beep - ok
20:21:46.0154 4392 [ 619D2B906EEA740AB0223BA4AB9507C4 ] BFE C:\WINDOWS\System32\bfe.dll
20:21:46.0185 4392 BFE - ok
20:21:46.0264 4392 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
20:21:46.0295 4392 BITS - ok
20:21:46.0310 4392 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:21:46.0310 4392 bowser - ok
20:21:46.0342 4392 [ 748141CC03DF40C38F17D3F96BB15C80 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:21:46.0342 4392 BrokerInfrastructure - ok
20:21:46.0389 4392 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
20:21:46.0389 4392 Browser - ok
20:21:46.0420 4392 [ 23CEDCD7527A26B222732A158F76EB24 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
20:21:46.0420 4392 BTATH_BUS - ok
20:21:46.0420 4392 BTATH_LWFLT - ok
20:21:46.0545 4392 [ CBF4EF7E9FE86CE0CAB0A6472DE34A1C ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:21:46.0560 4392 BtFilter - ok
20:21:46.0607 4392 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:21:46.0607 4392 BthAvrcpTg - ok
20:21:46.0701 4392 [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
20:21:46.0717 4392 BthEnum - ok
20:21:46.0811 4392 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:21:46.0811 4392 BthHFEnum - ok
20:21:46.0904 4392 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:21:46.0904 4392 bthhfhid - ok
20:21:46.0998 4392 [ FCD8BD17B7193CFFF18C332D1A381D7F ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
20:21:46.0998 4392 BthLEEnum - ok
20:21:47.0061 4392 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:21:47.0061 4392 BTHMODEM - ok
20:21:47.0092 4392 [ 3AFE71D80EDF5D4DE0C5731352905669 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:21:47.0092 4392 BthPan - ok
20:21:47.0514 4392 [ 8458ECAB701EE385851C2559B71D1209 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
20:21:47.0529 4392 BTHPORT - ok
20:21:47.0561 4392 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
20:21:47.0576 4392 bthserv - ok
20:21:47.0592 4392 [ 2C0B77176CD68F1F60510CDF36ADC401 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
20:21:47.0592 4392 BTHUSB - ok
20:21:47.0607 4392 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:21:47.0607 4392 cdfs - ok
20:21:47.0639 4392 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:21:47.0639 4392 cdrom - ok
20:21:47.0686 4392 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:21:47.0686 4392 CertPropSvc - ok
20:21:47.0717 4392 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:21:47.0717 4392 circlass - ok
20:21:47.0795 4392 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:21:47.0795 4392 CLFS - ok
20:21:47.0858 4392 [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
20:21:47.0858 4392 CLVirtualDrive - ok
20:21:47.0873 4392 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:21:47.0889 4392 CmBatt - ok
20:21:47.0920 4392 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:21:47.0920 4392 CNG - ok
20:21:47.0967 4392 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:21:47.0967 4392 CompositeBus - ok
20:21:47.0983 4392 COMSysApp - ok
20:21:47.0998 4392 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:21:47.0998 4392 condrv - ok
20:21:48.0139 4392 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:21:48.0154 4392 cphs - ok
20:21:48.0201 4392 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:21:48.0201 4392 CryptSvc - ok
20:21:48.0233 4392 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
20:21:48.0233 4392 dam - ok
20:21:48.0295 4392 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:21:48.0342 4392 DcomLaunch - ok
20:21:48.0373 4392 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:21:48.0389 4392 defragsvc - ok
20:21:48.0436 4392 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:21:48.0451 4392 DeviceAssociationService - ok
20:21:48.0483 4392 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:21:48.0483 4392 DeviceInstall - ok
20:21:48.0529 4392 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:21:48.0529 4392 Dfsc - ok
20:21:48.0576 4392 [ E428DFFA96FAD07D8CA3C9082563A225 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:21:48.0576 4392 dg_ssudbus - ok
20:21:48.0608 4392 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:21:48.0623 4392 Dhcp - ok
20:21:48.0639 4392 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
20:21:48.0654 4392 disk - ok
20:21:48.0670 4392 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:21:48.0670 4392 dmvsc - ok
20:21:48.0701 4392 [ FBD2D7F491F3EBC5C54C5C4DB2564953 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:21:48.0717 4392 Dnscache - ok
20:21:48.0748 4392 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:21:48.0764 4392 dot3svc - ok
