Zdravim, moc rad bych vas poprosil o kontrolu logu strasil mi tu policie cr...snad jsem se ho uz uspesne zbavil ale rad bych pro jistotu poprosil o kontrolu logu diky moc:)
Logfile of random's system information tool 1.09 (written by random/random)
Run by Wraithik at 2013-05-01 17:03:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 28 GB (9%) free of 294 GB
Total RAM: 3037 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:05:36, on 1.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal
Running processes:
C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\VMware\VMware Player\hqtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Users\Wraithik\Downloads\RSIT.exe
C:\Program Files\trend micro\Wraithik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Password Manager Browser Helper Object - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: OpenVPN Client.lnk = C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\uiboot.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: Lenovo Password Manager... - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6BA530D8-94B2-49E0-AC55-70899582FE1F} (CV781Object Object) - http://80.82.145.35/AV718.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: OpenVPN Access Client (OpenVPNAccessClient) - Unknown owner - C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\app\Wraithik\product\11.2.0\client_1\bin\omtsreco.exe
O23 - Service: PandoraService (PanService) - Unknown owner - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
--
End of file - 14928 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Wraithik\AppData\Roaming\Mozilla\Firefox\Profiles\aafho0dz.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Wraithik\AppData\Roaming\Mozilla\Firefox\Profiles\aafho0dz.default\extensions\
toolbar@ask.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-21 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}]
IePasswordManagerHelper Class - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [2009-08-27 763192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-02-02 1527944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-21 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-02-02 1527944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-02-25 8522272]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
""= []
"TpShocks"=C:\Windows\system32\TpShocks.exe [2009-12-11 337256]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2009-10-14 36864]
"cssauth"=C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-27 3089720]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-04-23 1725736]
"VMware hqtray"=C:\Program Files\VMware\VMware Player\hqtray.exe [2009-10-22 64048]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-08-08 348664]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011-12-15 527312]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2013-02-02 1718920]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-07-03 3524536]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-07-03 21432]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2012-07-03 975288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
OpenVPN Client.lnk - C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\uiboot.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2009-08-18 100104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ACGina
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.VMnc"=vmnc.dll
"msacm.lhacm"=lhacm.acm
"vidc.XVID"=xvidvfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-05-01 11:03:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-05-01 11:03:13 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-05-01 11:00:52 ----A---- C:\TDSSKiller.2.8.16.0_01.05.2013_11.00.52_log.txt
2013-04-26 11:30:49 ----A---- C:\ProgramData\as98213.txt
2013-04-23 20:44:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-12 13:42:55 ----D---- C:\Program Files\Mozilla Firefox
2013-04-11 03:03:30 ----A---- C:\Windows\system32\vbscript.dll
2013-04-11 03:03:30 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-11 03:03:30 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-11 03:03:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-11 03:03:29 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-11 03:03:29 ----A---- C:\Windows\system32\ieui.dll
2013-04-11 03:03:28 ----A---- C:\Windows\system32\wininet.dll
2013-04-11 03:03:28 ----A---- C:\Windows\system32\url.dll
2013-04-11 03:03:28 ----A---- C:\Windows\system32\jscript9.dll
2013-04-11 03:03:28 ----A---- C:\Windows\system32\jscript.dll
2013-04-11 03:03:28 ----A---- C:\Windows\system32\iertutil.dll
2013-04-11 03:03:27 ----A---- C:\Windows\system32\urlmon.dll
2013-04-11 03:03:25 ----A---- C:\Windows\system32\mshtml.dll
2013-04-11 03:03:25 ----A---- C:\Windows\system32\ieframe.dll
2013-04-10 11:43:30 ----A---- C:\Windows\system32\mstscax.dll
2013-04-10 11:43:29 ----A---- C:\Windows\system32\tsgqec.dll
2013-04-10 11:43:29 ----A---- C:\Windows\system32\aaclient.dll
2013-04-10 11:43:26 ----A---- C:\Windows\system32\win32k.sys
2013-04-10 11:43:25 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-10 11:43:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-10 11:43:22 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-04-10 11:43:21 ----A---- C:\Windows\system32\smss.exe
2013-04-10 11:43:21 ----A---- C:\Windows\system32\csrsrv.dll
======List of files/folders modified in the last 1 month======
2013-05-01 17:04:26 ----D---- C:\Windows\Temp
2013-05-01 17:03:44 ----D---- C:\Program Files\trend micro
2013-05-01 16:59:31 ----D---- C:\Windows\Prefetch
2013-05-01 16:58:08 ----SHD---- C:\System Volume Information
2013-05-01 16:56:51 ----D---- C:\Windows\system32\config
2013-05-01 16:56:33 ----D---- C:\ProgramData\VMware
2013-05-01 16:54:46 ----RD---- C:\Program Files
2013-05-01 16:51:36 ----A---- C:\Windows\ntbtlog.txt
2013-05-01 16:51:13 ----D---- C:\Windows\system32\drivers
2013-05-01 16:51:13 ----D---- C:\ProgramData
2013-05-01 16:46:51 ----D---- C:\Windows\Tasks
2013-04-26 11:33:49 ----SHD---- C:\Windows\Installer
2013-04-26 11:33:48 ----D---- C:\Program Files\Ask.com
2013-04-26 11:33:47 ----D---- C:\Windows\system32\Tasks
2013-04-26 11:33:44 ----SHD---- C:\Config.Msi
2013-04-24 10:13:16 ----D---- C:\Windows\winsxs
2013-04-23 20:39:04 ----D---- C:\Windows\system32\catroot2
2013-04-23 20:39:04 ----D---- C:\Windows\system32\catroot
2013-04-23 18:45:56 ----D---- C:\Program Files\InstallShield Installation Information
2013-04-23 18:43:53 ----D---- C:\Windows\System32
2013-04-20 13:32:57 ----D---- C:\Users\Wraithik\AppData\Roaming\TS3Client
2013-04-17 11:05:46 ----D---- C:\ProgramData\Adobe
2013-04-17 11:05:43 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-04-15 07:29:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-04-12 16:26:35 ----D---- C:\Windows\inf
2013-04-12 16:26:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-12 12:13:09 ----D---- C:\Users\Wraithik\AppData\Roaming\Skype
2013-04-12 12:12:58 ----D---- C:\Users\Wraithik\AppData\Roaming\skypePM
2013-04-11 18:40:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-04-11 08:55:33 ----D---- C:\Windows\system32\migration
2013-04-11 08:55:33 ----D---- C:\Program Files\Internet Explorer
2013-04-11 03:00:32 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2009-10-09 120360]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-11-22 428088]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2009-10-09 20520]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-05-08 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2010-09-07 13680]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2011-05-10 13424]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-05-08 83392]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2009-10-22 32304]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-14 12560]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2009-10-22 70704]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2009-10-22 36400]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2009-10-22 26288]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2009-10-22 853936]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 4994560]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2011-02-01 31984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-02-25 3026592]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-10-18 7122944]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-11-19 33088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-04-23 244784]
R3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2010-08-03 26112]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2009-10-22 23216]
S2 MCUSBICD2;Microchip MPLAB ICD 2 Firmware Client Driver (ICD2W2K.SYS); C:\Windows\System32\Drivers\icd2w2k.sys [2004-03-22 12427]
S2 MCUSBICD2LDR;Microchip MPLAB ICD 2 Firmware Loader Driver (ICD2W2KL.SYS); C:\Windows\System32\Drivers\icd2w2kl.sys [2004-03-22 16556]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock.sys [2011-12-15 87976]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-05-21 80824]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\Wraithik\AppData\Local\Temp\CHQ7973.tmp [2011-01-21 25616]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Users\Wraithik\games\Garena\safedrv.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-08-18 20848]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-01-27 183584]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-05-21 181432]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2009-10-22 16560]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-10-01 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-10-01 242976]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 176128]
R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-08 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-10-19 866576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2011-02-01 38760]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2011-04-04 45496]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 OpenVPNAccessClient;OpenVPN Access Client; C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe [2010-08-12 24064]
R2 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\app\Wraithik\product\11.2.0\client_1\bin\omtsreco.exe [2011-09-29 69632]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-10-18 75136]
R2 PwmEWSvc;Cisco EnergyWise Enabler; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [2011-05-10 148840]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 477456]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 SUService;System Update; C:\Program Files\Lenovo\System Update\SUService.exe [2011-04-18 28672]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-27 1021240]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-04-20 130920]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2011-03-29 64952]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Player\vmware-authd.exe [2009-10-22 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2009-10-22 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2009-10-22 395824]
R3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2010-07-06 1475896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-08 654848]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-12 115608]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-25 29263712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2011-05-10 83304]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-04-06 489256]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-10-09 39976]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [2009-10-12 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu/policie CR
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu/policie CR
Kontroloval jsem to vsim moznym co me napadlo...zas az tak dobre se v tom neorientuju co je na co...
log je tady:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.05.01.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Wraithik :: WRAITHIK-THINK [administrátor]
1.5.2013 11:04:22
mbam-log-2013-05-01 (11-04-22).txt
Typ: Kompletní kontrola (C:\|Q:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 651077
Uplynulý čas: 4 hodin, 22 minut, 6 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 5
C:\Users\Wraithik\4923872.dll (Trojan.FakeMS) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Wraithik\A2k.rar (Trojan.Downloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Wraithik\Desktop\RK_Quarantine\7h9v.dat.vir (Trojan.FakeMS) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\7h9v.dat (Trojan.FakeMS) -> Bude smazán při restartu.
C:\ProgramData\rundll32.exe (Trojan.Agent.Gen) -> Přesun do karantény a smazání se zdařilo.
(konec)
restrat potom probehl tak typuju ze smazani se taky zdarilo u toho 4teho souboru:)
log je tady:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.05.01.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Wraithik :: WRAITHIK-THINK [administrátor]
1.5.2013 11:04:22
mbam-log-2013-05-01 (11-04-22).txt
Typ: Kompletní kontrola (C:\|Q:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 651077
Uplynulý čas: 4 hodin, 22 minut, 6 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 5
C:\Users\Wraithik\4923872.dll (Trojan.FakeMS) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Wraithik\A2k.rar (Trojan.Downloader) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Wraithik\Desktop\RK_Quarantine\7h9v.dat.vir (Trojan.FakeMS) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\7h9v.dat (Trojan.FakeMS) -> Bude smazán při restartu.
C:\ProgramData\rundll32.exe (Trojan.Agent.Gen) -> Přesun do karantény a smazání se zdařilo.
(konec)
restrat potom probehl tak typuju ze smazani se taky zdarilo u toho 4teho souboru:)
Re: Kontrola logu/policie CR
Umazat co sem nemel bych nemel...koukal jsem na netu co to chce mazat:))
RK:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Wraithik [Práva správce]
Mód : Kontrola -- Datum : 05/01/2013 10:44:42
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ctfmon.exe (C:\PROGRA~2\rundll32.exe C:\PROGRA~2\7h9v.dat,FG00) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3784140242-497870803-4155826066-1004[...]\Run : ctfmon.exe (C:\PROGRA~2\rundll32.exe C:\PROGRA~2\7h9v.dat,FG00) [7] -> NALEZENO
[STARTUP][BLACKLISTDLL] msconfig.lnk @Wraithik : C:\Windows\System32\rundll32.exe|C:\PROGRA~2\7h9v.dat,FG00 -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet001\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NALEZENO
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet002\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8387513D -> HOOKED (Unknown @ 0x8F6538C6)
SSDT[299] : NtRequestWaitReplyPort @ 0x8388FB22 -> HOOKED (Unknown @ 0x8F6538D0)
SSDT[316] : NtSetContextThread @ 0x8392F851 -> HOOKED (Unknown @ 0x8F6538CB)
SSDT[347] : NtSetSecurityObject @ 0x838537F7 -> HOOKED (Unknown @ 0x8F6538D5)
SSDT[368] : NtSystemDebugControl @ 0x838D77D2 -> HOOKED (Unknown @ 0x8F6538DA)
SSDT[370] : NtTerminateProcess @ 0x838ACD86 -> HOOKED (Unknown @ 0x8F653867)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8F6538EE)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8F6538F3)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 57eb5ea821589e114384111ab55048c6
[BSP] a7127064bc0cde9f5508e9e0d7afcdad : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_05012013_02d1044.txt >>
RKreport[1]_S_05012013_02d1044.txt
RK:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Wraithik [Práva správce]
Mód : Odebrat -- Datum : 05/01/2013 10:48:04
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ctfmon.exe (C:\PROGRA~2\rundll32.exe C:\PROGRA~2\7h9v.dat,FG00) [7] -> VYMAZÁNO
[STARTUP][BLACKLISTDLL] msconfig.lnk @Wraithik : C:\Windows\System32\rundll32.exe|C:\PROGRA~2\7h9v.dat,FG00 -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet001\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NAHRAZENO (%SystemRoot%\system32\wbem\WMIsvc.dll)
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet002\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NAHRAZENO (%SystemRoot%\system32\wbem\WMIsvc.dll)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8387513D -> HOOKED (Unknown @ 0x8F6538C6)
SSDT[299] : NtRequestWaitReplyPort @ 0x8388FB22 -> HOOKED (Unknown @ 0x8F6538D0)
SSDT[316] : NtSetContextThread @ 0x8392F851 -> HOOKED (Unknown @ 0x8F6538CB)
SSDT[347] : NtSetSecurityObject @ 0x838537F7 -> HOOKED (Unknown @ 0x8F6538D5)
SSDT[368] : NtSystemDebugControl @ 0x838D77D2 -> HOOKED (Unknown @ 0x8F6538DA)
SSDT[370] : NtTerminateProcess @ 0x838ACD86 -> HOOKED (Unknown @ 0x8F653867)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8F6538EE)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8F6538F3)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 57eb5ea821589e114384111ab55048c6
[BSP] a7127064bc0cde9f5508e9e0d7afcdad : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[2]_D_05012013_02d1048.txt >>
RKreport[1]_S_05012013_02d1044.txt ; RKreport[2]_D_05012013_02d1048.txt
ten tds pokud se nepletu nenasel nic a netusim ted kde mam log:-D
RK:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Wraithik [Práva správce]
Mód : Kontrola -- Datum : 05/01/2013 10:44:42
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ctfmon.exe (C:\PROGRA~2\rundll32.exe C:\PROGRA~2\7h9v.dat,FG00) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-3784140242-497870803-4155826066-1004[...]\Run : ctfmon.exe (C:\PROGRA~2\rundll32.exe C:\PROGRA~2\7h9v.dat,FG00) [7] -> NALEZENO
[STARTUP][BLACKLISTDLL] msconfig.lnk @Wraithik : C:\Windows\System32\rundll32.exe|C:\PROGRA~2\7h9v.dat,FG00 -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet001\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NALEZENO
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet002\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8387513D -> HOOKED (Unknown @ 0x8F6538C6)
SSDT[299] : NtRequestWaitReplyPort @ 0x8388FB22 -> HOOKED (Unknown @ 0x8F6538D0)
SSDT[316] : NtSetContextThread @ 0x8392F851 -> HOOKED (Unknown @ 0x8F6538CB)
SSDT[347] : NtSetSecurityObject @ 0x838537F7 -> HOOKED (Unknown @ 0x8F6538D5)
SSDT[368] : NtSystemDebugControl @ 0x838D77D2 -> HOOKED (Unknown @ 0x8F6538DA)
SSDT[370] : NtTerminateProcess @ 0x838ACD86 -> HOOKED (Unknown @ 0x8F653867)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8F6538EE)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8F6538F3)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 57eb5ea821589e114384111ab55048c6
[BSP] a7127064bc0cde9f5508e9e0d7afcdad : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_05012013_02d1044.txt >>
RKreport[1]_S_05012013_02d1044.txt
RK:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Wraithik [Práva správce]
Mód : Odebrat -- Datum : 05/01/2013 10:48:04
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : ctfmon.exe (C:\PROGRA~2\rundll32.exe C:\PROGRA~2\7h9v.dat,FG00) [7] -> VYMAZÁNO
[STARTUP][BLACKLISTDLL] msconfig.lnk @Wraithik : C:\Windows\System32\rundll32.exe|C:\PROGRA~2\7h9v.dat,FG00 -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet001\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NAHRAZENO (%SystemRoot%\system32\wbem\WMIsvc.dll)
[HJ DLL][SUSP PATH] HKLM\[...]\ControlSet002\Services\winmgmt\Parameters : ServiceDll (C:\ProgramData\7h9v.dat) [-] -> NAHRAZENO (%SystemRoot%\system32\wbem\WMIsvc.dll)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8387513D -> HOOKED (Unknown @ 0x8F6538C6)
SSDT[299] : NtRequestWaitReplyPort @ 0x8388FB22 -> HOOKED (Unknown @ 0x8F6538D0)
SSDT[316] : NtSetContextThread @ 0x8392F851 -> HOOKED (Unknown @ 0x8F6538CB)
SSDT[347] : NtSetSecurityObject @ 0x838537F7 -> HOOKED (Unknown @ 0x8F6538D5)
SSDT[368] : NtSystemDebugControl @ 0x838D77D2 -> HOOKED (Unknown @ 0x8F6538DA)
SSDT[370] : NtTerminateProcess @ 0x838ACD86 -> HOOKED (Unknown @ 0x8F653867)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x8F6538EE)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x8F6538F3)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 57eb5ea821589e114384111ab55048c6
