Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:06:12, on 27.6.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Users\Martin\Desktop\SRDownloader.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\adawaretb\ffHelper.exe
C:\ProgramData\Search Protection\SearchProtection.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securedsearch2.lavasoft.com/inde ... 51CBDEEFC4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Martin\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: wxDownload - {911019E0-385A-266F-1B3D-BE4F4CA8C813} - C:\ProgramData\wxDownload\509b8096e5f38.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Fastboot] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Search Protection] C:\ProgramData\Search Protection\SearchProtection.exe
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --enable-full-history-sync --flag-switches-begin --flag-switches-end --sync-keystore-encryption --no-startup-window --flag-switches-begin --enable-full-history-sync --sync-keystore-encryption --flag-switches-end --restore-last-session
O4 - HKCU\..\RunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f
O4 - HKCU\..\RunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1799753202-1933328446-2015337862-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1799753202-1933328446-2015337862-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\progra~2\wxdown~1\sprote~1.dll c:\progra~2\contin~1\sprote~1.dll c:\progra~2\simple~1\sprote~1.dll,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Martin\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FastbootService - Lenovo - C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 19948 bytes
Asi malware ale netuším co vyčistit
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
Odinstaluj Ad aware a Search protection
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.06.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Martin :: FRODO [administrátor]
Ochrana: Povolena
27.6.2013 9:22:03
MBAM-log-2013-06-27 (09-29-45).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 256813
Uplynulý čas: 7 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Users\Martin\Local Settings\Temporary Internet Files\Content.IE5\P3SKRUUC\512762934f21f[1].exe (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2013.06.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Martin :: FRODO [administrátor]
Ochrana: Povolena
27.6.2013 9:22:03
MBAM-log-2013-06-27 (09-29-45).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 256813
Uplynulý čas: 7 minut, 16 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Users\Martin\Local Settings\Temporary Internet Files\Content.IE5\P3SKRUUC\512762934f21f[1].exe (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
(konec)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
dodej ještě adwcleaner-.
+
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
dodej ještě adwcleaner-.
+
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
# AdwCleaner v2.303 - Log vytvooen 27/06/2013 v 09:31:01
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Martin - FRODO
# Spuštin systém : Normální
# Spuštino z : C:\Users\Martin\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : DefaultTabSearch
Nalezeno : DefaultTabUpdate
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\continuetosave
Složka Nalezeno : C:\Program Files (x86)\DefaultTab
Složka Nalezeno : C:\Program Files (x86)\OApps
Složka Nalezeno : C:\Program Files (x86)\SimpleSpeedy
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BetterSoft
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Partner
Složka Nalezeno : C:\ProgramData\Premium
Složka Nalezeno : C:\ProgramData\SoftSafe
Složka Nalezeno : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Složka Nalezeno : C:\Users\Martin\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Martin\AppData\Roaming\DefaultTab
Složka Nalezeno : C:\Users\Martin\AppData\Roaming\pdfforge
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\extensions\addon@defaulttab.com.xpi
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\extensions\addon@defaulttab.com.xpi
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\search-here.xml
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\WebSearch.xml
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\simple~1\sprote~1.dll,C:\Windows\SysWOW64\nvinit.dll
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\wxdown~1\sprote~1.dll
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\DefaultTab
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Default Tab
Klíe Nalezeno : HKCU\Software\DefaultTab
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\Software\Default Tab
Klíe Nalezeno : HKLM\Software\DefaultTab
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíe Nalezeno : HKU\S-1-5-21-1799753202-1933328446-2015337862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-1799753202-1933328446-2015337862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Nalezeno : HKU\S-1-5-21-1799753202-1933328446-2015337862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename", "WebSearch");
Nalezeno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("browser.search.order.1", "WebSearch");
Nalezeno : user_pref("browser.search.order.1,S", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Nalezeno : user_pref("extensions.512762933841b.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [7988 octets] - [27/06/2013 09:31:01]
########## EOF - C:\AdwCleaner[R1].txt - [8048 octets] ##########
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Martin - FRODO
# Spuštin systém : Normální
# Spuštino z : C:\Users\Martin\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
Nalezeno : DefaultTabSearch
Nalezeno : DefaultTabUpdate
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\continuetosave
Složka Nalezeno : C:\Program Files (x86)\DefaultTab
Složka Nalezeno : C:\Program Files (x86)\OApps
Složka Nalezeno : C:\Program Files (x86)\SimpleSpeedy
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BetterSoft
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Partner
Složka Nalezeno : C:\ProgramData\Premium
Složka Nalezeno : C:\ProgramData\SoftSafe
Složka Nalezeno : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Složka Nalezeno : C:\Users\Martin\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Martin\AppData\Roaming\DefaultTab
Složka Nalezeno : C:\Users\Martin\AppData\Roaming\pdfforge
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\extensions\addon@defaulttab.com.xpi
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\extensions\addon@defaulttab.com.xpi
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\search-here.xml
Soubor Nalezeno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\WebSearch.xml
***** [Registry] *****
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\simple~1\sprote~1.dll,C:\Windows\SysWOW64\nvinit.dll
Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\wxdown~1\sprote~1.dll
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\DefaultTab
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Default Tab
Klíe Nalezeno : HKCU\Software\DefaultTab
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\Software\Default Tab
Klíe Nalezeno : HKLM\Software\DefaultTab
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíe Nalezeno : HKU\S-1-5-21-1799753202-1933328446-2015337862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-1799753202-1933328446-2015337862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Nalezeno : HKU\S-1-5-21-1799753202-1933328446-2015337862-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\prefs.js
Nalezeno : user_pref("aol_toolbar.default.homepage.check", false);
Nalezeno : user_pref("aol_toolbar.default.search.check", false);
Nalezeno : user_pref("browser.search.defaultenginename", "WebSearch");
Nalezeno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("browser.search.order.1", "WebSearch");
Nalezeno : user_pref("browser.search.order.1,S", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine", "WebSearch");
Nalezeno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Nalezeno : user_pref("extensions.512762933841b.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Nalezeno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Nalezeno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Nalezeno : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Nalezeno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Nalezeno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Nalezeno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Nalezeno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [7988 octets] - [27/06/2013 09:31:01]
########## EOF - C:\AdwCleaner[R1].txt - [8048 octets] ##########
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
+
TDDSKiller.
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
+
TDDSKiller.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.06.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Martin :: FRODO [administrátor]
Ochrana: Povolena
27.6.2013 9:33:26
mbam-log-2013-06-27 (09-33-26).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 256551
Uplynulý čas: 4 minut, 20 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Users\Martin\Local Settings\Temporary Internet Files\Content.IE5\P3SKRUUC\512762934f21f[1].exe (PUP.Adware.MultiPlug) -> Přesun do karantény a smazání se zdařilo.
(konec)
www.malwarebytes.org
Verze: v2013.06.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Martin :: FRODO [administrátor]
Ochrana: Povolena
27.6.2013 9:33:26
mbam-log-2013-06-27 (09-33-26).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 256551
Uplynulý čas: 4 minut, 20 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 1
C:\Users\Martin\Local Settings\Temporary Internet Files\Content.IE5\P3SKRUUC\512762934f21f[1].exe (PUP.Adware.MultiPlug) -> Přesun do karantény a smazání se zdařilo.
(konec)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
+
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
# AdwCleaner v2.303 - Log vytvooen 27/06/2013 v 09:38:54
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Martin - FRODO
# Spuštin systém : Normální
# Spuštino z : C:\Users\Martin\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : DefaultTabSearch
Zastaveno & vymazáno : DefaultTabUpdate
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\continuetosave
Složka Vymazáno : C:\Program Files (x86)\DefaultTab
Složka Vymazáno : C:\Program Files (x86)\OApps
Složka Vymazáno : C:\Program Files (x86)\SimpleSpeedy
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Partner
Složka Vymazáno : C:\ProgramData\Premium
Složka Vymazáno : C:\ProgramData\SoftSafe
Složka Vymazáno : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Složka Vymazáno : C:\Users\Martin\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Martin\AppData\Roaming\DefaultTab
Složka Vymazáno : C:\Users\Martin\AppData\Roaming\pdfforge
Soubor Vymazáno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\extensions\addon@defaulttab.com.xpi
Soubor Vymazáno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\search-here.xml
Soubor Vymazáno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\WebSearch.xml
Vymazáno poi restartu : C:\ProgramData\BetterSoft
***** [Registry] *****
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\simple~1\sprote~1.dll,
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\wxdown~1\sprote~1.dll
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\DefaultTab
Klíe Vymazáno : HKCU\Software\AppDataLow\SProtector
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Default Tab
Klíe Vymazáno : HKCU\Software\DefaultTab
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\Software\Default Tab
Klíe Vymazáno : HKLM\Software\DefaultTab
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKLM\Software\SP Global
Klíe Vymazáno : HKLM\Software\SProtector
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\prefs.js
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\user.js ... Vymazáno !
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename", "WebSearch");
Vymazáno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Vymazáno : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Vymazáno : user_pref("browser.search.order.1", "WebSearch");
Vymazáno : user_pref("browser.search.order.1,S", "WebSearch");
Vymazáno : user_pref("browser.search.selectedEngine", "WebSearch");
Vymazáno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Vymazáno : user_pref("extensions.512762933841b.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [8107 octets] - [27/06/2013 09:31:01]
AdwCleaner[S1].txt - [7546 octets] - [27/06/2013 09:38:54]
########## EOF - C:\AdwCleaner[S1].txt - [7606 octets] ##########
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : Martin - FRODO
# Spuštin systém : Normální
# Spuštino z : C:\Users\Martin\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : DefaultTabSearch
Zastaveno & vymazáno : DefaultTabUpdate
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\continuetosave
Složka Vymazáno : C:\Program Files (x86)\DefaultTab
Složka Vymazáno : C:\Program Files (x86)\OApps
Složka Vymazáno : C:\Program Files (x86)\SimpleSpeedy
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Partner
Složka Vymazáno : C:\ProgramData\Premium
Složka Vymazáno : C:\ProgramData\SoftSafe
Složka Vymazáno : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Složka Vymazáno : C:\Users\Martin\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\Martin\AppData\Roaming\DefaultTab
Složka Vymazáno : C:\Users\Martin\AppData\Roaming\pdfforge
Soubor Vymazáno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\extensions\addon@defaulttab.com.xpi
Soubor Vymazáno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\search-here.xml
Soubor Vymazáno : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\searchplugins\WebSearch.xml
Vymazáno poi restartu : C:\ProgramData\BetterSoft
***** [Registry] *****
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\simple~1\sprote~1.dll,
Data Vymazáno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\wxdown~1\sprote~1.dll
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\DefaultTab
Klíe Vymazáno : HKCU\Software\AppDataLow\SProtector
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Default Tab
Klíe Vymazáno : HKCU\Software\DefaultTab
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\Software\Default Tab
Klíe Vymazáno : HKLM\Software\DefaultTab
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\ContinueToSave_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKLM\Software\SP Global
Klíe Vymazáno : HKLM\Software\SProtector
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911019E0-385A-266F-1B3D-BE4F4CA8C813}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v21.0 (cs)
Soubor : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\prefs.js
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\on2x9nyt.default\user.js ... Vymazáno !
Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("browser.search.defaultenginename", "WebSearch");
Vymazáno : user_pref("browser.search.defaultenginename,S", "WebSearch");
Vymazáno : user_pref("browser.search.defaulturl", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Vymazáno : user_pref("browser.search.order.1", "WebSearch");
Vymazáno : user_pref("browser.search.order.1,S", "WebSearch");
Vymazáno : user_pref("browser.search.selectedEngine", "WebSearch");
Vymazáno : user_pref("browser.search.selectedEngine,S", "WebSearch");
Vymazáno : user_pref("extensions.512762933841b.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("keyword.URL", "hxxp://websearch.simplespeedy.info/?l=1&q=");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [8107 octets] - [27/06/2013 09:31:01]
AdwCleaner[S1].txt - [7546 octets] - [27/06/2013 09:38:54]
########## EOF - C:\AdwCleaner[S1].txt - [7606 octets] ##########
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
09:44:08.0306 8384 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:44:08.0556 8384 ============================================================
09:44:08.0556 8384 Current date / time: 2013/06/27 09:44:08.0556
09:44:08.0556 8384 SystemInfo:
09:44:08.0556 8384
09:44:08.0556 8384 OS Version: 6.1.7601 ServicePack: 1.0
09:44:08.0556 8384 Product type: Workstation
09:44:08.0556 8384 ComputerName: FRODO
09:44:08.0556 8384 UserName: Martin
09:44:08.0556 8384 Windows directory: C:\Windows
09:44:08.0556 8384 System windows directory: C:\Windows
09:44:08.0556 8384 Running under WOW64
09:44:08.0556 8384 Processor architecture: Intel x64
09:44:08.0556 8384 Number of processors: 4
09:44:08.0556 8384 Page size: 0x1000
09:44:08.0556 8384 Boot type: Normal boot
09:44:08.0556 8384 ============================================================
09:44:09.0664 8384 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:44:09.0679 8384 ============================================================
09:44:09.0679 8384 \Device\Harddisk0\DR0:
09:44:09.0679 8384 MBR partitions:
09:44:09.0679 8384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
09:44:09.0679 8384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x37D6F000
09:44:09.0679 8384 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3805D800, BlocksNum 0x2328000
09:44:09.0679 8384 ============================================================
09:44:09.0742 8384 C: <-> \Device\Harddisk0\DR0\Partition2
09:44:10.0069 8384 Q: <-> \Device\Harddisk0\DR0\Partition3
09:44:10.0069 8384 ============================================================
09:44:10.0069 8384 Initialize success
09:44:10.0069 8384 ============================================================
09:44:16.0106 7584 ============================================================
09:44:16.0106 7584 Scan started
09:44:16.0106 7584 Mode: Manual;
09:44:16.0106 7584 ============================================================
09:44:17.0744 7584 ================ Scan system memory ========================
09:44:17.0744 7584 System memory - ok
09:44:17.0744 7584 ================ Scan services =============================
09:44:17.0947 7584 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:44:17.0947 7584 1394ohci - ok
09:44:18.0010 7584 [ 1F305C858E7B5E537C9B783D46243A7A ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
09:44:18.0041 7584 5U877 - ok
09:44:18.0103 7584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:44:18.0103 7584 ACPI - ok
09:44:18.0119 7584 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:44:18.0119 7584 AcpiPmi - ok
09:44:18.0244 7584 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:44:18.0244 7584 AdobeARMservice - ok
09:44:18.0290 7584 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:44:18.0306 7584 adp94xx - ok
09:44:18.0322 7584 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:44:18.0322 7584 adpahci - ok
09:44:18.0337 7584 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:44:18.0337 7584 adpu320 - ok
09:44:18.0353 7584 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:44:18.0368 7584 AeLookupSvc - ok
09:44:18.0400 7584 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:44:18.0400 7584 AFD - ok
09:44:18.0415 7584 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:44:18.0415 7584 agp440 - ok
09:44:18.0431 7584 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:44:18.0431 7584 ALG - ok
09:44:18.0431 7584 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:44:18.0431 7584 aliide - ok
09:44:18.0431 7584 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:44:18.0431 7584 amdide - ok
09:44:18.0431 7584 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:44:18.0431 7584 AmdK8 - ok
09:44:18.0446 7584 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:44:18.0446 7584 AmdPPM - ok
09:44:18.0446 7584 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:44:18.0446 7584 amdsata - ok
09:44:18.0462 7584 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:44:18.0478 7584 amdsbs - ok
09:44:18.0493 7584 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:44:18.0493 7584 amdxata - ok
09:44:18.0509 7584 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:44:18.0509 7584 AppID - ok
09:44:18.0524 7584 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:44:18.0524 7584 AppIDSvc - ok
09:44:18.0571 7584 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
09:44:18.0571 7584 Appinfo - ok
09:44:18.0602 7584 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:44:18.0602 7584 AppMgmt - ok
09:44:18.0602 7584 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:44:18.0602 7584 arc - ok
09:44:18.0618 7584 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:44:18.0618 7584 arcsas - ok
09:44:18.0634 7584 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:44:18.0634 7584 AsyncMac - ok
09:44:18.0649 7584 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:44:18.0649 7584 atapi - ok
09:44:18.0680 7584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:44:18.0680 7584 AudioEndpointBuilder - ok
09:44:18.0696 7584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:44:18.0696 7584 AudioSrv - ok
09:44:18.0712 7584 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:44:18.0712 7584 AxInstSV - ok
09:44:18.0727 7584 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:44:18.0727 7584 b06bdrv - ok
09:44:18.0821 7584 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:44:18.0836 7584 b57nd60a - ok
09:44:18.0914 7584 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
09:44:18.0914 7584 bcbtums - ok
09:44:18.0930 7584 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:44:18.0930 7584 BDESVC - ok
09:44:18.0977 7584 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:44:18.0977 7584 Beep - ok
09:44:19.0102 7584 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:44:19.0117 7584 BFE - ok
09:44:19.0226 7584 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:44:19.0226 7584 BITS - ok
09:44:19.0258 7584 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:44:19.0258 7584 blbdrive - ok
09:44:19.0289 7584 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:44:19.0289 7584 bowser - ok
09:44:19.0320 7584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:44:19.0320 7584 BrFiltLo - ok
09:44:19.0336 7584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:44:19.0351 7584 BrFiltUp - ok
09:44:19.0382 7584 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:44:19.0382 7584 Browser - ok
09:44:19.0414 7584 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:44:19.0429 7584 Brserid - ok
09:44:19.0429 7584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:19.0429 7584 BrSerWdm - ok
09:44:19.0445 7584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:19.0460 7584 BrUsbMdm - ok
09:44:19.0476 7584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:19.0476 7584 BrUsbSer - ok
09:44:19.0523 7584 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
09:44:19.0523 7584 BthEnum - ok
09:44:19.0538 7584 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:44:19.0538 7584 BTHMODEM - ok
09:44:19.0570 7584 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:44:19.0570 7584 BthPan - ok
09:44:19.0601 7584 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:44:19.0616 7584 BTHPORT - ok
09:44:19.0648 7584 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:44:19.0648 7584 bthserv - ok
09:44:19.0663 7584 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:44:19.0663 7584 BTHUSB - ok
09:44:19.0726 7584 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
09:44:19.0726 7584 btwampfl - ok
09:44:19.0741 7584 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:44:19.0741 7584 btwaudio - ok
09:44:19.0741 7584 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
09:44:19.0757 7584 btwavdt - ok
09:44:19.0819 7584 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
09:44:19.0835 7584 btwdins - ok
09:44:19.0866 7584 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:44:19.0866 7584 btwl2cap - ok
09:44:19.0897 7584 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:44:19.0913 7584 btwrchid - ok
09:44:19.0960 7584 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:44:19.0960 7584 cdfs - ok
09:44:19.0991 7584 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:44:19.0991 7584 cdrom - ok
09:44:20.0022 7584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:44:20.0022 7584 CertPropSvc - ok
09:44:20.0053 7584 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:44:20.0053 7584 circlass - ok
09:44:20.0069 7584 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:44:20.0069 7584 CLFS - ok
09:44:20.0131 7584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:20.0131 7584 clr_optimization_v2.0.50727_32 - ok
09:44:20.0194 7584 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:44:20.0194 7584 clr_optimization_v2.0.50727_64 - ok
09:44:20.0225 7584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:20.0272 7584 clr_optimization_v4.0.30319_32 - ok
09:44:20.0303 7584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:44:20.0303 7584 clr_optimization_v4.0.30319_64 - ok
09:44:20.0334 7584 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:44:20.0334 7584 CmBatt - ok
09:44:20.0365 7584 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:44:20.0365 7584 cmdide - ok
09:44:20.0396 7584 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:44:20.0396 7584 CNG - ok
09:44:20.0412 7584 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:44:20.0412 7584 Compbatt - ok
09:44:20.0443 7584 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:44:20.0443 7584 CompositeBus - ok
09:44:20.0459 7584 COMSysApp - ok
09:44:20.0537 7584 [ EB726E02074FDC44EBE97E01A2660AA6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:44:20.0537 7584 cphs - ok
09:44:20.0552 7584 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:44:20.0552 7584 crcdisk - ok
09:44:20.0599 7584 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:44:20.0599 7584 CryptSvc - ok
09:44:20.0630 7584 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:44:20.0630 7584 CSC - ok
09:44:20.0646 7584 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:44:20.0646 7584 CscService - ok
09:44:20.0677 7584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:44:20.0677 7584 DcomLaunch - ok
09:44:20.0693 7584 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:44:20.0693 7584 defragsvc - ok
09:44:20.0724 7584 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:44:20.0724 7584 DfsC - ok
09:44:20.0740 7584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:44:20.0740 7584 Dhcp - ok
09:44:20.0755 7584 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:44:20.0755 7584 discache - ok
09:44:20.0786 7584 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:44:20.0786 7584 Disk - ok
09:44:20.0802 7584 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:44:20.0802 7584 dmvsc - ok
09:44:20.0818 7584 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:44:20.0818 7584 Dnscache - ok
09:44:20.0833 7584 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:44:20.0833 7584 dot3svc - ok
09:44:20.0896 7584 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
09:44:20.0896 7584 DozeSvc - ok
09:44:20.0896 7584 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:44:20.0911 7584 DPS - ok
09:44:20.0927 7584 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:44:20.0927 7584 drmkaud - ok
09:44:20.0958 7584 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:44:20.0974 7584 DXGKrnl - ok
09:44:21.0005 7584 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
09:44:21.0005 7584 DzHDD64 - ok
09:44:21.0036 7584 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:44:21.0036 7584 e1cexpress - ok
09:44:21.0052 7584 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:44:21.0052 7584 EapHost - ok
09:44:21.0114 7584 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:44:21.0145 7584 ebdrv - ok
09:44:21.0176 7584 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:44:21.0176 7584 EFS - ok
09:44:21.0223 7584 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:44:21.0239 7584 ehRecvr - ok
09:44:21.0254 7584 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:44:21.0254 7584 ehSched - ok
09:44:21.0286 7584 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:44:21.0301 7584 elxstor - ok
09:44:21.0301 7584 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:44:21.0301 7584 ErrDev - ok
09:44:21.0348 7584 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:44:21.0348 7584 EventSystem - ok
09:44:21.0410 7584 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:44:21.0442 7584 EvtEng - ok
09:44:21.0457 7584 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:44:21.0473 7584 exfat - ok
09:44:21.0488 7584 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
09:44:21.0520 7584 Fastboot - ok
09:44:21.0551 7584 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
09:44:21.0551 7584 FastbootService - ok
09:44:21.0566 7584 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:44:21.0566 7584 fastfat - ok
09:44:21.0598 7584 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:44:21.0613 7584 Fax - ok
09:44:21.0629 7584 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:44:21.0629 7584 fdc - ok
09:44:21.0660 7584 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:44:21.0660 7584 fdPHost - ok
09:44:21.0676 7584 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:44:21.0676 7584 FDResPub - ok
09:44:21.0691 7584 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:44:21.0691 7584 FileInfo - ok
09:44:21.0691 7584 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:44:21.0691 7584 Filetrace - ok
09:44:21.0754 7584 [ 7E76EED28B8B8696B7F7ED5F757AA304 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
09:44:21.0878 7584 FileZilla Server - ok
09:44:21.0878 7584 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:44:21.0894 7584 flpydisk - ok
09:44:21.0910 7584 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:44:21.0910 7584 FltMgr - ok
09:44:21.0956 7584 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
09:44:21.0972 7584 FontCache - ok
09:44:22.0003 7584 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:44:22.0003 7584 FontCache3.0.0.0 - ok
09:44:22.0019 7584 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:44:22.0019 7584 FsDepends - ok
09:44:22.0034 7584 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:44:22.0034 7584 Fs_Rec - ok
09:44:22.0066 7584 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:44:22.0066 7584 fvevol - ok
09:44:22.0081 7584 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:44:22.0081 7584 gagp30kx - ok
09:44:22.0112 7584 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys
09:44:22.0112 7584 gfibto - ok
09:44:22.0144 7584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:44:22.0144 7584 gpsvc - ok
09:44:22.0190 7584 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:22.0190 7584 gupdate - ok