20:21:48.0799 4392 [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
20:21:48.0799 4392 dot4 - ok
20:21:48.0830 4392 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
20:21:48.0830 4392 Dot4Print - ok
20:21:48.0845 4392 [ B7D595F2F464F7B628AD53F06547792C ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
20:21:48.0845 4392 dot4usb - ok
20:21:48.0876 4392 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
20:21:48.0876 4392 DPS - ok
20:21:48.0908 4392 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:21:48.0908 4392 drmkaud - ok
20:21:48.0954 4392 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:21:48.0954 4392 DsmSvc - ok
20:21:49.0001 4392 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
20:21:49.0001 4392 dtsoftbus01 - ok
20:21:49.0079 4392 [ AEAB1924098DB538784C1D2B268FF0C9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:21:49.0094 4392 DXGKrnl - ok
20:21:49.0141 4392 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:21:49.0141 4392 Eaphost - ok
20:21:49.0282 4392 [ 843E8B2127D7283845E29E6176C15887 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
20:21:49.0298 4392 Easy Launcher - ok
20:21:49.0423 4392 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:21:49.0485 4392 ebdrv - ok
20:21:49.0516 4392 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
20:21:49.0516 4392 EFS - ok
20:21:49.0563 4392 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:21:49.0563 4392 EhStorClass - ok
20:21:49.0579 4392 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:21:49.0579 4392 EhStorTcgDrv - ok
20:21:49.0626 4392 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:21:49.0626 4392 ErrDev - ok
20:21:49.0673 4392 [ 6073E00157E6D99FC8D0D0CC8EF61DF9 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
20:21:49.0673 4392 ETD - ok
20:21:49.0748 4392 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
20:21:49.0748 4392 EventSystem - ok
20:21:49.0795 4392 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:21:49.0810 4392 exfat - ok
20:21:49.0826 4392 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:21:49.0842 4392 fastfat - ok
20:21:49.0888 4392 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
20:21:49.0920 4392 Fax - ok
20:21:49.0951 4392 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:21:49.0951 4392 fdc - ok
20:21:49.0982 4392 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:21:49.0982 4392 fdPHost - ok
20:21:49.0998 4392 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:21:49.0998 4392 FDResPub - ok
20:21:50.0029 4392 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:21:50.0045 4392 fhsvc - ok
20:21:50.0060 4392 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:21:50.0060 4392 FileInfo - ok
20:21:50.0092 4392 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:21:50.0092 4392 Filetrace - ok
20:21:50.0107 4392 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:21:50.0107 4392 flpydisk - ok
20:21:50.0154 4392 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:21:50.0154 4392 FltMgr - ok
20:21:50.0232 4392 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
20:21:50.0279 4392 FontCache - ok
20:21:50.0389 4392 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:21:50.0404 4392 FontCache3.0.0.0 - ok
20:21:50.0435 4392 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:21:50.0435 4392 FsDepends - ok
20:21:50.0467 4392 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:21:50.0467 4392 Fs_Rec - ok
20:21:50.0498 4392 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:21:50.0514 4392 fvevol - ok
20:21:50.0560 4392 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:21:50.0560 4392 FxPPM - ok
20:21:50.0592 4392 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:21:50.0592 4392 gagp30kx - ok
20:21:50.0623 4392 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:21:50.0623 4392 gencounter - ok
20:21:50.0654 4392 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:21:50.0654 4392 GPIOClx0101 - ok
20:21:50.0732 4392 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:21:50.0779 4392 gpsvc - ok
20:21:50.0810 4392 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:21:50.0810 4392 HDAudBus - ok
20:21:50.0829 4392 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:21:50.0829 4392 HidBatt - ok
20:21:50.0876 4392 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:21:50.0876 4392 HidBth - ok
20:21:50.0923 4392 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:21:50.0923 4392 hidi2c - ok
20:21:50.0938 4392 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:21:50.0938 4392 HidIr - ok