[BSP] a7127064bc0cde9f5508e9e0d7afcdad : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[2]_D_05012013_02d1048.txt >>
RKreport[1]_S_05012013_02d1044.txt ; RKreport[2]_D_05012013_02d1048.txt
ten tds pokud se nepletu nenasel nic a netusim ted kde mam log:-D
Re: Kontrola logu/policie CR
Heh a ja to hledal vsude mozne tohle me netrklo:)
11:00:52.0424 5944 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:00:52.0629 5944 ============================================================
11:00:52.0629 5944 Current date / time: 2013/05/01 11:00:52.0629
11:00:52.0629 5944 SystemInfo:
11:00:52.0629 5944
11:00:52.0630 5944 OS Version: 6.1.7601 ServicePack: 1.0
11:00:52.0630 5944 Product type: Workstation
11:00:52.0630 5944 ComputerName: WRAITHIK-THINK
11:00:52.0630 5944 UserName: Wraithik
11:00:52.0630 5944 Windows directory: C:\Windows
11:00:52.0630 5944 System windows directory: C:\Windows
11:00:52.0630 5944 Processor architecture: Intel x86
11:00:52.0630 5944 Number of processors: 2
11:00:52.0630 5944 Page size: 0x1000
11:00:52.0630 5944 Boot type: Normal boot
11:00:52.0630 5944 ============================================================
11:00:53.0497 5944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:00:53.0499 5944 ============================================================
11:00:53.0499 5944 \Device\Harddisk0\DR0:
11:00:53.0499 5944 MBR partitions:
11:00:53.0499 5944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
11:00:53.0499 5944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23E4D800
11:00:53.0499 5944 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
11:00:53.0499 5944 ============================================================
11:00:53.0530 5944 C: <-> \Device\Harddisk0\DR0\Partition2
11:00:53.0582 5944 Q: <-> \Device\Harddisk0\DR0\Partition3
11:00:53.0582 5944 ============================================================
11:00:53.0582 5944 Initialize success
11:00:53.0582 5944 ============================================================
11:00:56.0079 3436 ============================================================
11:00:56.0079 3436 Scan started
11:00:56.0079 3436 Mode: Manual;
11:00:56.0079 3436 ============================================================
11:00:56.0901 3436 ================ Scan system memory ========================
11:00:56.0901 3436 System memory - ok
11:00:56.0902 3436 ================ Scan services =============================
11:00:57.0173 3436 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:00:57.0175 3436 1394ohci - ok
11:00:57.0213 3436 [ D623AF0D0DB0F13D32CAE34D3F0DAD39 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
11:00:57.0215 3436 5U877 - ok
11:00:57.0244 3436 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:00:57.0247 3436 ACPI - ok
11:00:57.0277 3436 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:00:57.0277 3436 AcpiPmi - ok
11:00:57.0399 3436 [ BCAB739E5FEA28407076D757044A629F ] AcPrfMgrSvc C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
11:00:57.0400 3436 AcPrfMgrSvc - ok
11:00:57.0496 3436 [ 8C729FF9B5C47730EA54E841E2D8B617 ] acsock C:\Windows\system32\DRIVERS\acsock.sys
11:00:57.0497 3436 acsock - ok
11:00:57.0569 3436 [ D6DD4F1596C54AFA5C6CCAE6842F9E44 ] AcSvc C:\Program Files\Lenovo\Access Connections\AcSvc.exe
11:00:57.0571 3436 AcSvc - ok
11:00:57.0754 3436 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:00:57.0755 3436 AdobeARMservice - ok
11:00:57.0859 3436 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:00:57.0862 3436 adp94xx - ok
11:00:57.0896 3436 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:00:57.0898 3436 adpahci - ok
11:00:57.0957 3436 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:00:57.0958 3436 adpu320 - ok
11:00:57.0994 3436 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:00:57.0995 3436 AeLookupSvc - ok
11:00:58.0086 3436 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
11:00:58.0089 3436 AFD - ok
11:00:58.0160 3436 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:00:58.0161 3436 agp440 - ok
11:00:58.0201 3436 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:00:58.0203 3436 aic78xx - ok
11:00:58.0260 3436 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
11:00:58.0261 3436 ALG - ok
11:00:58.0317 3436 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
11:00:58.0318 3436 aliide - ok
11:00:58.0352 3436 [ C43A69DF2B4BA2368376C1E2B631F2B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:00:58.0354 3436 AMD External Events Utility - ok
11:00:58.0385 3436 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:00:58.0386 3436 amdagp - ok
11:00:58.0501 3436 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
11:00:58.0502 3436 amdide - ok
11:00:58.0562 3436 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:00:58.0562 3436 AmdK8 - ok
11:00:58.0579 3436 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:00:58.0580 3436 AmdPPM - ok
11:00:58.0614 3436 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:00:58.0615 3436 amdsata - ok
11:00:58.0627 3436 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:00:58.0628 3436 amdsbs - ok
11:00:58.0645 3436 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:00:58.0646 3436 amdxata - ok
11:00:58.0759 3436 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:00:58.0760 3436 AntiVirSchedulerService - ok
11:00:58.0844 3436 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:00:58.0845 3436 AntiVirService - ok
11:00:58.0927 3436 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
11:00:58.0928 3436 AppID - ok
11:00:58.0970 3436 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:00:58.0971 3436 AppIDSvc - ok
11:00:59.0022 3436 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
11:00:59.0023 3436 Appinfo - ok
11:00:59.0050 3436 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
11:00:59.0051 3436 AppMgmt - ok
11:00:59.0091 3436 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:00:59.0093 3436 arc - ok
11:00:59.0139 3436 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:00:59.0140 3436 arcsas - ok
11:00:59.0275 3436 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:00:59.0332 3436 aspnet_state - ok
11:00:59.0381 3436 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:00:59.0382 3436 AsyncMac - ok
11:00:59.0445 3436 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
11:00:59.0445 3436 atapi - ok
11:00:59.0745 3436 [ 6B70EB8E4AAF60598D61BCF8C41EACFB ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:00:59.0772 3436 atikmdag - ok
11:00:59.0844 3436 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:00:59.0849 3436 AudioEndpointBuilder - ok
11:00:59.0857 3436 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:00:59.0860 3436 Audiosrv - ok
11:00:59.0916 3436 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
11:00:59.0917 3436 avgntflt - ok
11:00:59.0954 3436 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
11:00:59.0955 3436 avipbb - ok
11:00:59.0986 3436 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
11:00:59.0987 3436 avkmgr - ok
11:01:00.0045 3436 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:01:00.0046 3436 AxInstSV - ok
11:01:00.0111 3436 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:01:00.0114 3436 b06bdrv - ok
11:01:00.0160 3436 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:01:00.0162 3436 b57nd60x - ok
11:01:00.0222 3436 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:01:00.0223 3436 BcmSqlStartupSvc - ok
11:01:00.0266 3436 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
11:01:00.0268 3436 BDESVC - ok
11:01:00.0314 3436 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
11:01:00.0315 3436 Beep - ok
11:01:00.0384 3436 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
11:01:00.0388 3436 BFE - ok
11:01:00.0447 3436 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
11:01:00.0454 3436 BITS - ok
11:01:00.0490 3436 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:01:00.0491 3436 blbdrive - ok
11:01:00.0613 3436 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:01:00.0615 3436 Bonjour Service - ok
11:01:00.0672 3436 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:01:00.0673 3436 bowser - ok
11:01:00.0686 3436 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:01:00.0687 3436 BrFiltLo - ok
11:01:00.0706 3436 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:01:00.0706 3436 BrFiltUp - ok
11:01:00.0756 3436 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
11:01:00.0757 3436 Browser - ok
11:01:00.0776 3436 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:01:00.0778 3436 Brserid - ok
11:01:00.0814 3436 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:01:00.0815 3436 BrSerWdm - ok
11:01:00.0859 3436 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:01:00.0859 3436 BrUsbMdm - ok
11:01:00.0876 3436 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:01:00.0877 3436 BrUsbSer - ok
11:01:00.0947 3436 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:01:00.0948 3436 BthEnum - ok
11:01:01.0006 3436 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:01:01.0007 3436 BTHMODEM - ok
11:01:01.0028 3436 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:01:01.0029 3436 BthPan - ok
11:01:01.0055 3436 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:01:01.0057 3436 BTHPORT - ok
11:01:01.0107 3436 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
11:01:01.0109 3436 bthserv - ok
11:01:01.0164 3436 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:01:01.0165 3436 BTHUSB - ok
11:01:01.0197 3436 [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:01:01.0199 3436 btwaudio - ok
11:01:01.0241 3436 [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
11:01:01.0243 3436 btwavdt - ok
11:01:01.0374 3436 [ F7434401AE320BB97903A3C1865242FB ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
11:01:01.0379 3436 btwdins - ok
11:01:01.0419 3436 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:01:01.0419 3436 btwl2cap - ok
11:01:01.0434 3436 [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:01:01.0435 3436 btwrchid - ok
11:01:01.0475 3436 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:01:01.0476 3436 cdfs - ok
11:01:01.0550 3436 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:01:01.0551 3436 cdrom - ok
11:01:01.0631 3436 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
11:01:01.0632 3436 CertPropSvc - ok
11:01:01.0650 3436 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:01:01.0651 3436 circlass - ok
11:01:01.0694 3436 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
11:01:01.0696 3436 CLFS - ok
11:01:01.0756 3436 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:01:01.0757 3436 clr_optimization_v2.0.50727_32 - ok
11:01:01.0838 3436 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:01:01.0881 3436 clr_optimization_v4.0.30319_32 - ok
11:01:01.0917 3436 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:01:01.0918 3436 CmBatt - ok
11:01:01.0935 3436 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:01:01.0936 3436 cmdide - ok
11:01:02.0005 3436 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
11:01:02.0007 3436 CNG - ok
11:01:02.0020 3436 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:01:02.0021 3436 Compbatt - ok
11:01:02.0091 3436 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:01:02.0091 3436 CompositeBus - ok
11:01:02.0134 3436 COMSysApp - ok
11:01:02.0151 3436 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:01:02.0151 3436 crcdisk - ok
11:01:02.0212 3436 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:01:02.0213 3436 CryptSvc - ok
11:01:02.0313 3436 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
11:01:02.0316 3436 CSC - ok
11:01:02.0361 3436 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
11:01:02.0366 3436 CscService - ok
11:01:02.0395 3436 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:01:02.0407 3436 DcomLaunch - ok
11:01:02.0440 3436 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
11:01:02.0442 3436 defragsvc - ok
11:01:02.0500 3436 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:01:02.0501 3436 DfsC - ok
11:01:02.0592 3436 [ F9F31A9F2A8C0DD0CEB6E380BF0985D4 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:01:02.0594 3436 dg_ssudbus - ok
11:01:02.0682 3436 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:01:02.0685 3436 Dhcp - ok
11:01:02.0708 3436 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
11:01:02.0709 3436 discache - ok
11:01:02.0734 3436 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:01:02.0735 3436 Disk - ok
11:01:02.0815 3436 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:01:02.0844 3436 Dnscache - ok
11:01:02.0907 3436 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
11:01:02.0909 3436 dot3svc - ok
11:01:02.0968 3436 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
11:01:02.0970 3436 DPS - ok
11:01:03.0005 3436 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:01:03.0006 3436 drmkaud - ok
11:01:03.0069 3436 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:01:03.0073 3436 DXGKrnl - ok
11:01:03.0121 3436 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
11:01:03.0123 3436 EapHost - ok
11:01:03.0264 3436 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:01:03.0281 3436 ebdrv - ok
11:01:03.0332 3436 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
11:01:03.0333 3436 EFS - ok
11:01:03.0421 3436 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:01:03.0425 3436 ehRecvr - ok
11:01:03.0476 3436 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
11:01:03.0477 3436 ehSched - ok
11:01:03.0528 3436 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:01:03.0531 3436 elxstor - ok
11:01:03.0585 3436 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:01:03.0586 3436 ErrDev - ok
11:01:03.0641 3436 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
11:01:03.0643 3436 EventSystem - ok
11:01:03.0796 3436 [ 33ABDDB21DE2F4BB1B05A5A3A671BD64 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:01:03.0802 3436 EvtEng - ok
11:01:03.0826 3436 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
11:01:03.0828 3436 exfat - ok
11:01:03.0848 3436 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:01:03.0849 3436 fastfat - ok
11:01:03.0921 3436 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
11:01:03.0925 3436 Fax - ok
11:01:03.0959 3436 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:01:03.0960 3436 fdc - ok
11:01:04.0035 3436 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
11:01:04.0036 3436 fdPHost - ok
11:01:04.0075 3436 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
11:01:04.0077 3436 FDResPub - ok
11:01:04.0089 3436 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:01:04.0090 3436 FileInfo - ok
11:01:04.0099 3436 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:01:04.0100 3436 Filetrace - ok
11:01:04.0203 3436 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:01:04.0207 3436 FLEXnet Licensing Service - ok
11:01:04.0243 3436 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:01:04.0244 3436 flpydisk - ok
11:01:04.0277 3436 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:01:04.0278 3436 FltMgr - ok
11:01:04.0385 3436 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
11:01:04.0395 3436 FontCache - ok
11:01:04.0444 3436 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:01:04.0445 3436 FontCache3.0.0.0 - ok
11:01:04.0480 3436 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:01:04.0480 3436 FsDepends - ok
11:01:04.0544 3436 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:01:04.0545 3436 Fs_Rec - ok
11:01:04.0607 3436 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:01:04.0608 3436 fvevol - ok
11:01:04.0637 3436 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:01:04.0638 3436 gagp30kx - ok
11:01:05.0278 3436 [ 97590BDD20E90546045982F6EA24EB1E ] GarenaPEngine C:\Users\Wraithik\AppData\Local\Temp\CHQ7973.tmp
11:01:05.0279 3436 GarenaPEngine - ok
11:01:05.0400 3436 GGSAFERDriver - ok
11:01:05.0586 3436 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
11:01:05.0654 3436 gpsvc - ok
11:01:05.0727 3436 [ 1F79859A8C1D7C14EF6207852F622ADD ] hcmon C:\Windows\system32\drivers\hcmon.sys
11:01:05.0728 3436 hcmon - ok
11:01:05.0759 3436 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:01:05.0776 3436 hcw85cir - ok
11:01:05.0846 3436 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:01:05.0848 3436 HdAudAddService - ok
11:01:05.0877 3436 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:01:05.0878 3436 HDAudBus - ok
11:01:05.0899 3436 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:01:05.0900 3436 HidBatt - ok
11:01:05.0937 3436 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:01:05.0938 3436 HidBth - ok
11:01:05.0975 3436 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:01:05.0976 3436 HidIr - ok
11:01:06.0001 3436 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
11:01:06.0002 3436 hidserv - ok
11:01:06.0094 3436 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:01:06.0095 3436 HidUsb - ok
11:01:06.0163 3436 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:01:06.0165 3436 hkmsvc - ok
11:01:06.0183 3436 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:01:06.0186 3436 HomeGroupListener - ok
11:01:06.0234 3436 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:01:06.0237 3436 HomeGroupProvider - ok
11:01:06.0264 3436 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:01:06.0265 3436 HpSAMD - ok
11:01:06.0338 3436 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:01:06.0342 3436 HTTP - ok
11:01:06.0419 3436 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:01:06.0419 3436 hwpolicy - ok
11:01:06.0492 3436 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:01:06.0493 3436 i8042prt - ok
11:01:06.0628 3436 [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:01:06.0630 3436 IAANTMON - ok
11:01:06.0673 3436 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:01:06.0675 3436 iaStor - ok
11:01:06.0766 3436 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:01:06.0769 3436 iaStorV - ok
11:01:06.0823 3436 [ FA3D0A6DA7BB7968EFE5C5BC267F0E55 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
11:01:06.0824 3436 IBMPMDRV - ok
11:01:06.0884 3436 [ 495F184A29B80B51735BCEE91D84FE8F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
11:01:06.0886 3436 IBMPMSVC - ok
11:01:07.0019 3436 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:01:07.0067 3436 idsvc - ok
11:01:07.0279 3436 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:01:07.0308 3436 igfx - ok
11:01:07.0337 3436 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:01:07.0338 3436 iirsp - ok
11:01:07.0414 3436 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
11:01:07.0421 3436 IKEEXT - ok
11:01:07.0670 3436 [ E61611BACBE257C26A8951D6D096A248 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:01:07.0686 3436 IntcAzAudAddService - ok
11:01:07.0767 3436 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
11:01:07.0768 3436 intelide - ok
11:01:07.0815 3436 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:01:07.0816 3436 intelppm - ok
11:01:07.0854 3436 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:01:07.0856 3436 IPBusEnum - ok
11:01:07.0873 3436 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:01:07.0874 3436 IpFilterDriver - ok
11:01:07.0971 3436 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:01:07.0977 3436 iphlpsvc - ok
11:01:08.0028 3436 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:01:08.0029 3436 IPMIDRV - ok
11:01:08.0049 3436 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:01:08.0050 3436 IPNAT - ok
11:01:08.0113 3436 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:01:08.0114 3436 IRENUM - ok
11:01:08.0173 3436 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:01:08.0174 3436 isapnp - ok
11:01:08.0202 3436 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:01:08.0204 3436 iScsiPrt - ok