09:44:22.0190 7584 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:22.0190 7584 gupdatem - ok
09:44:22.0222 7584 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:44:22.0237 7584 gusvc - ok
09:44:22.0253 7584 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:44:22.0268 7584 hcw85cir - ok
09:44:22.0284 7584 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:44:22.0300 7584 HdAudAddService - ok
09:44:22.0315 7584 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:44:22.0315 7584 HDAudBus - ok
09:44:22.0331 7584 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:44:22.0331 7584 HidBatt - ok
09:44:22.0331 7584 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:44:22.0331 7584 HidBth - ok
09:44:22.0346 7584 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:44:22.0346 7584 HidIr - ok
09:44:22.0362 7584 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:44:22.0362 7584 hidserv - ok
09:44:22.0393 7584 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:44:22.0393 7584 HidUsb - ok
09:44:22.0409 7584 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:44:22.0409 7584 hkmsvc - ok
09:44:22.0424 7584 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:44:22.0424 7584 HomeGroupListener - ok
09:44:22.0456 7584 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:44:22.0456 7584 HomeGroupProvider - ok
09:44:22.0487 7584 [ DBD2BB97A574FC565B1EB5C0A03F917A ] HPFXBULK C:\Windows\system32\drivers\hpfx64bulk.sys
09:44:22.0502 7584 HPFXBULK - ok
09:44:22.0502 7584 [ 219C2A07FD07023D3905C332BF6F9BA8 ] HPFXFAX C:\Windows\system32\drivers\hpfx64fax.sys
09:44:22.0502 7584 HPFXFAX - ok
09:44:22.0549 7584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:44:22.0549 7584 HpSAMD - ok
09:44:22.0580 7584 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:44:22.0596 7584 HTTP - ok
09:44:22.0596 7584 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:44:22.0596 7584 hwpolicy - ok
09:44:22.0658 7584 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
09:44:22.0658 7584 HyperW7Svc - ok
09:44:08.0556 8384 ============================================================
09:44:08.0556 8384 Current date / time: 2013/06/27 09:44:08.0556
09:44:08.0556 8384 SystemInfo:
09:44:08.0556 8384
09:44:08.0556 8384 OS Version: 6.1.7601 ServicePack: 1.0
09:44:08.0556 8384 Product type: Workstation
09:44:08.0556 8384 ComputerName: FRODO
09:44:08.0556 8384 UserName: Martin
09:44:08.0556 8384 Windows directory: C:\Windows
09:44:08.0556 8384 System windows directory: C:\Windows
09:44:08.0556 8384 Running under WOW64
09:44:08.0556 8384 Processor architecture: Intel x64
09:44:08.0556 8384 Number of processors: 4
09:44:08.0556 8384 Page size: 0x1000
09:44:08.0556 8384 Boot type: Normal boot
09:44:08.0556 8384 ============================================================
09:44:09.0664 8384 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:44:09.0679 8384 ============================================================
09:44:09.0679 8384 \Device\Harddisk0\DR0:
09:44:09.0679 8384 MBR partitions:
09:44:09.0679 8384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
09:44:09.0679 8384 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x37D6F000
09:44:09.0679 8384 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3805D800, BlocksNum 0x2328000
09:44:09.0679 8384 ============================================================
09:44:09.0742 8384 C: <-> \Device\Harddisk0\DR0\Partition2
09:44:10.0069 8384 Q: <-> \Device\Harddisk0\DR0\Partition3
09:44:10.0069 8384 ============================================================
09:44:10.0069 8384 Initialize success
09:44:10.0069 8384 ============================================================
09:44:16.0106 7584 ============================================================
09:44:16.0106 7584 Scan started
09:44:16.0106 7584 Mode: Manual;
09:44:16.0106 7584 ============================================================
09:44:17.0744 7584 ================ Scan system memory ========================
09:44:17.0744 7584 System memory - ok
09:44:17.0744 7584 ================ Scan services =============================
09:44:17.0947 7584 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:44:17.0947 7584 1394ohci - ok
09:44:18.0010 7584 [ 1F305C858E7B5E537C9B783D46243A7A ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
09:44:18.0041 7584 5U877 - ok
09:44:18.0103 7584 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:44:18.0103 7584 ACPI - ok
09:44:18.0119 7584 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:44:18.0119 7584 AcpiPmi - ok
09:44:18.0244 7584 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:44:18.0244 7584 AdobeARMservice - ok
09:44:18.0290 7584 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:44:18.0306 7584 adp94xx - ok
09:44:18.0322 7584 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:44:18.0322 7584 adpahci - ok
09:44:18.0337 7584 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:44:18.0337 7584 adpu320 - ok
09:44:18.0353 7584 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:44:18.0368 7584 AeLookupSvc - ok
09:44:18.0400 7584 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:44:18.0400 7584 AFD - ok
09:44:18.0415 7584 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:44:18.0415 7584 agp440 - ok
09:44:18.0431 7584 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:44:18.0431 7584 ALG - ok
09:44:18.0431 7584 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:44:18.0431 7584 aliide - ok
09:44:18.0431 7584 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:44:18.0431 7584 amdide - ok
09:44:18.0431 7584 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:44:18.0431 7584 AmdK8 - ok
09:44:18.0446 7584 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:44:18.0446 7584 AmdPPM - ok
09:44:18.0446 7584 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:44:18.0446 7584 amdsata - ok
09:44:18.0462 7584 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:44:18.0478 7584 amdsbs - ok
09:44:18.0493 7584 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:44:18.0493 7584 amdxata - ok
09:44:18.0509 7584 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:44:18.0509 7584 AppID - ok
09:44:18.0524 7584 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:44:18.0524 7584 AppIDSvc - ok
09:44:18.0571 7584 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
09:44:18.0571 7584 Appinfo - ok
09:44:18.0602 7584 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:44:18.0602 7584 AppMgmt - ok
09:44:18.0602 7584 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:44:18.0602 7584 arc - ok
09:44:18.0618 7584 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:44:18.0618 7584 arcsas - ok
09:44:18.0634 7584 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:44:18.0634 7584 AsyncMac - ok
09:44:18.0649 7584 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:44:18.0649 7584 atapi - ok
09:44:18.0680 7584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:44:18.0680 7584 AudioEndpointBuilder - ok
09:44:18.0696 7584 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:44:18.0696 7584 AudioSrv - ok
09:44:18.0712 7584 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:44:18.0712 7584 AxInstSV - ok
09:44:18.0727 7584 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:44:18.0727 7584 b06bdrv - ok
09:44:18.0821 7584 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:44:18.0836 7584 b57nd60a - ok
09:44:18.0914 7584 [ F01759FA97126CC69DFA85CEDA0717A1 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys
09:44:18.0914 7584 bcbtums - ok
09:44:18.0930 7584 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:44:18.0930 7584 BDESVC - ok
09:44:18.0977 7584 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:44:18.0977 7584 Beep - ok
09:44:19.0102 7584 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:44:19.0117 7584 BFE - ok
09:44:19.0226 7584 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:44:19.0226 7584 BITS - ok
09:44:19.0258 7584 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:44:19.0258 7584 blbdrive - ok
09:44:19.0289 7584 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:44:19.0289 7584 bowser - ok
09:44:19.0320 7584 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:44:19.0320 7584 BrFiltLo - ok
09:44:19.0336 7584 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:44:19.0351 7584 BrFiltUp - ok
09:44:19.0382 7584 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:44:19.0382 7584 Browser - ok
09:44:19.0414 7584 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:44:19.0429 7584 Brserid - ok
09:44:19.0429 7584 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:19.0429 7584 BrSerWdm - ok
09:44:19.0445 7584 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:19.0460 7584 BrUsbMdm - ok
09:44:19.0476 7584 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:19.0476 7584 BrUsbSer - ok
09:44:19.0523 7584 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
09:44:19.0523 7584 BthEnum - ok
09:44:19.0538 7584 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:44:19.0538 7584 BTHMODEM - ok
09:44:19.0570 7584 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:44:19.0570 7584 BthPan - ok
09:44:19.0601 7584 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:44:19.0616 7584 BTHPORT - ok
09:44:19.0648 7584 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:44:19.0648 7584 bthserv - ok
09:44:19.0663 7584 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:44:19.0663 7584 BTHUSB - ok
09:44:19.0726 7584 [ 3AFF6DC496B8A8D12C867E3FC7C86FAC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
09:44:19.0726 7584 btwampfl - ok
09:44:19.0741 7584 [ 336BBA0909B3636AB7D06A71D7B1C0DC ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:44:19.0741 7584 btwaudio - ok
09:44:19.0741 7584 [ 9FF58F76024D25784755B01F926B00BE ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
09:44:19.0757 7584 btwavdt - ok
09:44:19.0819 7584 [ 26A80D7ACA49E03A403806418B5FED46 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
09:44:19.0835 7584 btwdins - ok
09:44:19.0866 7584 [ B1ACFD00CDD13B48D86F46BFEC153BF9 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:44:19.0866 7584 btwl2cap - ok
09:44:19.0897 7584 [ EDD953D635F3AA89EF902E3F82D60D22 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:44:19.0913 7584 btwrchid - ok
09:44:19.0960 7584 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:44:19.0960 7584 cdfs - ok
09:44:19.0991 7584 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:44:19.0991 7584 cdrom - ok
09:44:20.0022 7584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:44:20.0022 7584 CertPropSvc - ok
09:44:20.0053 7584 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:44:20.0053 7584 circlass - ok
09:44:20.0069 7584 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:44:20.0069 7584 CLFS - ok
09:44:20.0131 7584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:20.0131 7584 clr_optimization_v2.0.50727_32 - ok
09:44:20.0194 7584 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:44:20.0194 7584 clr_optimization_v2.0.50727_64 - ok
09:44:20.0225 7584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:20.0272 7584 clr_optimization_v4.0.30319_32 - ok
09:44:20.0303 7584 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:44:20.0303 7584 clr_optimization_v4.0.30319_64 - ok
09:44:20.0334 7584 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:44:20.0334 7584 CmBatt - ok
09:44:20.0365 7584 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:44:20.0365 7584 cmdide - ok
09:44:20.0396 7584 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:44:20.0396 7584 CNG - ok
09:44:20.0412 7584 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:44:20.0412 7584 Compbatt - ok
09:44:20.0443 7584 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:44:20.0443 7584 CompositeBus - ok
09:44:20.0459 7584 COMSysApp - ok
09:44:20.0537 7584 [ EB726E02074FDC44EBE97E01A2660AA6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:44:20.0537 7584 cphs - ok
09:44:20.0552 7584 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:44:20.0552 7584 crcdisk - ok
09:44:20.0599 7584 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:44:20.0599 7584 CryptSvc - ok
09:44:20.0630 7584 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:44:20.0630 7584 CSC - ok
09:44:20.0646 7584 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:44:20.0646 7584 CscService - ok
09:44:20.0677 7584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:44:20.0677 7584 DcomLaunch - ok
09:44:20.0693 7584 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:44:20.0693 7584 defragsvc - ok
09:44:20.0724 7584 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:44:20.0724 7584 DfsC - ok
09:44:20.0740 7584 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:44:20.0740 7584 Dhcp - ok
09:44:20.0755 7584 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:44:20.0755 7584 discache - ok
09:44:20.0786 7584 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:44:20.0786 7584 Disk - ok
09:44:20.0802 7584 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:44:20.0802 7584 dmvsc - ok
09:44:20.0818 7584 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:44:20.0818 7584 Dnscache - ok
09:44:20.0833 7584 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:44:20.0833 7584 dot3svc - ok
09:44:20.0896 7584 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
09:44:20.0896 7584 DozeSvc - ok
09:44:20.0896 7584 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:44:20.0911 7584 DPS - ok
09:44:20.0927 7584 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:44:20.0927 7584 drmkaud - ok
09:44:20.0958 7584 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:44:20.0974 7584 DXGKrnl - ok
09:44:21.0005 7584 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
09:44:21.0005 7584 DzHDD64 - ok
09:44:21.0036 7584 [ 03F4C5C12FC1C69F838DA723475EF650 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:44:21.0036 7584 e1cexpress - ok
09:44:21.0052 7584 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:44:21.0052 7584 EapHost - ok
09:44:21.0114 7584 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:44:21.0145 7584 ebdrv - ok
09:44:21.0176 7584 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:44:21.0176 7584 EFS - ok
09:44:21.0223 7584 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:44:21.0239 7584 ehRecvr - ok
09:44:21.0254 7584 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:44:21.0254 7584 ehSched - ok
09:44:21.0286 7584 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:44:21.0301 7584 elxstor - ok
09:44:21.0301 7584 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:44:21.0301 7584 ErrDev - ok
09:44:21.0348 7584 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:44:21.0348 7584 EventSystem - ok
09:44:21.0410 7584 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:44:21.0442 7584 EvtEng - ok
09:44:21.0457 7584 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:44:21.0473 7584 exfat - ok
09:44:21.0488 7584 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
09:44:21.0520 7584 Fastboot - ok
09:44:21.0551 7584 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
09:44:21.0551 7584 FastbootService - ok
09:44:21.0566 7584 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:44:21.0566 7584 fastfat - ok
09:44:21.0598 7584 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:44:21.0613 7584 Fax - ok
09:44:21.0629 7584 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:44:21.0629 7584 fdc - ok
09:44:21.0660 7584 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:44:21.0660 7584 fdPHost - ok
09:44:21.0676 7584 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:44:21.0676 7584 FDResPub - ok
09:44:21.0691 7584 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:44:21.0691 7584 FileInfo - ok
09:44:21.0691 7584 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:44:21.0691 7584 Filetrace - ok