20:21:50.0970 4392 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
20:21:50.0985 4392 hidserv - ok
20:21:51.0001 4392 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:21:51.0001 4392 HidUsb - ok
20:21:51.0032 4392 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:21:51.0032 4392 hkmsvc - ok
20:21:51.0068 4392 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:21:51.0068 4392 HomeGroupListener - ok
20:21:51.0131 4392 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:21:51.0147 4392 HomeGroupProvider - ok
20:21:51.0240 4392 [ 930370725FA0FE272346583A7A7D6BDB ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:21:51.0256 4392 hpqcxs08 - ok
20:21:51.0272 4392 [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:21:51.0272 4392 hpqddsvc - ok
20:21:51.0303 4392 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:21:51.0303 4392 HpSAMD - ok
20:21:51.0350 4392 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:21:51.0365 4392 HTTP - ok
20:21:51.0397 4392 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:21:51.0397 4392 hwpolicy - ok
20:21:51.0428 4392 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:21:51.0428 4392 hyperkbd - ok
20:21:51.0443 4392 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:21:51.0443 4392 HyperVideo - ok
20:21:51.0475 4392 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:21:51.0475 4392 i8042prt - ok
20:21:51.0553 4392 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:21:51.0553 4392 iaLPSSi_GPIO - ok
20:21:51.0568 4392 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:21:51.0568 4392 iaLPSSi_I2C - ok
20:21:51.0631 4392 [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
20:21:51.0631 4392 iaStorA - ok
20:21:51.0678 4392 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
20:21:51.0693 4392 iaStorAV - ok
20:21:51.0740 4392 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:21:51.0740 4392 iaStorV - ok
20:21:51.0756 4392 IEEtwCollectorService - ok
20:21:51.0913 4392 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:21:51.0991 4392 igfx - ok
20:21:52.0053 4392 [ CE6E075B75E313EDF7F32ECD69DD8EA1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:21:52.0085 4392 IKEEXT - ok
20:21:52.0217 4392 [ 8524178B895E4BC04776B319DA3A70EC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:21:52.0280 4392 IntcAzAudAddService - ok
20:21:52.0358 4392 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:21:52.0358 4392 IntcDAud - ok
20:21:52.0420 4392 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:21:52.0420 4392 Intel(R) Capability Licensing Service Interface - ok
20:21:52.0499 4392 [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
20:21:52.0514 4392 Intel(R) ME Service - ok
20:21:52.0530 4392 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:21:52.0530 4392 intelide - ok
20:21:52.0561 4392 [ A2B6215E54075A936E5B424ABCD1323E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
20:21:52.0561 4392 intelpep - ok
20:21:52.0577 4392 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:21:52.0577 4392 intelppm - ok
20:21:52.0608 4392 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:21:52.0608 4392 IpFilterDriver - ok
20:21:52.0658 4392 [ 201EDF3C5E674BF1FE44D28CC6A76EA2 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:21:52.0689 4392 iphlpsvc - ok
20:21:52.0720 4392 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:21:52.0720 4392 IPMIDRV - ok
20:21:52.0736 4392 [ E23D32BAF152FBE35F18C6A2AB8EF271 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:21:52.0736 4392 IPNAT - ok
20:21:52.0752 4392 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:21:52.0752 4392 IRENUM - ok
20:21:52.0783 4392 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:21:52.0783 4392 isapnp - ok
20:21:52.0814 4392 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:21:52.0830 4392 iScsiPrt - ok
20:21:52.0845 4392 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:21:52.0845 4392 jhi_service - ok
20:21:52.0877 4392 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:21:52.0877 4392 kbdclass - ok
20:21:52.0908 4392 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:21:52.0908 4392 kbdhid - ok
20:21:52.0939 4392 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:21:52.0939 4392 kdnic - ok
20:21:52.0970 4392 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
20:21:52.0970 4392 KeyIso - ok
20:21:53.0003 4392 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:21:53.0003 4392 KSecDD - ok
20:21:53.0035 4392 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:21:53.0035 4392 KSecPkg - ok
