Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#16 Příspěvek od Moody.01 »

Tak teď se hodnoty zničehonic změnily a stav disku je na "pozor". :D Počet přemapovaných sektorů 284, v tabulce je ale jen 87.



----------------------------------------------------------------------------
CrystalDiskInfo 5.0.5 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2013/01/09 14:49:26

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- TOSHIBA MK5061GSY
- PLDS DVD-RW DS8A8SH

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MK5061GSY : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MK5061GSY
----------------------------------------------------------------------------
Model : TOSHIBA MK5061GSY
Firmware : MC102E
Serial Number : 72CJC015T
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 974 hod.
Power On Count : 949 krát
Temparature : 45 C (113 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __1 000000000902 Čas na roztočení ploten
04 100 100 __0 0000000003BB Počet spuštění/zastavení
05 _87 _87 _10 00000000011C Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 0000000003CE Hodin v činnosti
0A 119 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000003B5 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000B Počet vypnutí disku
C1 _99 _99 __0 000000002FBB Počet cyklů načítání/vymazání
C2 100 100 __0 00380015002D Teplota
C4 100 100 __0 000000000052 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DC 100 100 __0 000000000055 Posunutí disku vůči ose
DE _98 _98 __0 00000000033E Počet hodin zalažení budoucího mechanismu magnetických hlav
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E0 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené napětím mechanických částí
E2 100 100 __0 000000000119 Celkový čas zatížení budiče magnetických hlav
F0 100 100 __1 000000000000 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0000 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2037 3243 4A43 3031 3554
020: 0000 0000 0004 4D43 3130 3245 2020 544F 5348 4942
030: 4120 4D4B 3530 3631 4753 5920 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0006 FFFF 0001 003F FFC1 003E 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0F06 0004 004C 004C
080: 01F8 0000 346B 7D09 6163 3469 BC09 6163 203F 003C
090: 003C 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 4000 0000 5000 0394
110: 23C0 4ADA 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 83A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 02
020: 09 00 00 00 00 00 04 32 00 64 64 BB 03 00 00 00
030: 00 00 05 33 00 57 57 1C 01 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 62 62 CE 03 00 00 00
060: 00 00 0A 33 00 77 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 B5 03 00 00 00 00 00 BF 32 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 0B 00 00 00 00
090: 00 00 C1 32 00 63 63 BB 2F 00 00 00 00 00 C2 22
0A0: 00 64 64 2D 00 15 00 38 00 00 C4 32 00 64 64 52
0B0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 55
0E0: 00 00 00 00 00 00 DE 32 00 62 62 3E 03 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 19
110: 01 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 80 00 78 00 00 5B
170: 03 00 01 00 02 7D 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B3

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5E

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#17 Příspěvek od Márty84 »

Ten program si z nas dela srandu :lol:


Podivame se hloubeji, at muzem uplne vyloucit nejakou havet.


:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#18 Příspěvek od Moody.01 »

Ok, dodělám HDtune a pak ještě proscanuju RogueKiller.

Nechala jsem zapnutý CDI při scanování na chyby v HD tune a vrátilo se to na dnešní první výsledek - stav špatný. :) Nechám ho zapnutý ze zvědavosti do jakých stavů se ještě dostane...

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#19 Příspěvek od Márty84 »

:) Jen si hrajte. Kdo si hraje nezlobi :lol:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#20 Příspěvek od Moody.01 »

Tady je log:

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : H [Práva správce]
Mód : Kontrola -- Datum : 01/09/2013 17:20:59

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5061GSY +++++
--- User ---
[MBR] 1a0ac2d2c534d73d8b6d8c604d79b405
[BSP] dd1e76e8e0183151893b9d172e60b593 : Lenovo tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 46ba1bb8fa252b00fda95a65ffb56a54
[BSP] dd63aa8ecf408791d2985053f70c6a26 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo

+++++ PhysicalDrive1: ADATA USB Flash Drive USB Device +++++
--- User ---
[MBR] a79afdf7d469211c23895f37cf929cce
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 7508 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_01092013_02d1720.txt >>
RKreport[1]_S_01092013_02d1720.txt

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#21 Příspěvek od Márty84 »

:arrow: Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#22 Příspěvek od Moody.01 »

RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : H [Práva správce]
Mód : Odebrat -- Datum : 01/09/2013 20:03:05

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5061GSY +++++
--- User ---
[MBR] 1a0ac2d2c534d73d8b6d8c604d79b405
[BSP] dd1e76e8e0183151893b9d172e60b593 : Lenovo tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 46ba1bb8fa252b00fda95a65ffb56a54
[BSP] dd63aa8ecf408791d2985053f70c6a26 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 Mo

Dokončeno : << RKreport[4]_D_01092013_02d2003.txt >>
RKreport[1]_S_01092013_02d1720.txt ; RKreport[2]_S_01092013_02d1730.txt ; RKreport[3]_S_01092013_02d2002.txt ; RKreport[4]_D_01092013_02d2003.txt



RogueKiller V8.4.3 [Jan 8 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : H [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/09/2013 20:03:50

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončeno : << RKreport[5]_H_01092013_02d2003.txt >>
RKreport[1]_S_01092013_02d1720.txt ; RKreport[2]_S_01092013_02d1730.txt ; RKreport[3]_S_01092013_02d2002.txt ; RKreport[4]_D_01092013_02d2003.txt ; RKreport[5]_H_01092013_02d2003.txt

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#23 Příspěvek od Márty84 »

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#24 Příspěvek od Moody.01 »