11:01:08.0267 3436 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:01:08.0269 3436 IviRegMgr - ok
11:01:08.0306 3436 [ 2137795D207280D5707554AAF936FD19 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
11:01:08.0307 3436 JMCR - ok
11:01:08.0368 3436 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:01:08.0369 3436 kbdclass - ok
11:01:08.0436 3436 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:01:08.0437 3436 kbdhid - ok
11:01:08.0499 3436 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
11:01:08.0500 3436 KeyIso - ok
11:01:08.0550 3436 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:01:08.0551 3436 KSecDD - ok
11:01:08.0601 3436 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:01:08.0602 3436 KSecPkg - ok
11:01:08.0653 3436 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
11:01:08.0704 3436 KtmRm - ok
11:01:08.0779 3436 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
11:01:08.0783 3436 LanmanServer - ok
11:01:08.0858 3436 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:01:08.0862 3436 LanmanWorkstation - ok
11:01:08.0953 3436 [ 128158D8B1DF639BF3E3FDBCBB64CDAC ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
11:01:08.0954 3436 LENOVO.MICMUTE - ok
11:01:08.0961 3436 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
11:01:08.0962 3436 lenovo.smi - ok
11:01:08.0996 3436 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
11:01:08.0997 3436 Lenovo.VIRTSCRLSVC - ok
11:01:09.0031 3436 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:01:09.0032 3436 lltdio - ok
11:01:09.0061 3436 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:01:09.0092 3436 lltdsvc - ok
11:01:09.0125 3436 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
11:01:09.0128 3436 lmhosts - ok
11:01:09.0165 3436 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:01:09.0166 3436 LSI_FC - ok
11:01:09.0184 3436 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:01:09.0185 3436 LSI_SAS - ok
11:01:09.0198 3436 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:01:09.0199 3436 LSI_SAS2 - ok
11:01:09.0218 3436 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:01:09.0219 3436 LSI_SCSI - ok
11:01:09.0274 3436 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
11:01:09.0275 3436 luafv - ok
11:01:09.0319 3436 [ 2FEF6AE3573CA301A25E6F8A790BBA12 ] MCUSBICD2 C:\Windows\system32\Drivers\icd2w2k.sys
11:01:09.0320 3436 MCUSBICD2 - ok
11:01:09.0334 3436 [ 3896E3F4842711D774EE08E7192F3DD6 ] MCUSBICD2LDR C:\Windows\system32\Drivers\icd2w2kl.sys
11:01:09.0335 3436 MCUSBICD2LDR - ok
11:01:09.0402 3436 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:01:09.0435 3436 Mcx2Svc - ok
11:01:09.0461 3436 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:01:09.0462 3436 megasas - ok
11:01:09.0494 3436 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:01:09.0496 3436 MegaSR - ok
11:01:09.0569 3436 Microsoft SharePoint Workspace Audit Service - ok
11:01:09.0639 3436 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
11:01:09.0642 3436 MMCSS - ok
11:01:09.0678 3436 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
11:01:09.0679 3436 Modem - ok
11:01:09.0742 3436 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:01:09.0743 3436 monitor - ok
11:01:09.0768 3436 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:01:09.0769 3436 mouclass - ok
11:01:09.0798 3436 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:01:09.0799 3436 mouhid - ok
11:01:09.0880 3436 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:01:09.0881 3436 mountmgr - ok
11:01:09.0979 3436 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:01:09.0980 3436 MozillaMaintenance - ok
11:01:10.0020 3436 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
11:01:10.0021 3436 mpio - ok
11:01:10.0071 3436 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:01:10.0072 3436 mpsdrv - ok
11:01:10.0214 3436 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:01:10.0260 3436 MpsSvc - ok
11:01:10.0299 3436 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:01:10.0301 3436 MRxDAV - ok
11:01:10.0359 3436 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:01:10.0360 3436 mrxsmb - ok
11:01:10.0429 3436 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:01:10.0431 3436 mrxsmb10 - ok
11:01:10.0482 3436 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:01:10.0484 3436 mrxsmb20 - ok
11:01:10.0545 3436 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
11:01:10.0546 3436 msahci - ok
11:01:10.0586 3436 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:01:10.0587 3436 msdsm - ok
11:01:10.0612 3436 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:01:10.0647 3436 MSDTC - ok
11:01:10.0699 3436 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:01:10.0700 3436 Msfs - ok
11:01:10.0714 3436 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:01:10.0714 3436 mshidkmdf - ok
11:01:10.0775 3436 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:01:10.0776 3436 msisadrv - ok
11:01:10.0830 3436 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:01:10.0859 3436 MSiSCSI - ok
11:01:10.0864 3436 msiserver - ok
11:01:10.0908 3436 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:01:10.0908 3436 MSKSSRV - ok
11:01:10.0930 3436 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:01:10.0930 3436 MSPCLOCK - ok
11:01:10.0938 3436 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:01:10.0938 3436 MSPQM - ok
11:01:10.0960 3436 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:01:10.0962 3436 MsRPC - ok
11:01:11.0026 3436 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:01:11.0027 3436 mssmbios - ok
11:01:11.0302 3436 MSSQL$MSSMLBIZ - ok
11:01:11.0395 3436 MSSQL$SQLEXPRESS - ok
11:01:11.0473 3436 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:01:11.0474 3436 MSSQLServerADHelper - ok
11:01:11.0546 3436 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
11:01:11.0547 3436 MSSQLServerADHelper100 - ok
11:01:11.0581 3436 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:01:11.0581 3436 MSTEE - ok
11:01:11.0917 3436 [ E514D0493C272AECBAC7C6C1DAC635D1 ] msvsmon90 c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
11:01:11.0935 3436 msvsmon90 - ok
11:01:11.0957 3436 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:01:11.0958 3436 MTConfig - ok
11:01:12.0030 3436 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:01:12.0031 3436 Mup - ok
11:01:12.0091 3436 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
11:01:12.0096 3436 napagent - ok
11:01:12.0125 3436 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:01:12.0127 3436 NativeWifiP - ok
11:01:12.0241 3436 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:01:12.0245 3436 NDIS - ok
11:01:12.0266 3436 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:01:12.0267 3436 NdisCap - ok
11:01:12.0283 3436 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:01:12.0284 3436 NdisTapi - ok
11:01:12.0329 3436 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:01:12.0330 3436 Ndisuio - ok
11:01:12.0400 3436 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:12.0401 3436 NdisWan - ok
11:01:12.0445 3436 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:01:12.0446 3436 NDProxy - ok
11:01:12.0501 3436 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:01:12.0502 3436 NetBIOS - ok
11:01:12.0562 3436 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:01:12.0563 3436 NetBT - ok
11:01:12.0599 3436 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
11:01:12.0601 3436 Netlogon - ok
11:01:12.0631 3436 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:01:12.0636 3436 Netman - ok
11:01:12.0771 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0773 3436 NetMsmqActivator - ok
11:01:12.0797 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0799 3436 NetPipeActivator - ok
11:01:12.0836 3436 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:01:12.0841 3436 netprofm - ok
11:01:12.0881 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0882 3436 NetTcpActivator - ok
11:01:12.0888 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0890 3436 NetTcpPortSharing - ok
11:01:13.0294 3436 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
11:01:13.0331 3436 NETw5s32 - ok
11:01:13.0453 3436 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
11:01:13.0476 3436 netw5v32 - ok
11:01:13.0774 3436 [ 83553135AD346D247C482F1B8ACA921F ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
11:01:13.0818 3436 NETwNs32 - ok
11:01:14.0021 3436 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:01:14.0022 3436 nfrd960 - ok
11:01:14.0253 3436 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:01:14.0256 3436 NlaSvc - ok
11:01:14.0298 3436 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:01:14.0299 3436 Npfs - ok
11:01:14.0327 3436 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:01:14.0330 3436 nsi - ok
11:01:14.0341 3436 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:01:14.0342 3436 nsiproxy - ok
11:01:14.0820 3436 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:01:14.0829 3436 Ntfs - ok
11:01:14.0968 3436 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:01:14.0969 3436 Null - ok
11:01:15.0009 3436 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:01:15.0010 3436 nvraid - ok
11:01:15.0072 3436 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:01:15.0073 3436 nvstor - ok
11:01:15.0107 3436 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:01:15.0109 3436 nv_agp - ok
11:01:15.0172 3436 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:01:15.0173 3436 ohci1394 - ok
11:01:15.0300 3436 [ 8C02B0CC65BEE71124A565062BA77B39 ] OpenVPNAccessClient C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
11:01:15.0301 3436 OpenVPNAccessClient - ok
11:01:15.0476 3436 OracleMTSRecoveryService - ok
11:01:15.0524 3436 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:01:15.0526 3436 ose - ok
11:01:15.0743 3436 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:01:15.0768 3436 osppsvc - ok
11:01:15.0803 3436 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:01:15.0808 3436 p2pimsvc - ok
11:01:15.0842 3436 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:01:15.0847 3436 p2psvc - ok
11:01:15.0958 3436 [ 77CDC6C43D8C3E05D0E21B36EAABEBAE ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
11:01:15.0962 3436 PanService - ok
11:01:15.0990 3436 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:01:15.0991 3436 Parport - ok
11:01:16.0045 3436 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:01:16.0046 3436 partmgr - ok
11:01:16.0059 3436 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:01:16.0060 3436 Parvdm - ok
11:01:16.0092 3436 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:01:16.0095 3436 PcaSvc - ok
11:01:16.0187 3436 [ A88F42AD20418620D08A13AD1A70C083 ] PCDSRVC{C4B36920-79E24793-06000000}_0 c:\progra~1\pc-doc~1\pcdsrvc.pkms
11:01:16.0191 3436 PCDSRVC{C4B36920-79E24793-06000000}_0 - ok
11:01:16.0239 3436 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
11:01:16.0240 3436 pci - ok
11:01:16.0301 3436 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
11:01:16.0302 3436 pciide - ok
11:01:16.0327 3436 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:01:16.0328 3436 pcmcia - ok
11:01:16.0352 3436 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:01:16.0353 3436 pcw - ok
11:01:16.0395 3436 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:01:16.0399 3436 PEAUTH - ok
11:01:16.0452 3436 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:01:16.0463 3436 PeerDistSvc - ok
11:01:16.0546 3436 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
11:01:16.0562 3436 pla - ok
11:01:16.0643 3436 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:01:16.0648 3436 PlugPlay - ok
11:01:16.0739 3436 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
11:01:16.0741 3436 PnkBstrA - ok
11:01:16.0760 3436 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:01:16.0763 3436 PNRPAutoReg - ok
11:01:16.0781 3436 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:01:16.0785 3436 PNRPsvc - ok
11:01:16.0844 3436 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:01:16.0893 3436 PolicyAgent - ok
11:01:16.0940 3436 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
11:01:16.0944 3436 Power - ok
11:01:17.0054 3436 [ 2DB6404B68AA554F4805BCB645ED8E11 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
11:01:17.0055 3436 Power Manager DBC Service - ok
11:01:17.0107 3436 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:01:17.0108 3436 PptpMiniport - ok
11:01:17.0125 3436 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:01:17.0126 3436 Processor - ok
11:01:17.0190 3436 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
11:01:17.0193 3436 ProfSvc - ok
11:01:17.0210 3436 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:01:17.0212 3436 ProtectedStorage - ok
11:01:17.0230 3436 [ 72DE205CD4006DC45B1401859C506679 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
11:01:17.0231 3436 psadd - ok
11:01:17.0256 3436 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:01:17.0258 3436 Psched - ok
11:01:17.0308 3436 [ EF283BC7E0091713C15414AAF64074EB ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
11:01:17.0309 3436 PwmEWSvc - ok
11:01:17.0359 3436 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:01:17.0371 3436 ql2300 - ok
11:01:17.0409 3436 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:01:17.0410 3436 ql40xx - ok
11:01:17.0437 3436 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:01:17.0441 3436 QWAVE - ok
11:01:17.0457 3436 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:01:17.0458 3436 QWAVEdrv - ok
11:01:17.0474 3436 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:01:17.0475 3436 RasAcd - ok
11:01:17.0512 3436 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:01:17.0513 3436 RasAgileVpn - ok
11:01:17.0525 3436 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:01:17.0527 3436 RasAuto - ok
11:01:17.0547 3436 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:01:17.0548 3436 Rasl2tp - ok
11:01:17.0599 3436 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
11:01:17.0604 3436 RasMan - ok
11:01:17.0622 3436 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:01:17.0624 3436 RasPppoe - ok
11:01:17.0641 3436 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:01:17.0642 3436 RasSstp - ok
11:01:17.0692 3436 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:01:17.0694 3436 rdbss - ok
11:01:17.0715 3436 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:01:17.0716 3436 rdpbus - ok
11:01:17.0784 3436 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:01:17.0785 3436 RDPCDD - ok
11:01:17.0851 3436 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:01:17.0853 3436 RDPDR - ok
11:01:17.0875 3436 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:01:17.0876 3436 RDPENCDD - ok
11:01:17.0890 3436 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:01:17.0891 3436 RDPREFMP - ok
11:01:17.0941 3436 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:01:17.0943 3436 RDPWD - ok
11:01:17.0999 3436 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:01:18.0001 3436 rdyboost - ok
11:01:18.0015 3436 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
11:01:18.0016 3436 regi - ok
11:01:18.0072 3436 [ 03D281098CE722210C48E1E8CAFEA260 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:01:18.0075 3436 RegSrvc - ok
11:01:18.0108 3436 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:01:18.0110 3436 RemoteAccess - ok
11:01:18.0129 3436 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:01:18.0132 3436 RemoteRegistry - ok
11:01:18.0173 3436 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:01:18.0175 3436 RFCOMM - ok
11:01:18.0227 3436 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:01:18.0230 3436 RpcEptMapper - ok
11:01:18.0257 3436 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:01:18.0259 3436 RpcLocator - ok
11:01:18.0308 3436 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
11:01:18.0313 3436 RpcSs - ok
11:01:18.0385 3436 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
11:01:18.0387 3436 RsFx0103 - ok
11:01:18.0428 3436 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:01:18.0429 3436 rspndr - ok
11:01:18.0469 3436 [ 2FD0636A8A3E8B2D0FEF07D48CFBA7A2 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
11:01:18.0471 3436 RTHDMIAzAudService - ok
11:01:18.0530 3436 [ D5EDE44CA85899E0478208C8413C1C31 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:01:18.0532 3436 RTL8167 - ok
11:01:18.0585 3436 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:01:18.0586 3436 s3cap - ok
11:01:18.0600 3436 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
11:01:18.0602 3436 SamSs - ok
11:01:18.0631 3436 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:01:18.0632 3436 sbp2port - ok
11:01:18.0654 3436 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:01:18.0658 3436 SCardSvr - ok
11:01:18.0701 3436 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:01:18.0702 3436 scfilter - ok
11:01:18.0779 3436 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
11:01:18.0797 3436 Schedule - ok
11:01:18.0844 3436 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:01:18.0845 3436 SCPolicySvc - ok
11:01:18.0903 3436 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:01:18.0904 3436 sdbus - ok
11:01:18.0953 3436 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:01:18.0956 3436 SDRSVC - ok
11:01:19.0019 3436 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:01:19.0020 3436 SeaPort - ok
11:01:19.0064 3436 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:01:19.0065 3436 secdrv - ok
11:01:19.0092 3436 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:01:19.0095 3436 seclogon - ok
11:01:19.0113 3436 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
11:01:19.0116 3436 SENS - ok
11:01:19.0142 3436 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:01:19.0145 3436 SensrSvc - ok
11:01:19.0168 3436 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:01:19.0169 3436 Serenum - ok
11:01:19.0202 3436 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:01:19.0203 3436 Serial - ok
11:01:19.0268 3436 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:01:19.0269 3436 sermouse - ok
11:01:19.0331 3436 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
11:01:19.0334 3436 SessionEnv - ok
11:01:19.0389 3436 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:01:19.0390 3436 sffdisk - ok
11:01:19.0409 3436 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:01:19.0410 3436 sffp_mmc - ok
11:01:19.0437 3436 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:01:19.0438 3436 sffp_sd - ok
11:01:19.0487 3436 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:01:19.0488 3436 sfloppy - ok
11:01:19.0531 3436 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:01:19.0535 3436 SharedAccess - ok
11:01:19.0558 3436 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:01:19.0562 3436 ShellHWDetection - ok
11:01:19.0628 3436 [ 486A1BD22DD66D0A8542EBB0CD792BDB ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
11:01:19.0629 3436 Shockprf - ok
11:01:19.0677 3436 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:01:19.0678 3436 sisagp - ok
11:01:19.0719 3436 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:01:19.0720 3436 SiSRaid2 - ok
11:01:19.0733 3436 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:01:19.0734 3436 SiSRaid4 - ok
11:01:19.0782 3436 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:01:19.0783 3436 Smb - ok
11:01:19.0853 3436 [ 0B9C01236D25BDCB37AA79DC59DFB7D3 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
11:01:19.0853 3436 smihlp - ok
11:01:19.0904 3436 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:01:19.0906 3436 SNMPTRAP - ok
11:01:19.0922 3436 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:01:19.0923 3436 spldr - ok
11:01:19.0992 3436 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
11:01:19.0997 3436 Spooler - ok
11:01:20.0138 3436 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
11:01:20.0216 3436 sppsvc - ok
11:01:20.0279 3436 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:01:20.0282 3436 sppuinotify - ok
11:01:20.0377 3436 [ F42EFEFB765235F24B24E1D2B6F99F46 ] sptd C:\Windows\System32\Drivers\sptd.sys
11:01:20.0378 3436 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: F42EFEFB765235F24B24E1D2B6F99F46
11:01:20.0378 3436 sptd ( LockedFile.Multi.Generic ) - warning
11:01:20.0378 3436 sptd - detected LockedFile.Multi.Generic (1)
11:01:20.0567 3436 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
11:01:20.0569 3436 SQLAgent$SQLEXPRESS - ok
11:01:20.0662 3436 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:01:20.0664 3436 SQLBrowser - ok
11:01:20.0728 3436 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:01:20.0729 3436 SQLWriter - ok
11:01:20.0806 3436 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:01:20.0808 3436 srv - ok
11:01:20.0823 3436 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:01:20.0825 3436 srv2 - ok
11:01:20.0871 3436 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:01:20.0873 3436 SrvHsfHDA - ok
11:01:20.0908 3436 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
11:01:20.0914 3436 SrvHsfV92 - ok
11:01:20.0976 3436 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
11:01:20.0980 3436 SrvHsfWinac - ok
11:01:20.0999 3436 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:01:21.0000 3436 srvnet - ok
11:01:21.0033 3436 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:01:21.0037 3436 SSDPSRV - ok
11:01:21.0113 3436 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
11:01:21.0114 3436 ssmdrv - ok
11:01:21.0129 3436 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:01:21.0132 3436 SstpSvc - ok
11:01:21.0219 3436 [ 07318149E102FD9197AB444C27774372 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:01:21.0221 3436 ssudmdm - ok
11:01:21.0248 3436 Steam Client Service - ok
11:01:21.0277 3436 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:01:21.0278 3436 stexstor - ok
11:01:21.0332 3436 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
11:01:21.0339 3436 StiSvc - ok
11:01:21.0407 3436 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:01:21.0408 3436 storflt - ok
11:01:21.0443 3436 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
11:01:21.0445 3436 StorSvc - ok
11:01:21.0474 3436 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:01:21.0475 3436 storvsc - ok
11:01:21.0564 3436 [ E8029EB9B0D962675EAE956AF0F1FD87 ] SUService C:\Program Files\Lenovo\System Update\SUService.exe
11:01:21.0564 3436 SUService - ok
11:01:21.0626 3436 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
11:01:21.0627 3436 swenum - ok
11:01:21.0666 3436 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:01:21.0671 3436 swprv - ok
11:01:21.0746 3436 [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:01:21.0748 3436 SynTP - ok
11:01:21.0846 3436 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
11:01:21.0859 3436 SysMain - ok
11:01:21.0919 3436 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:01:21.0922 3436 TabletInputService - ok
11:01:21.0980 3436 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
11:01:21.0984 3436 TapiSrv - ok
11:01:22.0042 3436 [ 827C8058C284FF0013E4462EFE2591A3 ] tapoas C:\Windows\system32\DRIVERS\tapoas.sys
11:01:22.0043 3436 tapoas - ok
11:01:22.0058 3436 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:01:22.0061 3436 TBS - ok
11:01:22.0143 3436 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:01:22.0151 3436 Tcpip - ok
11:01:22.0211 3436 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:01:22.0218 3436 TCPIP6 - ok
11:01:22.0255 3436 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:01:22.0256 3436 tcpipreg - ok
11:01:22.0304 3436 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:01:22.0305 3436 TDPIPE - ok
11:01:22.0369 3436 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:01:22.0370 3436 TDTCP - ok
11:01:22.0418 3436 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:01:22.0419 3436 tdx - ok
11:01:22.0469 3436 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:01:22.0470 3436 TermDD - ok
11:01:22.0527 3436 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
11:01:22.0534 3436 TermService - ok
11:01:22.0579 3436 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:01:22.0582 3436 Themes - ok
11:01:22.0678 3436 [ 82C4830AB23A7AB125F38DA9A46B6A6D ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
11:01:22.0685 3436 ThinkVantage Registry Monitor Service - ok
11:01:22.0719 3436 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:01:22.0721 3436 THREADORDER - ok
11:01:22.0744 3436 [ 20A439D6475D6FE1909159C0143D0466 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
11:01:22.0745 3436 TPDIGIMN - ok
11:01:22.0769 3436 [ 3775E4AA5F72264DBAB7A578DD913ECF ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
11:01:22.0772 3436 TPHDEXLGSVC - ok
11:01:22.0857 3436 [ 1DBF0267CEBF80F0BD24DFE895367DB5 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
11:01:22.0859 3436 TPHKLOAD - ok
11:01:22.0925 3436 [ CB0625C2F5B7C72C50C5AE34F8E8F7D0 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
11:01:22.0926 3436 TPHKSVC - ok
11:01:22.0948 3436 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
11:01:22.0949 3436 TPM - ok
11:01:22.0990 3436 [ C16EC6A5390904D3971179553852025B ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
11:01:22.0990 3436 TPPWRIF - ok
11:01:23.0026 3436 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:01:23.0029 3436 TrkWks - ok
11:01:23.0105 3436 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:01:23.0106 3436 TrustedInstaller - ok
11:01:23.0160 3436 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:01:23.0160 3436 tssecsrv - ok
11:01:23.0219 3436 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:01:23.0220 3436 TsUsbFlt - ok
11:01:23.0281 3436 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:01:23.0282 3436 tunnel - ok
11:01:23.0380 3436 [ 4581A61AD590BC3CCDF2759D0BDD69FC ] TVT Backup Service C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
11:01:23.0389 3436 TVT Backup Service - ok
11:01:23.0421 3436 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:01:23.0422 3436 uagp35 - ok
11:01:23.0448 3436 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:01:23.0450 3436 udfs - ok
11:01:23.0577 3436 [ 3F2D08B07CF67CB37E669A93E59A508C ] ufad-ws60 C:\Program Files\VMware\VMware Player\vmware-ufad.exe
11:01:23.0579 3436 ufad-ws60 - ok
11:01:23.0621 3436 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:01:23.0624 3436 UI0Detect - ok
11:01:23.0646 3436 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:01:23.0647 3436 uliagpkx - ok
11:01:23.0724 3436 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:01:23.0725 3436 umbus - ok
11:01:23.0752 3436 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:01:23.0753 3436 UmPass - ok
11:01:23.0812 3436 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
11:01:23.0816 3436 UmRdpService - ok
11:01:23.0852 3436 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:01:23.0857 3436 upnphost - ok
11:01:23.0908 3436 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:01:23.0909 3436 usbccgp - ok
11:01:23.0976 3436 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:01:23.0977 3436 usbcir - ok
11:01:24.0024 3436 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:01:24.0025 3436 usbehci - ok
11:01:24.0090 3436 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:01:24.0092 3436 usbhub - ok
11:01:24.0121 3436 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:01:24.0122 3436 usbohci - ok
11:01:24.0168 3436 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:01:24.0169 3436 usbprint - ok
11:01:24.0217 3436 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:01:24.0218 3436 usbscan - ok
11:01:24.0267 3436 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:01:24.0268 3436 USBSTOR - ok
11:01:24.0310 3436 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:01:24.0311 3436 usbuhci - ok
11:01:24.0379 3436 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:01:24.0381 3436 usbvideo - ok
11:01:24.0439 3436 [ AF77716205C97E902E6C5B78DECE2CCA ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
11:01:24.0440 3436 usb_rndisx - ok
11:01:24.0478 3436 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:01:24.0512 3436 UxSms - ok
11:01:24.0534 3436 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
11:01:24.0535 3436 VaultSvc - ok
11:01:24.0555 3436 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:01:24.0556 3436 vdrvroot - ok
11:01:24.0613 3436 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
11:01:24.0618 3436 vds - ok
11:01:24.0650 3436 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:01:24.0652 3436 vga - ok
11:01:24.0664 3436 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:01:24.0665 3436 VgaSave - ok
11:01:24.0720 3436 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:01:24.0722 3436 vhdmp - ok
11:01:24.0744 3436 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:01:24.0745 3436 viaagp - ok
11:01:24.0755 3436 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:01:24.0756 3436 ViaC7 - ok
11:01:24.0819 3436 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
11:01:24.0820 3436 viaide - ok
11:01:24.0906 3436 [ E51474E134E5915ACBCD2CB26FAE5473 ] VMAuthdService C:\Program Files\VMware\VMware Player\vmware-authd.exe
11:01:24.0907 3436 VMAuthdService - ok
11:01:24.0928 3436 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:01:24.0930 3436 vmbus - ok
11:01:24.0958 3436 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:01:24.0959 3436 VMBusHID - ok
11:01:24.0983 3436 [ F3A7A37D07D2C45E0CF56C764F949E99 ] vmci C:\Windows\system32\Drivers\vmci.sys
11:01:24.0985 3436 vmci - ok
11:01:25.0030 3436 [ 5BDD3FBDF10BB329874A38631ABF1D3E ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
11:01:25.0031 3436 vmkbd - ok
11:01:25.0071 3436 [ E41704D8149992107B333CC7A52C07CC ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:01:25.0072 3436 VMnetAdapter - ok
11:01:25.0124 3436 [ 462F2A31EA8B87A28962ACA998DF1869 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:01:25.0125 3436 VMnetBridge - ok
11:01:25.0138 3436 [ EC5D6E0B2AF375CF5BFA947F34A5F441 ] VMnetDHCP C:\Windows\system32\vmnetdhcp.exe
11:01:25.0142 3436 VMnetDHCP - ok
11:01:25.0170 3436 [ 423CF74235FE72FAE568E5709A54267F ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
11:01:25.0171 3436 VMnetuserif - ok
11:01:25.0235 3436 [ 346AF8B2BE7E2E349B0FCA70C55CAC03 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
11:01:25.0238 3436 VMUSBArbService - ok
11:01:25.0275 3436 [ 665BB54CBA86378D99328EFF57F0406C ] VMware NAT Service C:\Windows\system32\vmnat.exe
11:01:25.0280 3436 VMware NAT Service - ok
11:01:25.0358 3436 [ 755A9AFE6665BAB01C8013849D3785B1 ] vmx86 C:\Windows\system32\Drivers\vmx86.sys
11:01:25.0363 3436 vmx86 - ok
11:01:25.0401 3436 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:01:25.0402 3436 volmgr - ok
11:01:25.0440 3436 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:01:25.0442 3436 volmgrx - ok
11:01:25.0461 3436 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:01:25.0463 3436 volsnap - ok
11:01:25.0709 3436 [ 138DB593B9433D29005282C4B0F4285A ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:01:25.0712 3436 vpnagent - ok
11:01:25.0775 3436 [ 0D8DF4058901616A4E716AB67D472581 ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
11:01:25.0776 3436 vpnva - ok
11:01:25.0814 3436 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:01:25.0815 3436 vsmraid - ok
11:01:25.0996 3436 [ 5A2DDC5411A092BEDB1A07755E087784 ] VSPerfDrv100 c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
11:01:25.0997 3436 VSPerfDrv100 - ok
11:01:26.0065 3436 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
11:01:26.0073 3436 VSS - ok
11:01:26.0134 3436 [ 476A052B3CE506ED63A94018F3E979D5 ] vstor2-ws60 C:\Program Files\VMware\VMware Player\vstor2-ws60.sys
11:01:26.0135 3436 vstor2-ws60 - ok
11:01:26.0193 3436 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:01:26.0194 3436 vwifibus - ok
11:01:26.0221 3436 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:01:26.0222 3436 vwififlt - ok
11:01:26.0256 3436 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:01:26.0257 3436 vwifimp - ok
11:01:26.0287 3436 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:01:26.0292 3436 W32Time - ok
11:01:26.0313 3436 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:01:26.0314 3436 WacomPen - ok
11:01:26.0339 3436 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:01:26.0340 3436 WANARP - ok
11:01:26.0344 3436 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:01:26.0345 3436 Wanarpv6 - ok
11:01:26.0432 3436 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:01:26.0439 3436 WatAdminSvc - ok
11:01:26.0600 3436 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
11:01:26.0609 3436 wbengine - ok
11:01:26.0649 3436 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:01:26.0653 3436 WbioSrvc - ok
11:01:26.0704 3436 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:01:26.0709 3436 wcncsvc - ok
11:01:26.0738 3436 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:01:26.0741 3436 WcsPlugInService - ok
11:01:26.0789 3436 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:01:26.0790 3436 Wd - ok
11:01:26.0854 3436 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:01:26.0857 3436 Wdf01000 - ok
11:01:26.0878 3436 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:01:26.0881 3436 WdiServiceHost - ok
11:01:26.0889 3436 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:01:26.0893 3436 WdiSystemHost - ok
11:01:26.0966 3436 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
11:01:26.0970 3436 WebClient - ok
11:01:26.0995 3436 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:01:26.0999 3436 Wecsvc - ok
11:01:27.0035 3436 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:01:27.0038 3436 wercplsupport - ok
11:01:27.0064 3436 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:01:27.0068 3436 WerSvc - ok
11:01:27.0097 3436 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:01:27.0098 3436 WfpLwf - ok
11:01:27.0112 3436 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:01:27.0113 3436 WIMMount - ok
11:01:27.0178 3436 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:01:27.0215 3436 WinDefend - ok
11:01:27.0230 3436 WinHttpAutoProxySvc - ok
11:01:27.0345 3436 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:01:27.0347 3436 Winmgmt - ok
11:01:27.0416 3436 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
11:01:27.0430 3436 WinRM - ok
11:01:27.0504 3436 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
11:01:27.0505 3436 WinUsb - ok
11:01:27.0551 3436 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:01:27.0561 3436 Wlansvc - ok
11:01:27.0600 3436 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:01:27.0601 3436 WmiAcpi - ok
11:01:27.0633 3436 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:01:27.0635 3436 wmiApSrv - ok
11:01:27.0724 3436 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:01:27.0731 3436 WMPNetworkSvc - ok
11:01:27.0752 3436 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:01:27.0755 3436 WPCSvc - ok
11:01:27.0795 3436 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:01:27.0798 3436 WPDBusEnum - ok
11:01:27.0845 3436 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:01:27.0846 3436 ws2ifsl - ok
11:01:27.0872 3436 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
11:01:27.0875 3436 wscsvc - ok
11:01:27.0930 3436 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:01:27.0931 3436 WSDPrintDevice - ok
11:01:27.0956 3436 [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:01:27.0957 3436 WSDScan - ok
11:01:27.0961 3436 WSearch - ok
11:01:28.0060 3436 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:01:28.0080 3436 wuauserv - ok
11:01:28.0120 3436 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:01:28.0121 3436 WudfPf - ok
11:01:28.0144 3436 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:01:28.0146 3436 WUDFRd - ok
11:01:28.0205 3436 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:01:28.0209 3436 wudfsvc - ok
11:01:28.0239 3436 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:01:28.0243 3436 WwanSvc - ok
11:01:28.0285 3436 XDva393 - ok
11:01:28.0358 3436 ================ Scan global ===============================
11:01:28.0408 3436 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:01:28.0469 3436 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
11:01:28.0507 3436 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
11:01:28.0537 3436 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:01:28.0606 3436 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:01:28.0610 3436 [Global] - ok
11:01:28.0611 3436 ================ Scan MBR ==================================
11:01:28.0645 3436 [ 4BBC60784624A9DD96D337C4DE353C70 ] \Device\Harddisk0\DR0
11:01:28.0796 3436 \Device\Harddisk0\DR0 - ok
11:01:28.0796 3436 ================ Scan VBR ==================================
11:01:28.0799 3436 [ 39FC815101ACBC2177D2311D8A03B114 ] \Device\Harddisk0\DR0\Partition1
11:01:28.0800 3436 \Device\Harddisk0\DR0\Partition1 - ok
11:01:28.0810 3436 [ 9AFA6133494CFAF3F18E1E99190F4259 ] \Device\Harddisk0\DR0\Partition2
11:01:28.0811 3436 \Device\Harddisk0\DR0\Partition2 - ok
11:01:28.0836 3436 [ E02C08C5842AD93F1D01154578BC3970 ] \Device\Harddisk0\DR0\Partition3
11:01:28.0838 3436 \Device\Harddisk0\DR0\Partition3 - ok
11:01:28.0838 3436 ============================================================
11:01:28.0838 3436 Scan finished
11:01:28.0838 3436 ============================================================
11:01:28.0866 3116 Detected object count: 1
11:01:28.0866 3116 Actual detected object count: 1
11:01:40.0754 3116 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:01:40.0754 3116 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:01:45.0449 5936 Deinitialize success
11:00:52.0424 5944 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:00:52.0629 5944 ============================================================
11:00:52.0629 5944 Current date / time: 2013/05/01 11:00:52.0629
11:00:52.0629 5944 SystemInfo:
11:00:52.0629 5944
11:00:52.0630 5944 OS Version: 6.1.7601 ServicePack: 1.0
11:00:52.0630 5944 Product type: Workstation
11:00:52.0630 5944 ComputerName: WRAITHIK-THINK
11:00:52.0630 5944 UserName: Wraithik
11:00:52.0630 5944 Windows directory: C:\Windows
11:00:52.0630 5944 System windows directory: C:\Windows
11:00:52.0630 5944 Processor architecture: Intel x86
11:00:52.0630 5944 Number of processors: 2
11:00:52.0630 5944 Page size: 0x1000
11:00:52.0630 5944 Boot type: Normal boot
11:00:52.0630 5944 ============================================================
11:00:53.0497 5944 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:00:53.0499 5944 ============================================================
11:00:53.0499 5944 \Device\Harddisk0\DR0:
11:00:53.0499 5944 MBR partitions:
11:00:53.0499 5944 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
11:00:53.0499 5944 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x23E4D800
11:00:53.0499 5944 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x240A6000, BlocksNum 0x1388000
11:00:53.0499 5944 ============================================================
11:00:53.0530 5944 C: <-> \Device\Harddisk0\DR0\Partition2
11:00:53.0582 5944 Q: <-> \Device\Harddisk0\DR0\Partition3
11:00:53.0582 5944 ============================================================
11:00:53.0582 5944 Initialize success
11:00:53.0582 5944 ============================================================
11:00:56.0079 3436 ============================================================
11:00:56.0079 3436 Scan started
11:00:56.0079 3436 Mode: Manual;
11:00:56.0079 3436 ============================================================
11:00:56.0901 3436 ================ Scan system memory ========================
11:00:56.0901 3436 System memory - ok
11:00:56.0902 3436 ================ Scan services =============================
11:00:57.0173 3436 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:00:57.0175 3436 1394ohci - ok
11:00:57.0213 3436 [ D623AF0D0DB0F13D32CAE34D3F0DAD39 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
11:00:57.0215 3436 5U877 - ok
11:00:57.0244 3436 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:00:57.0247 3436 ACPI - ok
11:00:57.0277 3436 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:00:57.0277 3436 AcpiPmi - ok
11:00:57.0399 3436 [ BCAB739E5FEA28407076D757044A629F ] AcPrfMgrSvc C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
11:00:57.0400 3436 AcPrfMgrSvc - ok
11:00:57.0496 3436 [ 8C729FF9B5C47730EA54E841E2D8B617 ] acsock C:\Windows\system32\DRIVERS\acsock.sys
11:00:57.0497 3436 acsock - ok
11:00:57.0569 3436 [ D6DD4F1596C54AFA5C6CCAE6842F9E44 ] AcSvc C:\Program Files\Lenovo\Access Connections\AcSvc.exe
11:00:57.0571 3436 AcSvc - ok
11:00:57.0754 3436 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:00:57.0755 3436 AdobeARMservice - ok
11:00:57.0859 3436 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:00:57.0862 3436 adp94xx - ok
11:00:57.0896 3436 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:00:57.0898 3436 adpahci - ok
11:00:57.0957 3436 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:00:57.0958 3436 adpu320 - ok
11:00:57.0994 3436 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:00:57.0995 3436 AeLookupSvc - ok
11:00:58.0086 3436 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
11:00:58.0089 3436 AFD - ok
11:00:58.0160 3436 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:00:58.0161 3436 agp440 - ok
11:00:58.0201 3436 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:00:58.0203 3436 aic78xx - ok
11:00:58.0260 3436 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
11:00:58.0261 3436 ALG - ok
11:00:58.0317 3436 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
11:00:58.0318 3436 aliide - ok
11:00:58.0352 3436 [ C43A69DF2B4BA2368376C1E2B631F2B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:00:58.0354 3436 AMD External Events Utility - ok
11:00:58.0385 3436 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:00:58.0386 3436 amdagp - ok
11:00:58.0501 3436 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
11:00:58.0502 3436 amdide - ok
11:00:58.0562 3436 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:00:58.0562 3436 AmdK8 - ok
11:00:58.0579 3436 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:00:58.0580 3436 AmdPPM - ok
11:00:58.0614 3436 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:00:58.0615 3436 amdsata - ok
11:00:58.0627 3436 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:00:58.0628 3436 amdsbs - ok
11:00:58.0645 3436 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:00:58.0646 3436 amdxata - ok
11:00:58.0759 3436 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:00:58.0760 3436 AntiVirSchedulerService - ok
11:00:58.0844 3436 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:00:58.0845 3436 AntiVirService - ok
11:00:58.0927 3436 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
11:00:58.0928 3436 AppID - ok
11:00:58.0970 3436 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:00:58.0971 3436 AppIDSvc - ok
11:00:59.0022 3436 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
11:00:59.0023 3436 Appinfo - ok
11:00:59.0050 3436 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
11:00:59.0051 3436 AppMgmt - ok
11:00:59.0091 3436 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:00:59.0093 3436 arc - ok
11:00:59.0139 3436 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:00:59.0140 3436 arcsas - ok
11:00:59.0275 3436 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:00:59.0332 3436 aspnet_state - ok
11:00:59.0381 3436 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:00:59.0382 3436 AsyncMac - ok
11:00:59.0445 3436 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
11:00:59.0445 3436 atapi - ok
11:00:59.0745 3436 [ 6B70EB8E4AAF60598D61BCF8C41EACFB ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:00:59.0772 3436 atikmdag - ok
11:00:59.0844 3436 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:00:59.0849 3436 AudioEndpointBuilder - ok
11:00:59.0857 3436 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:00:59.0860 3436 Audiosrv - ok
11:00:59.0916 3436 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
11:00:59.0917 3436 avgntflt - ok
11:00:59.0954 3436 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
11:00:59.0955 3436 avipbb - ok
11:00:59.0986 3436 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
11:00:59.0987 3436 avkmgr - ok
11:01:00.0045 3436 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:01:00.0046 3436 AxInstSV - ok
11:01:00.0111 3436 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:01:00.0114 3436 b06bdrv - ok
11:01:00.0160 3436 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:01:00.0162 3436 b57nd60x - ok
11:01:00.0222 3436 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
11:01:00.0223 3436 BcmSqlStartupSvc - ok
11:01:00.0266 3436 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
11:01:00.0268 3436 BDESVC - ok
11:01:00.0314 3436 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
11:01:00.0315 3436 Beep - ok
11:01:00.0384 3436 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
11:01:00.0388 3436 BFE - ok
11:01:00.0447 3436 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
11:01:00.0454 3436 BITS - ok
11:01:00.0490 3436 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:01:00.0491 3436 blbdrive - ok
11:01:00.0613 3436 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:01:00.0615 3436 Bonjour Service - ok
11:01:00.0672 3436 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:01:00.0673 3436 bowser - ok
11:01:00.0686 3436 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:01:00.0687 3436 BrFiltLo - ok
11:01:00.0706 3436 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:01:00.0706 3436 BrFiltUp - ok
11:01:00.0756 3436 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
11:01:00.0757 3436 Browser - ok
11:01:00.0776 3436 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:01:00.0778 3436 Brserid - ok
11:01:00.0814 3436 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:01:00.0815 3436 BrSerWdm - ok
11:01:00.0859 3436 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:01:00.0859 3436 BrUsbMdm - ok
11:01:00.0876 3436 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:01:00.0877 3436 BrUsbSer - ok
11:01:00.0947 3436 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:01:00.0948 3436 BthEnum - ok
11:01:01.0006 3436 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:01:01.0007 3436 BTHMODEM - ok
11:01:01.0028 3436 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:01:01.0029 3436 BthPan - ok
11:01:01.0055 3436 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:01:01.0057 3436 BTHPORT - ok
11:01:01.0107 3436 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
11:01:01.0109 3436 bthserv - ok
11:01:01.0164 3436 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:01:01.0165 3436 BTHUSB - ok
11:01:01.0197 3436 [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:01:01.0199 3436 btwaudio - ok
11:01:01.0241 3436 [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
11:01:01.0243 3436 btwavdt - ok
11:01:01.0374 3436 [ F7434401AE320BB97903A3C1865242FB ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
11:01:01.0379 3436 btwdins - ok
11:01:01.0419 3436 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:01:01.0419 3436 btwl2cap - ok
11:01:01.0434 3436 [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:01:01.0435 3436 btwrchid - ok
11:01:01.0475 3436 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:01:01.0476 3436 cdfs - ok
11:01:01.0550 3436 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:01:01.0551 3436 cdrom - ok
11:01:01.0631 3436 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
11:01:01.0632 3436 CertPropSvc - ok
11:01:01.0650 3436 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:01:01.0651 3436 circlass - ok
11:01:01.0694 3436 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
11:01:01.0696 3436 CLFS - ok
11:01:01.0756 3436 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:01:01.0757 3436 clr_optimization_v2.0.50727_32 - ok
11:01:01.0838 3436 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:01:01.0881 3436 clr_optimization_v4.0.30319_32 - ok
11:01:01.0917 3436 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:01:01.0918 3436 CmBatt - ok
11:01:01.0935 3436 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:01:01.0936 3436 cmdide - ok
11:01:02.0005 3436 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
11:01:02.0007 3436 CNG - ok
11:01:02.0020 3436 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:01:02.0021 3436 Compbatt - ok
11:01:02.0091 3436 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:01:02.0091 3436 CompositeBus - ok
11:01:02.0134 3436 COMSysApp - ok
11:01:02.0151 3436 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:01:02.0151 3436 crcdisk - ok
11:01:02.0212 3436 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:01:02.0213 3436 CryptSvc - ok
11:01:02.0313 3436 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
11:01:02.0316 3436 CSC - ok
11:01:02.0361 3436 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
11:01:02.0366 3436 CscService - ok
11:01:02.0395 3436 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
11:01:02.0407 3436 DcomLaunch - ok
11:01:02.0440 3436 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
11:01:02.0442 3436 defragsvc - ok
11:01:02.0500 3436 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:01:02.0501 3436 DfsC - ok
11:01:02.0592 3436 [ F9F31A9F2A8C0DD0CEB6E380BF0985D4 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:01:02.0594 3436 dg_ssudbus - ok
11:01:02.0682 3436 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:01:02.0685 3436 Dhcp - ok
11:01:02.0708 3436 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
11:01:02.0709 3436 discache - ok
11:01:02.0734 3436 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:01:02.0735 3436 Disk - ok
11:01:02.0815 3436 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:01:02.0844 3436 Dnscache - ok
11:01:02.0907 3436 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
11:01:02.0909 3436 dot3svc - ok
11:01:02.0968 3436 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
11:01:02.0970 3436 DPS - ok
11:01:03.0005 3436 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:01:03.0006 3436 drmkaud - ok
11:01:03.0069 3436 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:01:03.0073 3436 DXGKrnl - ok
11:01:03.0121 3436 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
11:01:03.0123 3436 EapHost - ok
11:01:03.0264 3436 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:01:03.0281 3436 ebdrv - ok
11:01:03.0332 3436 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
11:01:03.0333 3436 EFS - ok
11:01:03.0421 3436 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:01:03.0425 3436 ehRecvr - ok
11:01:03.0476 3436 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
11:01:03.0477 3436 ehSched - ok
11:01:03.0528 3436 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:01:03.0531 3436 elxstor - ok
11:01:03.0585 3436 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:01:03.0586 3436 ErrDev - ok
11:01:03.0641 3436 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
11:01:03.0643 3436 EventSystem - ok
11:01:03.0796 3436 [ 33ABDDB21DE2F4BB1B05A5A3A671BD64 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:01:03.0802 3436 EvtEng - ok
11:01:03.0826 3436 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
11:01:03.0828 3436 exfat - ok
11:01:03.0848 3436 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:01:03.0849 3436 fastfat - ok
11:01:03.0921 3436 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
11:01:03.0925 3436 Fax - ok
11:01:03.0959 3436 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:01:03.0960 3436 fdc - ok
11:01:04.0035 3436 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
11:01:04.0036 3436 fdPHost - ok
11:01:04.0075 3436 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
11:01:04.0077 3436 FDResPub - ok
11:01:04.0089 3436 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:01:04.0090 3436 FileInfo - ok
11:01:04.0099 3436 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:01:04.0100 3436 Filetrace - ok
11:01:04.0203 3436 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:01:04.0207 3436 FLEXnet Licensing Service - ok
11:01:04.0243 3436 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:01:04.0244 3436 flpydisk - ok
11:01:04.0277 3436 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:01:04.0278 3436 FltMgr - ok
11:01:04.0385 3436 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
11:01:04.0395 3436 FontCache - ok
11:01:04.0444 3436 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:01:04.0445 3436 FontCache3.0.0.0 - ok
11:01:04.0480 3436 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:01:04.0480 3436 FsDepends - ok
11:01:04.0544 3436 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:01:04.0545 3436 Fs_Rec - ok
11:01:04.0607 3436 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:01:04.0608 3436 fvevol - ok
11:01:04.0637 3436 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:01:04.0638 3436 gagp30kx - ok
11:01:05.0278 3436 [ 97590BDD20E90546045982F6EA24EB1E ] GarenaPEngine C:\Users\Wraithik\AppData\Local\Temp\CHQ7973.tmp
11:01:05.0279 3436 GarenaPEngine - ok
11:01:05.0400 3436 GGSAFERDriver - ok
11:01:05.0586 3436 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
11:01:05.0654 3436 gpsvc - ok
11:01:05.0727 3436 [ 1F79859A8C1D7C14EF6207852F622ADD ] hcmon C:\Windows\system32\drivers\hcmon.sys
11:01:05.0728 3436 hcmon - ok
11:01:05.0759 3436 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:01:05.0776 3436 hcw85cir - ok
11:01:05.0846 3436 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:01:05.0848 3436 HdAudAddService - ok
11:01:05.0877 3436 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:01:05.0878 3436 HDAudBus - ok
11:01:05.0899 3436 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:01:05.0900 3436 HidBatt - ok
11:01:05.0937 3436 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:01:05.0938 3436 HidBth - ok
11:01:05.0975 3436 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:01:05.0976 3436 HidIr - ok
11:01:06.0001 3436 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
11:01:06.0002 3436 hidserv - ok
11:01:06.0094 3436 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:01:06.0095 3436 HidUsb - ok
11:01:06.0163 3436 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:01:06.0165 3436 hkmsvc - ok
11:01:06.0183 3436 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:01:06.0186 3436 HomeGroupListener - ok
11:01:06.0234 3436 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:01:06.0237 3436 HomeGroupProvider - ok
11:01:06.0264 3436 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:01:06.0265 3436 HpSAMD - ok
11:01:06.0338 3436 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:01:06.0342 3436 HTTP - ok
11:01:06.0419 3436 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:01:06.0419 3436 hwpolicy - ok
11:01:06.0492 3436 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:01:06.0493 3436 i8042prt - ok
11:01:06.0628 3436 [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:01:06.0630 3436 IAANTMON - ok
11:01:06.0673 3436 [ 01446278D4563B3013C92830AE6CBB26 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:01:06.0675 3436 iaStor - ok
11:01:06.0766 3436 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:01:06.0769 3436 iaStorV - ok
11:01:06.0823 3436 [ FA3D0A6DA7BB7968EFE5C5BC267F0E55 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
11:01:06.0824 3436 IBMPMDRV - ok
11:01:06.0884 3436 [ 495F184A29B80B51735BCEE91D84FE8F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
11:01:06.0886 3436 IBMPMSVC - ok
11:01:07.0019 3436 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:01:07.0067 3436 idsvc - ok
11:01:07.0279 3436 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
11:01:07.0308 3436 igfx - ok
11:01:07.0337 3436 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:01:07.0338 3436 iirsp - ok
11:01:07.0414 3436 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
11:01:07.0421 3436 IKEEXT - ok
11:01:07.0670 3436 [ E61611BACBE257C26A8951D6D096A248 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:01:07.0686 3436 IntcAzAudAddService - ok
11:01:07.0767 3436 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
11:01:07.0768 3436 intelide - ok
11:01:07.0815 3436 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:01:07.0816 3436 intelppm - ok
11:01:07.0854 3436 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:01:07.0856 3436 IPBusEnum - ok
11:01:07.0873 3436 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:01:07.0874 3436 IpFilterDriver - ok
11:01:07.0971 3436 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:01:07.0977 3436 iphlpsvc - ok
11:01:08.0028 3436 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:01:08.0029 3436 IPMIDRV - ok
11:01:08.0049 3436 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:01:08.0050 3436 IPNAT - ok
11:01:08.0113 3436 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:01:08.0114 3436 IRENUM - ok
11:01:08.0173 3436 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:01:08.0174 3436 isapnp - ok
11:01:08.0202 3436 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:01:08.0204 3436 iScsiPrt - ok
11:01:08.0267 3436 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
11:01:08.0269 3436 IviRegMgr - ok
11:01:08.0306 3436 [ 2137795D207280D5707554AAF936FD19 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
11:01:08.0307 3436 JMCR - ok
11:01:08.0368 3436 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:01:08.0369 3436 kbdclass - ok
11:01:08.0436 3436 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:01:08.0437 3436 kbdhid - ok
11:01:08.0499 3436 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
11:01:08.0500 3436 KeyIso - ok
11:01:08.0550 3436 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:01:08.0551 3436 KSecDD - ok
11:01:08.0601 3436 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:01:08.0602 3436 KSecPkg - ok
11:01:08.0653 3436 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
11:01:08.0704 3436 KtmRm - ok
11:01:08.0779 3436 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
11:01:08.0783 3436 LanmanServer - ok
11:01:08.0858 3436 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:01:08.0862 3436 LanmanWorkstation - ok
11:01:08.0953 3436 [ 128158D8B1DF639BF3E3FDBCBB64CDAC ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
11:01:08.0954 3436 LENOVO.MICMUTE - ok
11:01:08.0961 3436 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
11:01:08.0962 3436 lenovo.smi - ok
11:01:08.0996 3436 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
11:01:08.0997 3436 Lenovo.VIRTSCRLSVC - ok
11:01:09.0031 3436 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:01:09.0032 3436 lltdio - ok
11:01:09.0061 3436 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:01:09.0092 3436 lltdsvc - ok
11:01:09.0125 3436 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
11:01:09.0128 3436 lmhosts - ok
11:01:09.0165 3436 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:01:09.0166 3436 LSI_FC - ok
11:01:09.0184 3436 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:01:09.0185 3436 LSI_SAS - ok
11:01:09.0198 3436 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:01:09.0199 3436 LSI_SAS2 - ok
11:01:09.0218 3436 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:01:09.0219 3436 LSI_SCSI - ok
11:01:09.0274 3436 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
11:01:09.0275 3436 luafv - ok