09:44:21.0754 7584 [ 7E76EED28B8B8696B7F7ED5F757AA304 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
09:44:21.0878 7584 FileZilla Server - ok
09:44:21.0878 7584 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:44:21.0894 7584 flpydisk - ok
09:44:21.0910 7584 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:44:21.0910 7584 FltMgr - ok
09:44:21.0956 7584 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
09:44:21.0972 7584 FontCache - ok
09:44:22.0003 7584 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:44:22.0003 7584 FontCache3.0.0.0 - ok
09:44:22.0019 7584 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:44:22.0019 7584 FsDepends - ok
09:44:22.0034 7584 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:44:22.0034 7584 Fs_Rec - ok
09:44:22.0066 7584 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:44:22.0066 7584 fvevol - ok
09:44:22.0081 7584 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:44:22.0081 7584 gagp30kx - ok
09:44:22.0112 7584 [ 14908F4F9005C29DE8F5587E271390EE ] gfibto C:\Windows\system32\drivers\gfibto.sys
09:44:22.0112 7584 gfibto - ok
09:44:22.0144 7584 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:44:22.0144 7584 gpsvc - ok
09:44:22.0190 7584 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:22.0190 7584 gupdate - ok
09:44:22.0190 7584 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:22.0190 7584 gupdatem - ok
09:44:22.0222 7584 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:44:22.0237 7584 gusvc - ok
09:44:22.0253 7584 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:44:22.0268 7584 hcw85cir - ok
09:44:22.0284 7584 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:44:22.0300 7584 HdAudAddService - ok
09:44:22.0315 7584 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:44:22.0315 7584 HDAudBus - ok
09:44:22.0331 7584 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:44:22.0331 7584 HidBatt - ok
09:44:22.0331 7584 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:44:22.0331 7584 HidBth - ok
09:44:22.0346 7584 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:44:22.0346 7584 HidIr - ok
09:44:22.0362 7584 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:44:22.0362 7584 hidserv - ok
09:44:22.0393 7584 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:44:22.0393 7584 HidUsb - ok
09:44:22.0409 7584 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:44:22.0409 7584 hkmsvc - ok
09:44:22.0424 7584 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:44:22.0424 7584 HomeGroupListener - ok
09:44:22.0456 7584 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:44:22.0456 7584 HomeGroupProvider - ok
09:44:22.0487 7584 [ DBD2BB97A574FC565B1EB5C0A03F917A ] HPFXBULK C:\Windows\system32\drivers\hpfx64bulk.sys
09:44:22.0502 7584 HPFXBULK - ok
09:44:22.0502 7584 [ 219C2A07FD07023D3905C332BF6F9BA8 ] HPFXFAX C:\Windows\system32\drivers\hpfx64fax.sys
09:44:22.0502 7584 HPFXFAX - ok
09:44:22.0549 7584 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:44:22.0549 7584 HpSAMD - ok
09:44:22.0580 7584 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:44:22.0596 7584 HTTP - ok
09:44:22.0596 7584 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:44:22.0596 7584 hwpolicy - ok
09:44:22.0658 7584 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
09:44:22.0658 7584 HyperW7Svc - ok
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
09:44:22.0674 7584 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:44:22.0690 7584 i8042prt - ok
09:44:22.0721 7584 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:44:22.0721 7584 iaStor - ok
09:44:22.0736 7584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:44:22.0752 7584 iaStorV - ok
09:44:22.0783 7584 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:44:22.0783 7584 IBMPMDRV - ok
09:44:22.0799 7584 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
09:44:22.0799 7584 IBMPMSVC - ok
09:44:22.0846 7584 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:44:22.0861 7584 idsvc - ok
09:44:23.0033 7584 [ B9857625DF8B539ABCB90E15B5716568 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:44:23.0095 7584 igfx - ok
09:44:23.0142 7584 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:44:23.0142 7584 iirsp - ok
09:44:23.0173 7584 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:44:23.0189 7584 IKEEXT - ok
09:44:23.0220 7584 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
09:44:23.0220 7584 intaud_WaveExtensible - ok
09:44:23.0329 7584 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:44:23.0360 7584 IntcAzAudAddService - ok
09:44:23.0392 7584 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:44:24.0047 7584 Intel(R) Capability Licensing Service Interface - ok
09:44:24.0078 7584 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:44:24.0078 7584 intelide - ok
09:44:24.0109 7584 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:44:24.0109 7584 intelppm - ok
09:44:24.0125 7584 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:44:24.0125 7584 IPBusEnum - ok
09:44:24.0140 7584 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:24.0140 7584 IpFilterDriver - ok
09:44:24.0156 7584 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:44:24.0156 7584 iphlpsvc - ok
09:44:24.0172 7584 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:44:24.0172 7584 IPMIDRV - ok
09:44:24.0187 7584 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:44:24.0203 7584 IPNAT - ok
09:44:24.0218 7584 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:44:24.0218 7584 IRENUM - ok
09:44:24.0234 7584 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:44:24.0234 7584 isapnp - ok
09:44:24.0250 7584 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:44:24.0250 7584 iScsiPrt - ok
09:44:24.0265 7584 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:44:24.0265 7584 iusb3hcs - ok
09:44:24.0281 7584 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
09:44:24.0281 7584 iusb3hub - ok
09:44:24.0312 7584 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:44:24.0312 7584 iusb3xhc - ok
09:44:24.0343 7584 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
09:44:24.0343 7584 iwdbus - ok
09:44:24.0374 7584 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:44:24.0390 7584 jhi_service - ok
09:44:24.0406 7584 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:44:24.0406 7584 kbdclass - ok
09:44:24.0421 7584 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:44:24.0421 7584 kbdhid - ok
09:44:24.0437 7584 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:44:24.0437 7584 KeyIso - ok
09:44:24.0452 7584 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:44:24.0452 7584 KSecDD - ok
09:44:24.0468 7584 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:44:24.0468 7584 KSecPkg - ok
09:44:24.0484 7584 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:44:24.0484 7584 ksthunk - ok
09:44:24.0499 7584 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:44:24.0499 7584 KtmRm - ok
09:44:24.0530 7584 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:44:24.0530 7584 LanmanServer - ok
09:44:24.0562 7584 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:24.0562 7584 LanmanWorkstation - ok
09:44:24.0608 7584 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
09:44:24.0686 7584 LENOVO.CAMMUTE - ok
09:44:24.0718 7584 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:44:24.0718 7584 LENOVO.MICMUTE - ok
09:44:24.0718 7584 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
09:44:24.0811 7584 LENOVO.TPKNRSVC - ok
09:44:24.0827 7584 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
09:44:24.0842 7584 LENOVO.TVTVCAM - ok
09:44:24.0889 7584 [ 606DA892A53FA863B67F8D3F8FF016A0 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
09:44:24.0889 7584 LenovoRd - ok
09:44:24.0920 7584 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:44:24.0920 7584 lltdio - ok
09:44:24.0952 7584 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:44:24.0952 7584 lltdsvc - ok
09:44:24.0967 7584 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:44:24.0967 7584 lmhosts - ok
09:44:24.0998 7584 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:44:24.0998 7584 LMS - ok
09:44:25.0045 7584 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:44:25.0045 7584 LSI_FC - ok
09:44:25.0061 7584 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:44:25.0061 7584 LSI_SAS - ok
09:44:25.0076 7584 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:44:25.0076 7584 LSI_SAS2 - ok
09:44:25.0092 7584 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:44:25.0092 7584 LSI_SCSI - ok
09:44:25.0108 7584 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:44:25.0108 7584 luafv - ok
09:44:25.0139 7584 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:44:25.0154 7584 MBAMProtector - ok
09:44:25.0217 7584 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:44:25.0217 7584 MBAMScheduler - ok
09:44:25.0248 7584 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:44:25.0248 7584 MBAMService - ok
09:44:25.0295 7584 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:44:25.0295 7584 Mcx2Svc - ok
09:44:25.0357 7584 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
09:44:25.0373 7584 MDM - ok
09:44:25.0388 7584 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:44:25.0388 7584 megasas - ok
09:44:25.0404 7584 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:44:25.0404 7584 MegaSR - ok
09:44:25.0435 7584 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:44:25.0435 7584 MEIx64 - ok
09:44:25.0466 7584 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:44:25.0466 7584 MMCSS - ok
09:44:25.0466 7584 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:44:25.0482 7584 Modem - ok
09:44:25.0513 7584 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:44:25.0513 7584 monitor - ok
09:44:25.0544 7584 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:44:25.0544 7584 mouclass - ok
09:44:25.0576 7584 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:44:25.0576 7584 mouhid - ok
09:44:25.0591 7584 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:44:25.0591 7584 mountmgr - ok
09:44:25.0638 7584 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:44:25.0638 7584 MozillaMaintenance - ok
09:44:25.0669 7584 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:44:25.0669 7584 MpFilter - ok
09:44:25.0700 7584 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:44:25.0700 7584 mpio - ok
09:44:25.0732 7584 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:44:25.0732 7584 mpsdrv - ok
09:44:25.0794 7584 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:44:25.0810 7584 MpsSvc - ok
09:44:25.0810 7584 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:44:25.0810 7584 MRxDAV - ok
09:44:25.0825 7584 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:25.0825 7584 mrxsmb - ok
09:44:25.0841 7584 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:25.0856 7584 mrxsmb10 - ok
09:44:25.0872 7584 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:25.0872 7584 mrxsmb20 - ok
09:44:25.0872 7584 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:44:25.0872 7584 msahci - ok
09:44:25.0888 7584 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:44:25.0888 7584 msdsm - ok
09:44:25.0903 7584 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:44:25.0903 7584 MSDTC - ok
09:44:25.0919 7584 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:44:25.0919 7584 Msfs - ok
09:44:25.0919 7584 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:44:25.0919 7584 mshidkmdf - ok
09:44:25.0934 7584 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:44:25.0934 7584 msisadrv - ok
09:44:25.0966 7584 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:44:25.0966 7584 MSiSCSI - ok
09:44:25.0981 7584 msiserver - ok
09:44:25.0997 7584 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:44:25.0997 7584 MSKSSRV - ok
09:44:26.0044 7584 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:44:26.0044 7584 MsMpSvc - ok
09:44:26.0075 7584 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:26.0075 7584 MSPCLOCK - ok
09:44:26.0075 7584 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:44:26.0075 7584 MSPQM - ok
09:44:26.0106 7584 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:44:26.0106 7584 MsRPC - ok
09:44:26.0122 7584 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:44:26.0122 7584 mssmbios - ok
09:44:26.0122 7584 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:44:26.0122 7584 MSTEE - ok
09:44:26.0122 7584 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:44:26.0122 7584 MTConfig - ok
09:44:26.0153 7584 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:44:26.0153 7584 Mup - ok
09:44:26.0184 7584 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:44:26.0231 7584 MyWiFiDHCPDNS - ok
09:44:26.0246 7584 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:44:26.0262 7584 napagent - ok
09:44:26.0293 7584 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:44:26.0293 7584 NativeWifiP - ok
09:44:26.0340 7584 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:44:26.0356 7584 NDIS - ok
09:44:26.0356 7584 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:26.0356 7584 NdisCap - ok
09:44:26.0387 7584 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:26.0387 7584 NdisTapi - ok
09:44:26.0402 7584 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:26.0402 7584 Ndisuio - ok
09:44:26.0418 7584 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:26.0418 7584 NdisWan - ok
09:44:26.0434 7584 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:44:26.0434 7584 NDProxy - ok
09:44:26.0449 7584 [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:44:26.0480 7584 Net Driver HPZ12 - ok
09:44:26.0480 7584 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:44:26.0480 7584 NetBIOS - ok
09:44:26.0496 7584 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:44:26.0496 7584 NetBT - ok
09:44:26.0512 7584 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:44:26.0512 7584 Netlogon - ok
09:44:26.0527 7584 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:44:26.0527 7584 Netman - ok
09:44:26.0543 7584 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:44:26.0558 7584 netprofm - ok
09:44:26.0574 7584 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:26.0574 7584 NetTcpPortSharing - ok
09:44:26.0746 7584 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
09:44:26.0870 7584 NETwNs64 - ok
09:44:26.0902 7584 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:44:26.0917 7584 nfrd960 - ok
09:44:26.0948 7584 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:44:26.0948 7584 NisDrv - ok
09:44:26.0980 7584 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:44:26.0980 7584 NisSrv - ok
09:44:27.0011 7584 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:44:27.0026 7584 NlaSvc - ok
09:44:27.0026 7584 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:44:27.0042 7584 Npfs - ok
09:44:27.0058 7584 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:44:27.0058 7584 nsi - ok
09:44:27.0058 7584 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:44:27.0058 7584 nsiproxy - ok
09:44:27.0120 7584 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:44:27.0151 7584 Ntfs - ok
09:44:27.0167 7584 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:44:27.0167 7584 Null - ok
09:44:27.0182 7584 [ CE4EE0E09B5FECEA1CE979CF750BCAA4 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
09:44:27.0182 7584 nvkflt - ok
09:44:27.0401 7584 [ A48BFF12CEBF631DC329FB4223201BFA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:44:27.0604 7584 nvlddmkm - ok
09:44:27.0635 7584 [ 159D8FDC772133B7D2551A22B14D5263 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
09:44:27.0635 7584 nvpciflt - ok
09:44:27.0666 7584 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:44:27.0666 7584 nvraid - ok