21:02:48.0997 3664 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:02:49.0169 3664 ============================================================
21:02:49.0169 3664 Current date / time: 2013/01/09 21:02:49.0169
21:02:49.0169 3664 SystemInfo:
21:02:49.0169 3664
21:02:49.0169 3664 OS Version: 6.1.7601 ServicePack: 1.0
21:02:49.0169 3664 Product type: Workstation
21:02:49.0169 3664 ComputerName: H-THINK
21:02:49.0169 3664 UserName: H
21:02:49.0169 3664 Windows directory: C:\Windows
21:02:49.0169 3664 System windows directory: C:\Windows
21:02:49.0169 3664 Running under WOW64
21:02:49.0169 3664 Processor architecture: Intel x64
21:02:49.0169 3664 Number of processors: 4
21:02:49.0169 3664 Page size: 0x1000
21:02:49.0169 3664 Boot type: Normal boot
21:02:49.0169 3664 ============================================================
21:02:49.0730 3664 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:02:49.0746 3664 ============================================================
21:02:49.0746 3664 \Device\Harddisk0\DR0:
21:02:49.0746 3664 MBR partitions:
21:02:49.0746 3664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
21:02:49.0746 3664 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x37D6F000
21:02:49.0746 3664 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3805D800, BlocksNum 0x2328000
21:02:49.0746 3664 ============================================================
21:02:49.0762 3664 C: <-> \Device\Harddisk0\DR0\Partition2
21:02:49.0808 3664 Q: <-> \Device\Harddisk0\DR0\Partition3
21:02:49.0808 3664 ============================================================
21:02:49.0808 3664 Initialize success
21:02:49.0808 3664 ============================================================
21:03:10.0494 4960 ============================================================
21:03:10.0494 4960 Scan started
21:03:10.0494 4960 Mode: Manual; SigCheck; TDLFS;
21:03:10.0494 4960 ============================================================
21:03:12.0304 4960 ================ Scan system memory ========================
21:03:12.0304 4960 System memory - ok
21:03:12.0304 4960 ================ Scan services =============================
21:03:12.0538 4960 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:03:12.0662 4960 1394ohci - ok
21:03:12.0709 4960 [ 144D54704A881047AE1084C6F1163060 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
21:03:12.0772 4960 5U877 - ok
21:03:12.0818 4960 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:03:12.0850 4960 ACPI - ok
21:03:12.0881 4960 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:03:12.0943 4960 AcpiPmi - ok
21:03:12.0990 4960 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:03:13.0037 4960 adp94xx - ok
21:03:13.0052 4960 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:03:13.0099 4960 adpahci - ok
21:03:13.0099 4960 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:03:13.0115 4960 adpu320 - ok
21:03:13.0146 4960 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:03:13.0286 4960 AeLookupSvc - ok
21:03:13.0333 4960 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:03:13.0396 4960 AFD - ok
21:03:13.0427 4960 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:03:13.0442 4960 agp440 - ok
21:03:13.0474 4960 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:03:13.0536 4960 ALG - ok
21:03:13.0552 4960 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:03:13.0583 4960 aliide - ok
21:03:13.0583 4960 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:03:13.0598 4960 amdide - ok
21:03:13.0614 4960 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:03:13.0645 4960 AmdK8 - ok
21:03:13.0645 4960 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:03:13.0676 4960 AmdPPM - ok
21:03:13.0708 4960 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:03:13.0723 4960 amdsata - ok
21:03:13.0739 4960 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:03:13.0754 4960 amdsbs - ok
21:03:13.0770 4960 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:03:13.0786 4960 amdxata - ok
21:03:13.0817 4960 [ 157B1C973637919DCD0D0464167C86BA ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
21:03:13.0879 4960 AMPPAL - ok
21:03:13.0879 4960 [ 157B1C973637919DCD0D0464167C86BA ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
21:03:13.0895 4960 AMPPALP - ok
21:03:13.0988 4960 [ FB70F8C1283C8CC6BFAA6F9971107E68 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
21:03:14.0035 4960 AMPPALR3 - ok
21:03:14.0113 4960 [ D89562A6AE8E07A457452E5B5560EB43 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:03:14.0144 4960 AntiVirSchedulerService - ok
21:03:14.0176 4960 [ E953EB70B3C4F0BA108C35D45420B86B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:03:14.0191 4960 AntiVirService - ok
21:03:14.0222 4960 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:03:14.0269 4960 AppID - ok
21:03:14.0300 4960 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:03:14.0332 4960 AppIDSvc - ok
21:03:14.0347 4960 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:03:14.0410 4960 Appinfo - ok
21:03:14.0441 4960 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:03:14.0456 4960 arc - ok
21:03:14.0456 4960 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:03:14.0472 4960 arcsas - ok
21:03:14.0503 4960 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:03:14.0581 4960 AsyncMac - ok
21:03:14.0612 4960 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:03:14.0628 4960 atapi - ok
21:03:14.0675 4960 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:03:14.0722 4960 AudioEndpointBuilder - ok
21:03:14.0737 4960 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:03:14.0768 4960 AudioSrv - ok
21:03:14.0784 4960 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:03:14.0800 4960 avgntflt - ok
21:03:14.0831 4960 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:03:14.0846 4960 avipbb - ok
21:03:14.0846 4960 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:03:14.0862 4960 avkmgr - ok
21:03:14.0893 4960 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:03:14.0924 4960 AxInstSV - ok
21:03:14.0971 4960 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:03:15.0034 4960 b06bdrv - ok
21:03:15.0049 4960 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:03:15.0096 4960 b57nd60a - ok
21:03:15.0143 4960 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:03:15.0190 4960 BDESVC - ok
21:03:15.0205 4960 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:03:15.0252 4960 Beep - ok
21:03:15.0299 4960 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:03:15.0361 4960 BFE - ok
21:03:15.0408 4960 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:03:15.0486 4960 BITS - ok
21:03:15.0502 4960 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:03:15.0533 4960 blbdrive - ok
21:03:15.0626 4960 [ 6D625A18DDFCD0464B914B71293AD837 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
21:03:15.0658 4960 Bluetooth Device Monitor - ok
21:03:15.0689 4960 [ 74B2BF80D966CFE8BC8005D19E40608D ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
21:03:15.0751 4960 Bluetooth Media Service - ok
21:03:15.0798 4960 [ 707BF27D30ADAB7798C69D5BF41C7131 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
21:03:15.0829 4960 Bluetooth OBEX Service - ok
21:03:15.0876 4960 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:03:15.0923 4960 bowser - ok
21:03:15.0954 4960 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:03:16.0001 4960 BrFiltLo - ok
21:03:16.0001 4960 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:03:16.0032 4960 BrFiltUp - ok
21:03:16.0063 4960 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:03:16.0094 4960 BridgeMP - ok
21:03:16.0141 4960 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:03:16.0188 4960 Browser - ok
21:03:16.0188 4960 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:03:16.0235 4960 Brserid - ok
21:03:16.0235 4960 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:03:16.0266 4960 BrSerWdm - ok
21:03:16.0297 4960 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:03:16.0328 4960 BrUsbMdm - ok
21:03:16.0328 4960 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:03:16.0344 4960 BrUsbSer - ok
21:03:16.0375 4960 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:03:16.0438 4960 BthEnum - ok
21:03:16.0453 4960 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:03:16.0484 4960 BTHMODEM - ok
21:03:16.0484 4960 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:03:16.0516 4960 BthPan - ok
21:03:16.0547 4960 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:03:16.0578 4960 BTHPORT - ok
21:03:16.0609 4960 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:03:16.0640 4960 bthserv - ok
21:03:16.0656 4960 [ FA2D081709A764F6BEE16B7FFE03E36C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
21:03:16.0672 4960 BTHSSecurityMgr - ok
21:03:16.0687 4960 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:03:16.0718 4960 BTHUSB - ok
21:03:16.0750 4960 [ 3676BEAA7D842047D30E95D59B241F22 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
21:03:16.0781 4960 btmaux - ok
21:03:16.0812 4960 [ FA0E7B5AFB8FD335234916764A2D6CF9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
21:03:16.0843 4960 btmhsf - ok
21:03:16.0890 4960 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:03:16.0952 4960 cdfs - ok
21:03:16.0984 4960 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:03:17.0015 4960 cdrom - ok
21:03:17.0046 4960 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:03:17.0093 4960 CertPropSvc - ok
21:03:17.0093 4960 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:03:17.0124 4960 circlass - ok
21:03:17.0155 4960 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:03:17.0171 4960 CLFS - ok
21:03:17.0249 4960 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:03:17.0280 4960 clr_optimization_v2.0.50727_32 - ok
21:03:17.0296 4960 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:03:17.0327 4960 clr_optimization_v2.0.50727_64 - ok
21:03:17.0358 4960 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:03:17.0405 4960 clr_optimization_v4.0.30319_32 - ok
21:03:17.0420 4960 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:03:17.0436 4960 clr_optimization_v4.0.30319_64 - ok
21:03:17.0467 4960 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:03:17.0498 4960 CmBatt - ok
21:03:17.0530 4960 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:03:17.0545 4960 cmdide - ok
21:03:17.0592 4960 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
21:03:17.0670 4960 CNG - ok
21:03:17.0732 4960 [ C6D2584D7BBEED22EC288223CAC68FCE ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
21:03:17.0795 4960 CnxtHdAudService - ok
21:03:17.0810 4960 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:03:17.0826 4960 Compbatt - ok
21:03:17.0857 4960 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:03:17.0888 4960 CompositeBus - ok
