Prosím o kontrolu logu Vyřešeno

[Paulek155]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:21, on 21.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
E:\Programy\MSI Afterburner\MSIAfterburner.exe
E:\Programy\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_0.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BS Player ControlBar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_0.dll
O3 - Toolbar: BS Player ControlBar Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player_ControlBar\prxtbBS_0.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX535WD"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Paulek\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
O4 - HKUS\S-1-5-21-2102616328-1769540014-1458043943-1015\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2102616328-1769540014-1458043943-1015\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_OTPService - Unknown owner - C:\Program Files (x86)\MSI\OTPService\OTPService.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - E:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10136 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Paulek155]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.21.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Paulek :: PAULEK-PC [administrator]

21.11.2013 21:00:15
MBAM-log-2013-11-21 (21-01-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248679
Time elapsed: 1 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT1750559 (PUP.Optional.Conduit.A) -> No action taken.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Paulek\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 6
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559 (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\css (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\js (PUP.Optional.Conduit.A) -> No action taken.

Files Detected: 17
C:\Users\Paulek\AppData\Local\Conduit\CT1750559\BS_Player_ControlBarAutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\configutaion.json (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\SetupIcon.ico (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\UninstallDialog.html (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\css\UninstallDialog.css (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\2.0--spec--kicker.png (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\content-pattern.png (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\content-sep.png (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\OK-Button-Default.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\OK-Button-MouseOver.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\OK-Button-OnClick.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\images\x.gif (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\js\jquery.min.js (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\js\nsUI.js (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT1750559\UninstallDialog\js\UninstallDialogLogic.js (PUP.Optional.Conduit.A) -> No action taken.

(end)

[Paulek155]

# AdwCleaner v3.012 - Report created 21/11/2013 at 21:02:15
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Paulek - PAULEK-PC
# Running from : C:\Users\Paulek\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
Folder Found C:\Program Files (x86)\BS_Player_ControlBar
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\ProgramData\Conduit
Folder Found C:\Users\Paulek\AppData\Local\Conduit
Folder Found C:\Users\Paulek\AppData\LocalLow\BS_Player_ControlBar
Folder Found C:\Users\Paulek\AppData\LocalLow\Conduit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\BS_Player_ControlBar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5F7779-5E60-4EBD-BA92-385336118569}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8F2D875-9AE3-413D-8854-48D387CACA6A}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_ControlBar Toolbar
Key Found : HKLM\Software\Uniblue
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Paulek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R5].txt - [3371 octets] - [21/11/2013 21:02:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [3431 octets] ##########

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Paulek155]

# AdwCleaner v3.012 - Report created 22/11/2013 at 16:13:14
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Paulek - PAULEK-PC
# Running from : C:\Users\Paulek\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\BS_Player_ControlBar
Folder Deleted : C:\Users\Paulek\AppData\Local\Conduit
Folder Deleted : C:\Users\Paulek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Paulek\AppData\LocalLow\BS_Player_ControlBar
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F5F7779-5E60-4EBD-BA92-385336118569}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8F2D875-9AE3-413D-8854-48D387CACA6A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\BS_Player_ControlBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_ControlBar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v

-\\ Google Chrome v

[ File : C:\Users\Paulek\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R5].txt - [3519 octets] - [21/11/2013 21:02:15]
AdwCleaner[R6].txt - [3579 octets] - [22/11/2013 16:12:52]
AdwCleaner[S2].txt - [3426 octets] - [22/11/2013 16:13:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3486 octets] ##########

[Paulek155]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Paulek on p  22.11.2013 at 16:15:18,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CBC364A5-2DAD-4723-9AFA-78D3530C4A38}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  22.11.2013 at 16:18:08,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Paulek155]

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Database version: v2013.11.21.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Paulek :: PAULEK-PC [administrator]

22.11.2013 16:18:26
mbam-log-2013-11-22 (16-18-26).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 248753
Time elapsed: 1 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Quarantined and deleted successfully.