20:21:53.0050 4392 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:21:53.0050 4392 ksthunk - ok
20:21:53.0097 4392 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:21:53.0113 4392 KtmRm - ok
20:21:53.0144 4392 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:21:53.0160 4392 LanmanServer - ok
20:21:53.0175 4392 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:21:53.0191 4392 LanmanWorkstation - ok
20:21:53.0238 4392 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
20:21:53.0253 4392 lfsvc - ok
20:21:53.0285 4392 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:21:53.0285 4392 lltdio - ok
20:21:53.0316 4392 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:21:53.0331 4392 lltdsvc - ok
20:21:53.0363 4392 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:21:53.0363 4392 lmhosts - ok
20:21:53.0394 4392 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:21:53.0410 4392 LMS - ok
20:21:53.0457 4392 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:21:53.0457 4392 LSI_SAS - ok
20:21:53.0472 4392 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:21:53.0472 4392 LSI_SAS2 - ok
20:21:53.0488 4392 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:21:53.0488 4392 LSI_SAS3 - ok
20:21:53.0488 4392 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:21:53.0503 4392 LSI_SSS - ok
20:21:53.0535 4392 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
20:21:53.0566 4392 LSM - ok
20:21:53.0613 4392 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:21:53.0613 4392 luafv - ok
20:21:53.0644 4392 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:21:53.0644 4392 megasas - ok
20:21:53.0675 4392 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
20:21:53.0675 4392 megasr - ok
20:21:53.0722 4392 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
20:21:53.0722 4392 MEIx64 - ok
20:21:53.0816 4392 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:21:53.0832 4392 Microsoft Office Groove Audit Service - ok
20:21:53.0863 4392 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:21:53.0863 4392 MMCSS - ok
20:21:53.0894 4392 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:21:53.0894 4392 Modem - ok
20:21:53.0910 4392 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:21:53.0910 4392 monitor - ok
20:21:53.0941 4392 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:21:53.0957 4392 mouclass - ok
20:21:53.0972 4392 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:21:53.0988 4392 mouhid - ok
20:21:54.0003 4392 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:21:54.0003 4392 mountmgr - ok
20:21:54.0035 4392 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:21:54.0035 4392 mpsdrv - ok
20:21:54.0097 4392 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:21:54.0128 4392 MpsSvc - ok
20:21:54.0160 4392 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:21:54.0160 4392 MRxDAV - ok
20:21:54.0207 4392 [ 6129EDB793A4255B1E2FB41773AC9D9A ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:21:54.0222 4392 mrxsmb - ok
20:21:54.0238 4392 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:21:54.0238 4392 mrxsmb10 - ok
20:21:54.0253 4392 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:21:54.0269 4392 mrxsmb20 - ok
20:21:54.0300 4392 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:21:54.0300 4392 MsBridge - ok
20:21:54.0332 4392 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:21:54.0347 4392 MSDTC - ok
20:21:54.0363 4392 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:21:54.0363 4392 Msfs - ok
20:21:54.0394 4392 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:21:54.0394 4392 msgpiowin32 - ok
20:21:54.0410 4392 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:21:54.0410 4392 mshidkmdf - ok
20:21:54.0441 4392 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:21:54.0441 4392 mshidumdf - ok
20:21:54.0472 4392 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:21:54.0472 4392 msisadrv - ok
20:21:54.0519 4392 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:21:54.0535 4392 MSiSCSI - ok
20:21:54.0535 4392 msiserver - ok
20:21:54.0566 4392 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:21:54.0566 4392 MSKSSRV - ok
20:21:54.0566 4392 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:21:54.0566 4392 MsLldp - ok
20:21:54.0582 4392 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:21:54.0582 4392 MSPCLOCK - ok
20:21:54.0613 4392 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:21:54.0613 4392 MSPQM - ok
20:21:54.0644 4392 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:21:54.0644 4392 MsRPC - ok
20:21:54.0675 4392 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:21:54.0675 4392 mssmbios - ok