21:03:17.0904 4960 COMSysApp - ok
21:03:17.0982 4960 [ C30FBFDB0A1B298C3D9A5EE1BBDFCB14 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:03:18.0044 4960 cphs - ok
21:03:18.0060 4960 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:03:18.0076 4960 crcdisk - ok
21:03:18.0107 4960 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:03:18.0138 4960 CryptSvc - ok
21:03:18.0169 4960 [ F160B26B26BA4AFE8CECC12ED5AC231E ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
21:03:18.0185 4960 CxAudMsg - ok
21:03:18.0232 4960 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:03:18.0294 4960 DcomLaunch - ok
21:03:18.0325 4960 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:03:18.0419 4960 defragsvc - ok
21:03:18.0450 4960 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:03:18.0497 4960 DfsC - ok
21:03:18.0512 4960 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:03:18.0559 4960 Dhcp - ok
21:03:18.0575 4960 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:03:18.0622 4960 discache - ok
21:03:18.0637 4960 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:03:18.0653 4960 Disk - ok
21:03:18.0668 4960 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:03:18.0700 4960 Dnscache - ok
21:03:18.0715 4960 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:03:18.0778 4960 dot3svc - ok
21:03:18.0793 4960 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:03:18.0840 4960 DPS - ok
21:03:18.0871 4960 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:03:18.0918 4960 drmkaud - ok
21:03:18.0949 4960 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:03:18.0980 4960 DXGKrnl - ok
21:03:19.0012 4960 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:03:19.0058 4960 EapHost - ok
21:03:19.0121 4960 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:03:19.0246 4960 ebdrv - ok
21:03:19.0277 4960 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:03:19.0308 4960 EFS - ok
21:03:19.0355 4960 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:03:19.0433 4960 ehRecvr - ok
21:03:19.0448 4960 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:03:19.0480 4960 ehSched - ok
21:03:19.0526 4960 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:03:19.0573 4960 elxstor - ok
21:03:19.0573 4960 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:03:19.0589 4960 ErrDev - ok
21:03:19.0636 4960 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:03:19.0682 4960 EventSystem - ok
21:03:19.0745 4960 [ 23D401A43DADED10A153B9F3A7E66C91 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:03:19.0776 4960 EvtEng - ok
21:03:19.0807 4960 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:03:19.0854 4960 exfat - ok
21:03:19.0885 4960 [ EB3A7D5663ACAC417DF986D4AEE12170 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
21:03:19.0901 4960 Fastboot - ok
21:03:19.0948 4960 [ 63511240AF70D10343A4AE05F8E2CA12 ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
21:03:19.0963 4960 FastbootService - ok
21:03:19.0979 4960 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:03:20.0041 4960 fastfat - ok
21:03:20.0088 4960 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:03:20.0135 4960 Fax - ok
21:03:20.0150 4960 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:03:20.0182 4960 fdc - ok
21:03:20.0213 4960 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:03:20.0244 4960 fdPHost - ok
21:03:20.0260 4960 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:03:20.0306 4960 FDResPub - ok
21:03:20.0322 4960 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:03:20.0338 4960 FileInfo - ok
21:03:20.0353 4960 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:03:20.0416 4960 Filetrace - ok
21:03:20.0416 4960 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:03:20.0431 4960 flpydisk - ok
21:03:20.0462 4960 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:03:20.0478 4960 FltMgr - ok
21:03:20.0509 4960 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:03:20.0556 4960 FontCache - ok
21:03:20.0603 4960 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:03:20.0618 4960 FontCache3.0.0.0 - ok
21:03:20.0681 4960 [ 327C3EF11AD3A7262951FAC5D705F546 ] FPLService C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
21:03:20.0712 4960 FPLService - ok
21:03:20.0728 4960 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:03:20.0759 4960 FsDepends - ok
21:03:20.0790 4960 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:03:20.0821 4960 Fs_Rec - ok
21:03:20.0868 4960 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:03:20.0884 4960 fvevol - ok
21:03:20.0915 4960 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:03:20.0930 4960 gagp30kx - ok
21:03:20.0962 4960 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:03:21.0008 4960 gpsvc - ok
21:03:21.0055 4960 [ 3CC07DAD48FA53193AE2F85DD8200B5E ] hcmon C:\Windows\system32\drivers\hcmon.sys
21:03:21.0071 4960 hcmon - ok
21:03:21.0102 4960 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:03:21.0133 4960 hcw85cir - ok
21:03:21.0164 4960 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:03:21.0196 4960 HdAudAddService - ok
21:03:21.0227 4960 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:03:21.0258 4960 HDAudBus - ok
21:03:21.0258 4960 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:03:21.0274 4960 HidBatt - ok
21:03:21.0274 4960 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:03:21.0305 4960 HidBth - ok
21:03:21.0336 4960 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:03:21.0352 4960 HidIr - ok
21:03:21.0383 4960 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:03:21.0445 4960 hidserv - ok
21:03:21.0445 4960 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:03:21.0461 4960 HidUsb - ok
21:03:21.0492 4960 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:03:21.0539 4960 hkmsvc - ok
21:03:21.0554 4960 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:03:21.0586 4960 HomeGroupListener - ok
21:03:21.0617 4960 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:03:21.0632 4960 HomeGroupProvider - ok
21:03:21.0664 4960 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:03:21.0679 4960 HpSAMD - ok
21:03:21.0726 4960 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:03:21.0788 4960 HTTP - ok
21:03:21.0804 4960 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:03:21.0820 4960 hwpolicy - ok
21:03:21.0882 4960 [ 16A7CA284629A4D002F7B992C9A49EF9 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
21:03:21.0913 4960 HyperW7Svc - ok
21:03:21.0944 4960 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:03:21.0976 4960 i8042prt - ok
21:03:22.0022 4960 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:03:22.0038 4960 iaStor - ok
21:03:22.0100 4960 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:03:22.0147 4960 iaStorV - ok
21:03:22.0163 4960 [ 22FEF6D8DDC3452EE5EC6FBD9920C74D ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
21:03:22.0178 4960 IBMPMDRV - ok
21:03:22.0178 4960 [ 8D61BB5A7D6E08E278C84F852D07D516 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
21:03:22.0178 4960 IBMPMSVC - ok
21:03:22.0194 4960 [ 653A38B868A5F20BB506AB57AC41B936 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
21:03:22.0225 4960 ibtfltcoex - ok
21:03:22.0288 4960 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:03:22.0350 4960 idsvc - ok
21:03:22.0615 4960 [ 937CB7CC3E71A93771B72C8C52B9EA81 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:03:23.0068 4960 igfx - ok
21:03:23.0099 4960 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:03:23.0114 4960 iirsp - ok
21:03:23.0146 4960 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:03:23.0208 4960 IKEEXT - ok
21:03:23.0224 4960 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:03:23.0239 4960 intaud_WaveExtensible - ok
21:03:23.0270 4960 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:03:23.0333 4960 IntcDAud - ok
21:03:23.0411 4960 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:03:23.0442 4960 Intel(R) Capability Licensing Service Interface - ok
21:03:23.0473 4960 [ FB166D86AFCBD9A9BFD342DC2564F5DF ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:03:23.0489 4960 Intel(R) ME Service - ok
21:03:23.0551 4960 [ 5529614F79A407FD40845A8011D86082 ] Intel(R) Small Business Advantage C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
21:03:23.0582 4960 Intel(R) Small Business Advantage - ok
21:03:23.0598 4960 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:03:23.0645 4960 intelide - ok
21:03:23.0660 4960 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:03:23.0692 4960 intelppm - ok
21:03:23.0723 4960 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:03:23.0770 4960 IPBusEnum - ok
21:03:23.0770 4960 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:03:23.0816 4960 IpFilterDriver - ok
21:03:23.0863 4960 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:03:23.0926 4960 iphlpsvc - ok
21:03:23.0926 4960 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:03:23.0957 4960 IPMIDRV - ok
21:03:23.0972 4960 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:03:24.0019 4960 IPNAT - ok
21:03:24.0066 4960 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:03:24.0097 4960 IRENUM - ok
21:03:24.0113 4960 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:03:24.0128 4960 isapnp - ok
21:03:24.0144 4960 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:03:24.0160 4960 iScsiPrt - ok
21:03:24.0191 4960 [ B2381712638B0B714D0EEAB9A1F7C640 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:03:24.0206 4960 iusb3hcs - ok
21:03:24.0222 4960 [ FD2C6457232E95C014DAD21DEBC64867 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:03:24.0238 4960 iusb3hub - ok
21:03:24.0269 4960 [ F6A2B5D030BE7EDF8ADC12C9A40825A8 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:03:24.0300 4960 iusb3xhc - ok
21:03:24.0347 4960 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
21:03:24.0378 4960 iwdbus - ok
21:03:24.0409 4960 [ B443D3D1B6F21C2B424E49491B65C488 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:03:24.0425 4960 jhi_service - ok
21:03:24.0456 4960 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:03:24.0487 4960 kbdclass - ok
21:03:24.0503 4960 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:03:24.0534 4960 kbdhid - ok
21:03:24.0565 4960 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:03:24.0581 4960 KeyIso - ok
21:03:24.0596 4960 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:03:24.0612 4960 KSecDD - ok
21:03:24.0643 4960 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:03:24.0674 4960 KSecPkg - ok
21:03:24.0674 4960 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:03:24.0721 4960 ksthunk - ok
21:03:24.0752 4960 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:03:24.0815 4960 KtmRm - ok
21:03:24.0862 4960 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:03:24.0908 4960 LanmanServer - ok
21:03:24.0924 4960 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:03:24.0971 4960 LanmanWorkstation - ok
21:03:25.0033 4960 [ B8ECFA389B041AC1664DC10ACC6788B6 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
21:03:25.0049 4960 LENOVO.CAMMUTE - ok
21:03:25.0111 4960 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
21:03:25.0127 4960 LENOVO.MICMUTE - ok
21:03:25.0174 4960 [ DDE400823C15A7A1BA31F106F35AE9C2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
21:03:25.0189 4960 LENOVO.TPKNRSVC - ok
21:03:25.0220 4960 [ A19EC8B1920044BB6825BCC6403C83C2 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
21:03:25.0236 4960 LENOVO.TVTVCAM - ok
21:03:25.0267 4960 [ D253E6009F05776F505F96866CCF460F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
21:03:25.0283 4960 Lenovo.VIRTSCRLSVC - ok
21:03:25.0330 4960 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\Windows\system32\DRIVERS\libusb0.sys
21:03:25.0361 4960 libusb0 - ok
21:03:25.0392 4960 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:03:25.0439 4960 lltdio - ok
21:03:25.0470 4960 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:03:25.0517 4960 lltdsvc - ok
21:03:25.0548 4960 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:03:25.0595 4960 lmhosts - ok
21:03:25.0610 4960 [ 9BE23DF9B1FC56F58DD0F28CC187E713 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:03:25.0626 4960 LMS - ok
21:03:25.0673 4960 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:03:25.0704 4960 LSI_FC - ok
21:03:25.0720 4960 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:03:25.0735 4960 LSI_SAS - ok
21:03:25.0735 4960 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:03:25.0751 4960 LSI_SAS2 - ok
21:03:25.0751 4960 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:03:25.0766 4960 LSI_SCSI - ok
21:03:25.0798 4960 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:03:25.0844 4960 luafv - ok
21:03:25.0860 4960 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:03:25.0876 4960 Mcx2Svc - ok
21:03:25.0954 4960 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
21:03:25.0985 4960 MDM - ok
21:03:26.0078 4960 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:03:26.0125 4960 megasas - ok
21:03:26.0156 4960 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:03:26.0188 4960 MegaSR - ok
21:03:26.0234 4960 [ D71FD7A4FDB01C554AE144037B688DF1 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:03:26.0266 4960 MEIx64 - ok
21:03:26.0297 4960 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:03:26.0359 4960 MMCSS - ok
21:03:26.0359 4960 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:03:26.0390 4960 Modem - ok
21:03:26.0437 4960 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:03:26.0468 4960 monitor - ok
21:03:26.0500 4960 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:03:26.0515 4960 mouclass - ok
21:03:26.0531 4960 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:03:26.0562 4960 mouhid - ok
21:03:26.0593 4960 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:03:26.0609 4960 mountmgr - ok
21:03:26.0640 4960 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:03:26.0656 4960 mpio - ok
21:03:26.0671 4960 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:03:26.0718 4960 mpsdrv - ok
21:03:26.0734 4960 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:03:26.0812 4960 MpsSvc - ok
21:03:26.0812 4960 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:03:26.0827 4960 MRxDAV - ok
21:03:26.0843 4960 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:03:26.0874 4960 mrxsmb - ok
21:03:26.0905 4960 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:03:26.0936 4960 mrxsmb10 - ok
21:03:26.0936 4960 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:03:26.0952 4960 mrxsmb20 - ok
21:03:26.0968 4960 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:03:26.0983 4960 msahci - ok
21:03:26.0983 4960 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:03:26.0999 4960 msdsm - ok
21:03:27.0014 4960 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:03:27.0046 4960 MSDTC - ok
21:03:27.0061 4960 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:03:27.0124 4960 Msfs - ok
21:03:27.0139 4960 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:03:27.0186 4960 mshidkmdf - ok
21:03:27.0202 4960 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:03:27.0202 4960 msisadrv - ok
21:03:27.0233 4960 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:03:27.0295 4960 MSiSCSI - ok
21:03:27.0295 4960 msiserver - ok
21:03:27.0326 4960 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:03:27.0373 4960 MSKSSRV - ok
21:03:27.0404 4960 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:03:27.0436 4960 MSPCLOCK - ok
21:03:27.0451 4960 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:03:27.0498 4960 MSPQM - ok
21:03:27.0514 4960 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:03:27.0545 4960 MsRPC - ok
21:03:27.0560 4960 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:03:27.0560 4960 mssmbios - ok
21:03:27.0576 4960 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:03:27.0607 4960 MSTEE - ok
21:03:27.0623 4960 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:03:27.0638 4960 MTConfig - ok
21:03:27.0654 4960 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:03:27.0654 4960 Mup - ok
21:03:27.0685 4960 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:03:27.0716 4960 MyWiFiDHCPDNS - ok
21:03:27.0748 4960 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:03:27.0794 4960 napagent - ok
21:03:27.0841 4960 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:03:27.0872 4960 NativeWifiP - ok
21:03:27.0935 4960 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:03:27.0982 4960 NDIS - ok
21:03:27.0997 4960 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:03:28.0044 4960 NdisCap - ok
21:03:28.0075 4960 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:03:28.0122 4960 NdisTapi - ok
21:03:28.0122 4960 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:03:28.0169 4960 Ndisuio - ok
21:03:28.0169 4960 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:03:28.0216 4960 NdisWan - ok
21:03:28.0231 4960 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:03:28.0262 4960 NDProxy - ok
21:03:28.0294 4960 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:03:28.0356 4960 NetBIOS - ok
21:03:28.0387 4960 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:03:28.0418 4960 NetBT - ok
21:03:28.0450 4960 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:03:28.0465 4960 Netlogon - ok
21:03:28.0512 4960 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:03:28.0574 4960 Netman - ok
21:03:28.0606 4960 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:03:28.0652 4960 netprofm - ok
21:03:28.0668 4960 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:03:28.0715 4960 NetTcpPortSharing - ok
21:03:28.0933 4960 [ FAD6C5610D020534401966CD72A1C306 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
21:03:29.0230 4960 NETwNs64 - ok
21:03:29.0276 4960 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:03:29.0292 4960 nfrd960 - ok
21:03:29.0323 4960 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:03:29.0354 4960 NlaSvc - ok
21:03:29.0370 4960 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:03:29.0401 4960 Npfs - ok
21:03:29.0432 4960 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:03:29.0479 4960 nsi - ok
21:03:29.0495 4960 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:03:29.0526 4960 nsiproxy - ok
21:03:29.0573 4960 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:03:29.0620 4960 Ntfs - ok
21:03:29.0651 4960 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:03:29.0698 4960 Null - ok
21:03:29.0713 4960 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:03:29.0729 4960 nvraid - ok
21:03:29.0729 4960 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:03:29.0744 4960 nvstor - ok
21:03:29.0776 4960 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:03:29.0791 4960 nv_agp - ok
21:03:29.0791 4960 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:03:29.0807 4960 ohci1394 - ok
21:03:29.0869 4960 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:03:29.0885 4960 ose - ok
21:03:29.0916 4960 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:03:29.0947 4960 p2pimsvc - ok
21:03:29.0978 4960 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:03:29.0994 4960 p2psvc - ok
21:03:30.0010 4960 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:03:30.0041 4960 Parport - ok
21:03:30.0056 4960 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:03:30.0072 4960 partmgr - ok
21:03:30.0088 4960 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:03:30.0119 4960 PcaSvc - ok
21:03:30.0134 4960 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:03:30.0150 4960 pci - ok
21:03:30.0166 4960 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:03:30.0181 4960 pciide - ok
21:03:30.0181 4960 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:03:30.0197 4960 pcmcia - ok
21:03:30.0197 4960 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:03:30.0212 4960 pcw - ok
21:03:30.0244 4960 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:03:30.0322 4960 PEAUTH - ok
21:03:30.0400 4960 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:03:30.0446 4960 PerfHost - ok
21:03:30.0478 4960 [ B4C1BF666DBD6899EC4A9A499DAA040B ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
21:03:30.0493 4960 PHCORE - ok
21:03:30.0540 4960 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:03:30.0602 4960 pla - ok
21:03:30.0649 4960 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:03:30.0712 4960 PlugPlay - ok
21:03:30.0743 4960 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:03:30.0774 4960 PNRPAutoReg - ok
21:03:30.0790 4960 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:03:30.0821 4960 PNRPsvc - ok
21:03:30.0836 4960 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:03:30.0899 4960 PolicyAgent - ok
21:03:30.0914 4960 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
21:03:30.0961 4960 Power - ok
21:03:31.0055 4960 [ DEED60F99C5B8E386D507860F600D509 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
21:03:31.0133 4960 Power Manager DBC Service - ok
21:03:31.0164 4960 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:03:31.0226 4960 PptpMiniport - ok
21:03:31.0242 4960 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:03:31.0273 4960 Processor - ok
21:03:31.0304 4960 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:03:31.0320 4960 ProfSvc - ok
21:03:31.0336 4960 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:03:31.0351 4960 ProtectedStorage - ok
21:03:31.0367 4960 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
21:03:31.0382 4960 psadd - ok
21:03:31.0414 4960 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:03:31.0476 4960 Psched - ok
21:03:31.0507 4960 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:03:31.0523 4960 PSI_SVC_2 - ok
21:03:31.0570 4960 [ 68DCE950DCD2ABBB82362D383EC5836E ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
21:03:31.0632 4960 PwmEWSvc - ok
21:03:31.0663 4960 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:03:31.0710 4960 ql2300 - ok
21:03:31.0741 4960 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:03:31.0757 4960 ql40xx - ok
21:03:31.0772 4960 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:03:31.0804 4960 QWAVE - ok
21:03:31.0804 4960 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:03:31.0835 4960 QWAVEdrv - ok
21:03:31.0850 4960 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:03:31.0882 4960 RasAcd - ok
21:03:31.0913 4960 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:03:31.0960 4960 RasAgileVpn - ok
21:03:31.0960 4960 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:03:32.0006 4960 RasAuto - ok
21:03:32.0006 4960 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:03:32.0053 4960 Rasl2tp - ok
21:03:32.0084 4960 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:03:32.0116 4960 RasMan - ok
21:03:32.0131 4960 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:03:32.0162 4960 RasPppoe - ok
21:03:32.0178 4960 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:03:32.0225 4960 RasSstp - ok
21:03:32.0256 4960 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:03:32.0303 4960 rdbss - ok
21:03:32.0318 4960 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:03:32.0334 4960 rdpbus - ok
21:03:32.0350 4960 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:03:32.0381 4960 RDPCDD - ok
21:03:32.0381 4960 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:03:32.0428 4960 RDPENCDD - ok
21:03:32.0459 4960 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:03:32.0490 4960 RDPREFMP - ok
21:03:32.0521 4960 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:03:32.0568 4960 RdpVideoMiniport - ok
21:03:32.0584 4960 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:03:32.0630 4960 RDPWD - ok
21:03:32.0662 4960 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:03:32.0677 4960 rdyboost - ok
21:03:32.0771 4960 [ 0C2B4C3B10D183BE116A38353E937F62 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:03:32.0786 4960 RegSrvc - ok
21:03:32.0818 4960 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:03:32.0896 4960 RemoteAccess - ok
21:03:32.0927 4960 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:03:32.0989 4960 RemoteRegistry - ok
21:03:33.0020 4960 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:03:33.0036 4960 RFCOMM - ok
21:03:33.0052 4960 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:03:33.0098 4960 RpcEptMapper - ok
21:03:33.0130 4960 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:03:33.0161 4960 RpcLocator - ok
21:03:33.0192 4960 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:03:33.0223 4960 RpcSs - ok
21:03:33.0270 4960 [ 7F324DFFCA5318EEF040DBE351D038D8 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
21:03:33.0286 4960 RSP2STOR - ok
21:03:33.0317 4960 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:03:33.0364 4960 rspndr - ok
21:03:33.0426 4960 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:03:33.0488 4960 RTL8167 - ok
21:03:33.0504 4960 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:03:33.0504 4960 SamSs - ok
21:03:33.0504 4960 SAService - ok
21:03:33.0535 4960 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:03:33.0551 4960 sbp2port - ok
21:03:33.0582 4960 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:03:33.0629 4960 SCardSvr - ok
21:03:33.0629 4960 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:03:33.0676 4960 scfilter - ok
21:03:33.0691 4960 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:03:33.0754 4960 Schedule - ok
21:03:33.0785 4960 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:03:33.0816 4960 SCPolicySvc - ok
21:03:33.0832 4960 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:03:33.0894 4960 SDRSVC - ok
21:03:33.0925 4960 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:03:33.0988 4960 secdrv - ok
21:03:34.0003 4960 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:03:34.0034 4960 seclogon - ok
21:03:34.0066 4960 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:03:34.0097 4960 SENS - ok
21:03:34.0128 4960 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:03:34.0159 4960 SensrSvc - ok
21:03:34.0175 4960 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:03:34.0206 4960 Serenum - ok
21:03:34.0237 4960 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:03:34.0268 4960 Serial - ok
21:03:34.0268 4960 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:03:34.0300 4960 sermouse - ok
21:03:34.0315 4960 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:03:34.0378 4960 SessionEnv - ok
21:03:34.0378 4960 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:03:34.0393 4960 sffdisk - ok
21:03:34.0409 4960 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:03:34.0424 4960 sffp_mmc - ok
21:03:34.0424 4960 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:03:34.0440 4960 sffp_sd - ok
21:03:34.0471 4960 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:03:34.0471 4960 sfloppy - ok
21:03:34.0518 4960 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:03:34.0565 4960 SharedAccess - ok
21:03:34.0580 4960 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:03:34.0612 4960 ShellHWDetection - ok
21:03:34.0658 4960 [ 3FA2CBF653544AB4EC2249B6719A3C8E ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
21:03:34.0705 4960 Shockprf - ok
21:03:34.0736 4960 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:03:34.0752 4960 SiSRaid2 - ok
21:03:34.0768 4960 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:03:34.0783 4960 SiSRaid4 - ok
21:03:34.0799 4960 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:03:34.0846 4960 Smb - ok
21:03:34.0861 4960 [ 1D05A2E9067CD87E2C7D566DA47B9EEF ] SmbDrvIntel C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
21:03:34.0877 4960 SmbDrvIntel - ok
21:03:34.0892 4960 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:03:34.0924 4960 SNMPTRAP - ok
21:03:34.0924 4960 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:03:34.0939 4960 spldr - ok
21:03:34.0955 4960 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:03:35.0002 4960 Spooler - ok
21:03:35.0095 4960 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:03:35.0220 4960 sppsvc - ok
21:03:35.0236 4960 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:03:35.0267 4960 sppuinotify - ok
21:03:35.0298 4960 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:03:35.0345 4960 srv - ok
21:03:35.0360 4960 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:03:35.0392 4960 srv2 - ok
21:03:35.0407 4960 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:03:35.0423 4960 srvnet - ok
21:03:35.0563 4960 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:03:35.0657 4960 SSDPSRV - ok
21:03:35.0672 4960 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:03:35.0704 4960 SstpSvc - ok
21:03:35.0719 4960 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:03:35.0735 4960 stexstor - ok
21:03:35.0766 4960 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:03:35.0782 4960 stisvc - ok
21:03:35.0860 4960 [ 787D181332401B04DA4EDC422193C47B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:03:35.0891 4960 SUService - ok
21:03:35.0922 4960 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:03:35.0953 4960 swenum - ok
21:03:35.0984 4960 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:03:36.0062 4960 swprv - ok
21:03:36.0109 4960 [ 1C402D9404BD874406D9C53FD40D1418 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:03:36.0156 4960 SynTP - ok
21:03:36.0187 4960 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:03:36.0250 4960 SysMain - ok
21:03:36.0265 4960 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:03:36.0281 4960 TabletInputService - ok
21:03:36.0296 4960 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:03:36.0328 4960 TapiSrv - ok
21:03:36.0343 4960 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:03:36.0390 4960 TBS - ok
21:03:36.0468 4960 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:03:36.0515 4960 Tcpip - ok
21:03:36.0562 4960 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:03:36.0593 4960 TCPIP6 - ok
21:03:36.0593 4960 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:03:36.0624 4960 tcpipreg - ok
21:03:36.0655 4960 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:03:36.0671 4960 TDPIPE - ok
21:03:36.0686 4960 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:03:36.0702 4960 TDTCP - ok
21:03:36.0718 4960 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:03:36.0764 4960 tdx - ok
21:03:36.0796 4960 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:03:36.0811 4960 TermDD - ok
21:03:36.0842 4960 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:03:36.0920 4960 TermService - ok
21:03:36.0920 4960 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:03:36.0936 4960 Themes - ok
21:03:36.0952 4960 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:03:36.0983 4960 THREADORDER - ok
21:03:37.0014 4960 [ BC148E3415BF8A9DE83364966F75044F ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
21:03:37.0014 4960 TPDIGIMN - ok
21:03:37.0030 4960 [ BBD91008BEC4A2BA5D383BC9A15D6F9E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
21:03:37.0045 4960 TPHDEXLGSVC - ok
21:03:37.0076 4960 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
21:03:37.0092 4960 TPHKLOAD - ok
21:03:37.0108 4960 [ 046A7B412E4E6C4A7B426441E143F0F2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
21:03:37.0108 4960 TPHKSVC - ok
21:03:37.0154 4960 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
21:03:37.0186 4960 TPM - ok
21:03:37.0201 4960 [ 1DF6E6C026AD1D428687FE3B427A87BC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
21:03:37.0217 4960 TPPWRIF - ok
21:03:37.0232 4960 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:03:37.0295 4960 TrkWks - ok
21:03:37.0326 4960 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:03:37.0404 4960 TrustedInstaller - ok
21:03:37.0404 4960 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:37.0451 4960 tssecsrv - ok
21:03:37.0482 4960 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:03:37.0544 4960 TsUsbFlt - ok
21:03:37.0576 4960 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:03:37.0607 4960 TsUsbGD - ok
21:03:37.0638 4960 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:03:37.0716 4960 tunnel - ok
21:03:37.0747 4960 [ D4915DB03B19F9FD50EC084CC0ED15FC ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
21:03:37.0763 4960 TVTI2C - ok
21:03:37.0778 4960 [ 760B34088C2AD8D634CC3784EF3A2CA2 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
21:03:37.0794 4960 tvtvcamd - ok