(end)

[Paulek155]

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Paulek [Práva správce]
Mód : Kontrola -- Datum : 11/22/2013 16:23:09
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) OCZ-VERTEX4 ATA Device +++++
--- User ---
[MBR] bee7679dadbe72d19dca5dbece2ee12e
[BSP] 7055c618de5975341f87ee67940e7cff : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 122002 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST1000DM003-9YN162 ATA Device +++++
--- User ---
[MBR] c8dcb0045007004fc00837957396aa00
[BSP] f8e74c8ee48dc7d6f289858777c00aeb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11222013_162309.txt >>

[Žbeky]

Zavři všechny programy a prohlížeče.
Odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller (Pro Windows Vista nebo WIN7 klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status box zobrazuje "Scan" "
- Klikni na "Delete"
- Počkej, dokud status box zobrazuje "Smazání - Finished"
- Klikni na "Zprávy", zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1].txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[Paulek155]

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Paulek [Práva správce]
Mód : Odebrat -- Datum : 11/23/2013 14:46:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) OCZ-VERTEX4 ATA Device +++++
--- User ---
[MBR] bee7679dadbe72d19dca5dbece2ee12e
[BSP] 7055c618de5975341f87ee67940e7cff : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 122002 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST1000DM003-9YN162 ATA Device +++++
--- User ---
[MBR] c8dcb0045007004fc00837957396aa00
[BSP] f8e74c8ee48dc7d6f289858777c00aeb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11232013_144615.txt >>
RKreport[0]_S_11232013_144609.txt

[Paulek155]