11:01:09.0319 3436 [ 2FEF6AE3573CA301A25E6F8A790BBA12 ] MCUSBICD2 C:\Windows\system32\Drivers\icd2w2k.sys
11:01:09.0320 3436 MCUSBICD2 - ok
11:01:09.0334 3436 [ 3896E3F4842711D774EE08E7192F3DD6 ] MCUSBICD2LDR C:\Windows\system32\Drivers\icd2w2kl.sys
11:01:09.0335 3436 MCUSBICD2LDR - ok
11:01:09.0402 3436 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:01:09.0435 3436 Mcx2Svc - ok
11:01:09.0461 3436 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:01:09.0462 3436 megasas - ok
11:01:09.0494 3436 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:01:09.0496 3436 MegaSR - ok
11:01:09.0569 3436 Microsoft SharePoint Workspace Audit Service - ok
11:01:09.0639 3436 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
11:01:09.0642 3436 MMCSS - ok
11:01:09.0678 3436 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
11:01:09.0679 3436 Modem - ok
11:01:09.0742 3436 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:01:09.0743 3436 monitor - ok
11:01:09.0768 3436 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:01:09.0769 3436 mouclass - ok
11:01:09.0798 3436 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:01:09.0799 3436 mouhid - ok
11:01:09.0880 3436 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:01:09.0881 3436 mountmgr - ok
11:01:09.0979 3436 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:01:09.0980 3436 MozillaMaintenance - ok
11:01:10.0020 3436 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
11:01:10.0021 3436 mpio - ok
11:01:10.0071 3436 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:01:10.0072 3436 mpsdrv - ok
11:01:10.0214 3436 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:01:10.0260 3436 MpsSvc - ok
11:01:10.0299 3436 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:01:10.0301 3436 MRxDAV - ok
11:01:10.0359 3436 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:01:10.0360 3436 mrxsmb - ok
11:01:10.0429 3436 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:01:10.0431 3436 mrxsmb10 - ok
11:01:10.0482 3436 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:01:10.0484 3436 mrxsmb20 - ok
11:01:10.0545 3436 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
11:01:10.0546 3436 msahci - ok
11:01:10.0586 3436 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:01:10.0587 3436 msdsm - ok
11:01:10.0612 3436 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
11:01:10.0647 3436 MSDTC - ok
11:01:10.0699 3436 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:01:10.0700 3436 Msfs - ok
11:01:10.0714 3436 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:01:10.0714 3436 mshidkmdf - ok
11:01:10.0775 3436 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:01:10.0776 3436 msisadrv - ok
11:01:10.0830 3436 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:01:10.0859 3436 MSiSCSI - ok
11:01:10.0864 3436 msiserver - ok
11:01:10.0908 3436 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:01:10.0908 3436 MSKSSRV - ok
11:01:10.0930 3436 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:01:10.0930 3436 MSPCLOCK - ok
11:01:10.0938 3436 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:01:10.0938 3436 MSPQM - ok
11:01:10.0960 3436 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:01:10.0962 3436 MsRPC - ok
11:01:11.0026 3436 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:01:11.0027 3436 mssmbios - ok
11:01:11.0302 3436 MSSQL$MSSMLBIZ - ok
11:01:11.0395 3436 MSSQL$SQLEXPRESS - ok
11:01:11.0473 3436 [ C06EA83F6FC2959E897C117255B6B1D5 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:01:11.0474 3436 MSSQLServerADHelper - ok
11:01:11.0546 3436 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
11:01:11.0547 3436 MSSQLServerADHelper100 - ok
11:01:11.0581 3436 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:01:11.0581 3436 MSTEE - ok
11:01:11.0917 3436 [ E514D0493C272AECBAC7C6C1DAC635D1 ] msvsmon90 c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe
11:01:11.0935 3436 msvsmon90 - ok
11:01:11.0957 3436 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:01:11.0958 3436 MTConfig - ok
11:01:12.0030 3436 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
11:01:12.0031 3436 Mup - ok
11:01:12.0091 3436 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
11:01:12.0096 3436 napagent - ok
11:01:12.0125 3436 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:01:12.0127 3436 NativeWifiP - ok
11:01:12.0241 3436 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:01:12.0245 3436 NDIS - ok
11:01:12.0266 3436 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:01:12.0267 3436 NdisCap - ok
11:01:12.0283 3436 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:01:12.0284 3436 NdisTapi - ok
11:01:12.0329 3436 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:01:12.0330 3436 Ndisuio - ok
11:01:12.0400 3436 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:01:12.0401 3436 NdisWan - ok
11:01:12.0445 3436 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:01:12.0446 3436 NDProxy - ok
11:01:12.0501 3436 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:01:12.0502 3436 NetBIOS - ok
11:01:12.0562 3436 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:01:12.0563 3436 NetBT - ok
11:01:12.0599 3436 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
11:01:12.0601 3436 Netlogon - ok
11:01:12.0631 3436 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
11:01:12.0636 3436 Netman - ok
11:01:12.0771 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0773 3436 NetMsmqActivator - ok
11:01:12.0797 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0799 3436 NetPipeActivator - ok
11:01:12.0836 3436 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
11:01:12.0841 3436 netprofm - ok
11:01:12.0881 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0882 3436 NetTcpActivator - ok
11:01:12.0888 3436 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:01:12.0890 3436 NetTcpPortSharing - ok
11:01:13.0294 3436 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
11:01:13.0331 3436 NETw5s32 - ok
11:01:13.0453 3436 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
11:01:13.0476 3436 netw5v32 - ok
11:01:13.0774 3436 [ 83553135AD346D247C482F1B8ACA921F ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
11:01:13.0818 3436 NETwNs32 - ok
11:01:14.0021 3436 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:01:14.0022 3436 nfrd960 - ok
11:01:14.0253 3436 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:01:14.0256 3436 NlaSvc - ok
11:01:14.0298 3436 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:01:14.0299 3436 Npfs - ok
11:01:14.0327 3436 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
11:01:14.0330 3436 nsi - ok
11:01:14.0341 3436 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:01:14.0342 3436 nsiproxy - ok
11:01:14.0820 3436 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:01:14.0829 3436 Ntfs - ok
11:01:14.0968 3436 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
11:01:14.0969 3436 Null - ok
11:01:15.0009 3436 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:01:15.0010 3436 nvraid - ok
11:01:15.0072 3436 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:01:15.0073 3436 nvstor - ok
11:01:15.0107 3436 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:01:15.0109 3436 nv_agp - ok
11:01:15.0172 3436 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:01:15.0173 3436 ohci1394 - ok
11:01:15.0300 3436 [ 8C02B0CC65BEE71124A565062BA77B39 ] OpenVPNAccessClient C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
11:01:15.0301 3436 OpenVPNAccessClient - ok
11:01:15.0476 3436 OracleMTSRecoveryService - ok
11:01:15.0524 3436 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:01:15.0526 3436 ose - ok
11:01:15.0743 3436 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:01:15.0768 3436 osppsvc - ok
11:01:15.0803 3436 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:01:15.0808 3436 p2pimsvc - ok
11:01:15.0842 3436 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
11:01:15.0847 3436 p2psvc - ok
11:01:15.0958 3436 [ 77CDC6C43D8C3E05D0E21B36EAABEBAE ] PanService C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
11:01:15.0962 3436 PanService - ok
11:01:15.0990 3436 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:01:15.0991 3436 Parport - ok
11:01:16.0045 3436 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:01:16.0046 3436 partmgr - ok
11:01:16.0059 3436 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:01:16.0060 3436 Parvdm - ok
11:01:16.0092 3436 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:01:16.0095 3436 PcaSvc - ok
11:01:16.0187 3436 [ A88F42AD20418620D08A13AD1A70C083 ] PCDSRVC{C4B36920-79E24793-06000000}_0 c:\progra~1\pc-doc~1\pcdsrvc.pkms
11:01:16.0191 3436 PCDSRVC{C4B36920-79E24793-06000000}_0 - ok
11:01:16.0239 3436 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
11:01:16.0240 3436 pci - ok
11:01:16.0301 3436 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
11:01:16.0302 3436 pciide - ok
11:01:16.0327 3436 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:01:16.0328 3436 pcmcia - ok
11:01:16.0352 3436 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
11:01:16.0353 3436 pcw - ok
11:01:16.0395 3436 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:01:16.0399 3436 PEAUTH - ok
11:01:16.0452 3436 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:01:16.0463 3436 PeerDistSvc - ok
11:01:16.0546 3436 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
11:01:16.0562 3436 pla - ok
11:01:16.0643 3436 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:01:16.0648 3436 PlugPlay - ok
11:01:16.0739 3436 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
11:01:16.0741 3436 PnkBstrA - ok
11:01:16.0760 3436 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:01:16.0763 3436 PNRPAutoReg - ok
11:01:16.0781 3436 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:01:16.0785 3436 PNRPsvc - ok
11:01:16.0844 3436 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:01:16.0893 3436 PolicyAgent - ok
11:01:16.0940 3436 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
11:01:16.0944 3436 Power - ok
11:01:17.0054 3436 [ 2DB6404B68AA554F4805BCB645ED8E11 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
11:01:17.0055 3436 Power Manager DBC Service - ok
11:01:17.0107 3436 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:01:17.0108 3436 PptpMiniport - ok
11:01:17.0125 3436 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:01:17.0126 3436 Processor - ok
11:01:17.0190 3436 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
11:01:17.0193 3436 ProfSvc - ok
11:01:17.0210 3436 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:01:17.0212 3436 ProtectedStorage - ok
11:01:17.0230 3436 [ 72DE205CD4006DC45B1401859C506679 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
11:01:17.0231 3436 psadd - ok
11:01:17.0256 3436 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:01:17.0258 3436 Psched - ok
11:01:17.0308 3436 [ EF283BC7E0091713C15414AAF64074EB ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE
11:01:17.0309 3436 PwmEWSvc - ok
11:01:17.0359 3436 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:01:17.0371 3436 ql2300 - ok
11:01:17.0409 3436 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:01:17.0410 3436 ql40xx - ok
11:01:17.0437 3436 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
11:01:17.0441 3436 QWAVE - ok
11:01:17.0457 3436 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:01:17.0458 3436 QWAVEdrv - ok
11:01:17.0474 3436 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:01:17.0475 3436 RasAcd - ok
11:01:17.0512 3436 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:01:17.0513 3436 RasAgileVpn - ok
11:01:17.0525 3436 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
11:01:17.0527 3436 RasAuto - ok
11:01:17.0547 3436 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:01:17.0548 3436 Rasl2tp - ok
11:01:17.0599 3436 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
11:01:17.0604 3436 RasMan - ok
11:01:17.0622 3436 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:01:17.0624 3436 RasPppoe - ok
11:01:17.0641 3436 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:01:17.0642 3436 RasSstp - ok
11:01:17.0692 3436 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:01:17.0694 3436 rdbss - ok
11:01:17.0715 3436 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:01:17.0716 3436 rdpbus - ok
11:01:17.0784 3436 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:01:17.0785 3436 RDPCDD - ok
11:01:17.0851 3436 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:01:17.0853 3436 RDPDR - ok
11:01:17.0875 3436 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:01:17.0876 3436 RDPENCDD - ok
11:01:17.0890 3436 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:01:17.0891 3436 RDPREFMP - ok
11:01:17.0941 3436 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:01:17.0943 3436 RDPWD - ok
11:01:17.0999 3436 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:01:18.0001 3436 rdyboost - ok
11:01:18.0015 3436 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
11:01:18.0016 3436 regi - ok
11:01:18.0072 3436 [ 03D281098CE722210C48E1E8CAFEA260 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:01:18.0075 3436 RegSrvc - ok
11:01:18.0108 3436 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
11:01:18.0110 3436 RemoteAccess - ok
11:01:18.0129 3436 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:01:18.0132 3436 RemoteRegistry - ok
11:01:18.0173 3436 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:01:18.0175 3436 RFCOMM - ok
11:01:18.0227 3436 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:01:18.0230 3436 RpcEptMapper - ok
11:01:18.0257 3436 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
11:01:18.0259 3436 RpcLocator - ok
11:01:18.0308 3436 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
11:01:18.0313 3436 RpcSs - ok
11:01:18.0385 3436 [ FD692C6FFADE58F7C4C3C3C9A0EC35BD ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
11:01:18.0387 3436 RsFx0103 - ok
11:01:18.0428 3436 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:01:18.0429 3436 rspndr - ok
11:01:18.0469 3436 [ 2FD0636A8A3E8B2D0FEF07D48CFBA7A2 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
11:01:18.0471 3436 RTHDMIAzAudService - ok
11:01:18.0530 3436 [ D5EDE44CA85899E0478208C8413C1C31 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
11:01:18.0532 3436 RTL8167 - ok
11:01:18.0585 3436 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:01:18.0586 3436 s3cap - ok
11:01:18.0600 3436 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
11:01:18.0602 3436 SamSs - ok
11:01:18.0631 3436 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:01:18.0632 3436 sbp2port - ok
11:01:18.0654 3436 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:01:18.0658 3436 SCardSvr - ok
11:01:18.0701 3436 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:01:18.0702 3436 scfilter - ok
11:01:18.0779 3436 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
11:01:18.0797 3436 Schedule - ok
11:01:18.0844 3436 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:01:18.0845 3436 SCPolicySvc - ok
11:01:18.0903 3436 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:01:18.0904 3436 sdbus - ok
11:01:18.0953 3436 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:01:18.0956 3436 SDRSVC - ok
11:01:19.0019 3436 [ D358E077A0A05D9B12DA22D137EE8464 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:01:19.0020 3436 SeaPort - ok
11:01:19.0064 3436 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:01:19.0065 3436 secdrv - ok
11:01:19.0092 3436 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
11:01:19.0095 3436 seclogon - ok
11:01:19.0113 3436 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
11:01:19.0116 3436 SENS - ok
11:01:19.0142 3436 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:01:19.0145 3436 SensrSvc - ok
11:01:19.0168 3436 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:01:19.0169 3436 Serenum - ok
11:01:19.0202 3436 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:01:19.0203 3436 Serial - ok
11:01:19.0268 3436 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:01:19.0269 3436 sermouse - ok
11:01:19.0331 3436 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
11:01:19.0334 3436 SessionEnv - ok
11:01:19.0389 3436 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:01:19.0390 3436 sffdisk - ok
11:01:19.0409 3436 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:01:19.0410 3436 sffp_mmc - ok
11:01:19.0437 3436 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:01:19.0438 3436 sffp_sd - ok
11:01:19.0487 3436 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:01:19.0488 3436 sfloppy - ok
11:01:19.0531 3436 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:01:19.0535 3436 SharedAccess - ok
11:01:19.0558 3436 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:01:19.0562 3436 ShellHWDetection - ok
11:01:19.0628 3436 [ 486A1BD22DD66D0A8542EBB0CD792BDB ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
11:01:19.0629 3436 Shockprf - ok
11:01:19.0677 3436 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:01:19.0678 3436 sisagp - ok
11:01:19.0719 3436 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:01:19.0720 3436 SiSRaid2 - ok
11:01:19.0733 3436 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:01:19.0734 3436 SiSRaid4 - ok
11:01:19.0782 3436 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:01:19.0783 3436 Smb - ok
11:01:19.0853 3436 [ 0B9C01236D25BDCB37AA79DC59DFB7D3 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
11:01:19.0853 3436 smihlp - ok
11:01:19.0904 3436 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:01:19.0906 3436 SNMPTRAP - ok
11:01:19.0922 3436 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
11:01:19.0923 3436 spldr - ok
11:01:19.0992 3436 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
11:01:19.0997 3436 Spooler - ok
11:01:20.0138 3436 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
11:01:20.0216 3436 sppsvc - ok
11:01:20.0279 3436 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:01:20.0282 3436 sppuinotify - ok
11:01:20.0377 3436 [ F42EFEFB765235F24B24E1D2B6F99F46 ] sptd C:\Windows\System32\Drivers\sptd.sys
11:01:20.0378 3436 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: F42EFEFB765235F24B24E1D2B6F99F46
11:01:20.0378 3436 sptd ( LockedFile.Multi.Generic ) - warning
11:01:20.0378 3436 sptd - detected LockedFile.Multi.Generic (1)
11:01:20.0567 3436 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
11:01:20.0569 3436 SQLAgent$SQLEXPRESS - ok
11:01:20.0662 3436 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:01:20.0664 3436 SQLBrowser - ok
11:01:20.0728 3436 [ 637A0F23F9012358E92E6F99835494D1 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:01:20.0729 3436 SQLWriter - ok
11:01:20.0806 3436 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:01:20.0808 3436 srv - ok
11:01:20.0823 3436 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:01:20.0825 3436 srv2 - ok
11:01:20.0871 3436 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
11:01:20.0873 3436 SrvHsfHDA - ok
11:01:20.0908 3436 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
11:01:20.0914 3436 SrvHsfV92 - ok
11:01:20.0976 3436 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
11:01:20.0980 3436 SrvHsfWinac - ok
11:01:20.0999 3436 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:01:21.0000 3436 srvnet - ok
11:01:21.0033 3436 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:01:21.0037 3436 SSDPSRV - ok
11:01:21.0113 3436 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
11:01:21.0114 3436 ssmdrv - ok
11:01:21.0129 3436 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:01:21.0132 3436 SstpSvc - ok
11:01:21.0219 3436 [ 07318149E102FD9197AB444C27774372 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:01:21.0221 3436 ssudmdm - ok
11:01:21.0248 3436 Steam Client Service - ok
11:01:21.0277 3436 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:01:21.0278 3436 stexstor - ok
11:01:21.0332 3436 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
11:01:21.0339 3436 StiSvc - ok
11:01:21.0407 3436 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:01:21.0408 3436 storflt - ok
11:01:21.0443 3436 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
11:01:21.0445 3436 StorSvc - ok
11:01:21.0474 3436 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:01:21.0475 3436 storvsc - ok
11:01:21.0564 3436 [ E8029EB9B0D962675EAE956AF0F1FD87 ] SUService C:\Program Files\Lenovo\System Update\SUService.exe
11:01:21.0564 3436 SUService - ok
11:01:21.0626 3436 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
11:01:21.0627 3436 swenum - ok
11:01:21.0666 3436 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
11:01:21.0671 3436 swprv - ok
11:01:21.0746 3436 [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:01:21.0748 3436 SynTP - ok
11:01:21.0846 3436 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
11:01:21.0859 3436 SysMain - ok
11:01:21.0919 3436 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:01:21.0922 3436 TabletInputService - ok
11:01:21.0980 3436 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
11:01:21.0984 3436 TapiSrv - ok
11:01:22.0042 3436 [ 827C8058C284FF0013E4462EFE2591A3 ] tapoas C:\Windows\system32\DRIVERS\tapoas.sys
11:01:22.0043 3436 tapoas - ok
11:01:22.0058 3436 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
11:01:22.0061 3436 TBS - ok
11:01:22.0143 3436 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:01:22.0151 3436 Tcpip - ok
11:01:22.0211 3436 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:01:22.0218 3436 TCPIP6 - ok
11:01:22.0255 3436 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:01:22.0256 3436 tcpipreg - ok
11:01:22.0304 3436 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:01:22.0305 3436 TDPIPE - ok
11:01:22.0369 3436 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:01:22.0370 3436 TDTCP - ok
11:01:22.0418 3436 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:01:22.0419 3436 tdx - ok
11:01:22.0469 3436 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:01:22.0470 3436 TermDD - ok
11:01:22.0527 3436 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
11:01:22.0534 3436 TermService - ok
11:01:22.0579 3436 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
11:01:22.0582 3436 Themes - ok
11:01:22.0678 3436 [ 82C4830AB23A7AB125F38DA9A46B6A6D ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
11:01:22.0685 3436 ThinkVantage Registry Monitor Service - ok
11:01:22.0719 3436 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
11:01:22.0721 3436 THREADORDER - ok
11:01:22.0744 3436 [ 20A439D6475D6FE1909159C0143D0466 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
11:01:22.0745 3436 TPDIGIMN - ok
11:01:22.0769 3436 [ 3775E4AA5F72264DBAB7A578DD913ECF ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
11:01:22.0772 3436 TPHDEXLGSVC - ok
11:01:22.0857 3436 [ 1DBF0267CEBF80F0BD24DFE895367DB5 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
11:01:22.0859 3436 TPHKLOAD - ok
11:01:22.0925 3436 [ CB0625C2F5B7C72C50C5AE34F8E8F7D0 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
11:01:22.0926 3436 TPHKSVC - ok
11:01:22.0948 3436 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
11:01:22.0949 3436 TPM - ok
11:01:22.0990 3436 [ C16EC6A5390904D3971179553852025B ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
11:01:22.0990 3436 TPPWRIF - ok
11:01:23.0026 3436 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
11:01:23.0029 3436 TrkWks - ok
11:01:23.0105 3436 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:01:23.0106 3436 TrustedInstaller - ok
11:01:23.0160 3436 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:01:23.0160 3436 tssecsrv - ok
11:01:23.0219 3436 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:01:23.0220 3436 TsUsbFlt - ok
11:01:23.0281 3436 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:01:23.0282 3436 tunnel - ok
11:01:23.0380 3436 [ 4581A61AD590BC3CCDF2759D0BDD69FC ] TVT Backup Service C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
11:01:23.0389 3436 TVT Backup Service - ok
11:01:23.0421 3436 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:01:23.0422 3436 uagp35 - ok
11:01:23.0448 3436 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:01:23.0450 3436 udfs - ok
11:01:23.0577 3436 [ 3F2D08B07CF67CB37E669A93E59A508C ] ufad-ws60 C:\Program Files\VMware\VMware Player\vmware-ufad.exe
11:01:23.0579 3436 ufad-ws60 - ok
11:01:23.0621 3436 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:01:23.0624 3436 UI0Detect - ok
11:01:23.0646 3436 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:01:23.0647 3436 uliagpkx - ok
11:01:23.0724 3436 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:01:23.0725 3436 umbus - ok
11:01:23.0752 3436 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:01:23.0753 3436 UmPass - ok
11:01:23.0812 3436 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
11:01:23.0816 3436 UmRdpService - ok
11:01:23.0852 3436 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
11:01:23.0857 3436 upnphost - ok
11:01:23.0908 3436 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:01:23.0909 3436 usbccgp - ok
11:01:23.0976 3436 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:01:23.0977 3436 usbcir - ok
11:01:24.0024 3436 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:01:24.0025 3436 usbehci - ok
11:01:24.0090 3436 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:01:24.0092 3436 usbhub - ok
11:01:24.0121 3436 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:01:24.0122 3436 usbohci - ok
11:01:24.0168 3436 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:01:24.0169 3436 usbprint - ok
11:01:24.0217 3436 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:01:24.0218 3436 usbscan - ok
11:01:24.0267 3436 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:01:24.0268 3436 USBSTOR - ok
11:01:24.0310 3436 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:01:24.0311 3436 usbuhci - ok
11:01:24.0379 3436 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:01:24.0381 3436 usbvideo - ok
11:01:24.0439 3436 [ AF77716205C97E902E6C5B78DECE2CCA ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
11:01:24.0440 3436 usb_rndisx - ok
11:01:24.0478 3436 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
11:01:24.0512 3436 UxSms - ok
11:01:24.0534 3436 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
11:01:24.0535 3436 VaultSvc - ok
11:01:24.0555 3436 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:01:24.0556 3436 vdrvroot - ok
11:01:24.0613 3436 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
11:01:24.0618 3436 vds - ok
11:01:24.0650 3436 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:01:24.0652 3436 vga - ok
11:01:24.0664 3436 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:01:24.0665 3436 VgaSave - ok
11:01:24.0720 3436 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:01:24.0722 3436 vhdmp - ok
11:01:24.0744 3436 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:01:24.0745 3436 viaagp - ok
11:01:24.0755 3436 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:01:24.0756 3436 ViaC7 - ok
11:01:24.0819 3436 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
11:01:24.0820 3436 viaide - ok
11:01:24.0906 3436 [ E51474E134E5915ACBCD2CB26FAE5473 ] VMAuthdService C:\Program Files\VMware\VMware Player\vmware-authd.exe
11:01:24.0907 3436 VMAuthdService - ok
11:01:24.0928 3436 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:01:24.0930 3436 vmbus - ok
11:01:24.0958 3436 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:01:24.0959 3436 VMBusHID - ok
11:01:24.0983 3436 [ F3A7A37D07D2C45E0CF56C764F949E99 ] vmci C:\Windows\system32\Drivers\vmci.sys
11:01:24.0985 3436 vmci - ok
11:01:25.0030 3436 [ 5BDD3FBDF10BB329874A38631ABF1D3E ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
11:01:25.0031 3436 vmkbd - ok
11:01:25.0071 3436 [ E41704D8149992107B333CC7A52C07CC ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
11:01:25.0072 3436 VMnetAdapter - ok
11:01:25.0124 3436 [ 462F2A31EA8B87A28962ACA998DF1869 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
11:01:25.0125 3436 VMnetBridge - ok
11:01:25.0138 3436 [ EC5D6E0B2AF375CF5BFA947F34A5F441 ] VMnetDHCP C:\Windows\system32\vmnetdhcp.exe
11:01:25.0142 3436 VMnetDHCP - ok
11:01:25.0170 3436 [ 423CF74235FE72FAE568E5709A54267F ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
11:01:25.0171 3436 VMnetuserif - ok
11:01:25.0235 3436 [ 346AF8B2BE7E2E349B0FCA70C55CAC03 ] VMUSBArbService C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
11:01:25.0238 3436 VMUSBArbService - ok
11:01:25.0275 3436 [ 665BB54CBA86378D99328EFF57F0406C ] VMware NAT Service C:\Windows\system32\vmnat.exe
11:01:25.0280 3436 VMware NAT Service - ok
11:01:25.0358 3436 [ 755A9AFE6665BAB01C8013849D3785B1 ] vmx86 C:\Windows\system32\Drivers\vmx86.sys
11:01:25.0363 3436 vmx86 - ok
11:01:25.0401 3436 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:01:25.0402 3436 volmgr - ok
11:01:25.0440 3436 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:01:25.0442 3436 volmgrx - ok
11:01:25.0461 3436 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:01:25.0463 3436 volsnap - ok
11:01:25.0709 3436 [ 138DB593B9433D29005282C4B0F4285A ] vpnagent C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
11:01:25.0712 3436 vpnagent - ok
11:01:25.0775 3436 [ 0D8DF4058901616A4E716AB67D472581 ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
11:01:25.0776 3436 vpnva - ok
11:01:25.0814 3436 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:01:25.0815 3436 vsmraid - ok
11:01:25.0996 3436 [ 5A2DDC5411A092BEDB1A07755E087784 ] VSPerfDrv100 c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys
11:01:25.0997 3436 VSPerfDrv100 - ok
11:01:26.0065 3436 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
11:01:26.0073 3436 VSS - ok
11:01:26.0134 3436 [ 476A052B3CE506ED63A94018F3E979D5 ] vstor2-ws60 C:\Program Files\VMware\VMware Player\vstor2-ws60.sys
11:01:26.0135 3436 vstor2-ws60 - ok
11:01:26.0193 3436 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:01:26.0194 3436 vwifibus - ok
11:01:26.0221 3436 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:01:26.0222 3436 vwififlt - ok
11:01:26.0256 3436 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:01:26.0257 3436 vwifimp - ok
11:01:26.0287 3436 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
11:01:26.0292 3436 W32Time - ok
11:01:26.0313 3436 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:01:26.0314 3436 WacomPen - ok
11:01:26.0339 3436 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:01:26.0340 3436 WANARP - ok
11:01:26.0344 3436 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:01:26.0345 3436 Wanarpv6 - ok
11:01:26.0432 3436 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:01:26.0439 3436 WatAdminSvc - ok
11:01:26.0600 3436 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
11:01:26.0609 3436 wbengine - ok
11:01:26.0649 3436 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:01:26.0653 3436 WbioSrvc - ok
11:01:26.0704 3436 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:01:26.0709 3436 wcncsvc - ok
11:01:26.0738 3436 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:01:26.0741 3436 WcsPlugInService - ok
11:01:26.0789 3436 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:01:26.0790 3436 Wd - ok
11:01:26.0854 3436 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:01:26.0857 3436 Wdf01000 - ok
11:01:26.0878 3436 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:01:26.0881 3436 WdiServiceHost - ok
11:01:26.0889 3436 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:01:26.0893 3436 WdiSystemHost - ok
11:01:26.0966 3436 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
11:01:26.0970 3436 WebClient - ok
11:01:26.0995 3436 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:01:26.0999 3436 Wecsvc - ok
11:01:27.0035 3436 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:01:27.0038 3436 wercplsupport - ok
11:01:27.0064 3436 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
11:01:27.0068 3436 WerSvc - ok
11:01:27.0097 3436 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:01:27.0098 3436 WfpLwf - ok
11:01:27.0112 3436 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:01:27.0113 3436 WIMMount - ok
11:01:27.0178 3436 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:01:27.0215 3436 WinDefend - ok
11:01:27.0230 3436 WinHttpAutoProxySvc - ok
11:01:27.0345 3436 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:01:27.0347 3436 Winmgmt - ok
11:01:27.0416 3436 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
11:01:27.0430 3436 WinRM - ok
11:01:27.0504 3436 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
11:01:27.0505 3436 WinUsb - ok
11:01:27.0551 3436 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:01:27.0561 3436 Wlansvc - ok
11:01:27.0600 3436 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:01:27.0601 3436 WmiAcpi - ok
11:01:27.0633 3436 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:01:27.0635 3436 wmiApSrv - ok
11:01:27.0724 3436 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:01:27.0731 3436 WMPNetworkSvc - ok
11:01:27.0752 3436 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:01:27.0755 3436 WPCSvc - ok
11:01:27.0795 3436 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:01:27.0798 3436 WPDBusEnum - ok
11:01:27.0845 3436 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:01:27.0846 3436 ws2ifsl - ok
11:01:27.0872 3436 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
11:01:27.0875 3436 wscsvc - ok
11:01:27.0930 3436 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
11:01:27.0931 3436 WSDPrintDevice - ok
11:01:27.0956 3436 [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
11:01:27.0957 3436 WSDScan - ok
11:01:27.0961 3436 WSearch - ok
11:01:28.0060 3436 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
11:01:28.0080 3436 wuauserv - ok
11:01:28.0120 3436 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:01:28.0121 3436 WudfPf - ok
11:01:28.0144 3436 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:01:28.0146 3436 WUDFRd - ok
11:01:28.0205 3436 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:01:28.0209 3436 wudfsvc - ok
11:01:28.0239 3436 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:01:28.0243 3436 WwanSvc - ok
11:01:28.0285 3436 XDva393 - ok
11:01:28.0358 3436 ================ Scan global ===============================
11:01:28.0408 3436 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
11:01:28.0469 3436 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
11:01:28.0507 3436 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
11:01:28.0537 3436 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
11:01:28.0606 3436 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
11:01:28.0610 3436 [Global] - ok
11:01:28.0611 3436 ================ Scan MBR ==================================
11:01:28.0645 3436 [ 4BBC60784624A9DD96D337C4DE353C70 ] \Device\Harddisk0\DR0
11:01:28.0796 3436 \Device\Harddisk0\DR0 - ok
11:01:28.0796 3436 ================ Scan VBR ==================================
11:01:28.0799 3436 [ 39FC815101ACBC2177D2311D8A03B114 ] \Device\Harddisk0\DR0\Partition1
11:01:28.0800 3436 \Device\Harddisk0\DR0\Partition1 - ok
11:01:28.0810 3436 [ 9AFA6133494CFAF3F18E1E99190F4259 ] \Device\Harddisk0\DR0\Partition2
11:01:28.0811 3436 \Device\Harddisk0\DR0\Partition2 - ok
11:01:28.0836 3436 [ E02C08C5842AD93F1D01154578BC3970 ] \Device\Harddisk0\DR0\Partition3
11:01:28.0838 3436 \Device\Harddisk0\DR0\Partition3 - ok
11:01:28.0838 3436 ============================================================
11:01:28.0838 3436 Scan finished
11:01:28.0838 3436 ============================================================
11:01:28.0866 3116 Detected object count: 1
11:01:28.0866 3116 Actual detected object count: 1
11:01:40.0754 3116 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:01:40.0754 3116 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:01:45.0449 5936 Deinitialize success
Re: Kontrola logu/policie CR
RK:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Wraithik [Práva správce]
Mód : Kontrola -- Datum : 05/01/2013 19:02:45
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8386813D -> HOOKED (Unknown @ 0x919E1506)
SSDT[299] : NtRequestWaitReplyPort @ 0x83882B22 -> HOOKED (Unknown @ 0x919E1510)
SSDT[316] : NtSetContextThread @ 0x83922851 -> HOOKED (Unknown @ 0x919E150B)
SSDT[347] : NtSetSecurityObject @ 0x838467F7 -> HOOKED (Unknown @ 0x919E1515)
SSDT[368] : NtSystemDebugControl @ 0x838CA7D2 -> HOOKED (Unknown @ 0x919E151A)
SSDT[370] : NtTerminateProcess @ 0x8389FD86 -> HOOKED (Unknown @ 0x919E14A7)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x919E152E)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x919E1533)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: HITACHI HTS545032B9A300 +++++
--- User ---
[MBR] 57eb5ea821589e114384111ab55048c6
[BSP] a7127064bc0cde9f5508e9e0d7afcdad : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[7]_S_05012013_02d1902.txt >>
RKreport[1]_S_05012013_02d1044.txt ; RKreport[2]_D_05012013_02d1048.txt ; RKreport[3]_H_05012013_02d1048.txt ; RKreport[4]_PR_05012013_02d1048.txt ; RKreport[5]_DN_05012013_02d1048.txt ;
RKreport[6]_SC_05012013_02d1056.txt ; RKreport[7]_S_05012013_02d1902.txt
mbrscan:
ten scan na netu dopadl dobre nenaslo to vubec nic:)
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Wraithik [Práva správce]
Mód : Kontrola -- Datum : 05/01/2013 19:02:45
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
SSDT[84] : NtCreateSection @ 0x8386813D -> HOOKED (Unknown @ 0x919E1506)
SSDT[299] : NtRequestWaitReplyPort @ 0x83882B22 -> HOOKED (Unknown @ 0x919E1510)
SSDT[316] : NtSetContextThread @ 0x83922851 -> HOOKED (Unknown @ 0x919E150B)
SSDT[347] : NtSetSecurityObject @ 0x838467F7 -> HOOKED (Unknown @ 0x919E1515)
SSDT[368] : NtSystemDebugControl @ 0x838CA7D2 -> HOOKED (Unknown @ 0x919E151A)
SSDT[370] : NtTerminateProcess @ 0x8389FD86 -> HOOKED (Unknown @ 0x919E14A7)
S_SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x919E152E)
S_SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x919E1533)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: HITACHI HTS545032B9A300 +++++
--- User ---
[MBR] 57eb5ea821589e114384111ab55048c6
[BSP] a7127064bc0cde9f5508e9e0d7afcdad : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 294043 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 604659712 | Size: 10000 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[7]_S_05012013_02d1902.txt >>
RKreport[1]_S_05012013_02d1044.txt ; RKreport[2]_D_05012013_02d1048.txt ; RKreport[3]_H_05012013_02d1048.txt ; RKreport[4]_PR_05012013_02d1048.txt ; RKreport[5]_DN_05012013_02d1048.txt ;
RKreport[6]_SC_05012013_02d1056.txt ; RKreport[7]_S_05012013_02d1902.txt
mbrscan:
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows 7 Service Pack 1 (32 bit)
PROCESSOR : x86 Family 6 Model 23 Stepping 10, GenuineIntel
BOOT : Normal Boot
DATE : 2013/05/01 (ISO 8601) at 19:05:18
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __HITACHI HTS545032B9A (PB3Z)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 298.1 Go [Fixed] ==> Lenovo boot sector
MBR_MD5 : 57EB5EA821589E114384111AB55048C6
MBR_SHA1 : 9CBD0FD3818530DDFB9C6E2B4B189C1BB81E2D3A
Device\Harddisk0\Partition1 1.17 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 287.2 Go 0x07 NTFS / HPFS
Device\Harddisk0\Partition3 9.77 Go 0x07 NTFS / HPFS
________________________________________________________________________________
############################### Additional scan ################################
Device\Harddisk0\DR0 => 7 MBR Code found in sector 8
SystemStartOptions : NOEXECUTE=OPTIN
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 EB 0E 0A 00 04 00 E5 09 00 00 00 00 00 00 4E 50 ë.....å.......NP
0x00000010 FA 33 C0 BC 00 66 8E D0 50 07 50 1F FB FC BE 09 ú3À¼.f.ÐP.P.ûü¾.