21:03:37.0810 4960 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:03:37.0825 4960 uagp35 - ok
21:03:37.0841 4960 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:03:37.0888 4960 udfs - ok
21:03:37.0919 4960 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:03:37.0950 4960 UI0Detect - ok
21:03:37.0981 4960 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:03:38.0028 4960 uliagpkx - ok
21:03:38.0028 4960 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:03:38.0059 4960 umbus - ok
21:03:38.0075 4960 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:03:38.0106 4960 UmPass - ok
21:03:38.0184 4960 [ 30FF46EABCA1BB18E4F357492A8F7FC9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:03:38.0215 4960 UNS - ok
21:03:38.0246 4960 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:03:38.0293 4960 upnphost - ok
21:03:38.0309 4960 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:38.0340 4960 usbccgp - ok
21:03:38.0356 4960 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:03:38.0387 4960 usbcir - ok
21:03:38.0402 4960 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:03:38.0434 4960 usbehci - ok
21:03:38.0465 4960 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:03:38.0496 4960 usbhub - ok
21:03:38.0496 4960 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:03:38.0512 4960 usbohci - ok
21:03:38.0527 4960 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:03:38.0558 4960 usbprint - ok
21:03:38.0590 4960 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:03:38.0621 4960 usbscan - ok
21:03:38.0636 4960 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:38.0668 4960 USBSTOR - ok
21:03:38.0683 4960 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:03:38.0699 4960 usbuhci - ok
21:03:38.0730 4960 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:03:38.0761 4960 usbvideo - ok
21:03:38.0777 4960 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:03:38.0824 4960 UxSms - ok
21:03:38.0839 4960 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:03:38.0855 4960 VaultSvc - ok
21:03:38.0870 4960 [ 6B22F16BE58AEF1A57970611D7109507 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
21:03:38.0886 4960 VBoxNetAdp - ok
21:03:38.0902 4960 VBoxNetFlt - ok
21:03:38.0933 4960 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:03:38.0948 4960 vdrvroot - ok
21:03:38.0964 4960 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:03:39.0011 4960 vds - ok
21:03:39.0026 4960 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:39.0042 4960 vga - ok
21:03:39.0058 4960 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:03:39.0120 4960 VgaSave - ok
21:03:39.0120 4960 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:03:39.0136 4960 vhdmp - ok
21:03:39.0136 4960 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:03:39.0151 4960 viaide - ok
21:03:39.0198 4960 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
21:03:39.0214 4960 VIPAppService - ok
21:03:39.0276 4960 [ A942813405C51998DD2C2B86A08394D5 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
21:03:39.0292 4960 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
21:03:39.0292 4960 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
21:03:39.0323 4960 [ 6203C901DEFF10631AAD919B3BD1489B ] vmci C:\Windows\system32\DRIVERS\vmci.sys
21:03:39.0354 4960 vmci - ok
21:03:39.0385 4960 [ DE8F365C4C038AFE02F6E3B18ECAED33 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
21:03:39.0401 4960 vmkbd - ok
21:03:39.0401 4960 [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:03:39.0416 4960 VMnetAdapter - ok
21:03:39.0432 4960 [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:03:39.0448 4960 VMnetBridge - ok
21:03:39.0448 4960 VMnetDHCP - ok
21:03:39.0463 4960 [ 36EDBFE2C2405081620ADEF7B691ED89 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
21:03:39.0463 4960 VMnetuserif - ok
21:03:39.0510 4960 [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:03:39.0526 4960 VMUSBArbService - ok
21:03:39.0541 4960 VMware NAT Service - ok
21:03:39.0557 4960 [ 0E6ACC0257C6EFBB41E9FF4CD2A88B7F ] vmx86 C:\Windows\system32\drivers\vmx86.sys
21:03:39.0572 4960 vmx86 - ok
21:03:39.0588 4960 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:03:39.0635 4960 volmgr - ok
21:03:39.0635 4960 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:03:39.0650 4960 volmgrx - ok
21:03:39.0666 4960 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:03:39.0682 4960 volsnap - ok
21:03:39.0713 4960 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:03:39.0728 4960 vsmraid - ok
21:03:39.0744 4960 [ EF1E48D431223F670CFFD6169B1A136F ] vsock C:\Windows\system32\drivers\vsock.sys
21:03:39.0760 4960 vsock - ok
21:03:39.0806 4960 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:03:39.0853 4960 VSS - ok
21:03:39.0869 4960 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:03:39.0900 4960 vwifibus - ok
21:03:39.0931 4960 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:03:39.0962 4960 vwififlt - ok
21:03:39.0962 4960 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:03:40.0009 4960 vwifimp - ok
21:03:40.0056 4960 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:03:40.0118 4960 W32Time - ok
21:03:40.0150 4960 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:03:40.0165 4960 WacomPen - ok
21:03:40.0196 4960 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:03:40.0243 4960 WANARP - ok
21:03:40.0259 4960 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:03:40.0290 4960 Wanarpv6 - ok
21:03:40.0368 4960 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:03:40.0430 4960 WatAdminSvc - ok
21:03:40.0477 4960 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:03:40.0555 4960 wbengine - ok
21:03:40.0571 4960 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:03:40.0602 4960 WbioSrvc - ok
21:03:40.0618 4960 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:03:40.0664 4960 wcncsvc - ok
21:03:40.0664 4960 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:03:40.0696 4960 WcsPlugInService - ok
21:03:40.0727 4960 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:03:40.0742 4960 Wd - ok
21:03:40.0789 4960 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:03:40.0852 4960 Wdf01000 - ok
21:03:40.0867 4960 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:03:40.0930 4960 WdiServiceHost - ok
21:03:40.0945 4960 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:03:40.0961 4960 WdiSystemHost - ok
21:03:40.0976 4960 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:03:41.0023 4960 WebClient - ok
21:03:41.0039 4960 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:03:41.0101 4960 Wecsvc - ok
21:03:41.0132 4960 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:03:41.0164 4960 wercplsupport - ok
21:03:41.0195 4960 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:03:41.0242 4960 WerSvc - ok
21:03:41.0273 4960 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:03:41.0304 4960 WfpLwf - ok
21:03:41.0335 4960 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:03:41.0335 4960 WIMMount - ok
21:03:41.0366 4960 WinDefend - ok
21:03:41.0382 4960 WinHttpAutoProxySvc - ok
21:03:41.0429 4960 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:03:41.0476 4960 Winmgmt - ok
21:03:41.0554 4960 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:03:41.0632 4960 WinRM - ok
21:03:41.0663 4960 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
21:03:41.0694 4960 WinUsb - ok
21:03:41.0741 4960 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:03:41.0772 4960 Wlansvc - ok
21:03:41.0803 4960 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:03:41.0819 4960 wlcrasvc - ok
21:03:41.0897 4960 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:03:41.0944 4960 wlidsvc - ok
21:03:41.0990 4960 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:03:41.0990 4960 WmiAcpi - ok
21:03:42.0022 4960 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:03:42.0068 4960 wmiApSrv - ok
21:03:42.0100 4960 WMPNetworkSvc - ok
21:03:42.0131 4960 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:03:42.0162 4960 WPCSvc - ok
21:03:42.0193 4960 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:03:42.0224 4960 WPDBusEnum - ok
21:03:42.0240 4960 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:03:42.0287 4960 ws2ifsl - ok
21:03:42.0302 4960 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:03:42.0318 4960 wscsvc - ok
21:03:42.0334 4960 WSearch - ok
21:03:42.0380 4960 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:03:42.0443 4960 wuauserv - ok
21:03:42.0474 4960 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:03:42.0505 4960 WudfPf - ok
21:03:42.0536 4960 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:03:42.0568 4960 WUDFRd - ok
21:03:42.0599 4960 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:03:42.0614 4960 wudfsvc - ok
21:03:42.0646 4960 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:03:42.0677 4960 WwanSvc - ok
21:03:42.0739 4960 [ 8C6413D62C891D8DA084A31DA53A09E6 ] X5XSEx C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys
21:03:42.0755 4960 X5XSEx - ok
21:03:42.0895 4960 [ D2FE4103450E52CB248D842501F84B90 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:03:42.0989 4960 ZeroConfigService - ok
21:03:43.0004 4960 ================ Scan global ===============================
21:03:43.0020 4960 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:03:43.0051 4960 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
21:03:43.0067 4960 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
21:03:43.0098 4960 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:03:43.0129 4960 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:03:43.0129 4960 [Global] - ok
21:03:43.0129 4960 ================ Scan MBR ==================================
21:03:43.0145 4960 [ 1DE8775FA8A26F4C53B365C974C3FC6D ] \Device\Harddisk0\DR0
21:03:44.0003 4960 \Device\Harddisk0\DR0 - ok
21:03:44.0003 4960 ================ Scan VBR ==================================
21:03:44.0018 4960 [ 201D1E813DB37C99D26D4FF46DBD01C3 ] \Device\Harddisk0\DR0\Partition1
21:03:44.0034 4960 \Device\Harddisk0\DR0\Partition1 - ok
21:03:44.0034 4960 [ FC3C23BB45F99D303474579B6D5978DD ] \Device\Harddisk0\DR0\Partition2
21:03:44.0050 4960 \Device\Harddisk0\DR0\Partition2 - ok
21:03:44.0081 4960 [ A57F606BDFA7962A1AA73E341876E3FF ] \Device\Harddisk0\DR0\Partition3
21:03:44.0081 4960 \Device\Harddisk0\DR0\Partition3 - ok
21:03:44.0081 4960 ============================================================
21:03:44.0081 4960 Scan finished
21:03:44.0081 4960 ============================================================
21:03:44.0096 7116 Detected object count: 1
21:03:44.0096 7116 Actual detected object count: 1
21:04:15.0811 7116 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
21:04:15.0811 7116 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:04:21.0724 1960 Deinitialize success