14:47:30.0903 4592 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:47:40.0107 4592 ============================================================
14:47:40.0107 4592 Current date / time: 2013/11/23 14:47:40.0107
14:47:40.0107 4592 SystemInfo:
14:47:40.0107 4592
14:47:40.0107 4592 OS Version: 6.1.7601 ServicePack: 1.0
14:47:40.0107 4592 Product type: Workstation
14:47:40.0107 4592 ComputerName: PAULEK-PC
14:47:40.0107 4592 UserName: Paulek
14:47:40.0107 4592 Windows directory: C:\Windows
14:47:40.0107 4592 System windows directory: C:\Windows
14:47:40.0107 4592 Running under WOW64
14:47:40.0107 4592 Processor architecture: Intel x64
14:47:40.0107 4592 Number of processors: 4
14:47:40.0107 4592 Page size: 0x1000
14:47:40.0107 4592 Boot type: Normal boot
14:47:40.0107 4592 ============================================================
14:47:40.0419 4592 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:47:40.0419 4592 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:47:40.0435 4592 ============================================================
14:47:40.0435 4592 \Device\Harddisk0\DR0:
14:47:40.0435 4592 MBR partitions:
14:47:40.0435 4592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:47:40.0435 4592 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
14:47:40.0435 4592 \Device\Harddisk1\DR1:
14:47:40.0435 4592 MBR partitions:
14:47:40.0435 4592 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
14:47:40.0435 4592 ============================================================
14:47:40.0435 4592 C: <-> \Device\Harddisk0\DR0\Partition2
14:47:40.0763 4592 E: <-> \Device\Harddisk1\DR1\Partition1
14:47:40.0763 4592 ============================================================
14:47:40.0763 4592 Initialize success
14:47:40.0763 4592 ============================================================
14:47:43.0212 4776 ============================================================
14:47:43.0212 4776 Scan started
14:47:43.0212 4776 Mode: Manual;
14:47:43.0212 4776 ============================================================
14:47:43.0274 4776 ================ Scan system memory ========================
14:47:43.0274 4776 System memory - ok
14:47:43.0274 4776 ================ Scan services =============================
14:47:43.0305 4776 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:47:43.0305 4776 1394ohci - ok
14:47:43.0305 4776 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:47:43.0305 4776 ACPI - ok
14:47:43.0305 4776 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:47:43.0305 4776 AcpiPmi - ok
14:47:43.0321 4776 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:47:43.0321 4776 AdobeARMservice - ok
14:47:43.0321 4776 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:47:43.0321 4776 adp94xx - ok
14:47:43.0337 4776 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:47:43.0337 4776 adpahci - ok
14:47:43.0337 4776 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:47:43.0337 4776 adpu320 - ok
14:47:43.0337 4776 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:47:43.0337 4776 AeLookupSvc - ok
14:47:43.0352 4776 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\Windows\system32\drivers\afd.sys
14:47:43.0352 4776 AFD - ok
14:47:43.0352 4776 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:47:43.0352 4776 agp440 - ok
14:47:43.0352 4776 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:47:43.0352 4776 ALG - ok
14:47:43.0352 4776 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:47:43.0352 4776 aliide - ok
14:47:43.0368 4776 ALSysIO - ok
14:47:43.0368 4776 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:47:43.0368 4776 AMD External Events Utility - ok
14:47:43.0368 4776 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:47:43.0368 4776 amdide - ok
14:47:43.0368 4776 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:47:43.0368 4776 AmdK8 - ok
14:47:43.0508 4776 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:47:43.0539 4776 amdkmdag - ok
14:47:43.0539 4776 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:47:43.0539 4776 amdkmdap - ok
14:47:43.0539 4776 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:47:43.0539 4776 AmdPPM - ok
14:47:43.0555 4776 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:47:43.0555 4776 amdsata - ok
14:47:43.0555 4776 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:47:43.0555 4776 amdsbs - ok
14:47:43.0555 4776 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:47:43.0555 4776 amdxata - ok
14:47:43.0555 4776 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:47:43.0555 4776 AppID - ok
14:47:43.0555 4776 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:47:43.0555 4776 AppIDSvc - ok
14:47:43.0571 4776 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
14:47:43.0571 4776 Appinfo - ok
14:47:43.0571 4776 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:47:43.0571 4776 AppMgmt - ok
14:47:43.0571 4776 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:47:43.0571 4776 arc - ok
14:47:43.0571 4776 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:47:43.0571 4776 arcsas - ok
14:47:43.0586 4776 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:47:43.0586 4776 aspnet_state - ok