09:44:27.0666 7584 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:44:27.0666 7584 nvstor - ok
09:44:27.0697 7584 [ C4E884D605E12A1F815C89C830873BF7 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:44:27.0713 7584 nvsvc - ok
09:44:27.0775 7584 [ E504A2CB3E7CE879E882D263DF242FC1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:44:27.0806 7584 nvUpdatusService - ok
09:44:27.0838 7584 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:44:27.0838 7584 nv_agp - ok
09:44:27.0884 7584 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:44:27.0900 7584 odserv - ok
09:44:27.0916 7584 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:44:27.0916 7584 ohci1394 - ok
09:44:27.0962 7584 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:44:27.0978 7584 ose - ok
09:44:28.0009 7584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:44:28.0009 7584 p2pimsvc - ok
09:44:28.0025 7584 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:44:28.0025 7584 p2psvc - ok
09:44:28.0040 7584 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:44:28.0040 7584 Parport - ok
09:44:28.0056 7584 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:44:28.0056 7584 partmgr - ok
09:44:28.0072 7584 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:44:28.0072 7584 PcaSvc - ok
09:44:28.0087 7584 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:44:28.0087 7584 pci - ok
09:44:28.0103 7584 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:44:28.0103 7584 pciide - ok
09:44:28.0118 7584 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:44:28.0134 7584 pcmcia - ok
09:44:28.0150 7584 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:44:28.0150 7584 pcw - ok
09:44:28.0165 7584 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:44:28.0165 7584 PEAUTH - ok
09:44:28.0212 7584 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:44:28.0243 7584 PeerDistSvc - ok
09:44:28.0290 7584 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:44:28.0290 7584 PerfHost - ok
09:44:28.0321 7584 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
09:44:28.0321 7584 PHCORE - ok
09:44:28.0352 7584 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:44:28.0368 7584 pla - ok
09:44:28.0399 7584 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:44:28.0399 7584 PlugPlay - ok
09:44:28.0446 7584 [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:44:28.0477 7584 Pml Driver HPZ12 - ok
09:44:28.0508 7584 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:44:28.0508 7584 PNRPAutoReg - ok
09:44:28.0524 7584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:44:28.0524 7584 PNRPsvc - ok
09:44:28.0540 7584 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:44:28.0540 7584 PolicyAgent - ok
09:44:28.0571 7584 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
09:44:28.0571 7584 Power - ok
09:44:28.0633 7584 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
09:44:28.0649 7584 Power Manager DBC Service - ok
09:44:28.0680 7584 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:44:28.0680 7584 PptpMiniport - ok
09:44:28.0696 7584 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:44:28.0696 7584 Processor - ok
09:44:28.0711 7584 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
09:44:28.0711 7584 ProfSvc - ok
09:44:28.0727 7584 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:28.0727 7584 ProtectedStorage - ok
09:44:28.0758 7584 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
09:44:28.0758 7584 psadd - ok
09:44:28.0774 7584 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:44:28.0774 7584 Psched - ok
09:44:28.0805 7584 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:44:28.0805 7584 PSI_SVC_2 - ok
09:44:28.0836 7584 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
09:44:28.0867 7584 PwmEWSvc - ok
09:44:28.0914 7584 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:44:28.0930 7584 ql2300 - ok
09:44:28.0945 7584 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:44:28.0945 7584 ql40xx - ok
09:44:28.0961 7584 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:44:28.0961 7584 QWAVE - ok
09:44:28.0976 7584 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:44:28.0976 7584 QWAVEdrv - ok
09:44:28.0976 7584 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:44:28.0976 7584 RasAcd - ok
09:44:29.0008 7584 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:29.0008 7584 RasAgileVpn - ok
09:44:29.0023 7584 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:44:29.0023 7584 RasAuto - ok
09:44:29.0039 7584 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:29.0039 7584 Rasl2tp - ok
09:44:29.0054 7584 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:44:29.0054 7584 RasMan - ok
09:44:29.0070 7584 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:29.0070 7584 RasPppoe - ok
09:44:29.0086 7584 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:44:29.0086 7584 RasSstp - ok
09:44:29.0101 7584 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:44:29.0101 7584 rdbss - ok
09:44:29.0101 7584 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:44:29.0101 7584 rdpbus - ok
09:44:29.0117 7584 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:29.0117 7584 RDPCDD - ok
09:44:29.0132 7584 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:44:29.0132 7584 RDPDR - ok
09:44:29.0164 7584 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:44:29.0164 7584 RDPENCDD - ok
09:44:29.0164 7584 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:44:29.0164 7584 RDPREFMP - ok
09:44:29.0195 7584 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:44:29.0195 7584 RDPWD - ok
09:44:29.0210 7584 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:44:29.0226 7584 rdyboost - ok
09:44:29.0273 7584 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:44:29.0304 7584 RegSrvc - ok
09:44:29.0335 7584 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:44:29.0335 7584 RemoteAccess - ok
09:44:29.0366 7584 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:44:29.0366 7584 RemoteRegistry - ok
09:44:29.0382 7584 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:44:29.0398 7584 RFCOMM - ok
09:44:29.0413 7584 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
09:44:29.0413 7584 risdxc - ok
09:44:29.0429 7584 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:44:29.0429 7584 RpcEptMapper - ok
09:44:29.0444 7584 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:44:29.0444 7584 RpcLocator - ok
09:44:29.0460 7584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:44:29.0476 7584 RpcSs - ok
09:44:29.0507 7584 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:44:29.0507 7584 rspndr - ok
09:44:29.0522 7584 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:44:29.0522 7584 s3cap - ok
09:44:29.0554 7584 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:44:29.0554 7584 SamSs - ok
09:44:29.0554 7584 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:44:29.0569 7584 sbp2port - ok
09:44:29.0585 7584 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:44:29.0585 7584 SCardSvr - ok
09:44:29.0600 7584 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:44:29.0600 7584 scfilter - ok
09:44:29.0632 7584 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:44:29.0647 7584 Schedule - ok
09:44:29.0663 7584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:44:29.0663 7584 SCPolicySvc - ok
09:44:29.0678 7584 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:44:29.0678 7584 SDRSVC - ok
09:44:29.0710 7584 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:44:29.0710 7584 secdrv - ok
09:44:29.0710 7584 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:44:29.0710 7584 seclogon - ok
09:44:29.0725 7584 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:44:29.0725 7584 SENS - ok
09:44:29.0741 7584 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:44:29.0741 7584 SensrSvc - ok
09:44:29.0756 7584 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:44:29.0756 7584 Serenum - ok
09:44:29.0772 7584 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:44:29.0772 7584 Serial - ok
09:44:29.0788 7584 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:44:29.0803 7584 sermouse - ok
09:44:29.0834 7584 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:44:29.0850 7584 SessionEnv - ok
09:44:29.0850 7584 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:44:29.0850 7584 sffdisk - ok
09:44:29.0866 7584 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:44:29.0866 7584 sffp_mmc - ok
09:44:29.0866 7584 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:44:29.0866 7584 sffp_sd - ok
09:44:29.0881 7584 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:44:29.0881 7584 sfloppy - ok
09:44:29.0912 7584 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:44:29.0912 7584 SharedAccess - ok
09:44:29.0928 7584 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:44:29.0944 7584 ShellHWDetection - ok
09:44:29.0975 7584 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
09:44:29.0975 7584 Shockprf - ok
09:44:30.0006 7584 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:44:30.0006 7584 SiSRaid2 - ok
09:44:30.0006 7584 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:44:30.0006 7584 SiSRaid4 - ok
09:44:30.0037 7584 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:44:30.0037 7584 Smb - ok
09:44:30.0068 7584 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
09:44:30.0068 7584 smihlp - ok
09:44:30.0100 7584 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:44:30.0100 7584 SNMPTRAP - ok
09:44:30.0100 7584 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:44:30.0100 7584 spldr - ok
09:44:30.0131 7584 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:44:30.0131 7584 Spooler - ok
09:44:30.0178 7584 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:44:30.0209 7584 sppsvc - ok
09:44:30.0224 7584 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:44:30.0224 7584 sppuinotify - ok
09:44:30.0256 7584 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:44:30.0256 7584 srv - ok
09:44:30.0271 7584 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:44:30.0271 7584 srv2 - ok
09:44:30.0287 7584 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:44:30.0287 7584 srvnet - ok
09:44:30.0318 7584 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:44:30.0318 7584 SSDPSRV - ok
09:44:30.0334 7584 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:44:30.0334 7584 SstpSvc - ok
09:44:30.0365 7584 [ 5166A8690D912B0B9F29FBB028EA9FE7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:44:30.0365 7584 Stereo Service - ok
09:44:30.0380 7584 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:44:30.0380 7584 stexstor - ok
09:44:30.0427 7584 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:44:30.0427 7584 stisvc - ok
09:44:30.0458 7584 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:44:30.0458 7584 storflt - ok
09:44:30.0474 7584 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:44:30.0474 7584 StorSvc - ok
09:44:30.0505 7584 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:44:30.0505 7584 storvsc - ok
09:44:30.0583 7584 [ 9D4A85334D002B6A6FDB7C5F3E3722EB ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
09:44:30.0599 7584 SUService - ok
09:44:30.0646 7584 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:44:30.0661 7584 swenum - ok
09:44:30.0724 7584 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:44:30.0724 7584 SwitchBoard - ok
09:44:30.0770 7584 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:44:30.0770 7584 swprv - ok
09:44:30.0817 7584 [ AEAE48AF681BAF5904608FF5D84E3C9C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:44:30.0833 7584 SynTP - ok
09:44:30.0864 7584 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:44:30.0895 7584 SysMain - ok
09:44:30.0911 7584 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:44:30.0911 7584 TabletInputService - ok
09:44:30.0911 7584 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:44:30.0926 7584 TapiSrv - ok
09:44:30.0926 7584 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:44:30.0926 7584 TBS - ok
09:44:30.0989 7584 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:44:31.0004 7584 Tcpip - ok
09:44:31.0051 7584 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:44:31.0051 7584 TCPIP6 - ok
09:44:31.0067 7584 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:44:31.0067 7584 tcpipreg - ok
09:44:31.0082 7584 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:44:31.0082 7584 TDPIPE - ok
09:44:31.0098 7584 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:44:31.0098 7584 TDTCP - ok
09:44:31.0114 7584 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:44:31.0114 7584 tdx - ok
09:44:31.0129 7584 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:44:31.0129 7584 TermDD - ok
09:44:31.0160 7584 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:44:31.0160 7584 TermService - ok
09:44:31.0176 7584 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:44:31.0176 7584 Themes - ok
09:44:31.0207 7584 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:44:31.0207 7584 THREADORDER - ok
09:44:31.0223 7584 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
09:44:31.0223 7584 TPDIGIMN - ok
09:44:31.0254 7584 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
09:44:31.0254 7584 TPHDEXLGSVC - ok
09:44:31.0285 7584 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:44:31.0285 7584 TPHKLOAD - ok
09:44:31.0285 7584 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:44:31.0285 7584 TPHKSVC - ok
09:44:31.0316 7584 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
09:44:31.0316 7584 TPM - ok
09:44:31.0332 7584 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
09:44:31.0348 7584 TPPWRIF - ok
09:44:31.0348 7584 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:44:31.0363 7584 TrkWks - ok
09:44:31.0410 7584 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:44:31.0410 7584 TrustedInstaller - ok
09:44:31.0426 7584 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:44:31.0426 7584 tssecsrv - ok
09:44:31.0426 7584 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:44:31.0426 7584 TsUsbFlt - ok
09:44:31.0441 7584 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:44:31.0441 7584 TsUsbGD - ok
09:44:31.0457 7584 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:44:31.0472 7584 tunnel - ok
09:44:31.0488 7584 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
09:44:31.0488 7584 TVTI2C - ok
09:44:31.0519 7584 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
09:44:31.0519 7584 tvtvcamd - ok
09:44:31.0519 7584 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:44:31.0519 7584 uagp35 - ok
09:44:31.0550 7584 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:44:31.0566 7584 udfs - ok
09:44:31.0613 7584 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:44:31.0613 7584 UI0Detect - ok
09:44:31.0644 7584 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:44:31.0644 7584 uliagpkx - ok
09:44:31.0660 7584 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:44:31.0660 7584 umbus - ok
09:44:31.0675 7584 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:44:31.0675 7584 UmPass - ok
09:44:31.0706 7584 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:44:31.0706 7584 UmRdpService - ok
09:44:31.0784 7584 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:44:31.0784 7584 UNS - ok
09:44:31.0800 7584 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:44:31.0816 7584 upnphost - ok
09:44:31.0831 7584 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:44:31.0831 7584 usbccgp - ok
09:44:31.0831 7584 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:44:31.0847 7584 usbcir - ok
09:44:31.0862 7584 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:44:31.0862 7584 usbehci - ok
09:44:31.0894 7584 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:44:31.0894 7584 usbhub - ok
09:44:31.0925 7584 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:44:31.0925 7584 usbohci - ok
09:44:31.0956 7584 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:44:31.0956 7584 usbprint - ok
09:44:31.0987 7584 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:44:31.0987 7584 usbscan - ok
09:44:32.0003 7584 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:44:32.0018 7584 USBSTOR - ok
09:44:32.0018 7584 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:44:32.0034 7584 usbuhci - ok
09:44:32.0050 7584 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:44:32.0050 7584 usbvideo - ok
09:44:32.0081 7584 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:44:32.0081 7584 UxSms - ok
09:44:32.0096 7584 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:44:32.0096 7584 VaultSvc - ok
09:44:32.0112 7584 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:44:32.0112 7584 vdrvroot - ok
09:44:32.0143 7584 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:44:32.0143 7584 vds - ok
09:44:32.0159 7584 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:44:32.0159 7584 vga - ok
09:44:32.0174 7584 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:44:32.0174 7584 VgaSave - ok
09:44:32.0190 7584 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:44:32.0190 7584 vhdmp - ok
09:44:32.0206 7584 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:44:32.0206 7584 viaide - ok
09:44:32.0252 7584 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
09:44:32.0252 7584 VIPAppService - ok
09:44:32.0268 7584 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:44:32.0268 7584 vmbus - ok
09:44:32.0284 7584 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:44:32.0284 7584 VMBusHID - ok
09:44:32.0299 7584 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:44:32.0299 7584 volmgr - ok
09:44:32.0315 7584 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:44:32.0330 7584 volmgrx - ok
09:44:32.0346 7584 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:44:32.0346 7584 volsnap - ok
09:44:32.0362 7584 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:44:32.0362 7584 vsmraid - ok
09:44:32.0408 7584 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:44:32.0440 7584 VSS - ok
09:44:32.0455 7584 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:44:32.0455 7584 vwifibus - ok
09:44:32.0471 7584 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:44:32.0471 7584 vwififlt - ok
09:44:32.0471 7584 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:44:32.0471 7584 vwifimp - ok
09:44:32.0486 7584 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:44:32.0502 7584 W32Time - ok
09:44:32.0502 7584 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:44:32.0502 7584 WacomPen - ok
09:44:32.0533 7584 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:44:32.0533 7584 WANARP - ok
09:44:32.0533 7584 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:44:32.0533 7584 Wanarpv6 - ok
09:44:32.0611 7584 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:44:32.0627 7584 WatAdminSvc - ok
09:44:32.0674 7584 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:44:32.0705 7584 wbengine - ok
09:44:32.0705 7584 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:44:32.0720 7584 WbioSrvc - ok
09:44:32.0736 7584 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:44:32.0736 7584 wcncsvc - ok
09:44:32.0752 7584 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:44:32.0752 7584 WcsPlugInService - ok
09:44:32.0767 7584 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:44:32.0767 7584 Wd - ok
09:44:32.0798 7584 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:44:32.0814 7584 Wdf01000 - ok
09:44:32.0845 7584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:44:32.0845 7584 WdiServiceHost - ok
09:44:32.0861 7584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:44:32.0861 7584 WdiSystemHost - ok
09:44:32.0892 7584 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:44:32.0892 7584 WebClient - ok
09:44:32.0908 7584 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:44:32.0908 7584 Wecsvc - ok
09:44:32.0923 7584 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:44:32.0923 7584 wercplsupport - ok
09:44:32.0939 7584 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:44:32.0939 7584 WerSvc - ok
09:44:32.0954 7584 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:44:32.0970 7584 WfpLwf - ok
09:44:32.0970 7584 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:44:32.0970 7584 WIMMount - ok
09:44:33.0001 7584 WinDefend - ok
09:44:33.0001 7584 WinHttpAutoProxySvc - ok
09:44:33.0048 7584 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:44:33.0048 7584 Winmgmt - ok
09:44:33.0110 7584 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:44:33.0126 7584 WinRM - ok
09:44:33.0173 7584 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
09:44:33.0173 7584 WinUsb - ok
09:44:33.0204 7584 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:44:33.0204 7584 Wlansvc - ok
09:44:33.0235 7584 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:44:33.0235 7584 wlcrasvc - ok
09:44:33.0329 7584 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:44:33.0360 7584 wlidsvc - ok
09:44:33.0391 7584 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:44:33.0391 7584 WmiAcpi - ok
09:44:33.0407 7584 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:44:33.0422 7584 wmiApSrv - ok
09:44:33.0422 7584 WMPNetworkSvc - ok
09:44:33.0438 7584 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:44:33.0438 7584 WPCSvc - ok
09:44:33.0454 7584 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:44:33.0454 7584 WPDBusEnum - ok
09:44:33.0469 7584 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:44:33.0469 7584 ws2ifsl - ok
09:44:33.0485 7584 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:44:33.0485 7584 wscsvc - ok
09:44:33.0485 7584 WSearch - ok
09:44:33.0547 7584 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:44:33.0563 7584 wuauserv - ok
09:44:33.0578 7584 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:44:33.0578 7584 WudfPf - ok
09:44:33.0594 7584 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:44:33.0594 7584 WUDFRd - ok
09:44:33.0610 7584 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:44:33.0625 7584 wudfsvc - ok
09:44:33.0641 7584 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:44:33.0641 7584 WwanSvc - ok
09:44:33.0734 7584 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:44:33.0797 7584 ZeroConfigService - ok
09:44:33.0828 7584 ================ Scan global ===============================
09:44:33.0844 7584 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:44:33.0875 7584 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:44:33.0875 7584 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:44:33.0906 7584 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:44:33.0922 7584 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:44:33.0922 7584 [Global] - ok
09:44:33.0922 7584 ================ Scan MBR ==================================
09:44:33.0937 7584 [ D1E477A228D4F13DBF930AF92BEFDBFD ] \Device\Harddisk0\DR0
09:44:34.0093 7584 \Device\Harddisk0\DR0 - ok
09:44:34.0093 7584 ================ Scan VBR ==================================
09:44:34.0093 7584 [ AF7CD970EE38EA9773BD6050E127D6AF ] \Device\Harddisk0\DR0\Partition1
09:44:34.0093 7584 \Device\Harddisk0\DR0\Partition1 - ok
09:44:34.0109 7584 [ C39C97A7A56E4591F884BFBFC1250008 ] \Device\Harddisk0\DR0\Partition2
09:44:34.0109 7584 \Device\Harddisk0\DR0\Partition2 - ok
09:44:34.0140 7584 [ 0B19798D780FACFD46562D26BB113A47 ] \Device\Harddisk0\DR0\Partition3
09:44:34.0140 7584 \Device\Harddisk0\DR0\Partition3 - ok
09:44:34.0140 7584 ============================================================
09:44:34.0140 7584 Scan finished
09:44:34.0140 7584 ============================================================
09:44:34.0156 6196 Detected object count: 0
09:44:34.0156 6196 Actual detected object count: 0
09:44:43.0172 6356 Deinitialize success
09:44:22.0690 7584 i8042prt - ok
09:44:22.0721 7584 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:44:22.0721 7584 iaStor - ok
09:44:22.0736 7584 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:44:22.0752 7584 iaStorV - ok
09:44:22.0783 7584 [ B21087E1A64FD474BF3E1A602A714F1F ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:44:22.0783 7584 IBMPMDRV - ok
09:44:22.0799 7584 [ A3E4DE0F77031061972485EF9BD8E4D0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
09:44:22.0799 7584 IBMPMSVC - ok
09:44:22.0846 7584 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:44:22.0861 7584 idsvc - ok
09:44:23.0033 7584 [ B9857625DF8B539ABCB90E15B5716568 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:44:23.0095 7584 igfx - ok
09:44:23.0142 7584 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:44:23.0142 7584 iirsp - ok
09:44:23.0173 7584 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:44:23.0189 7584 IKEEXT - ok
09:44:23.0220 7584 [ 314285071F7117263BD246E35C17FD82 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
09:44:23.0220 7584 intaud_WaveExtensible - ok
09:44:23.0329 7584 [ 21F54139C93FC595902B58ED947D47D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:44:23.0360 7584 IntcAzAudAddService - ok
09:44:23.0392 7584 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:44:24.0047 7584 Intel(R) Capability Licensing Service Interface - ok
09:44:24.0078 7584 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:44:24.0078 7584 intelide - ok
09:44:24.0109 7584 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:44:24.0109 7584 intelppm - ok
09:44:24.0125 7584 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:44:24.0125 7584 IPBusEnum - ok
09:44:24.0140 7584 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:24.0140 7584 IpFilterDriver - ok
09:44:24.0156 7584 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:44:24.0156 7584 iphlpsvc - ok
09:44:24.0172 7584 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:44:24.0172 7584 IPMIDRV - ok
09:44:24.0187 7584 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:44:24.0203 7584 IPNAT - ok
09:44:24.0218 7584 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:44:24.0218 7584 IRENUM - ok
09:44:24.0234 7584 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:44:24.0234 7584 isapnp - ok
09:44:24.0250 7584 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:44:24.0250 7584 iScsiPrt - ok
09:44:24.0265 7584 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:44:24.0265 7584 iusb3hcs - ok
09:44:24.0281 7584 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
09:44:24.0281 7584 iusb3hub - ok
09:44:24.0312 7584 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:44:24.0312 7584 iusb3xhc - ok
09:44:24.0343 7584 [ 4487AD9C070D3973FE28AB4406555FC6 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
09:44:24.0343 7584 iwdbus - ok
09:44:24.0374 7584 [ 0043D9FB61C35F90886B1E93DD556FAF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:44:24.0390 7584 jhi_service - ok
09:44:24.0406 7584 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:44:24.0406 7584 kbdclass - ok
09:44:24.0421 7584 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:44:24.0421 7584 kbdhid - ok
09:44:24.0437 7584 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:44:24.0437 7584 KeyIso - ok
09:44:24.0452 7584 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:44:24.0452 7584 KSecDD - ok
09:44:24.0468 7584 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:44:24.0468 7584 KSecPkg - ok
09:44:24.0484 7584 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:44:24.0484 7584 ksthunk - ok
09:44:24.0499 7584 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:44:24.0499 7584 KtmRm - ok
09:44:24.0530 7584 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:44:24.0530 7584 LanmanServer - ok
09:44:24.0562 7584 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:24.0562 7584 LanmanWorkstation - ok
09:44:24.0608 7584 [ 4A0235E9822B220339E34D8C122BB6D1 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
09:44:24.0686 7584 LENOVO.CAMMUTE - ok
09:44:24.0718 7584 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:44:24.0718 7584 LENOVO.MICMUTE - ok
09:44:24.0718 7584 [ 93921A19D885755B9751C3744DBCB8FD ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
09:44:24.0811 7584 LENOVO.TPKNRSVC - ok
09:44:24.0827 7584 [ 79F99A4D59825839B7E563B4BCF52C5E ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
09:44:24.0842 7584 LENOVO.TVTVCAM - ok
09:44:24.0889 7584 [ 606DA892A53FA863B67F8D3F8FF016A0 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
09:44:24.0889 7584 LenovoRd - ok
09:44:24.0920 7584 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:44:24.0920 7584 lltdio - ok
09:44:24.0952 7584 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:44:24.0952 7584 lltdsvc - ok
09:44:24.0967 7584 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:44:24.0967 7584 lmhosts - ok
09:44:24.0998 7584 [ 2FB262276D1C689C6886B1C0710342FA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:44:24.0998 7584 LMS - ok
09:44:25.0045 7584 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:44:25.0045 7584 LSI_FC - ok
09:44:25.0061 7584 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:44:25.0061 7584 LSI_SAS - ok
09:44:25.0076 7584 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:44:25.0076 7584 LSI_SAS2 - ok
09:44:25.0092 7584 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:44:25.0092 7584 LSI_SCSI - ok
09:44:25.0108 7584 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:44:25.0108 7584 luafv - ok
09:44:25.0139 7584 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:44:25.0154 7584 MBAMProtector - ok
09:44:25.0217 7584 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:44:25.0217 7584 MBAMScheduler - ok
09:44:25.0248 7584 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:44:25.0248 7584 MBAMService - ok
09:44:25.0295 7584 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:44:25.0295 7584 Mcx2Svc - ok
09:44:25.0357 7584 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
09:44:25.0373 7584 MDM - ok
09:44:25.0388 7584 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:44:25.0388 7584 megasas - ok
09:44:25.0404 7584 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:44:25.0404 7584 MegaSR - ok
09:44:25.0435 7584 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:44:25.0435 7584 MEIx64 - ok
09:44:25.0466 7584 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:44:25.0466 7584 MMCSS - ok
09:44:25.0466 7584 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:44:25.0482 7584 Modem - ok
09:44:25.0513 7584 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:44:25.0513 7584 monitor - ok
09:44:25.0544 7584 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:44:25.0544 7584 mouclass - ok
09:44:25.0576 7584 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:44:25.0576 7584 mouhid - ok
09:44:25.0591 7584 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:44:25.0591 7584 mountmgr - ok
09:44:25.0638 7584 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:44:25.0638 7584 MozillaMaintenance - ok
09:44:25.0669 7584 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:44:25.0669 7584 MpFilter - ok
09:44:25.0700 7584 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:44:25.0700 7584 mpio - ok
09:44:25.0732 7584 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:44:25.0732 7584 mpsdrv - ok
09:44:25.0794 7584 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:44:25.0810 7584 MpsSvc - ok
09:44:25.0810 7584 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:44:25.0810 7584 MRxDAV - ok
09:44:25.0825 7584 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:25.0825 7584 mrxsmb - ok
09:44:25.0841 7584 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:25.0856 7584 mrxsmb10 - ok
09:44:25.0872 7584 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:25.0872 7584 mrxsmb20 - ok
09:44:25.0872 7584 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:44:25.0872 7584 msahci - ok
09:44:25.0888 7584 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:44:25.0888 7584 msdsm - ok
09:44:25.0903 7584 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:44:25.0903 7584 MSDTC - ok
09:44:25.0919 7584 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:44:25.0919 7584 Msfs - ok
09:44:25.0919 7584 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:44:25.0919 7584 mshidkmdf - ok
09:44:25.0934 7584 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:44:25.0934 7584 msisadrv - ok
09:44:25.0966 7584 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:44:25.0966 7584 MSiSCSI - ok
09:44:25.0981 7584 msiserver - ok
09:44:25.0997 7584 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:44:25.0997 7584 MSKSSRV - ok
09:44:26.0044 7584 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:44:26.0044 7584 MsMpSvc - ok
09:44:26.0075 7584 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:26.0075 7584 MSPCLOCK - ok
09:44:26.0075 7584 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:44:26.0075 7584 MSPQM - ok
09:44:26.0106 7584 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:44:26.0106 7584 MsRPC - ok
09:44:26.0122 7584 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:44:26.0122 7584 mssmbios - ok
09:44:26.0122 7584 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:44:26.0122 7584 MSTEE - ok
09:44:26.0122 7584 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:44:26.0122 7584 MTConfig - ok
09:44:26.0153 7584 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:44:26.0153 7584 Mup - ok
09:44:26.0184 7584 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:44:26.0231 7584 MyWiFiDHCPDNS - ok
09:44:26.0246 7584 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:44:26.0262 7584 napagent - ok
09:44:26.0293 7584 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:44:26.0293 7584 NativeWifiP - ok
09:44:26.0340 7584 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:44:26.0356 7584 NDIS - ok
09:44:26.0356 7584 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:26.0356 7584 NdisCap - ok
09:44:26.0387 7584 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:26.0387 7584 NdisTapi - ok
09:44:26.0402 7584 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:26.0402 7584 Ndisuio - ok
09:44:26.0418 7584 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:26.0418 7584 NdisWan - ok
09:44:26.0434 7584 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:44:26.0434 7584 NDProxy - ok
09:44:26.0449 7584 [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:44:26.0480 7584 Net Driver HPZ12 - ok
09:44:26.0480 7584 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:44:26.0480 7584 NetBIOS - ok
09:44:26.0496 7584 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:44:26.0496 7584 NetBT - ok
09:44:26.0512 7584 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:44:26.0512 7584 Netlogon - ok
09:44:26.0527 7584 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:44:26.0527 7584 Netman - ok
09:44:26.0543 7584 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:44:26.0558 7584 netprofm - ok
09:44:26.0574 7584 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:44:26.0574 7584 NetTcpPortSharing - ok
09:44:26.0746 7584 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
09:44:26.0870 7584 NETwNs64 - ok
09:44:26.0902 7584 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:44:26.0917 7584 nfrd960 - ok
09:44:26.0948 7584 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:44:26.0948 7584 NisDrv - ok
09:44:26.0980 7584 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
09:44:26.0980 7584 NisSrv - ok
09:44:27.0011 7584 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:44:27.0026 7584 NlaSvc - ok
09:44:27.0026 7584 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:44:27.0042 7584 Npfs - ok
09:44:27.0058 7584 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:44:27.0058 7584 nsi - ok
09:44:27.0058 7584 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:44:27.0058 7584 nsiproxy - ok
09:44:27.0120 7584 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:44:27.0151 7584 Ntfs - ok
09:44:27.0167 7584 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:44:27.0167 7584 Null - ok
09:44:27.0182 7584 [ CE4EE0E09B5FECEA1CE979CF750BCAA4 ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
09:44:27.0182 7584 nvkflt - ok
09:44:27.0401 7584 [ A48BFF12CEBF631DC329FB4223201BFA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:44:27.0604 7584 nvlddmkm - ok
09:44:27.0635 7584 [ 159D8FDC772133B7D2551A22B14D5263 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
09:44:27.0635 7584 nvpciflt - ok
09:44:27.0666 7584 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:44:27.0666 7584 nvraid - ok
09:44:27.0666 7584 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:44:27.0666 7584 nvstor - ok
09:44:27.0697 7584 [ C4E884D605E12A1F815C89C830873BF7 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:44:27.0713 7584 nvsvc - ok
09:44:27.0775 7584 [ E504A2CB3E7CE879E882D263DF242FC1 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:44:27.0806 7584 nvUpdatusService - ok
09:44:27.0838 7584 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:44:27.0838 7584 nv_agp - ok
09:44:27.0884 7584 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:44:27.0900 7584 odserv - ok
09:44:27.0916 7584 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:44:27.0916 7584 ohci1394 - ok
09:44:27.0962 7584 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:44:27.0978 7584 ose - ok
09:44:28.0009 7584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:44:28.0009 7584 p2pimsvc - ok
09:44:28.0025 7584 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:44:28.0025 7584 p2psvc - ok
09:44:28.0040 7584 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:44:28.0040 7584 Parport - ok
09:44:28.0056 7584 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:44:28.0056 7584 partmgr - ok
09:44:28.0072 7584 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:44:28.0072 7584 PcaSvc - ok
09:44:28.0087 7584 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:44:28.0087 7584 pci - ok
09:44:28.0103 7584 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:44:28.0103 7584 pciide - ok
09:44:28.0118 7584 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:44:28.0134 7584 pcmcia - ok
09:44:28.0150 7584 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:44:28.0150 7584 pcw - ok
09:44:28.0165 7584 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:44:28.0165 7584 PEAUTH - ok
09:44:28.0212 7584 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:44:28.0243 7584 PeerDistSvc - ok
09:44:28.0290 7584 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:44:28.0290 7584 PerfHost - ok
09:44:28.0321 7584 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
09:44:28.0321 7584 PHCORE - ok
09:44:28.0352 7584 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:44:28.0368 7584 pla - ok
09:44:28.0399 7584 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:44:28.0399 7584 PlugPlay - ok
09:44:28.0446 7584 [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:44:28.0477 7584 Pml Driver HPZ12 - ok
09:44:28.0508 7584 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:44:28.0508 7584 PNRPAutoReg - ok
09:44:28.0524 7584 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:44:28.0524 7584 PNRPsvc - ok
09:44:28.0540 7584 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:44:28.0540 7584 PolicyAgent - ok
09:44:28.0571 7584 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
09:44:28.0571 7584 Power - ok
09:44:28.0633 7584 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
09:44:28.0649 7584 Power Manager DBC Service - ok
09:44:28.0680 7584 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:44:28.0680 7584 PptpMiniport - ok
09:44:28.0696 7584 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:44:28.0696 7584 Processor - ok
09:44:28.0711 7584 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
09:44:28.0711 7584 ProfSvc - ok
09:44:28.0727 7584 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:28.0727 7584 ProtectedStorage - ok
09:44:28.0758 7584 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
09:44:28.0758 7584 psadd - ok
09:44:28.0774 7584 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:44:28.0774 7584 Psched - ok
09:44:28.0805 7584 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:44:28.0805 7584 PSI_SVC_2 - ok
09:44:28.0836 7584 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
09:44:28.0867 7584 PwmEWSvc - ok
09:44:28.0914 7584 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:44:28.0930 7584 ql2300 - ok
09:44:28.0945 7584 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:44:28.0945 7584 ql40xx - ok
09:44:28.0961 7584 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:44:28.0961 7584 QWAVE - ok
09:44:28.0976 7584 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:44:28.0976 7584 QWAVEdrv - ok
09:44:28.0976 7584 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:44:28.0976 7584 RasAcd - ok
09:44:29.0008 7584 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:29.0008 7584 RasAgileVpn - ok
09:44:29.0023 7584 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:44:29.0023 7584 RasAuto - ok
09:44:29.0039 7584 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:29.0039 7584 Rasl2tp - ok
09:44:29.0054 7584 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:44:29.0054 7584 RasMan - ok
09:44:29.0070 7584 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:29.0070 7584 RasPppoe - ok
09:44:29.0086 7584 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:44:29.0086 7584 RasSstp - ok
09:44:29.0101 7584 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:44:29.0101 7584 rdbss - ok
09:44:29.0101 7584 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:44:29.0101 7584 rdpbus - ok
09:44:29.0117 7584 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:29.0117 7584 RDPCDD - ok
09:44:29.0132 7584 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:44:29.0132 7584 RDPDR - ok
09:44:29.0164 7584 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:44:29.0164 7584 RDPENCDD - ok
09:44:29.0164 7584 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:44:29.0164 7584 RDPREFMP - ok
09:44:29.0195 7584 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:44:29.0195 7584 RDPWD - ok
09:44:29.0210 7584 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:44:29.0226 7584 rdyboost - ok
09:44:29.0273 7584 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:44:29.0304 7584 RegSrvc - ok
09:44:29.0335 7584 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:44:29.0335 7584 RemoteAccess - ok
09:44:29.0366 7584 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:44:29.0366 7584 RemoteRegistry - ok
09:44:29.0382 7584 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:44:29.0398 7584 RFCOMM - ok
09:44:29.0413 7584 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
09:44:29.0413 7584 risdxc - ok
09:44:29.0429 7584 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:44:29.0429 7584 RpcEptMapper - ok
09:44:29.0444 7584 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:44:29.0444 7584 RpcLocator - ok
09:44:29.0460 7584 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:44:29.0476 7584 RpcSs - ok
09:44:29.0507 7584 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:44:29.0507 7584 rspndr - ok
09:44:29.0522 7584 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:44:29.0522 7584 s3cap - ok
09:44:29.0554 7584 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:44:29.0554 7584 SamSs - ok
09:44:29.0554 7584 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:44:29.0569 7584 sbp2port - ok
09:44:29.0585 7584 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:44:29.0585 7584 SCardSvr - ok
09:44:29.0600 7584 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:44:29.0600 7584 scfilter - ok
09:44:29.0632 7584 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:44:29.0647 7584 Schedule - ok
09:44:29.0663 7584 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:44:29.0663 7584 SCPolicySvc - ok
09:44:29.0678 7584 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:44:29.0678 7584 SDRSVC - ok
09:44:29.0710 7584 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:44:29.0710 7584 secdrv - ok
09:44:29.0710 7584 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:44:29.0710 7584 seclogon - ok
09:44:29.0725 7584 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:44:29.0725 7584 SENS - ok
09:44:29.0741 7584 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:44:29.0741 7584 SensrSvc - ok
09:44:29.0756 7584 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:44:29.0756 7584 Serenum - ok
09:44:29.0772 7584 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:44:29.0772 7584 Serial - ok
09:44:29.0788 7584 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:44:29.0803 7584 sermouse - ok
09:44:29.0834 7584 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:44:29.0850 7584 SessionEnv - ok
09:44:29.0850 7584 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:44:29.0850 7584 sffdisk - ok
09:44:29.0866 7584 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:44:29.0866 7584 sffp_mmc - ok
09:44:29.0866 7584 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:44:29.0866 7584 sffp_sd - ok
09:44:29.0881 7584 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:44:29.0881 7584 sfloppy - ok
09:44:29.0912 7584 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:44:29.0912 7584 SharedAccess - ok
09:44:29.0928 7584 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:44:29.0944 7584 ShellHWDetection - ok
09:44:29.0975 7584 [ 7AC6FBFC13ABA3F15B05986412D10E10 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
09:44:29.0975 7584 Shockprf - ok
09:44:30.0006 7584 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:44:30.0006 7584 SiSRaid2 - ok
09:44:30.0006 7584 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:44:30.0006 7584 SiSRaid4 - ok
09:44:30.0037 7584 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:44:30.0037 7584 Smb - ok
09:44:30.0068 7584 [ 3BC2844AF786CA422CC31D505ACFA9F2 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
09:44:30.0068 7584 smihlp - ok
09:44:30.0100 7584 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:44:30.0100 7584 SNMPTRAP - ok
09:44:30.0100 7584 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:44:30.0100 7584 spldr - ok
09:44:30.0131 7584 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
09:44:30.0131 7584 Spooler - ok
09:44:30.0178 7584 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:44:30.0209 7584 sppsvc - ok
09:44:30.0224 7584 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:44:30.0224 7584 sppuinotify - ok
09:44:30.0256 7584 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:44:30.0256 7584 srv - ok
09:44:30.0271 7584 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:44:30.0271 7584 srv2 - ok
09:44:30.0287 7584 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:44:30.0287 7584 srvnet - ok
09:44:30.0318 7584 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:44:30.0318 7584 SSDPSRV - ok
09:44:30.0334 7584 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:44:30.0334 7584 SstpSvc - ok
09:44:30.0365 7584 [ 5166A8690D912B0B9F29FBB028EA9FE7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:44:30.0365 7584 Stereo Service - ok
09:44:30.0380 7584 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:44:30.0380 7584 stexstor - ok
09:44:30.0427 7584 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:44:30.0427 7584 stisvc - ok
09:44:30.0458 7584 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:44:30.0458 7584 storflt - ok
09:44:30.0474 7584 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:44:30.0474 7584 StorSvc - ok