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#25 Příspěvek od Márty84 »

:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#26 Příspěvek od Moody.01 »

Combofix spustím až v pátek odpoledne. Posledně sken trval přes hodinu a teď na to opravdu není čas, ntb potřebuju do školy. ;)

Budu sledovat stav a pak dám vědět i s logem. Zatím to vypadá tak, že někdy pracuje v pořádku a někdy zpomaleně.

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#27 Příspěvek od Márty84 »

OK :) Uvidime, jestli neco vystoura. Tak at se dari a v patek se tesim na dalsi spolupraci :wink:
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#28 Příspěvek od Moody.01 »

Jsem překvapena, skan trval asi 15 minut :)
Tady je výsledek


ComboFix 13-01-11.02 - H 12.01.2013 12:51:56.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3685.2050 [GMT 1:00]
Spuštěný z: c:\users\H\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\SysWow64\user32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\user32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-12 do 2013-01-12 )))))))))))))))))))))))))))))))
.
.
2013-01-12 11:58 . 2013-01-12 11:58 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-12 11:58 . 2013-01-12 11:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-11 08:05 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D31E9641-8B1C-4B19-A673-9AF1430E5DA4}\mpengine.dll
2013-01-09 08:05 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-09 08:04 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 08:04 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 08:04 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 08:04 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 08:04 . 2012-11-22 05:44 800768 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 08:04 . 2012-11-22 04:45 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 08:04 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 08:04 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 08:03 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 08:03 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-08 15:39 . 2013-01-08 15:39 -------- d-----w- c:\program files\Defraggler
2013-01-06 18:24 . 2013-01-06 18:25 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2013-01-06 13:59 . 2013-01-06 13:59 -------- d-----w- c:\users\H\AppData\Roaming\Malwarebytes
2013-01-06 13:58 . 2013-01-06 13:58 -------- d-----w- c:\programdata\Malwarebytes
2012-12-29 18:10 . 2013-01-12 09:36 -------- d-----w- c:\users\H\AppData\Local\VMware
2012-12-29 18:10 . 2013-01-12 09:34 -------- d-----w- c:\users\H\AppData\Roaming\VMware
2012-12-29 18:04 . 2012-10-24 13:17 67224 ----a-w- c:\windows\system32\vsocklib.dll
2012-12-29 18:04 . 2012-10-24 13:17 70296 ----a-w- c:\windows\system32\drivers\vsock.sys
2012-12-29 18:04 . 2012-10-24 13:17 63128 ----a-w- c:\windows\SysWow64\vsocklib.dll
2012-12-29 18:04 . 2012-11-01 01:34 67224 ----a-w- c:\windows\system32\drivers\vmx86.sys
2012-12-29 18:04 . 2012-11-01 01:34 32920 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2012-12-29 18:03 . 2012-11-01 01:35 357016 ----a-w- c:\windows\SysWow64\vmnetdhcp.exe
2012-12-29 18:03 . 2012-11-01 01:34 435864 ----a-w- c:\windows\SysWow64\vmnat.exe
2012-12-29 18:03 . 2012-11-01 01:34 30360 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-12-29 18:03 . 2012-11-01 01:35 933528 ----a-w- c:\windows\system32\vnetlib64.dll
2012-12-29 18:03 . 2012-10-11 16:15 52376 ----a-w- c:\windows\system32\drivers\hcmon.sys
2012-12-29 18:03 . 2012-12-29 18:03 -------- d-----w- c:\program files\Common Files\VMware
2012-12-29 18:02 . 2013-01-12 11:59 -------- d-----w- c:\programdata\VMware
2012-12-29 18:02 . 2012-12-29 18:02 -------- d-----w- c:\program files (x86)\VMware
2012-12-29 18:02 . 2012-12-29 18:02 -------- d-----w- c:\program files (x86)\Common Files\VMware
2012-12-29 16:21 . 2012-12-29 16:21 -------- d-----w- c:\users\H\VirtualBox VMs
2012-12-29 13:14 . 2012-12-19 13:48 237992 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-12-29 13:13 . 2012-12-19 13:47 120232 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-12-21 10:03 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 10:03 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 10:03 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 10:03 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-19 13:47 . 2012-12-19 13:47 132008 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-12-16 18:17 . 2013-01-05 15:46 -------- d-----w- c:\users\H\AppData\Roaming\Skype
2012-12-16 18:17 . 2012-12-17 14:02 -------- d-----r- c:\program files (x86)\Skype
2012-12-16 18:17 . 2012-12-16 18:17 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-12-16 18:17 . 2012-12-17 14:02 -------- d-----w- c:\programdata\Skype
2012-12-16 13:24 . 2012-12-16 13:24 53248 ----a-r- c:\users\H\AppData\Roaming\Microsoft\Installer\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}\ARPPRODUCTICON.exe
2012-12-13 19:04 . 2012-12-13 19:04 -------- d-----w- c:\program files (x86)\CodeBlocks
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 12:39 . 2012-09-04 20:01 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-31 11:20 . 2012-09-04 20:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-31 11:20 . 2012-09-04 20:18 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 13:44 . 2012-10-04 10:29 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 13:44 . 2012-10-04 10:29 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-11-30 04:45 . 2013-01-09 08:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-12 15:35 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 15:35 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 15:35 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 15:35 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 15:35 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 15:35 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 15:35 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 15:35 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 15:35 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 15:35 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 15:35 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 15:35 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 15:35 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 15:35 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 15:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 15:35 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 15:35 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 15:35 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 15:35 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 15:35 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 15:35 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 15:35 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 09:30 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 09:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:59 . 2012-12-12 09:30 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-12 09:30 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-11-01 01:34 . 2012-11-01 01:34 62104 ----a-w- c:\windows\system32\vmnetbridge.dll
2012-11-01 01:34 . 2012-11-01 01:34 45720 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2012-11-01 01:34 . 2012-11-01 01:34 48792 ----a-w- c:\windows\system32\vnetinst.dll
2012-11-01 01:34 . 2012-11-01 01:34 24216 ----a-w- c:\windows\system32\drivers\vmnet.sys
2012-11-01 01:34 . 2012-11-01 01:34 20120 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2012-11-01 00:02 . 2012-11-01 00:02 353280 ----a-w- c:\windows\SysWow64\vmnc.dll
2012-10-24 13:17 . 2012-10-24 13:17 85104 ----a-w- c:\windows\system32\drivers\vmci.sys
2012-10-16 08:38 . 2012-11-28 10:20 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 10:20 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 10:20 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-05 01:08 . 2012-09-05 01:08 3993600 ----a-w- c:\program files (x86)\GUT3FAF.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrayStatus"="c:\program files (x86)\TrayStatus\TrayStatus.exe" [2011-05-18 283032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-03-06 133400]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-15 5941344]
"Fastboot"="c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" [2012-01-17 1091376]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-04-13 291608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [2012-05-29 144992]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-02-26 2669840]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-03-27 1304912]
R3 Fastboot;Fastboot;c:\windows\system32\DRIVERS\Fastboot.sys [2012-01-17 70416]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-12-21 34200]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;c:\windows\system32\DRIVERS\libusb0.sys [2012-01-16 44480]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-05-15 1662560]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-05-15 1665120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-12-19 132008]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-04 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-04-13 19224]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-12-29 25416]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2012-10-24 85104]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2012-10-24 70296]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [2012-03-26 33344]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-03-27 1014096]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-03-27 1104208]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe [2010-12-17 198784]
S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [2012-01-17 169776]
S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2012-08-09 328552]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-06 128280]
S2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [2012-04-23 46816]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-06 163608]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2012-10-10 58248]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-10-10 61320]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [2012-10-10 187784]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [2012-08-10 136288]
S2 SAService;Conexant SmartAudio service;c:\windows\system32\SAsrv.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-12-29 144960]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-06 363800]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-04-19 84080]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
S2 X5XSEx;X5XSEx;c:\program files (x86)\Free Ride Games\X5XSEx.Sys [2010-11-22 55400]
S3 5U877;5U877;c:\windows\system32\DRIVERS\5U877.sys [2012-03-28 216704]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-06-21 331264]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-04-13 356632]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-04-13 789272]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-12-21 25496]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-06-19 27448]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2011-05-29 40248]
S3 tvtvcamd;Camera Plus (VGA Resolution Maximum);c:\windows\system32\DRIVERS\tvtvcamd.sys [2011-12-08 27432]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-06-25 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-06-25 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-06-25 440128]
"TpShocks"="TpShocks.exe" [2012-09-20 228744]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-10-10 293256]
"ForteConfig"="c:\program files\Conexant\ForteConfig\fmapp.exe" [2010-10-26 49056]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 62.129.50.20 85.135.32.100
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\SysWOW64\SAsrv.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\progra~1\Lenovo\HOTKEY\TPONSCR.EXE
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Lenovo\message center plus\mcplaunch.exe
.
**************************************************************************
.
Celkový čas: 2013-01-12 13:04:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-12 12:04
.
Před spuštěním: Volných bajtů: 398 105 845 760
Po spuštění: Volných bajtů: 397 707 988 992
.
- - End Of File - - 176AE70CB85613A234DDCF076FE54F28

Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu

#29 Příspěvek od Márty84 »

A jeste si dame jeden sken, ten bude asi delsi nez CF :)


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).

Moody.01
Návštěvník
Návštěvník
Příspěvky: 139
Registrován: 20 dub 2009 19:13

Re: Prosím o kontrolu

#30 Příspěvek od Moody.01 »

OTL Extras logfile created on: 12.1.2013 13:38:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\H\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,60 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 41,81% Memory free
7,20 Gb Paging File | 4,67 Gb Available in Paging File | 64,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,72 Gb Total Space | 370,45 Gb Free Space | 82,93% Space Free | Partition Type: NTFS
Drive Q: | 17,58 Gb Total Space | 5,54 Gb Free Space | 31,54% Space Free | Partition Type: NTFS

Computer Name: H-THINK | User Name: H | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

[HKEY_USERS\S-1-5-21-845454821-494916229-2911593134-1000\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DAC1F82-3DB2-4DCD-B0A1-288F29DDFEE3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1CBD0A37-0753-42A5-A771-A70C3CE71656}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1D8B96C5-2AB5-4332-9D2F-48A7EDFE0701}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{377436E4-2791-4417-A254-776542992CB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{3A780A6D-ED1C-408A-9912-49B96E38C3CB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F6B9049-DDA2-4EA5-951C-1CCE33312582}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43673A8B-FEAC-4DDA-87DA-65A601BA230C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4ABD07DC-F6FB-47CF-B9A9-494753D3815E}" = lport=138 | protocol=17 | dir=in | app=system |
"{5A97ABA1-20FB-4D8D-AAB3-4BDA5B12B611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62ABF5F7-0AE3-449F-8FD8-79DEDF189425}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6CD60448-68AB-4C01-961C-6333C68D9AE7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6CE8C290-13CB-4DDA-8E8D-78A3C17BBB40}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F141DE4-4B94-4297-8C14-218E56C6EDAF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{78015F8B-E9B8-442F-A50F-59CEF92A493D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FE798DB-BFED-4325-9784-4402DEF14B23}" = lport=137 | protocol=17 | dir=in | app=system |
"{85AFB727-8FD7-4A3E-9D1C-95AD3CFDB6EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8705999F-1967-4188-8828-E7F67DE54E8D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{9D1278D6-3043-42C6-BB1F-DDB03886177C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A3E5B0B5-1B5E-4C51-9D8A-E20890E7005B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6CCAAE2-50F7-4BA3-B345-2BFF1623543D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ABD192D9-3FBF-4F8A-B489-01D8D215C48C}" = lport=139 | protocol=6 | dir=in | app=system |
"{C26F6D15-872E-4452-81BC-C905AE5EA518}" = rport=138 | protocol=17 | dir=out | app=system |
"{D385C0A8-6823-4C0E-B488-EAD2AD9B4AD3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D4121FD9-2010-4DF3-9541-6136C59B2D7E}" = lport=445 | protocol=6 | dir=in | app=system |
"{E1B3DF04-584F-4F0C-810C-0A9C11212E3D}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{128E1324-57A0-46FE-9CC1-1BF376989B71}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1C2C30FF-910A-4CEE-9065-E42D300382D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20BA5021-BCB2-4F80-BABA-9BC82D24F83A}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{27BC7622-6E0F-40A8-B1DC-159F2A9EBAA0}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2CE1E32E-64AA-4074-A885-8ADEC5F6D2D2}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{2FE40675-63C4-4E92-A8A3-86B44E683455}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{45331CB2-0004-45B3-AE28-4DD968713765}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46F047B9-16A7-4095-8C64-BBC3BE251C76}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{49ABA068-5A82-487B-A3B1-C78C60A28210}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{583A7E3B-500E-4FBF-9428-A2D34881AA4B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{59FCC8E4-0407-4919-8584-CDDF82A1ECBB}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{5BDB0D88-3E64-4DEB-AEBA-E64DB9D9CA90}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{62178231-BF1A-423E-8F41-74082EE17631}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{642668D8-2F5C-45F2-97A6-A806452649A4}" = protocol=17 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{65924998-1C32-4423-A848-D4A5584070A6}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{6B72212E-C1E3-45B0-9A84-B071501C0735}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{725C873B-0160-44F2-A724-24A8B675B79C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8445CC54-1FDB-406D-A2BE-9BB092A0EFEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{86EF763E-A6F3-48AB-A4BE-01B0D5EC1CA1}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{917251FD-E836-4F63-9747-056C3D1B2E13}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9A3623AA-A611-42CA-94EF-B21A090DE992}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{9DA12592-5545-4D1B-B264-78AD5FCE95FD}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{A0092822-0726-4329-8628-55A4D03BDAD7}" = protocol=6 | dir=in | app=c:\program files (x86)\lenovo\system update\uncserver.exe |
"{AC34A4FF-DAD1-4912-93A8-723A294B5540}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AE00834F-70D4-4F20-85BA-64FDAFAC58A3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AF986B65-C331-4BE6-86EC-8F080CF41CFC}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{BB157B49-ADCB-400E-A643-79EC341509BD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C516B464-B33E-42B6-8715-596B2E56058E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C622E212-2EB4-4DE5-880A-DA052CE3B695}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CC2F7685-7653-4F35-BD39-979BC8050F68}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D04F50D9-5A20-484F-A5AF-832AB9384F5C}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{D088AD33-0BBD-495F-BF34-C5D8164C066E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{DB3E9416-278B-457F-A7AB-66D1BAFBB65F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0520FAE-A299-412E-8D60-4E3D25D7FA7C}" = protocol=6 | dir=out | app=system |
"{E1CC4525-1AF0-4026-B23C-CA30877DD2AE}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{E71256A5-1D0C-461E-98E1-446060CBDE9D}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F3DDF030-717C-46AB-93B1-25E7207F8DD3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3FD87F5-4DE0-41A1-9E94-63036CE5361F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F5239D5D-197E-4452-8550-C31EBA743C25}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"TCP Query User{0D3EADC6-8D4B-4D32-AC8A-C264FBF3A0FB}C:\windows\pixtran\pixnetsr.exe" = protocol=6 | dir=in | app=c:\windows\pixtran\pixnetsr.exe |
"TCP Query User{B3579C58-F0CA-416C-82F2-951EF852BF08}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"TCP Query User{D6561AC5-4C8E-4D74-845E-D3B694BAF49A}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"TCP Query User{F321FACC-C2E5-4D30-BFD8-C5C33DFB0374}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"UDP Query User{03FB5FD0-4FF5-4971-8D8C-B58700846363}C:\windows\pixtran\pixnetsr.exe" = protocol=17 | dir=in | app=c:\windows\pixtran\pixnetsr.exe |
"UDP Query User{838FBFFA-8ABF-4169-89E8-A036F613263B}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"UDP Query User{EE31FE34-22A4-4678-89E4-2AA566330815}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{FC20FE97-644C-4C71-9DE2-1B28547032B9}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0369F866-2CE0-4EB9-B426-88FA122C6E82}" = Lenovo Patch Utility 64 bit
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{3015F546-6C3E-4E6A-B564-BCDF88C0BA2A}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{3849486C-FF09-4F5D-B491-3E179D58EE15}" = Message Center Plus
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5E2652DF-743F-482B-A593-C95F431A5769}" = RapidBoot Shield
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{79AB31DF-83A6-4D49-A70E-C4CA114B0605}" = Lenovo Solution Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}" = Lenovo Patch Utility 64 bit
"{BF601122-9F0A-41A9-BA06-3158D9FB4B80}" = Lenovo SimpleTap
"{C5BB9380-D729-410A-A440-061EBCADCCB9}" = Fingerprint Reader
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"64A62163FE43328D13305746CB8BCC93F2DF6545" = Windows Driver Package - Intel (iaStor) hdc (11/29/2011 11.0.0.1032)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Defraggler" = Defraggler
"FD2ED46D31CE7DF190049D079E92DE03D347A634" = Windows Driver Package - Lenovo 1.65.05.21 (01/11/2012 1.65.05.21)
"GIMP-2_is1" = GIMP 2.8.2
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"OnScreenDisplay" = On Screen Display
"Power Management Driver" = Lenovo Power Management Driver
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{13F59938-C595-479C-B479-F171AB9AF64F}" = Lenovo User Guide
"{16551913-D97B-4E8A-B751-44CBDC99CF5C}" = HPScanjet5590Corporate11
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25C64847-B900-48AD-A164-1B4F9B774650}" = Lenovo System Update
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}" = Lenovo Welcome
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40F4FF7A-B214-4453-B973-080B09CED019}" = Absolute Reminder
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}" = Create Recovery Media
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5B5DEF99-85E9-423D-A1A3-B83202697B09}" = Lenovo Solutions for Small Business Customizations
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3}" = Intel(R) Update Manager
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6707C034-ED6B-4B6A-B21F-969B3606FBDE}" = Lenovo Registration
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6893A16A-4B92-4F4F-A709-AD8A4C08DDF9}_is1" = Keepinhead 1.4.7
"{6A6D86CD-B004-46b7-8951-7BB75A776F8C}" = Lenovo Solutions for Small Business
"{6E6E7725-C7BC-4C39-8B3F-14B67331A120}" = Lenovo Patch Utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93F34C5C-ACAA-48F3-9B26-70359A117F12}" = Intel(R) WiDi
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78800AF-1779-4AE8-8EBE-16E1BE727C71}" = Integrated Camera Driver Installer Package Ver.1.2.1.18
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.5)
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C70C90D2-D197-40E9-B712-6828BDA5F74A}" = PdfMerge
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}" = Power Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E8D46836-CD55-453C-A107-A59EC51CB8DC}" = VIP Access
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{F7E16161-28CB-4619-B327-BE3FE7A61B9A}_is1" = eXtreme Burner - AVR v1.0
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}" = Lenovo Warranty Information
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"ACDLabs in C__ACDFREE12_" = ACD/Labs Software in C:\ACDFREE12\
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"CanoScan Toolbox 5.0" = Canon CanoScan Toolbox 5.0
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.0.5
"d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1" = TrayStatus 1.2.3
"DesetiPrsty" = DesetiPrsty 4.42
"Fastboot" = RapidBoot HDD Accelerator
"FormatFactory" = FormatFactory 2.95
"GeoGebra" = GeoGebra
"Graph_is1" = Graph 4.4
"HD Tune_is1" = HD Tune 2.55
"HP Commercial Scanjet 5590 TWAIN Driver" = HP Commercial Scanjet 5590 TWAIN Driver
"Intel AppUp(SM) center 33057" = Intel AppUp(SM) center
"IrfanView" = IrfanView (remove only)
"Opera 12.12.1707" = Opera 12.12
"ProfiCAD_is1" = ProfiCAD 6.7
"PSPad editor_is1" = PSPad editor
"Scan Tailor" = Scan Tailor
"SugarSync" = SugarSync Manager
"VLC media player" = VLC media player 2.0.3
"VMware_Player" = VMware Player
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-845454821-494916229-2911593134-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.11.2012 17:07:33 | Computer Name = H-THINK | Source = WinMgmt | ID = 10
Description =

Error - 6.11.2012 0:47:00 | Computer Name = H-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a262d Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17932,
časové razítko: 0x503285c2 Kód výjimky: 0xc06d007e Posun chyby: 0x000000000000caed
ID
chybujícího procesu: 0xb80 Čas spuštění chybující aplikace: 0x01cdbbd9b961150a Cesta
k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 001b8902-27cd-11e2-a4d7-685d43deee77

Error - 6.11.2012 0:47:15 | Computer Name = H-THINK | Source = WinMgmt | ID = 10
Description =

Error - 6.11.2012 11:38:56 | Computer Name = H-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a262d Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17932,
časové razítko: 0x503285c2 Kód výjimky: 0xc06d007e Posun chyby: 0x000000000000caed
ID
chybujícího procesu: 0x688 Čas spuštění chybující aplikace: 0x01cdbc34cbab1448 Cesta
k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 12afe61c-2828-11e2-8abd-685d43deee77

Error - 6.11.2012 11:39:07 | Computer Name = H-THINK | Source = WinMgmt | ID = 10
Description =

Error - 7.11.2012 3:24:52 | Computer Name = H-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a262d Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17932,
časové razítko: 0x503285c2 Kód výjimky: 0xc06d007e Posun chyby: 0x000000000000caed
ID
chybujícího procesu: 0xa34 Čas spuštění chybující aplikace: 0x01cdbcb8f0e773f2 Cesta
k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 37ddee39-28ac-11e2-82cc-685d43deee77

Error - 7.11.2012 3:25:34 | Computer Name = H-THINK | Source = WinMgmt | ID = 10
Description =

Error - 7.11.2012 6:16:32 | Computer Name = H-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: devmonsrv.exe, verze: 2.0.0.130, časové
razítko: 0x4ed75c43 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové
razítko: 0x4ec49b8f Kód výjimky: 0xc0000005 Posun chyby: 0x00033760 ID chybujícího
procesu: 0x7dc Čas spuštění chybující aplikace: 0x01cdbcb8eec18381 Cesta k chybující
aplikaci: C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe Cesta k chybujícímu
modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: 3337575d-28c4-11e2-82cc-9628e0421180

Error - 7.11.2012 10:16:05 | Computer Name = H-THINK | Source = Application Error | ID = 1000
Description = Název chybující aplikace: ZeroConfigService.exe, verze: 15.1.0.2,
časové razítko: 0x4f4a262d Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17932,
časové razítko: 0x503285c2 Kód výjimky: 0xc06d007e Posun chyby: 0x000000000000caed
ID
chybujícího procesu: 0xb8c Čas spuštění chybující aplikace: 0x01cdbcf263798743 Cesta
k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: aa3c19ef-28e5-11e2-9a34-685d43deee77

Error - 7.11.2012 10:16:23 | Computer Name = H-THINK | Source = WinMgmt | ID = 10
Description =

[ Lenovo-Message Center Plus/Admin Events ]
Error - 28.12.2012 18:07:32 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 3.1.2013 17:42:34 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 3.1.2013 17:42:36 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 3.1.2013 17:42:38 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 5.1.2013 17:18:03 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 5.1.2013 17:18:06 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 5.1.2013 17:18:08 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 9.1.2013 6:28:48 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 9.1.2013 6:29:02 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

Error - 9.1.2013 6:29:16 | Computer Name = H-THINK | Source = Lenovo-Message Center Plus/Admin | ID = 2
Description = Message = Není znám žádný takový hostitel -> Exception message: Není
znám žádný takový hostitel

[ System Events ]
Error - 11.1.2013 2:35:46 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Bluetooth Device Monitor byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 11.1.2013 8:43:59 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 11.1.2013 12:31:17 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 12.1.2013 5:12:04 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 12.1.2013 6:45:36 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 12.1.2013 7:54:24 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 12.1.2013 7:58:16 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 12.1.2013 7:59:46 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.

Error - 12.1.2013 8:01:46 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7000
Description = Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 12.1.2013 8:05:56 | Computer Name = H-THINK | Source = Service Control Manager | ID = 7034
Description = Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně
ukončena. Tento stav nastal již 1krát.


< End of report >

Zamčeno