14:47:43.0586 4776 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:47:43.0586 4776 AsyncMac - ok
14:47:43.0586 4776 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:47:43.0586 4776 atapi - ok
14:47:43.0617 4776 [ 7D89B0C443F6068E5B27AA3B972069FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:47:43.0617 4776 athr - ok
14:47:43.0617 4776 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:47:43.0617 4776 AtiHDAudioService - ok
14:47:43.0633 4776 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:47:43.0633 4776 AudioEndpointBuilder - ok
14:47:43.0633 4776 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:47:43.0633 4776 AudioSrv - ok
14:47:43.0649 4776 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:47:43.0649 4776 AxInstSV - ok
14:47:43.0649 4776 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:47:43.0649 4776 b06bdrv - ok
14:47:43.0664 4776 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:47:43.0664 4776 b57nd60a - ok
14:47:43.0664 4776 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:47:43.0664 4776 BDESVC - ok
14:47:43.0664 4776 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:47:43.0664 4776 Beep - ok
14:47:43.0664 4776 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:47:43.0680 4776 BFE - ok
14:47:43.0680 4776 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:47:43.0695 4776 BITS - ok
14:47:43.0695 4776 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:47:43.0695 4776 blbdrive - ok
14:47:43.0695 4776 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:47:43.0695 4776 bowser - ok
14:47:43.0695 4776 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:47:43.0695 4776 BrFiltLo - ok
14:47:43.0695 4776 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:47:43.0695 4776 BrFiltUp - ok
14:47:43.0695 4776 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:47:43.0695 4776 BridgeMP - ok
14:47:43.0711 4776 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:47:43.0711 4776 Browser - ok
14:47:43.0711 4776 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:47:43.0711 4776 Brserid - ok
14:47:43.0711 4776 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:47:43.0711 4776 BrSerWdm - ok
14:47:43.0711 4776 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:47:43.0711 4776 BrUsbMdm - ok
14:47:43.0711 4776 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:47:43.0711 4776 BrUsbSer - ok
14:47:43.0727 4776 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:47:43.0727 4776 BTHMODEM - ok
14:47:43.0727 4776 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:47:43.0727 4776 bthserv - ok
14:47:43.0727 4776 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:47:43.0727 4776 cdfs - ok
14:47:43.0727 4776 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:47:43.0727 4776 cdrom - ok
14:47:43.0727 4776 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:47:43.0727 4776 CertPropSvc - ok
14:47:43.0742 4776 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:47:43.0742 4776 circlass - ok
14:47:43.0742 4776 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:47:43.0742 4776 CLFS - ok
14:47:43.0742 4776 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:47:43.0742 4776 clr_optimization_v2.0.50727_32 - ok
14:47:43.0758 4776 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:47:43.0758 4776 clr_optimization_v2.0.50727_64 - ok
14:47:43.0758 4776 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:47:43.0758 4776 clr_optimization_v4.0.30319_32 - ok
14:47:43.0773 4776 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:47:43.0773 4776 clr_optimization_v4.0.30319_64 - ok
14:47:43.0773 4776 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:47:43.0773 4776 CmBatt - ok
14:47:43.0773 4776 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:47:43.0773 4776 cmdide - ok
14:47:43.0773 4776 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\Windows\system32\Drivers\cng.sys
14:47:43.0789 4776 CNG - ok
14:47:43.0789 4776 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:47:43.0789 4776 Compbatt - ok
14:47:43.0789 4776 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:47:43.0789 4776 CompositeBus - ok
14:47:43.0789 4776 COMSysApp - ok
14:47:43.0789 4776 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:47:43.0789 4776 crcdisk - ok
14:47:43.0789 4776 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:47:43.0789 4776 CryptSvc - ok
14:47:43.0805 4776 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:47:43.0805 4776 CSC - ok
14:47:43.0805 4776 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:47:43.0820 4776 CscService - ok
14:47:43.0820 4776 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:47:43.0820 4776 DcomLaunch - ok
14:47:43.0820 4776 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:47:43.0836 4776 defragsvc - ok
14:47:43.0836 4776 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:47:43.0836 4776 DfsC - ok
14:47:43.0836 4776 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:47:43.0836 4776 Dhcp - ok
14:47:43.0836 4776 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:47:43.0836 4776 discache - ok
14:47:43.0836 4776 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:47:43.0836 4776 Disk - ok
14:47:43.0851 4776 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:47:43.0851 4776 Dnscache - ok
14:47:43.0851 4776 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:47:43.0851 4776 dot3svc - ok
14:47:43.0851 4776 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:47:43.0851 4776 DPS - ok
14:47:43.0851 4776 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:47:43.0851 4776 drmkaud - ok
14:47:43.0867 4776 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:47:43.0867 4776 dtsoftbus01 - ok
14:47:43.0867 4776 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:47:43.0883 4776 DXGKrnl - ok
14:47:43.0883 4776 [ 1BEF2C2E229452EC49FFE5A27283341D ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
14:47:43.0883 4776 e1cexpress - ok
14:47:43.0898 4776 [ FE96AA1A36E76588C80DF1040286DDE1 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
14:47:43.0898 4776 eamonm - ok
14:47:43.0898 4776 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:47:43.0898 4776 EapHost - ok
14:47:43.0929 4776 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:47:43.0945 4776 ebdrv - ok
14:47:43.0945 4776 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\Windows\System32\lsass.exe
14:47:43.0945 4776 EFS - ok
14:47:43.0945 4776 [ 807BA90D47F8885C09E1D6AFBB706E18 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
14:47:43.0945 4776 ehdrv - ok
14:47:43.0961 4776 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:47:43.0961 4776 ehRecvr - ok
14:47:43.0961 4776 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:47:43.0961 4776 ehSched - ok
14:47:43.0976 4776 [ 4CB575D97653FA91FFB02DA3105EB084 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
14:47:43.0976 4776 ekrn - ok
14:47:43.0992 4776 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:47:43.0992 4776 elxstor - ok
14:47:43.0992 4776 [ FEE856E92AFCC61DA146F186E291FFD7 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
14:47:43.0992 4776 epfwwfpr - ok
14:47:43.0992 4776 [ DFEB7EE15BA8BA03E722C375F7E6A379 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
14:47:43.0992 4776 EPSON_PM_RPCV4_05 - ok
14:47:43.0992 4776 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:47:43.0992 4776 ErrDev - ok
14:47:44.0007 4776 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:47:44.0007 4776 EventSystem - ok
14:47:44.0007 4776 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:47:44.0007 4776 exfat - ok
14:47:44.0007 4776 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:47:44.0007 4776 fastfat - ok
14:47:44.0023 4776 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:47:44.0023 4776 Fax - ok
14:47:44.0023 4776 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:47:44.0023 4776 fdc - ok
14:47:44.0023 4776 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:47:44.0023 4776 fdPHost - ok
14:47:44.0023 4776 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:47:44.0039 4776 FDResPub - ok
14:47:44.0039 4776 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:47:44.0039 4776 FileInfo - ok
14:47:44.0039 4776 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:47:44.0039 4776 Filetrace - ok
14:47:44.0039 4776 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:47:44.0039 4776 flpydisk - ok
14:47:44.0039 4776 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:47:44.0039 4776 FltMgr - ok
14:47:44.0054 4776 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
14:47:44.0054 4776 FontCache - ok
14:47:44.0070 4776 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:47:44.0070 4776 FontCache3.0.0.0 - ok
14:47:44.0070 4776 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:47:44.0070 4776 FsDepends - ok
14:47:44.0070 4776 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:47:44.0070 4776 Fs_Rec - ok
14:47:44.0070 4776 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:47:44.0070 4776 fvevol - ok
14:47:44.0070 4776 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:47:44.0070 4776 gagp30kx - ok
14:47:44.0085 4776 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:47:44.0085 4776 gpsvc - ok
14:47:44.0085 4776 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:47:44.0085 4776 hcw85cir - ok
14:47:44.0101 4776 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:47:44.0101 4776 HdAudAddService - ok
14:47:44.0101 4776 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:47:44.0101 4776 HDAudBus - ok
14:47:44.0101 4776 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:47:44.0101 4776 HidBatt - ok
14:47:44.0101 4776 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:47:44.0101 4776 HidBth - ok
14:47:44.0101 4776 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:47:44.0101 4776 HidIr - ok
14:47:44.0117 4776 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:47:44.0117 4776 hidserv - ok
14:47:44.0117 4776 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:47:44.0117 4776 HidUsb - ok
14:47:44.0117 4776 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:47:44.0117 4776 hkmsvc - ok
14:47:44.0117 4776 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:47:44.0117 4776 HomeGroupListener - ok
14:47:44.0117 4776 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:47:44.0132 4776 HomeGroupProvider - ok
14:47:44.0132 4776 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:47:44.0132 4776 HpSAMD - ok
14:47:44.0132 4776 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:47:44.0132 4776 HTTP - ok
14:47:44.0148 4776 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:47:44.0148 4776 hwpolicy - ok
14:47:44.0148 4776 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:47:44.0148 4776 i8042prt - ok
14:47:44.0148 4776 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:47:44.0148 4776 iaStorV - ok
14:47:44.0163 4776 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
14:47:44.0163 4776 IDriverT - ok
14:47:44.0163 4776 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:47:44.0163 4776 idsvc - ok
14:47:44.0179 4776 IEEtwCollectorService - ok
14:47:44.0179 4776 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:47:44.0179 4776 iirsp - ok
14:47:44.0179 4776 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\Windows\System32\ikeext.dll
14:47:44.0195 4776 IKEEXT - ok
14:47:44.0241 4776 [ 55FCBF5440EE61DBC5A6F637F7B4C776 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:47:44.0241 4776 IntcAzAudAddService - ok
14:47:44.0257 4776 [ C6128F2E3DC6156C6F8828F9F1B96010 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:47:44.0257 4776 Intel(R) Capability Licensing Service Interface - ok
14:47:44.0257 4776 [ 729AB4F0608E95EFF8FDEF23596283E2 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:47:44.0273 4776 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:47:44.0273 4776 [ 8C90FA99363E2BC4938CCA3A487100E9 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
14:47:44.0273 4776 Intel(R) PROSet Monitoring Service - ok
14:47:44.0273 4776 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:47:44.0273 4776 intelide - ok
14:47:44.0273 4776 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:47:44.0288 4776 intelppm - ok
14:47:44.0288 4776 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:47:44.0288 4776 IPBusEnum - ok
14:47:44.0288 4776 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:47:44.0288 4776 IpFilterDriver - ok
14:47:44.0288 4776 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:47:44.0288 4776 iphlpsvc - ok
14:47:44.0304 4776 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:47:44.0304 4776 IPMIDRV - ok
14:47:44.0304 4776 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:47:44.0304 4776 IPNAT - ok
14:47:44.0304 4776 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:47:44.0304 4776 IRENUM - ok
14:47:44.0304 4776 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:47:44.0304 4776 isapnp - ok
14:47:44.0304 4776 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:47:44.0304 4776 iScsiPrt - ok
14:47:44.0319 4776 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:47:44.0319 4776 iusb3hcs - ok
14:47:44.0319 4776 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:47:44.0319 4776 iusb3hub - ok
14:47:44.0335 4776 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:47:44.0335 4776 iusb3xhc - ok
14:47:44.0335 4776 [ 08B14887C0B98101F8EC207817A0D734 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:47:44.0335 4776 jhi_service - ok
14:47:44.0335 4776 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:47:44.0335 4776 kbdclass - ok
14:47:44.0351 4776 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:47:44.0351 4776 kbdhid - ok
14:47:44.0351 4776 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\Windows\system32\lsass.exe
14:47:44.0351 4776 KeyIso - ok
14:47:44.0351 4776 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:47:44.0351 4776 KSecDD - ok
14:47:44.0351 4776 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:47:44.0351 4776 KSecPkg - ok
14:47:44.0351 4776 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:47:44.0351 4776 ksthunk - ok
14:47:44.0366 4776 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:47:44.0366 4776 KtmRm - ok
14:47:44.0366 4776 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:47:44.0366 4776 LanmanServer - ok
14:47:44.0366 4776 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:47:44.0366 4776 LanmanWorkstation - ok
14:47:44.0382 4776 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:47:44.0382 4776 lltdio - ok
14:47:44.0382 4776 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:47:44.0382 4776 lltdsvc - ok
14:47:44.0382 4776 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:47:44.0382 4776 lmhosts - ok
14:47:44.0382 4776 [ 920F6774762DE8D8477088B6F38FBD6C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:47:44.0397 4776 LMS - ok
14:47:44.0397 4776 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:47:44.0397 4776 LSI_FC - ok
14:47:44.0397 4776 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:47:44.0397 4776 LSI_SAS - ok
14:47:44.0397 4776 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:47:44.0397 4776 LSI_SAS2 - ok
14:47:44.0397 4776 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:47:44.0397 4776 LSI_SCSI - ok
14:47:44.0413 4776 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:47:44.0413 4776 luafv - ok
14:47:44.0413 4776 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
14:47:44.0413 4776 MBfilt - ok
14:47:44.0413 4776 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:47:44.0413 4776 Mcx2Svc - ok
14:47:44.0413 4776 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:47:44.0413 4776 megasas - ok