0x00000020 00 89 14 BF 00 08 BE 00 7C B9 00 01 F3 A5 50 BF ...¿..¾.|¹..ó¥P¿
0x00000030 34 08 57 CB BB 00 06 BE 02 08 0F B6 0C B8 01 02 4.WË»..¾...¶.¸..
0x00000040 BA 80 00 CD 13 BA 05 00 BF 00 06 B9 00 02 E8 24 º..Í.º..¿..¹..è$
0x00000050 01 B9 05 00 BB 00 12 BE 00 06 03 F1 E8 FF 00 EB .¹..»..¾...ñè..ë
0x00000060 0A B3 01 BE A7 12 88 1C E9 89 00 E8 2D 00 3C 01 .³.¾§...é..è-.<.
0x00000070 74 EF E8 52 00 3C 01 74 E8 BA 04 00 BF 00 0A B9 tïèR.<.tèº..¿..¹
0x00000080 A7 08 E8 F0 00 E8 35 05 E9 88 01 BE 05 08 0A 04 §.èð.è5.é..¾....
0x00000090 88 04 B1 01 BB 00 08 E8 B9 00 C3 BE 00 06 E8 17 ..±.»..è¹.þ..è.
0x000000A0 00 BE 23 06 80 3C 00 74 0C 3C 00 74 08 B0 02 E8 .¾#..<.t.<.t.°.è
0x000000B0 D9 FF B0 01 C3 B0 00 C3 B9 00 02 4E 32 C0 8B D9 Ù.°.ð.ù..N2À.Ù
0x000000C0 8A 10 32 C2 E2 F8 C3 B9 05 00 51 B8 00 02 F7 E1 ..2Ââøù..Q¸..÷á
0x000000D0 05 00 08 8B F0 E8 E0 FF 5E 56 0F B6 8C 05 06 E3 ....ðèà.^V.¶...ã
0x000000E0 04 38 C1 75 06 59 E2 E2 B0 00 C3 59 B0 01 E8 9A .8Áu.Yââ°.ÃY°.è.
0x000000F0 FF B0 01 C3 BE 07 08 0F B6 0C B8 01 02 BB 00 7C .°.þ...¶.¸..».|
0x00000100 BA 80 00 CD 13 BE 00 7C E8 AD FF BE 06 08 0F B6 º..Í.¾.|è.¾...¶
0x00000110 0C E3 1C 38 C1 74 18 B0 04 E8 6F FF BE AF 07 E8 .ã.8Át.°.èo.¾¯.è
0x00000120 8C 02 BE A7 12 80 3C 01 74 03 E8 0A 01 CD 18 BE ..¾§..<.t.è..Í.¾
0x00000130 BE 09 BF BE 7D B9 20 00 F3 A5 BA 04 00 BF 00 7C ¾.¿¾}¹ .ó¥º..¿.|
0x00000140 B9 BE 01 E8 2F 00 BE 09 00 8B 14 33 C0 50 BF 00 ¹¾.è/.¾....3ÀP¿.
0x00000150 7C 57 CB 32 ED B8 01 03 BA 80 00 CD 13 C3 51 4E |WË2í¸..º..Í.ÃQN
0x00000160 0F B6 0C E3 08 B8 01 02 BA 80 00 CD 13 81 EB 00 .¶.ã.¸..º..Í..ë.
0x00000170 02 59 E2 EA C3 52 57 51 B8 00 BB CD 1A 72 2B 66 .YâêÃRWQ¸.»Í.r+f
0x00000180 83 F8 00 75 25 81 F9 02 01 7C 1F 66 81 FB 54 43 .ø.u%.ù..|.f.ûTC
0x00000190 50 41 75 16 33 C0 8E C0 66 33 F6 B8 07 BB 66 33 PAu.3À.Àf3ö¸.»f3
0x000001A0 C9 66 33 D2 59 5F 5A CD 1A C3 59 5F 5A C3 00 00 Éf3ÒY_ZÍ.ÃY_ZÃ..
0x000001B0 65 6D 00 00 00 63 7B 9A 5B 5B CA 81 00 00 80 20 em...c{.[[Ê....
0x000001C0 21 00 07 1B 02 99 00 08 00 00 00 80 25 00 00 1B !...........%...
0x000001D0 03 99 07 FE FF FF 00 88 25 00 00 D8 E4 23 00 FE ...þ....%..Øä#.þ
0x000001E0 FF FF 07 FE FF FF 00 60 0A 24 00 80 38 01 00 00 ...þ...`.$..8...
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
__________________________16_BIT_ASM_CODE
0x0000 eb 0e JMP 0x10
0x0002 0a00 OR AL, [BX+SI]
0x0004 04 00 ADD AL, 0x0
0x0006 e5 09 IN AX, 0x9
0x0008 0000 ADD [BX+SI], AL
0x000A 0000 ADD [BX+SI], AL
0x000C 0000 ADD [BX+SI], AL
0x000E 4e DEC SI
0x000F 50 PUSH AX
0x0010 fa CLI
0x0011 33c0 XOR AX, AX
0x0013 bc 0066 MOV SP, 0x6600
0x0016 8ed0 MOV SS, AX
0x0018 50 PUSH AX
0x0019 07 POP ES
0x001A 50 PUSH AX
0x001B 1f POP DS
0x001C fb STI
0x001D fc CLD
0x001E be 0900 MOV SI, 0x9
0x0021 8914 MOV [SI], DX
0x0023 bf 0008 MOV DI, 0x800
0x0026 be 007c MOV SI, 0x7c00
0x0029 b9 0001 MOV CX, 0x100
0x002C f3 a5 REP MOVSW
0x002E 50 PUSH AX
0x002F bf 3408 MOV DI, 0x834
0x0032 57 PUSH DI
0x0033 cb RETF
0x0034 bb 0006 MOV BX, 0x600
0x0037 be 0208 MOV SI, 0x802
0x003A 0fb60c MOVZX CX, BYTE [SI]
0x003D b8 0102 MOV AX, 0x201
0x0040 ba 8000 MOV DX, 0x80
0x0043 cd 13 INT 0x13
0x0045 ba 0500 MOV DX, 0x5
0x0048 bf 0006 MOV DI, 0x600
0x004B b9 0002 MOV CX, 0x200
0x004E e8 2401 CALL 0x175
0x0051 b9 0500 MOV CX, 0x5
0x0054 bb 0012 MOV BX, 0x1200
0x0057 be 0006 MOV SI, 0x600
0x005A 03f1 ADD SI, CX
0x005C e8 ff00 CALL 0x15e
0x005F eb 0a JMP 0x6b
0x0061 b3 01 MOV BL, 0x1
0x0063 be a712 MOV SI, 0x12a7
0x0066 881c MOV [SI], BL
0x0068 e9 8900 JMP 0xf4
0x006B e8 2d00 CALL 0x9b
0x006E 3c 01 CMP AL, 0x1
0x0070 74 ef JZ 0x61
0x0072 e8 5200 CALL 0xc7
0x0075 3c 01 CMP AL, 0x1
0x0077 74 e8 JZ 0x61
0x0079 ba 0400 MOV DX, 0x4
0x007C bf 000a MOV DI, 0xa00
0x007F b9 a708 MOV CX, 0x8a7
0x0082 e8 f000 CALL 0x175
0x0085 e8 3505 CALL 0x5bd
0x0088 e9 8801 JMP 0x213
0x008B be 0508 MOV SI, 0x805
0x008E 0a04 OR AL, [SI]
0x0090 8804 MOV [SI], AL
0x0092 b1 01 MOV CL, 0x1
0x0094 bb 0008 MOV BX, 0x800
0x0097 e8 b900 CALL 0x153
0x009A c3 RET
0x009B be 0006 MOV SI, 0x600
0x009E e8 1700 CALL 0xb8
0x00A1 be 2306 MOV SI, 0x623
0x00A4 803c 00 CMP BYTE [SI], 0x0
0x00A7 74 0c JZ 0xb5
0x00A9 3c 00 CMP AL, 0x0
0x00AB 74 08 JZ 0xb5
0x00AD b0 02 MOV AL, 0x2
0x00AF e8 d9ff CALL 0x8b
0x00B2 b0 01 MOV AL, 0x1
0x00B4 c3 RET
0x00B5 b0 00 MOV AL, 0x0
0x00B7 c3 RET
0x00B8 b9 0002 MOV CX, 0x200
0x00BB 4e DEC SI
0x00BC 32c0 XOR AL, AL
0x00BE 8bd9 MOV BX, CX
0x00C0 8a10 MOV DL, [BX+SI]
0x00C2 32c2 XOR AL, DL
0x00C4 e2 f8 LOOP 0xbe
0x00C6 c3 RET
0x00C7 b9 0500 MOV CX, 0x5
0x00CA 51 PUSH CX
0x00CB b8 0002 MOV AX, 0x200
0x00CE f7e1 MUL CX
0x00D0 05 0008 ADD AX, 0x800
0x00D3 8bf0 MOV SI, AX
0x00D5 e8 e0ff CALL 0xb8
0x00D8 5e POP SI
0x00D9 56 PUSH SI
0x00DA 0fb68c 0506 MOVZX CX, BYTE [SI+0x605]
0x00DF e3 04 JCXZ 0xe5
0x00E1 38c1 CMP CL, AL
0x00E3 75 06 JNZ 0xeb
0x00E5 59 POP CX
0x00E6 e2 e2 LOOP 0xca
0x00E8 b0 00 MOV AL, 0x0
0x00EA c3 RET
0x00EB 59 POP CX
0x00EC b0 01 MOV AL, 0x1
0x00EE e8 9aff CALL 0x8b
0x00F1 b0 01 MOV AL, 0x1
0x00F3 c3 RET
0x00F4 be 0708 MOV SI, 0x807
0x00F7 0fb60c MOVZX CX, BYTE [SI]
0x00FA b8 0102 MOV AX, 0x201
0x00FD bb 007c MOV BX, 0x7c00
0x0100 ba 8000 MOV DX, 0x80
0x0103 cd 13 INT 0x13
0x0105 be 007c MOV SI, 0x7c00
0x0108 e8 adff CALL 0xb8
0x010B be 0608 MOV SI, 0x806
0x010E 0fb60c MOVZX CX, BYTE [SI]
0x0111 e3 1c JCXZ 0x12f
0x0113 38c1 CMP CL, AL
0x0115 74 18 JZ 0x12f
0x0117 b0 04 MOV AL, 0x4
0x0119 e8 6fff CALL 0x8b
0x011C be af07 MOV SI, 0x7af
0x011F e8 8c02 CALL 0x3ae
0x0122 be a712 MOV SI, 0x12a7
0x0125 803c 01 CMP BYTE [SI], 0x1
0x0128 74 03 JZ 0x12d
0x012A e8 0a01 CALL 0x237
0x012D cd 18 INT 0x18
0x012F be be09 MOV SI, 0x9be
0x0132 bf be7d MOV DI, 0x7dbe
0x0135 b9 2000 MOV CX, 0x20
0x0138 f3 a5 REP MOVSW
0x013A ba 0400 MOV DX, 0x4
0x013D bf 007c MOV DI, 0x7c00
0x0140 b9 be01 MOV CX, 0x1be
0x0143 e8 2f00 CALL 0x175
0x0146 be 0900 MOV SI, 0x9
0x0149 8b14 MOV DX, [SI]
0x014B 33c0 XOR AX, AX
0x014D 50 PUSH AX
0x014E bf 007c MOV DI, 0x7c00
0x0151 57 PUSH DI
0x0152 cb RETF
0x0153 32ed XOR CH, CH
0x0155 b8 0103 MOV AX, 0x301
0x0158 ba 8000 MOV DX, 0x80
0x015B cd 13 INT 0x13
0x015D c3 RET
0x015E 51 PUSH CX
0x015F 4e DEC SI
0x0160 0fb60c MOVZX CX, BYTE [SI]
0x0163 e3 08 JCXZ 0x16d
0x0165 b8 0102 MOV AX, 0x201
0x0168 ba 8000 MOV DX, 0x80
0x016B cd 13 INT 0x13
0x016D 81eb 0002 SUB BX, 0x200
0x0171 59 POP CX
0x0172 e2 ea LOOP 0x15e
0x0174 c3 RET
0x0175 52 PUSH DX
0x0176 57 PUSH DI
0x0177 51 PUSH CX
0x0178 b8 00bb MOV AX, 0xbb00
0x017B cd 1a INT 0x1a
0x017D 72 2b JB 0x1aa
0x017F 66 83f8 00 CMP EAX, 0x0
0x0183 75 25 JNZ 0x1aa
0x0185 81f9 0201 CMP CX, 0x102
0x0189 7c 1f JL 0x1aa
0x018B 66 81fb 54435041CMP EBX, 0x41504354
0x0192 75 16 JNZ 0x1aa
0x0194 33c0 XOR AX, AX
0x0196 8ec0 MOV ES, AX
0x0198 66 33f6 XOR ESI, ESI
0x019B b8 07bb MOV AX, 0xbb07
0x019E 66 33c9 XOR ECX, ECX
0x01A1 66 33d2 XOR EDX, EDX
0x01A4 59 POP CX
0x01A5 5f POP DI
0x01A6 5a POP DX
0x01A7 cd 1a INT 0x1a
0x01A9 c3 RET
0x01AA 59 POP CX
0x01AB 5f POP DI
0x01AC 5a POP DX
0x01AD c3 RET
0x01AE 0000 ADD [BX+SI], AL
0x01B0 65 6d INS WORD GS:[DI], DX
0x01B2 0000 ADD [BX+SI], AL
0x01B4 0063 7b ADD [BP+DI+0x7b], AH
0x01B7 9a 5b5b ca81 CALL FAR 0x81ca:0x5b5b
0x01BC 0000 ADD [BX+SI], AL
0x01BE 8020 21 AND BYTE [BX+SI], 0x21
0x01C1 0007 ADD [BX], AL
0x01C3 1b02 SBB AX, [BP+SI]
0x01C5 99 CWD
0x01C6 0008 ADD [BX+SI], CL
0x01C8 0000 ADD [BX+SI], AL
0x01CA 0080 2500 ADD [BX+SI+0x25], AL
0x01CE 001b ADD [BP+DI], BL
0x01D0 0399 07fe ADD BX, [BX+DI-0x1f9]
0x01D4 ff DB 0xff
0x01D5 ff00 INC WORD [BX+SI]
0x01D7 8825 MOV [DI], AH
0x01D9 0000 ADD [BX+SI], AL
0x01DB d8e4 FSUB ST, ST(4)
0x01DD 2300 AND AX, [BX+SI]
0x01DF fe DB 0xfe
0x01E0 ff DB 0xff
0x01E1 ff07 INC WORD [BX]
0x01E3 fe DB 0xfe
0x01E4 ff DB 0xff
0x01E5 ff00 INC WORD [BX+SI]
0x01E7 60 PUSHA
0x01E8 0a24 OR AH, [SI]
0x01EA 0080 3801 ADD [BX+SI+0x138], AL
0x01EE 0000 ADD [BX+SI], AL
0x01F0 0000 ADD [BX+SI], AL
0x01F2 0000 ADD [BX+SI], AL
0x01F4 0000 ADD [BX+SI], AL
0x01F6 0000 ADD [BX+SI], AL
0x01F8 0000 ADD [BX+SI], AL
0x01FA 0000 ADD [BX+SI], AL
0x01FC 0000 ADD [BX+SI], AL
0x01FE 55 PUSH BP
0x01FF aa STOSB
ten scan na netu dopadl dobre nenaslo to vubec nic:)
Re: Kontrola logu/policie CR
Diky moc za pomoc ostatni veci budou asi snad v poho....stejne se chystal pomalu na reinstal tak se to poresi samo...potreboval jsem hlavne ten otravny policejni vir...takze jeste jednou diky moc za pomoc:)
Přispějete na provoz fóra?