09:44:30.0505 7584 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:44:30.0505 7584 storvsc - ok
09:44:30.0583 7584 [ 9D4A85334D002B6A6FDB7C5F3E3722EB ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
09:44:30.0599 7584 SUService - ok
09:44:30.0646 7584 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:44:30.0661 7584 swenum - ok
09:44:30.0724 7584 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:44:30.0724 7584 SwitchBoard - ok
09:44:30.0770 7584 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:44:30.0770 7584 swprv - ok
09:44:30.0817 7584 [ AEAE48AF681BAF5904608FF5D84E3C9C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:44:30.0833 7584 SynTP - ok
09:44:30.0864 7584 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:44:30.0895 7584 SysMain - ok
09:44:30.0911 7584 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:44:30.0911 7584 TabletInputService - ok
09:44:30.0911 7584 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:44:30.0926 7584 TapiSrv - ok
09:44:30.0926 7584 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:44:30.0926 7584 TBS - ok
09:44:30.0989 7584 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:44:31.0004 7584 Tcpip - ok
09:44:31.0051 7584 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:44:31.0051 7584 TCPIP6 - ok
09:44:31.0067 7584 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:44:31.0067 7584 tcpipreg - ok
09:44:31.0082 7584 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:44:31.0082 7584 TDPIPE - ok
09:44:31.0098 7584 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:44:31.0098 7584 TDTCP - ok
09:44:31.0114 7584 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:44:31.0114 7584 tdx - ok
09:44:31.0129 7584 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:44:31.0129 7584 TermDD - ok
09:44:31.0160 7584 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:44:31.0160 7584 TermService - ok
09:44:31.0176 7584 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:44:31.0176 7584 Themes - ok
09:44:31.0207 7584 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:44:31.0207 7584 THREADORDER - ok
09:44:31.0223 7584 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
09:44:31.0223 7584 TPDIGIMN - ok
09:44:31.0254 7584 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
09:44:31.0254 7584 TPHDEXLGSVC - ok
09:44:31.0285 7584 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:44:31.0285 7584 TPHKLOAD - ok
09:44:31.0285 7584 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:44:31.0285 7584 TPHKSVC - ok
09:44:31.0316 7584 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
09:44:31.0316 7584 TPM - ok
09:44:31.0332 7584 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
09:44:31.0348 7584 TPPWRIF - ok
09:44:31.0348 7584 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:44:31.0363 7584 TrkWks - ok
09:44:31.0410 7584 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:44:31.0410 7584 TrustedInstaller - ok
09:44:31.0426 7584 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:44:31.0426 7584 tssecsrv - ok
09:44:31.0426 7584 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:44:31.0426 7584 TsUsbFlt - ok
09:44:31.0441 7584 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:44:31.0441 7584 TsUsbGD - ok
09:44:31.0457 7584 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:44:31.0472 7584 tunnel - ok
09:44:31.0488 7584 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
09:44:31.0488 7584 TVTI2C - ok
09:44:31.0519 7584 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
09:44:31.0519 7584 tvtvcamd - ok
09:44:31.0519 7584 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:44:31.0519 7584 uagp35 - ok
09:44:31.0550 7584 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:44:31.0566 7584 udfs - ok
09:44:31.0613 7584 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:44:31.0613 7584 UI0Detect - ok
09:44:31.0644 7584 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:44:31.0644 7584 uliagpkx - ok
09:44:31.0660 7584 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:44:31.0660 7584 umbus - ok
09:44:31.0675 7584 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:44:31.0675 7584 UmPass - ok
09:44:31.0706 7584 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:44:31.0706 7584 UmRdpService - ok
09:44:31.0784 7584 [ CABEC311CEA77EAEA3DC04A1ADFC0459 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:44:31.0784 7584 UNS - ok
09:44:31.0800 7584 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:44:31.0816 7584 upnphost - ok
09:44:31.0831 7584 [ 6CC0985C3BB5931F73FF0846E06A9483 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:44:31.0831 7584 usbccgp - ok
09:44:31.0831 7584 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:44:31.0847 7584 usbcir - ok
09:44:31.0862 7584 [ 6B3D5E6A9DA786EC755B00BC180C700B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:44:31.0862 7584 usbehci - ok
09:44:31.0894 7584 [ 94ABE9DA48E466BBE84C73E0C6652ED1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:44:31.0894 7584 usbhub - ok
09:44:31.0925 7584 [ 660B2C08CE7103E71EAA26F85B0B0A56 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:44:31.0925 7584 usbohci - ok
09:44:31.0956 7584 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:44:31.0956 7584 usbprint - ok
09:44:31.0987 7584 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:44:31.0987 7584 usbscan - ok
09:44:32.0003 7584 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:44:32.0018 7584 USBSTOR - ok
09:44:32.0018 7584 [ 1529632FC96032D337B298F8A285D640 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:44:32.0034 7584 usbuhci - ok
09:44:32.0050 7584 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:44:32.0050 7584 usbvideo - ok
09:44:32.0081 7584 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:44:32.0081 7584 UxSms - ok
09:44:32.0096 7584 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:44:32.0096 7584 VaultSvc - ok
09:44:32.0112 7584 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:44:32.0112 7584 vdrvroot - ok
09:44:32.0143 7584 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:44:32.0143 7584 vds - ok
09:44:32.0159 7584 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:44:32.0159 7584 vga - ok
09:44:32.0174 7584 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:44:32.0174 7584 VgaSave - ok
09:44:32.0190 7584 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:44:32.0190 7584 vhdmp - ok
09:44:32.0206 7584 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:44:32.0206 7584 viaide - ok
09:44:32.0252 7584 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
09:44:32.0252 7584 VIPAppService - ok
09:44:32.0268 7584 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:44:32.0268 7584 vmbus - ok
09:44:32.0284 7584 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:44:32.0284 7584 VMBusHID - ok
09:44:32.0299 7584 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:44:32.0299 7584 volmgr - ok
09:44:32.0315 7584 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:44:32.0330 7584 volmgrx - ok
09:44:32.0346 7584 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:44:32.0346 7584 volsnap - ok
09:44:32.0362 7584 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:44:32.0362 7584 vsmraid - ok
09:44:32.0408 7584 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:44:32.0440 7584 VSS - ok
09:44:32.0455 7584 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:44:32.0455 7584 vwifibus - ok
09:44:32.0471 7584 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:44:32.0471 7584 vwififlt - ok
09:44:32.0471 7584 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:44:32.0471 7584 vwifimp - ok
09:44:32.0486 7584 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:44:32.0502 7584 W32Time - ok
09:44:32.0502 7584 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:44:32.0502 7584 WacomPen - ok
09:44:32.0533 7584 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:44:32.0533 7584 WANARP - ok
09:44:32.0533 7584 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:44:32.0533 7584 Wanarpv6 - ok
09:44:32.0611 7584 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:44:32.0627 7584 WatAdminSvc - ok
09:44:32.0674 7584 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:44:32.0705 7584 wbengine - ok
09:44:32.0705 7584 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:44:32.0720 7584 WbioSrvc - ok
09:44:32.0736 7584 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:44:32.0736 7584 wcncsvc - ok
09:44:32.0752 7584 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:44:32.0752 7584 WcsPlugInService - ok
09:44:32.0767 7584 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:44:32.0767 7584 Wd - ok
09:44:32.0798 7584 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:44:32.0814 7584 Wdf01000 - ok
09:44:32.0845 7584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:44:32.0845 7584 WdiServiceHost - ok
09:44:32.0861 7584 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:44:32.0861 7584 WdiSystemHost - ok
09:44:32.0892 7584 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:44:32.0892 7584 WebClient - ok
09:44:32.0908 7584 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:44:32.0908 7584 Wecsvc - ok
09:44:32.0923 7584 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:44:32.0923 7584 wercplsupport - ok
09:44:32.0939 7584 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:44:32.0939 7584 WerSvc - ok
09:44:32.0954 7584 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:44:32.0970 7584 WfpLwf - ok
09:44:32.0970 7584 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:44:32.0970 7584 WIMMount - ok
09:44:33.0001 7584 WinDefend - ok
09:44:33.0001 7584 WinHttpAutoProxySvc - ok
09:44:33.0048 7584 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:44:33.0048 7584 Winmgmt - ok
09:44:33.0110 7584 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:44:33.0126 7584 WinRM - ok
09:44:33.0173 7584 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
09:44:33.0173 7584 WinUsb - ok
09:44:33.0204 7584 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:44:33.0204 7584 Wlansvc - ok
09:44:33.0235 7584 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:44:33.0235 7584 wlcrasvc - ok
09:44:33.0329 7584 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:44:33.0360 7584 wlidsvc - ok
09:44:33.0391 7584 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:44:33.0391 7584 WmiAcpi - ok
09:44:33.0407 7584 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:44:33.0422 7584 wmiApSrv - ok
09:44:33.0422 7584 WMPNetworkSvc - ok
09:44:33.0438 7584 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:44:33.0438 7584 WPCSvc - ok
09:44:33.0454 7584 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:44:33.0454 7584 WPDBusEnum - ok
09:44:33.0469 7584 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:44:33.0469 7584 ws2ifsl - ok
09:44:33.0485 7584 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:44:33.0485 7584 wscsvc - ok
09:44:33.0485 7584 WSearch - ok
09:44:33.0547 7584 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:44:33.0563 7584 wuauserv - ok
09:44:33.0578 7584 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:44:33.0578 7584 WudfPf - ok
09:44:33.0594 7584 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:44:33.0594 7584 WUDFRd - ok
09:44:33.0610 7584 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:44:33.0625 7584 wudfsvc - ok
09:44:33.0641 7584 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:44:33.0641 7584 WwanSvc - ok
09:44:33.0734 7584 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:44:33.0797 7584 ZeroConfigService - ok
09:44:33.0828 7584 ================ Scan global ===============================
09:44:33.0844 7584 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:44:33.0875 7584 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:44:33.0875 7584 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
09:44:33.0906 7584 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:44:33.0922 7584 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:44:33.0922 7584 [Global] - ok
09:44:33.0922 7584 ================ Scan MBR ==================================
09:44:33.0937 7584 [ D1E477A228D4F13DBF930AF92BEFDBFD ] \Device\Harddisk0\DR0
09:44:34.0093 7584 \Device\Harddisk0\DR0 - ok
09:44:34.0093 7584 ================ Scan VBR ==================================
09:44:34.0093 7584 [ AF7CD970EE38EA9773BD6050E127D6AF ] \Device\Harddisk0\DR0\Partition1
09:44:34.0093 7584 \Device\Harddisk0\DR0\Partition1 - ok
09:44:34.0109 7584 [ C39C97A7A56E4591F884BFBFC1250008 ] \Device\Harddisk0\DR0\Partition2
09:44:34.0109 7584 \Device\Harddisk0\DR0\Partition2 - ok
09:44:34.0140 7584 [ 0B19798D780FACFD46562D26BB113A47 ] \Device\Harddisk0\DR0\Partition3
09:44:34.0140 7584 \Device\Harddisk0\DR0\Partition3 - ok
09:44:34.0140 7584 ============================================================
09:44:34.0140 7584 Scan finished
09:44:34.0140 7584 ============================================================
09:44:34.0156 6196 Detected object count: 0
09:44:34.0156 6196 Actual detected object count: 0
09:44:43.0172 6356 Deinitialize success
-
martinracek
- nováček
- Příspěvky: 10
- Registrován: červen 13
- Pohlaví:
- Stav:
Offline
Re: Asi malware ale netuším co vyčistit
RogueKiller V8.6.1 _x64_ [Jun 25 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Kontrola -- Datum : 06/27/2013 09:49:31
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] ContinueToSave.exe -- C:\ProgramData\BetterSoft\ContinueToSave\ContinueToSave.exe [-] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> NALEZENO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[BROK VAL] HKCR\[...]\command : () -> CHYBÍ
¤¤¤ naplánované úlohy : 2 ¤¤¤
[V1][ROGUE ST] schedule!1143840799.job : C:\ProgramData\BetterSoft\ContinueToSave\ContinueToSave.exe - /schedule /profile "c:\programdata\bettersoft\continuetosave\1143840799.ini" [-][x] -> NALEZENO
[V1][BLPATH] OptimizerProUpdaterTask{26B11F9B-F63E-45C8-A509-398F6F29A18C}.job : C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe - /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro\profile.ini" [x][x] -> NALEZENO
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: HITACHI HTS725050A7E630 +++++
--- User ---
[MBR] fbcd023de278c9faf55b8d9eeda8f6cd
[BSP] c193391866b2412a6a418d989ce91f76 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f9f92db3e3af25aed6e94a64b0811b66
[BSP] 1115d496609faf818116496ca38d9957 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo
Dokončeno : << RKreport[0]_S_06272013_094931.txt >>
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Kontrola -- Datum : 06/27/2013 09:49:31
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] ContinueToSave.exe -- C:\ProgramData\BetterSoft\ContinueToSave\ContinueToSave.exe [-] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Search Protection (C:\ProgramData\Search Protection\SearchProtection.exe [x][x]) -> NALEZENO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[BROK VAL] HKCR\[...]\command : () -> CHYBÍ
¤¤¤ naplánované úlohy : 2 ¤¤¤
[V1][ROGUE ST] schedule!1143840799.job : C:\ProgramData\BetterSoft\ContinueToSave\ContinueToSave.exe - /schedule /profile "c:\programdata\bettersoft\continuetosave\1143840799.ini" [-][x] -> NALEZENO
[V1][BLPATH] OptimizerProUpdaterTask{26B11F9B-F63E-45C8-A509-398F6F29A18C}.job : C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe - /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro\profile.ini" [x][x] -> NALEZENO
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: HITACHI HTS725050A7E630 +++++
--- User ---
[MBR] fbcd023de278c9faf55b8d9eeda8f6cd
[BSP] c193391866b2412a6a418d989ce91f76 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f9f92db3e3af25aed6e94a64b0811b66
[BSP] 1115d496609faf818116496ca38d9957 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo
Dokončeno : << RKreport[0]_S_06272013_094931.txt >>
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 47 hostů