14:47:44.0429 4776 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:47:44.0429 4776 MegaSR - ok
14:47:44.0429 4776 [ D71FD7A4FDB01C554AE144037B688DF1 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:47:44.0429 4776 MEIx64 - ok
14:47:44.0429 4776 Microsoft SharePoint Workspace Audit Service - ok
14:47:44.0429 4776 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:47:44.0429 4776 MMCSS - ok
14:47:44.0429 4776 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:47:44.0429 4776 Modem - ok
14:47:44.0444 4776 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:47:44.0444 4776 monitor - ok
14:47:44.0444 4776 [ C030F9E822A057C1A7A9BB4EA3E8877E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
14:47:44.0444 4776 MotioninJoyXFilter - ok
14:47:44.0444 4776 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:47:44.0444 4776 mouclass - ok
14:47:44.0444 4776 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:47:44.0444 4776 mouhid - ok
14:47:44.0444 4776 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:47:44.0444 4776 mountmgr - ok
14:47:44.0444 4776 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:47:44.0460 4776 mpio - ok
14:47:44.0460 4776 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:47:44.0460 4776 mpsdrv - ok
14:47:44.0460 4776 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:47:44.0475 4776 MpsSvc - ok
14:47:44.0475 4776 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:47:44.0475 4776 MRxDAV - ok
14:47:44.0491 4776 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:47:44.0491 4776 mrxsmb - ok
14:47:44.0491 4776 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:47:44.0491 4776 mrxsmb10 - ok
14:47:44.0491 4776 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:47:44.0491 4776 mrxsmb20 - ok
14:47:44.0491 4776 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:47:44.0491 4776 msahci - ok
14:47:44.0507 4776 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:47:44.0507 4776 msdsm - ok
14:47:44.0507 4776 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:47:44.0507 4776 MSDTC - ok
14:47:44.0507 4776 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:47:44.0507 4776 Msfs - ok
14:47:44.0507 4776 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:47:44.0507 4776 mshidkmdf - ok
14:47:44.0507 4776 MSICDSetup - ok
14:47:44.0507 4776 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:47:44.0507 4776 msisadrv - ok
14:47:44.0522 4776 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:47:44.0522 4776 MSiSCSI - ok
14:47:44.0522 4776 msiserver - ok
14:47:44.0522 4776 [ 1FC68C9D145E55F0F90CF472FB6F28D9 ] MSI_OTPService C:\Program Files (x86)\MSI\OTPService\OTPService.exe
14:47:44.0522 4776 MSI_OTPService - ok
14:47:44.0522 4776 [ C72ADF8436182E12B1B7E04390CE4C5B ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
14:47:44.0522 4776 MSI_SuperCharger - ok
14:47:44.0522 4776 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:47:44.0522 4776 MSKSSRV - ok
14:47:44.0538 4776 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:47:44.0538 4776 MSPCLOCK - ok
14:47:44.0538 4776 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:47:44.0538 4776 MSPQM - ok
14:47:44.0538 4776 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:47:44.0538 4776 MsRPC - ok
14:47:44.0538 4776 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:47:44.0538 4776 mssmbios - ok
14:47:44.0538 4776 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:47:44.0538 4776 MSTEE - ok
14:47:44.0553 4776 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:47:44.0553 4776 MTConfig - ok
14:47:44.0553 4776 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:47:44.0553 4776 Mup - ok
14:47:44.0553 4776 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:47:44.0553 4776 napagent - ok
14:47:44.0553 4776 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:47:44.0569 4776 NativeWifiP - ok
14:47:44.0569 4776 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:47:44.0569 4776 NDIS - ok
14:47:44.0569 4776 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:47:44.0569 4776 NdisCap - ok
14:47:44.0585 4776 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:47:44.0585 4776 NdisTapi - ok
14:47:44.0585 4776 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:47:44.0585 4776 Ndisuio - ok
14:47:44.0585 4776 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:47:44.0585 4776 NdisWan - ok
14:47:44.0585 4776 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:47:44.0585 4776 NDProxy - ok
14:47:44.0585 4776 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:47:44.0585 4776 NetBIOS - ok
14:47:44.0600 4776 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:47:44.0600 4776 NetBT - ok
14:47:44.0600 4776 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\Windows\system32\lsass.exe
14:47:44.0600 4776 Netlogon - ok
14:47:44.0600 4776 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:47:44.0600 4776 Netman - ok
14:47:44.0600 4776 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:47:44.0600 4776 NetMsmqActivator - ok
14:47:44.0616 4776 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:47:44.0616 4776 NetPipeActivator - ok
14:47:44.0616 4776 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:47:44.0616 4776 netprofm - ok