20:21:54.0691 4392 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:21:54.0691 4392 MSTEE - ok
20:21:54.0722 4392 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:21:54.0722 4392 MTConfig - ok
20:21:54.0740 4392 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:21:54.0740 4392 Mup - ok
20:21:54.0771 4392 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:21:54.0771 4392 mvumis - ok
20:21:54.0803 4392 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:21:54.0818 4392 napagent - ok
20:21:54.0881 4392 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:21:54.0881 4392 NativeWifiP - ok
20:21:54.0959 4392 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:21:54.0974 4392 NAUpdate - ok
20:21:55.0037 4392 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:21:55.0037 4392 NcaSvc - ok
20:21:55.0068 4392 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
20:21:55.0068 4392 NcbService - ok
20:21:55.0084 4392 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
20:21:55.0084 4392 NcdAutoSetup - ok
20:21:55.0165 4392 [ AD9086052A5E5153AF43FE74138A4B27 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:21:55.0181 4392 NDIS - ok
20:21:55.0243 4392 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:21:55.0243 4392 NdisCap - ok
20:21:55.0259 4392 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:21:55.0259 4392 NdisImPlatform - ok
20:21:55.0321 4392 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:21:55.0321 4392 NdisTapi - ok
20:21:55.0337 4392 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:21:55.0353 4392 Ndisuio - ok
20:21:55.0368 4392 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:21:55.0368 4392 NdisVirtualBus - ok
20:21:55.0400 4392 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:21:55.0400 4392 NdisWan - ok
20:21:55.0415 4392 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:21:55.0415 4392 NdisWanLegacy - ok
20:21:55.0431 4392 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:21:55.0431 4392 NDProxy - ok
20:21:55.0462 4392 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:21:55.0462 4392 Ndu - ok
20:21:55.0509 4392 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
20:21:55.0509 4392 Net Driver HPZ12 - ok
20:21:55.0525 4392 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:21:55.0525 4392 NetBIOS - ok
20:21:55.0557 4392 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:21:55.0557 4392 NetBT - ok
20:21:55.0573 4392 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:21:55.0573 4392 Netlogon - ok
20:21:55.0620 4392 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
20:21:55.0620 4392 Netman - ok
20:21:55.0667 4392 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:21:55.0682 4392 netprofm - ok
20:21:55.0754 4392 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:21:55.0801 4392 NetTcpPortSharing - ok
20:21:55.0832 4392 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
20:21:55.0832 4392 netvsc - ok
20:21:55.0879 4392 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:21:55.0879 4392 NlaSvc - ok
20:21:55.0895 4392 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:21:55.0895 4392 Npfs - ok
20:21:55.0926 4392 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:21:55.0926 4392 npsvctrig - ok
20:21:55.0942 4392 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:21:55.0942 4392 nsi - ok
20:21:55.0973 4392 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:21:55.0973 4392 nsiproxy - ok
20:21:56.0051 4392 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:21:56.0082 4392 Ntfs - ok
20:21:56.0098 4392 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:21:56.0098 4392 Null - ok
20:21:56.0426 4392 [ 9B93CC9C70EDE60A9C486E7719DB9E8D ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:21:56.0582 4392 nvlddmkm - ok
20:21:56.0614 4392 [ F76296368BB813E0C6996501A3271C7C ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
20:21:56.0614 4392 nvpciflt - ok
20:21:56.0645 4392 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:21:56.0645 4392 nvraid - ok
20:21:56.0660 4392 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:21:56.0660 4392 nvstor - ok
20:21:56.0723 4392 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\windows\system32\nvvsvc.exe
20:21:56.0739 4392 nvsvc - ok
20:21:56.0817 4392 [ 249357999355A998AA94A3673C3367EB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:21:56.0832 4392 nvUpdatusService - ok
20:21:56.0848 4392 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:21:56.0864 4392 nv_agp - ok
20:21:56.0989 4392 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE