Avast našel rootkit

[danek]

Dobrý den, Avast mi dnes našel rootkit, dal jsem smazat, pak test po restartu, ale zdá se mi, že neotestoval celý disk. Prosím proto o kontrolu logu. Děkuji.
Problémy s PC jsem měl již asi 2 měsíce, blbla klávesnice, myš, občas BSOD s chybou 0x00000050.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:21:23, on 29.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Windows\SysWOW64\rundll32.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Dan\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10510 bytes

[danek]

Ještě log z TDS Killer:

23:35:56.0458 0x15f0 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:36:00.0120 0x15f0 ============================================================
23:36:00.0120 0x15f0 Current date / time: 2014/09/29 23:36:00.0120
23:36:00.0120 0x15f0 SystemInfo:
23:36:00.0121 0x15f0
23:36:00.0121 0x15f0 OS Version: 6.1.7601 ServicePack: 1.0
23:36:00.0121 0x15f0 Product type: Workstation
23:36:00.0121 0x15f0 ComputerName: CYPRIS
23:36:00.0122 0x15f0 UserName: Dan
23:36:00.0122 0x15f0 Windows directory: C:\Windows
23:36:00.0122 0x15f0 System windows directory: C:\Windows
23:36:00.0122 0x15f0 Running under WOW64
23:36:00.0122 0x15f0 Processor architecture: Intel x64
23:36:00.0122 0x15f0 Number of processors: 4
23:36:00.0122 0x15f0 Page size: 0x1000
23:36:00.0122 0x15f0 Boot type: Normal boot
23:36:00.0122 0x15f0 ============================================================
23:36:00.0858 0x15f0 KLMD registered as C:\Windows\system32\drivers\80978044.sys
23:36:02.0041 0x15f0 System UUID: {37B2A65F-85F0-A56A-5D58-8F5A5E8A310E}
23:36:04.0189 0x15f0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:36:04.0197 0x15f0 ============================================================
23:36:04.0197 0x15f0 \Device\Harddisk0\DR0:
23:36:04.0197 0x15f0 MBR partitions:
23:36:04.0197 0x15f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
23:36:04.0197 0x15f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x389BD000
23:36:04.0197 0x15f0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38C15800, BlocksNum 0x1770000
23:36:04.0197 0x15f0 ============================================================
23:36:04.0223 0x15f0 C: <-> \Device\Harddisk0\DR0\Partition2
23:36:04.0266 0x15f0 Q: <-> \Device\Harddisk0\DR0\Partition3
23:36:04.0267 0x15f0 ============================================================
23:36:04.0267 0x15f0 Initialize success
23:36:04.0267 0x15f0 ============================================================
23:36:10.0244 0x160c ============================================================
23:36:10.0244 0x160c Scan started
23:36:10.0244 0x160c Mode: Manual;
23:36:10.0244 0x160c ============================================================
23:36:10.0244 0x160c KSN ping started
23:36:12.0945 0x160c KSN ping finished: true
23:36:13.0458 0x160c ================ Scan system memory ========================
23:36:13.0458 0x160c System memory - ok
23:36:13.0459 0x160c ================ Scan services =============================
23:36:13.0855 0x160c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:36:13.0861 0x160c 1394ohci - ok
23:36:13.0913 0x160c [ F4AF97702BAD85BFEF64B9A557F11B6F, 8255B2FBE64C60562A7DAAAD575EED49EE0D23DD42E5C76C988B8A3673843EA6 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
23:36:13.0917 0x160c 5U877 - ok
23:36:13.0943 0x160c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:36:13.0951 0x160c ACPI - ok
23:36:13.0983 0x160c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:36:13.0984 0x160c AcpiPmi - ok
23:36:14.0015 0x160c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:36:14.0027 0x160c adp94xx - ok
23:36:14.0074 0x160c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:36:14.0083 0x160c adpahci - ok
23:36:14.0093 0x160c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:36:14.0099 0x160c adpu320 - ok
23:36:14.0127 0x160c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:36:14.0130 0x160c AeLookupSvc - ok
23:36:14.0182 0x160c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
23:36:14.0194 0x160c AFD - ok
23:36:14.0227 0x160c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:36:14.0229 0x160c agp440 - ok
23:36:14.0235 0x160c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:36:14.0238 0x160c ALG - ok
23:36:14.0264 0x160c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:36:14.0265 0x160c aliide - ok
23:36:14.0282 0x160c [ EC9904687265F3274583258AA435B405, 59F3D239A71C86EBDAFAF26AFAAA8584ED0A2C4C8A8B62F0B3BEE0B8184C66D4 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:36:14.0287 0x160c AMD External Events Utility - ok
23:36:14.0299 0x160c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:36:14.0301 0x160c amdide - ok
23:36:14.0314 0x160c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:36:14.0316 0x160c AmdK8 - ok
23:36:14.0600 0x160c [ 1E04097AC7637F11257003D5DB8780D6, EA21469D142327E67F54D23F40DFB2AEA118482336125D13176D3EB620D807F7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:36:14.0786 0x160c amdkmdag - ok
23:36:14.0830 0x160c [ 3796C675884092141D5ECE9B2689D113, 817D8AC2108106F0A71D21279FFEFEBCED52F52BA728A3F68DD3974A13605EFF ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:36:14.0837 0x160c amdkmdap - ok
23:36:14.0850 0x160c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:36:14.0852 0x160c AmdPPM - ok
23:36:14.0873 0x160c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:36:14.0876 0x160c amdsata - ok
23:36:14.0885 0x160c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:36:14.0891 0x160c amdsbs - ok
23:36:14.0902 0x160c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:36:14.0903 0x160c amdxata - ok
23:36:14.0930 0x160c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
23:36:14.0932 0x160c AppID - ok
23:36:14.0946 0x160c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:36:14.0947 0x160c AppIDSvc - ok
23:36:14.0976 0x160c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
23:36:14.0979 0x160c Appinfo - ok
23:36:14.0985 0x160c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
23:36:14.0988 0x160c arc - ok
23:36:14.0995 0x160c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:36:14.0998 0x160c arcsas - ok
23:36:15.0182 0x160c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:36:15.0184 0x160c aspnet_state - ok
23:36:15.0220 0x160c [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
23:36:15.0222 0x160c aswHwid - ok
23:36:15.0239 0x160c [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:36:15.0241 0x160c aswMonFlt - ok
23:36:15.0269 0x160c [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
23:36:15.0272 0x160c aswRdr - ok
23:36:15.0292 0x160c [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
23:36:15.0295 0x160c aswRvrt - ok
23:36:15.0344 0x160c [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:36:15.0368 0x160c aswSnx - ok
23:36:15.0410 0x160c [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:36:15.0420 0x160c aswSP - ok
23:36:15.0443 0x160c [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm C:\Windows\system32\drivers\aswStm.sys
23:36:15.0445 0x160c aswStm - ok
23:36:15.0461 0x160c [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
23:36:15.0466 0x160c aswVmm - ok
23:36:15.0503 0x160c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:36:15.0505 0x160c AsyncMac - ok
23:36:15.0531 0x160c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:36:15.0532 0x160c atapi - ok
23:36:15.0592 0x160c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:36:15.0609 0x160c AudioEndpointBuilder - ok
23:36:15.0641 0x160c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:36:15.0657 0x160c AudioSrv - ok
23:36:15.0795 0x160c [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:36:15.0797 0x160c avast! Antivirus - ok
23:36:15.0821 0x160c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:36:15.0824 0x160c AxInstSV - ok
23:36:15.0873 0x160c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:36:15.0884 0x160c b06bdrv - ok
23:36:15.0923 0x160c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:36:15.0929 0x160c b57nd60a - ok
23:36:15.0994 0x160c [ 93EE7D9C35AE7E9FFDA148D7805F1421, 9D88D5CC08F887B35A893FEC80D8CC4A9E4EAAF533E27D0F1B9CC36C171C92DA ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
23:36:15.0999 0x160c BBSvc - ok
23:36:16.0035 0x160c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:36:16.0039 0x160c BDESVC - ok
23:36:16.0043 0x160c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:36:16.0044 0x160c Beep - ok
23:36:16.0088 0x160c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:36:16.0105 0x160c BFE - ok
23:36:16.0265 0x160c [ B20C7345F7EAD6C5E3EFA52E044411B6, 63DC57908D77B77907A278AD219240AEDD502272D5D3D35D5339172CDE36DA86 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140912.003\BHDrvx64.sys
23:36:16.0302 0x160c BHDrvx64 - ok
23:36:16.0351 0x160c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
23:36:16.0373 0x160c BITS - ok
23:36:16.0401 0x160c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:36:16.0403 0x160c blbdrive - ok
23:36:16.0432 0x160c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:36:16.0435 0x160c bowser - ok
23:36:16.0440 0x160c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:36:16.0442 0x160c BrFiltLo - ok
23:36:16.0446 0x160c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:36:16.0447 0x160c BrFiltUp - ok
23:36:16.0504 0x160c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:36:16.0509 0x160c Browser - ok
23:36:16.0544 0x160c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:36:16.0551 0x160c Brserid - ok
23:36:16.0557 0x160c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:36:16.0559 0x160c BrSerWdm - ok
23:36:16.0566 0x160c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:36:16.0568 0x160c BrUsbMdm - ok
23:36:16.0577 0x160c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:36:16.0578 0x160c BrUsbSer - ok
23:36:16.0629 0x160c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:36:16.0631 0x160c BthEnum - ok
23:36:16.0638 0x160c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:36:16.0640 0x160c BTHMODEM - ok
23:36:16.0647 0x160c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:36:16.0650 0x160c BthPan - ok
23:36:16.0707 0x160c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:36:16.0720 0x160c BTHPORT - ok
23:36:16.0763 0x160c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:36:16.0766 0x160c bthserv - ok
23:36:16.0785 0x160c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:36:16.0788 0x160c BTHUSB - ok
23:36:16.0840 0x160c [ 8834F87A6A745872894DF8223201A6C3, B8C26E11EAAB4A93E4241B4B6F00C1CA05501011E28D6A06D4B009BA4E3AB7CD ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
23:36:16.0850 0x160c BTWAMPFL - ok
23:36:16.0863 0x160c [ 9863D82ECBEC6106D377ED73680D99D8, 27DA7335BB14BBF9DC627C8F97ED59BA3479E5E084704AE4C16B1A3E67CB184C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:36:16.0867 0x160c btwaudio - ok
23:36:16.0882 0x160c [ 3432DD66AE75AB2DE6D0527AD78DBFC7, C2DEB409CDA3621E33E429E592A81E09095C52CDCE36732C9BEA00B92994E44D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
23:36:16.0886 0x160c btwavdt - ok
23:36:16.0997 0x160c [ EB4AFE08FB39BB444F221D7D501E0915, 2AF8ECEEAB5A0E972660C1553B555E49C49F19500ABD67DFEB9BEBA7E577A700 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
23:36:17.0019 0x160c btwdins - ok
23:36:17.0028 0x160c [ 382DC5A631CED0462EA09B7EB898BDBF, 7457145E194310F4EB9273471EA41100D3A1448BC2A366064B25A212B389AACB ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:36:17.0030 0x160c btwl2cap - ok
23:36:17.0035 0x160c [ 13A9C2CEDD44C175E6CA39A536795CA6, 13D6D24C2127E6A5E9AB2DFAA9729D57AA6CFCC72DFACF78E4DE7E63ABA122DF ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:36:17.0037 0x160c btwrchid - ok
23:36:17.0055 0x160c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:36:17.0058 0x160c cdfs - ok
23:36:17.0089 0x160c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:36:17.0093 0x160c cdrom - ok
23:36:17.0139 0x160c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:36:17.0142 0x160c CertPropSvc - ok
23:36:17.0147 0x160c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
23:36:17.0149 0x160c circlass - ok
23:36:17.0174 0x160c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
23:36:17.0183 0x160c CLFS - ok
23:36:17.0278 0x160c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:17.0280 0x160c clr_optimization_v2.0.50727_32 - ok
23:36:17.0360 0x160c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:36:17.0363 0x160c clr_optimization_v2.0.50727_64 - ok
23:36:17.0545 0x160c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:36:17.0548 0x160c clr_optimization_v4.0.30319_32 - ok
23:36:17.0578 0x160c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:36:17.0582 0x160c clr_optimization_v4.0.30319_64 - ok
23:36:17.0612 0x160c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:36:17.0614 0x160c CmBatt - ok
23:36:17.0628 0x160c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:36:17.0630 0x160c cmdide - ok
23:36:17.0674 0x160c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
23:36:17.0685 0x160c CNG - ok
23:36:17.0755 0x160c [ F50620115A751EFF437CBABA0403600A, CB684AA394FBAB2BFF8E5F04903D8C3947920BCA2A16E73629A9254BB51FEB40 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
23:36:17.0793 0x160c CnxtHdAudService - ok
23:36:17.0820 0x160c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:36:17.0822 0x160c Compbatt - ok
23:36:17.0836 0x160c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:36:17.0839 0x160c CompositeBus - ok
23:36:17.0850 0x160c COMSysApp - ok
23:36:17.0857 0x160c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:36:17.0861 0x160c crcdisk - ok
23:36:17.0903 0x160c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:36:17.0908 0x160c CryptSvc - ok
23:36:17.0952 0x160c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:36:17.0972 0x160c DcomLaunch - ok
23:36:18.0008 0x160c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:36:18.0017 0x160c defragsvc - ok
23:36:18.0023 0x160c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:36:18.0026 0x160c DfsC - ok
23:36:18.0045 0x160c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:36:18.0054 0x160c Dhcp - ok
23:36:18.0065 0x160c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:36:18.0067 0x160c discache - ok
23:36:18.0109 0x160c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
23:36:18.0112 0x160c Disk - ok
23:36:18.0143 0x160c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:36:18.0148 0x160c Dnscache - ok
23:36:18.0183 0x160c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:36:18.0190 0x160c dot3svc - ok
23:36:18.0210 0x160c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:36:18.0215 0x160c DPS - ok
23:36:18.0255 0x160c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:36:18.0256 0x160c drmkaud - ok
23:36:18.0311 0x160c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:36:18.0335 0x160c DXGKrnl - ok
23:36:18.0354 0x160c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:36:18.0358 0x160c EapHost - ok
23:36:18.0508 0x160c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:36:18.0588 0x160c ebdrv - ok
23:36:18.0665 0x160c [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:36:18.0677 0x160c eeCtrl - ok
23:36:18.0721 0x160c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
23:36:18.0724 0x160c EFS - ok
23:36:18.0829 0x160c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:36:18.0846 0x160c ehRecvr - ok
23:36:18.0863 0x160c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:36:18.0867 0x160c ehSched - ok
23:36:18.0917 0x160c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:36:18.0930 0x160c elxstor - ok
23:36:18.0989 0x160c [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:36:18.0992 0x160c EraserUtilRebootDrv - ok
23:36:18.0997 0x160c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:36:18.0998 0x160c ErrDev - ok
23:36:19.0051 0x160c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:36:19.0062 0x160c EventSystem - ok
23:36:19.0179 0x160c [ 8B6C9924B0D333DBF76086B8258A0891, 61A629A0BF00040F8E2B0588657FFA8C78C137B1B0F6CB92CFCC9B9E29630E0C ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:36:19.0215 0x160c EvtEng - ok
23:36:19.0243 0x160c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:36:19.0248 0x160c exfat - ok
23:36:19.0259 0x160c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:36:19.0265 0x160c fastfat - ok
23:36:19.0305 0x160c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:36:19.0323 0x160c Fax - ok
23:36:19.0329 0x160c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
23:36:19.0331 0x160c fdc - ok
23:36:19.0350 0x160c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:36:19.0353 0x160c fdPHost - ok
23:36:19.0371 0x160c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:36:19.0373 0x160c FDResPub - ok
23:36:19.0380 0x160c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:36:19.0382 0x160c FileInfo - ok
23:36:19.0388 0x160c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:36:19.0390 0x160c Filetrace - ok
23:36:19.0397 0x160c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:36:19.0398 0x160c flpydisk - ok
23:36:19.0412 0x160c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:36:19.0419 0x160c FltMgr - ok
23:36:19.0502 0x160c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
23:36:19.0532 0x160c FontCache - ok
23:36:19.0576 0x160c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:36:19.0578 0x160c FontCache3.0.0.0 - ok
23:36:19.0583 0x160c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:36:19.0586 0x160c FsDepends - ok
23:36:19.0609 0x160c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:36:19.0610 0x160c Fs_Rec - ok
23:36:19.0637 0x160c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:36:19.0642 0x160c fvevol - ok
23:36:19.0660 0x160c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:36:19.0663 0x160c gagp30kx - ok
23:36:19.0713 0x160c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:36:19.0733 0x160c gpsvc - ok
23:36:19.0745 0x160c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:36:19.0747 0x160c hcw85cir - ok
23:36:19.0778 0x160c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:36:19.0787 0x160c HdAudAddService - ok
23:36:19.0797 0x160c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:36:19.0800 0x160c HDAudBus - ok
23:36:19.0846 0x160c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:36:19.0848 0x160c HidBatt - ok
23:36:19.0855 0x160c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:36:19.0858 0x160c HidBth - ok
23:36:19.0868 0x160c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
23:36:19.0871 0x160c HidIr - ok
23:36:19.0883 0x160c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:36:19.0887 0x160c hidserv - ok
23:36:19.0921 0x160c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:36:19.0923 0x160c HidUsb - ok
23:36:19.0939 0x160c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:36:19.0943 0x160c hkmsvc - ok
23:36:19.0960 0x160c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:36:19.0968 0x160c HomeGroupListener - ok
23:36:20.0002 0x160c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:36:20.0009 0x160c HomeGroupProvider - ok
23:36:20.0023 0x160c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:36:20.0025 0x160c HpSAMD - ok
23:36:20.0063 0x160c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:36:20.0082 0x160c HTTP - ok
23:36:20.0088 0x160c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:36:20.0090 0x160c hwpolicy - ok
23:36:20.0136 0x160c [ 9149907FF8681AD6475607EEBF62DD2F, F3F766ED689BCD69DC8BC705FF08BE9830B562D8CB85AD74A12FE370F5DA9668 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
23:36:20.0139 0x160c HyperW7Svc - ok
23:36:20.0152 0x160c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:36:20.0155 0x160c i8042prt - ok
23:36:20.0191 0x160c [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:36:20.0202 0x160c iaStor - ok
23:36:20.0247 0x160c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:36:20.0257 0x160c iaStorV - ok
23:36:20.0299 0x160c [ 29ED470689B7C597A9701D6A4C57A578, F8C8F92A6376A6C8F9A58618AA3F2280871632C13D7B92DB975EC20184228BF9 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
23:36:20.0301 0x160c IBMPMDRV - ok
23:36:20.0307 0x160c [ BC7AF43EEC24E995D770EC92A441D5D8, B3A0AF5D4156438148E9E0AF414698A927A826F4904C49691314E77265B5950F ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
23:36:20.0310 0x160c IBMPMSVC - ok
23:36:20.0382 0x160c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:36:20.0404 0x160c idsvc - ok
23:36:20.0499 0x160c [ 77AC93E28B5F4DCE317EFA695E3F59E3, 57D510CEE1B777CFB52CECBAB43B0698A53B048B7E0C622473DEA9E03E2D9BEF ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140925.004\IDSvia64.sys
23:36:20.0515 0x160c IDSVia64 - ok
23:36:20.0526 0x160c IEEtwCollectorService - ok
23:36:20.0553 0x160c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:36:20.0555 0x160c iirsp - ok
23:36:20.0608 0x160c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
23:36:20.0629 0x160c IKEEXT - ok
23:36:20.0682 0x160c [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
23:36:20.0691 0x160c IntcDAud - ok
23:36:20.0718 0x160c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:36:20.0720 0x160c intelide - ok
23:36:21.0158 0x160c [ 795C99DC4F574C97C03D0BB39CF099EE, 67310B52F7A1B83A66872B961F347B1BD104C8A83A01F60507705B2ACEA76B71 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
23:36:21.0445 0x160c intelkmd - ok
23:36:21.0519 0x160c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:36:21.0522 0x160c intelppm - ok
23:36:21.0550 0x160c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:36:21.0554 0x160c IPBusEnum - ok
23:36:21.0561 0x160c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:36:21.0564 0x160c IpFilterDriver - ok
23:36:21.0606 0x160c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:36:21.0623 0x160c iphlpsvc - ok
23:36:21.0630 0x160c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:36:21.0633 0x160c IPMIDRV - ok
23:36:21.0642 0x160c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:36:21.0645 0x160c IPNAT - ok
23:36:21.0665 0x160c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:36:21.0667 0x160c IRENUM - ok
23:36:21.0672 0x160c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:36:21.0673 0x160c isapnp - ok
23:36:21.0695 0x160c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:36:21.0702 0x160c iScsiPrt - ok
23:36:21.0757 0x160c [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
23:36:21.0763 0x160c jhi_service - ok
23:36:21.0768 0x160c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:36:21.0770 0x160c kbdclass - ok
23:36:21.0775 0x160c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:36:21.0777 0x160c kbdhid - ok
23:36:21.0790 0x160c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
23:36:21.0793 0x160c KeyIso - ok
23:36:21.0813 0x160c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:36:21.0816 0x160c KSecDD - ok
23:36:21.0847 0x160c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:36:21.0852 0x160c KSecPkg - ok
23:36:21.0867 0x160c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:36:21.0869 0x160c ksthunk - ok
23:36:21.0904 0x160c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:36:21.0915 0x160c KtmRm - ok
23:36:21.0952 0x160c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:36:21.0961 0x160c LanmanServer - ok
23:36:21.0984 0x160c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:36:21.0990 0x160c LanmanWorkstation - ok
23:36:22.0034 0x160c [ 646511B548D3799E576ECD46C6FE9AD3, 70F2AC16F028E6F1A4C8BD502CCEFE1576D24BDB7D90FC56EA897351D6162DAD ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
23:36:22.0036 0x160c LENOVO.CAMMUTE - ok
23:36:22.0097 0x160c [ FCE735941DA27929DBFC1918F286FFD8, 8532E5E0E2724A2A8B41A3F408911294E0147DE6728F066E9364246147D534D0 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
23:36:22.0099 0x160c LENOVO.MICMUTE - ok
23:36:22.0125 0x160c [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
23:36:22.0126 0x160c lenovo.smi - ok
23:36:22.0143 0x160c [ 551E69C31EAF1577F1B2FA1681BA3078, EEBA249F74B6BC7F5B1BBB47457BF3F40BB7CEB307DB97007D62A85F0669CF93 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
23:36:22.0145 0x160c LENOVO.TPKNRSVC - ok
23:36:22.0159 0x160c [ 6F2CC57EB5836D2AC9BD37F3554D55F8, C877F63AACA68AD3505EC4A8B8916FA2E07C2CB29E74FA368A103F612E18499E ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
23:36:22.0162 0x160c Lenovo.VIRTSCRLSVC - ok
23:36:22.0198 0x160c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:36:22.0200 0x160c lltdio - ok
23:36:22.0237 0x160c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:36:22.0246 0x160c lltdsvc - ok
23:36:22.0260 0x160c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:36:22.0263 0x160c lmhosts - ok
23:36:22.0299 0x160c [ E7859BA062DB5E23C6DD34AD66B09F50, 6A702CBCC365233E7876BF79D84BB38C4A78C3D49DE51C04EECE5CD651B76686 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:36:22.0308 0x160c LMS - ok
23:36:22.0324 0x160c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:36:22.0327 0x160c LSI_FC - ok
23:36:22.0337 0x160c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:36:22.0340 0x160c LSI_SAS - ok
23:36:22.0345 0x160c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:36:22.0348 0x160c LSI_SAS2 - ok
23:36:22.0364 0x160c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:36:22.0368 0x160c LSI_SCSI - ok
23:36:22.0374 0x160c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:36:22.0378 0x160c luafv - ok
23:36:22.0392 0x160c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:36:22.0397 0x160c Mcx2Svc - ok
23:36:22.0403 0x160c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
23:36:22.0405 0x160c megasas - ok
23:36:22.0417 0x160c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:36:22.0424 0x160c MegaSR - ok
23:36:22.0447 0x160c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:36:22.0449 0x160c MEIx64 - ok
23:36:22.0473 0x160c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:36:22.0477 0x160c MMCSS - ok
23:36:22.0482 0x160c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:36:22.0484 0x160c Modem - ok
23:36:22.0489 0x160c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:36:22.0490 0x160c monitor - ok
23:36:22.0496 0x160c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:36:22.0498 0x160c mouclass - ok
23:36:22.0509 0x160c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:36:22.0511 0x160c mouhid - ok
23:36:22.0525 0x160c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:36:22.0528 0x160c mountmgr - ok
23:36:22.0569 0x160c [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:36:22.0572 0x160c MozillaMaintenance - ok
23:36:22.0581 0x160c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:36:22.0585 0x160c mpio - ok
23:36:22.0612 0x160c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:36:22.0615 0x160c mpsdrv - ok
23:36:22.0652 0x160c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:36:22.0673 0x160c MpsSvc - ok
23:36:22.0705 0x160c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:36:22.0709 0x160c MRxDAV - ok
23:36:22.0739 0x160c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:36:22.0744 0x160c mrxsmb - ok
23:36:22.0757 0x160c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:36:22.0764 0x160c mrxsmb10 - ok
23:36:22.0778 0x160c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:36:22.0783 0x160c mrxsmb20 - ok
23:36:22.0812 0x160c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:36:22.0814 0x160c msahci - ok
23:36:22.0825 0x160c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:36:22.0829 0x160c msdsm - ok
23:36:22.0855 0x160c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:36:22.0861 0x160c MSDTC - ok
23:36:22.0870 0x160c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:36:22.0871 0x160c Msfs - ok
23:36:22.0881 0x160c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:36:22.0882 0x160c mshidkmdf - ok
23:36:22.0887 0x160c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:36:22.0888 0x160c msisadrv - ok
23:36:22.0916 0x160c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:36:22.0922 0x160c MSiSCSI - ok
23:36:22.0925 0x160c msiserver - ok
23:36:22.0942 0x160c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:36:22.0944 0x160c MSKSSRV - ok
23:36:22.0950 0x160c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:36:22.0951 0x160c MSPCLOCK - ok
23:36:22.0955 0x160c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:36:22.0957 0x160c MSPQM - ok
23:36:22.0971 0x160c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:36:22.0980 0x160c MsRPC - ok
23:36:22.0988 0x160c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:36:22.0990 0x160c mssmbios - ok
23:36:22.0994 0x160c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:36:22.0995 0x160c MSTEE - ok
23:36:23.0001 0x160c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:36:23.0003 0x160c MTConfig - ok
23:36:23.0009 0x160c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:36:23.0012 0x160c Mup - ok
23:36:23.0053 0x160c [ 6ED8935257672F4CD04A88A0F3DE093D, 0417FD87546B105510BB29539AE29EB1DFE522416FC64E2A2ACB2DF24EAC7B1E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:36:23.0065 0x160c MyWiFiDHCPDNS - ok
23:36:23.0101 0x160c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:36:23.0115 0x160c napagent - ok
23:36:23.0148 0x160c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:36:23.0156 0x160c NativeWifiP - ok
23:36:23.0228 0x160c [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140925.001\ENG64.SYS
23:36:23.0232 0x160c NAVENG - ok
23:36:23.0316 0x160c [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140925.001\EX64.SYS
23:36:23.0366 0x160c NAVEX15 - ok
23:36:23.0429 0x160c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
23:36:23.0451 0x160c NDIS - ok
23:36:23.0467 0x160c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:36:23.0469 0x160c NdisCap - ok
23:36:23.0479 0x160c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:36:23.0481 0x160c NdisTapi - ok
23:36:23.0488 0x160c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:36:23.0490 0x160c Ndisuio - ok
23:36:23.0499 0x160c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:36:23.0504 0x160c NdisWan - ok
23:36:23.0513 0x160c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:36:23.0516 0x160c NDProxy - ok
23:36:23.0522 0x160c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:36:23.0524 0x160c NetBIOS - ok
23:36:23.0537 0x160c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:36:23.0544 0x160c NetBT - ok
23:36:23.0557 0x160c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
23:36:23.0560 0x160c Netlogon - ok
23:36:23.0604 0x160c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:36:23.0615 0x160c Netman - ok
23:36:23.0653 0x160c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:23.0657 0x160c NetMsmqActivator - ok
23:36:23.0674 0x160c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:23.0678 0x160c NetPipeActivator - ok
23:36:23.0709 0x160c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:36:23.0723 0x160c netprofm - ok
23:36:23.0752 0x160c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:23.0756 0x160c NetTcpActivator - ok
23:36:23.0772 0x160c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:23.0777 0x160c NetTcpPortSharing - ok
23:36:24.0091 0x160c [ 5D262402B0634C998F8CBCEAD7DD8676, 535C869C4522B012A7FB600382D46D6E5F242C18F28590FD26A918648B19EDFD ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
23:36:24.0283 0x160c NETwNs64 - ok
23:36:24.0313 0x160c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:36:24.0316 0x160c nfrd960 - ok
23:36:24.0462 0x160c [ E78A365CC3E0FBFC018A33DCE01909F8, 0A414BDD8F8FB4BA493B8FBE9EB63377D9BB0A6800C55B2E3500913CF0F96AC6 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
23:36:24.0466 0x160c NIS - ok
23:36:24.0488 0x160c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:36:24.0497 0x160c NlaSvc - ok
23:36:24.0503 0x160c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:36:24.0505 0x160c Npfs - ok
23:36:24.0533 0x160c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:36:24.0537 0x160c nsi - ok
23:36:24.0541 0x160c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:36:24.0543 0x160c nsiproxy - ok
23:36:24.0620 0x160c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:36:24.0659 0x160c Ntfs - ok
23:36:24.0673 0x160c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:36:24.0674 0x160c Null - ok
23:36:24.0704 0x160c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:36:24.0708 0x160c nvraid - ok
23:36:24.0749 0x160c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:36:24.0754 0x160c nvstor - ok
23:36:24.0775 0x160c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:36:24.0778 0x160c nv_agp - ok
23:36:24.0787 0x160c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:36:24.0790 0x160c ohci1394 - ok
23:36:24.0810 0x160c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:36:24.0820 0x160c p2pimsvc - ok
23:36:24.0847 0x160c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:36:24.0860 0x160c p2psvc - ok
23:36:24.0867 0x160c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
23:36:24.0871 0x160c Parport - ok
23:36:24.0897 0x160c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:36:24.0900 0x160c partmgr - ok
23:36:24.0910 0x160c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
23:36:24.0917 0x160c PcaSvc - ok
23:36:25.0041 0x160c [ 7317A0B550F7AC0223B7070897670476, ABB0A1296BA267467C16CF99383EFCAB1732B07EE5B2494197A26B8432DD0A94 ] PCDSRVC{127174DC-C366ED8B-06020101}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms
23:36:25.0043 0x160c PCDSRVC{127174DC-C366ED8B-06020101}_0 - ok
23:36:25.0053 0x160c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:36:25.0058 0x160c pci - ok
23:36:25.0075 0x160c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:36:25.0077 0x160c pciide - ok
23:36:25.0102 0x160c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:36:25.0107 0x160c pcmcia - ok
23:36:25.0113 0x160c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:36:25.0116 0x160c pcw - ok
23:36:25.0142 0x160c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:36:25.0157 0x160c PEAUTH - ok
23:36:25.0332 0x160c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:36:25.0335 0x160c PerfHost - ok
23:36:25.0369 0x160c [ 18EEA095AF22AC5FA16FC27FB98C82D3, B9E7D8D7172E873650FB61604F192958E86BE51EDCD22278995F4F0441167E39 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
23:36:25.0370 0x160c PHCORE - ok
23:36:25.0430 0x160c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:36:25.0463 0x160c pla - ok
23:36:25.0521 0x160c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:36:25.0533 0x160c PlugPlay - ok
23:36:25.0550 0x160c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:36:25.0553 0x160c PNRPAutoReg - ok
23:36:25.0566 0x160c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:36:25.0577 0x160c PNRPsvc - ok
23:36:25.0616 0x160c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:36:25.0630 0x160c PolicyAgent - ok
23:36:25.0660 0x160c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:36:25.0668 0x160c Power - ok
23:36:25.0717 0x160c [ 21059F7E07233A24394405A7075362A1, 92213F79F83448C85C0F33BEC7F141D2C20520E3592628249CC8B605DEDD2A8C ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
23:36:25.0720 0x160c Power Manager DBC Service - ok
23:36:25.0760 0x160c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:36:25.0763 0x160c PptpMiniport - ok
23:36:25.0778 0x160c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
23:36:25.0781 0x160c Processor - ok
23:36:25.0820 0x160c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
23:36:25.0828 0x160c ProfSvc - ok
23:36:25.0843 0x160c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:36:25.0846 0x160c ProtectedStorage - ok
23:36:25.0875 0x160c [ 515A7C5A0886FCC60901916785EFD549, B9B7C39CDBFC3860752C305433EADBC594AC2EEC66818E91F4AA779915A3A21C ] psadd C:\Windows\system32\DRIVERS\psadd.sys
23:36:25.0876 0x160c psadd - ok
23:36:25.0897 0x160c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:36:25.0901 0x160c Psched - ok
23:36:25.0944 0x160c [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
23:36:25.0949 0x160c PSI_SVC_2 - ok
23:36:26.0012 0x160c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:36:26.0047 0x160c ql2300 - ok
23:36:26.0061 0x160c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:36:26.0065 0x160c ql40xx - ok
23:36:26.0100 0x160c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:36:26.0109 0x160c QWAVE - ok
23:36:26.0115 0x160c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:36:26.0117 0x160c QWAVEdrv - ok
23:36:26.0122 0x160c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:36:26.0124 0x160c RasAcd - ok
23:36:26.0164 0x160c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:36:26.0166 0x160c RasAgileVpn - ok
23:36:26.0196 0x160c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:36:26.0201 0x160c RasAuto - ok
23:36:26.0209 0x160c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:36:26.0213 0x160c Rasl2tp - ok
23:36:26.0237 0x160c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:36:26.0248 0x160c RasMan - ok
23:36:26.0257 0x160c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:36:26.0260 0x160c RasPppoe - ok
23:36:26.0280 0x160c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:36:26.0283 0x160c RasSstp - ok
23:36:26.0297 0x160c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:36:26.0305 0x160c rdbss - ok
23:36:26.0311 0x160c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:36:26.0313 0x160c rdpbus - ok
23:36:26.0322 0x160c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:36:26.0324 0x160c RDPCDD - ok
23:36:26.0333 0x160c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:36:26.0334 0x160c RDPENCDD - ok
23:36:26.0342 0x160c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:36:26.0343 0x160c RDPREFMP - ok
23:36:26.0378 0x160c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:36:26.0384 0x160c RDPWD - ok
23:36:26.0394 0x160c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:36:26.0400 0x160c rdyboost - ok
23:36:26.0487 0x160c [ 189C5A8D2098E0AA14FD157A954B34FC, 2549746D1C6F7FDCB632BE0E7386FA0CDDBA0EA0EC9DD88A8348A03B2C3722E0 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:36:26.0507 0x160c RegSrvc - ok
23:36:26.0535 0x160c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:36:26.0540 0x160c RemoteAccess - ok
23:36:26.0558 0x160c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:36:26.0565 0x160c RemoteRegistry - ok
23:36:26.0584 0x160c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:36:26.0589 0x160c RFCOMM - ok
23:36:26.0628 0x160c [ FF501F212E5D5A97F8339928320F269E, E148AD940FD274C8C5775F835C5E1FC61943BA648445C32432965B7B4AA5EA7E ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
23:36:26.0631 0x160c risdxc - ok
23:36:26.0647 0x160c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:36:26.0652 0x160c RpcEptMapper - ok
23:36:26.0681 0x160c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:36:26.0684 0x160c RpcLocator - ok
23:36:26.0710 0x160c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
23:36:26.0725 0x160c RpcSs - ok
23:36:26.0768 0x160c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:36:26.0772 0x160c rspndr - ok
23:36:26.0807 0x160c [ A0D5B3ADCD3FA83029C5E4D25E21AE93, 637549A91FC50D572F76D0E131AF4A767562FF8373601BDD1E6FE68FAB20609E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:36:26.0817 0x160c RTL8167 - ok
23:36:26.0833 0x160c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
23:36:26.0836 0x160c SamSs - ok
23:36:26.0839 0x160c SAService - ok
23:36:26.0846 0x160c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:36:26.0850 0x160c sbp2port - ok
23:36:26.0883 0x160c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:36:26.0891 0x160c SCardSvr - ok
23:36:26.0897 0x160c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:36:26.0899 0x160c scfilter - ok
23:36:26.0943 0x160c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
23:36:26.0972 0x160c Schedule - ok
23:36:27.0000 0x160c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:36:27.0003 0x160c SCPolicySvc - ok
23:36:27.0018 0x160c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:36:27.0027 0x160c SDRSVC - ok
23:36:27.0063 0x160c [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
23:36:27.0069 0x160c SeaPort - ok
23:36:27.0074 0x160c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:36:27.0076 0x160c secdrv - ok
23:36:27.0094 0x160c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:36:27.0098 0x160c seclogon - ok
23:36:27.0109 0x160c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
23:36:27.0114 0x160c SENS - ok
23:36:27.0133 0x160c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:36:27.0137 0x160c SensrSvc - ok
23:36:27.0141 0x160c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:36:27.0143 0x160c Serenum - ok
23:36:27.0160 0x160c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
23:36:27.0163 0x160c Serial - ok
23:36:27.0168 0x160c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:36:27.0170 0x160c sermouse - ok
23:36:27.0204 0x160c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:36:27.0210 0x160c SessionEnv - ok
23:36:27.0218 0x160c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:36:27.0220 0x160c sffdisk - ok
23:36:27.0226 0x160c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:36:27.0228 0x160c sffp_mmc - ok
23:36:27.0233 0x160c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:36:27.0235 0x160c sffp_sd - ok
23:36:27.0239 0x160c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:36:27.0240 0x160c sfloppy - ok
23:36:27.0273 0x160c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:36:27.0283 0x160c SharedAccess - ok
23:36:27.0306 0x160c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:36:27.0318 0x160c ShellHWDetection - ok
23:36:27.0344 0x160c [ 380B52126E62C6C2D3C8BA805AADFDC7, 7F59B04A7449523838D9746AA8E3B38E8860FB8D0B62A0CA02358DC9A980BD18 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
23:36:27.0348 0x160c Shockprf - ok
23:36:27.0358 0x160c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:36:27.0360 0x160c SiSRaid2 - ok
23:36:27.0367 0x160c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:36:27.0370 0x160c SiSRaid4 - ok
23:36:27.0378 0x160c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:36:27.0381 0x160c Smb - ok
23:36:27.0433 0x160c [ C5B1A19B14F19B08AE72FCB20A3075B6, FD920DC51638A2C52C51827CC14264FA7B945417A486DE439E516FA2BD6D51DA ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
23:36:27.0435 0x160c smihlp - ok
23:36:27.0471 0x160c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:36:27.0475 0x160c SNMPTRAP - ok
23:36:27.0479 0x160c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:36:27.0482 0x160c spldr - ok
23:36:27.0519 0x160c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
23:36:27.0535 0x160c Spooler - ok
23:36:27.0657 0x160c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:36:27.0738 0x160c sppsvc - ok
23:36:27.0748 0x160c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:36:27.0753 0x160c sppuinotify - ok
23:36:27.0842 0x160c [ 90EF30C3867BCDE4579C01A6D6E75A7A, 60A02EA23164561E09E783F5AED6016B5E2997667141EB4C7AD0ED64A66C4ADC ] SRTSP C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS
23:36:27.0859 0x160c SRTSP - ok
23:36:27.0875 0x160c [ C513E8A5E7978DA49077F5484344EE1B, EC173DB62B7BADEA5CCB7C13CB46067427A514EA431DFCD124D0833D9E13E094 ] SRTSPX C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS
23:36:27.0877 0x160c SRTSPX - ok
23:36:27.0915 0x160c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:36:27.0926 0x160c srv - ok
23:36:27.0966 0x160c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:36:27.0976 0x160c srv2 - ok
23:36:28.0003 0x160c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:36:28.0008 0x160c srvnet - ok
23:36:28.0034 0x160c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:36:28.0042 0x160c SSDPSRV - ok
23:36:28.0050 0x160c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:36:28.0055 0x160c SstpSvc - ok
23:36:28.0088 0x160c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:36:28.0090 0x160c stexstor - ok
23:36:28.0120 0x160c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:36:28.0137 0x160c stisvc - ok
23:36:28.0187 0x160c [ 0586A2E9D4E6E18933C9A7D6D6EEF70F, AA2134EC5632EB9A44EC5E92366459CA69D309ACDD3302126DB7067A4AD7871B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
23:36:28.0189 0x160c SUService - ok
23:36:28.0197 0x160c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:36:28.0198 0x160c swenum - ok
23:36:28.0237 0x160c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:36:28.0252 0x160c swprv - ok
23:36:28.0300 0x160c [ 6160145C7A87FC7672E8E3B886888176, 16B79AD77C53D5CA3125BE45120BD62097975FEF144DBC681FF3C5D76CF3D7D8 ] SymDS C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS
23:36:28.0311 0x160c SymDS - ok
23:36:28.0359 0x160c [ 96AEED40D4D3521568B42027687E69E0, 0BF6E20349EBE7AA9F98D3DEB5C86C77C74CA2FEA5F15FF9A278556C09BFC639 ] SymEFA C:\Windows\system32\drivers\NISx64\1207010.003\SYMEFA64.SYS
23:36:28.0379 0x160c SymEFA - ok
23:36:28.0390 0x160c [ 21A1C2D694C3CF962D31F5E873AB3D6F, 4EB997BFF485A708BAD11C0CC53F750B40F968E69B532B5631840D105EC4344C ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:36:28.0395 0x160c SymEvent - ok
23:36:28.0431 0x160c [ BD0D711D8CBFCAA19CA123306EAF53A5, 89E76A0BA4C3EF43FE8BF7AD075E4311CF08CEA460B2352C06497BBEC7198849 ] SymIRON C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS
23:36:28.0435 0x160c SymIRON - ok
23:36:28.0461 0x160c [ A6ADB3D83023F8DAA0F7B6FDA785D83B, 036A355654D2779FF930F863760D9877298D11CFA7DDCFEEFBF44D9466E28598 ] SymNetS C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS
23:36:28.0471 0x160c SymNetS - ok
23:36:28.0559 0x160c [ 06D602A637E171E151853F1D8ECD34F1, 9867D130DED3220B223B0263C10C7586C2D9D9A86F0D1F1ADA236FEB6CF88763 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:36:28.0592 0x160c SynTP - ok
23:36:28.0677 0x160c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
23:36:28.0720 0x160c SysMain - ok
23:36:28.0732 0x160c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:36:28.0737 0x160c TabletInputService - ok
23:36:28.0754 0x160c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:36:28.0764 0x160c TapiSrv - ok
23:36:28.0777 0x160c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:36:28.0782 0x160c TBS - ok
23:36:28.0870 0x160c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:36:28.0913 0x160c Tcpip - ok
23:36:28.0993 0x160c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:36:29.0036 0x160c TCPIP6 - ok
23:36:29.0072 0x160c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:36:29.0074 0x160c tcpipreg - ok
23:36:29.0104 0x160c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:36:29.0105 0x160c TDPIPE - ok
23:36:29.0115 0x160c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:36:29.0117 0x160c TDTCP - ok
23:36:29.0136 0x160c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:36:29.0139 0x160c tdx - ok
23:36:29.0146 0x160c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:36:29.0149 0x160c TermDD - ok
23:36:29.0183 0x160c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
23:36:29.0201 0x160c TermService - ok
23:36:29.0210 0x160c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:36:29.0215 0x160c Themes - ok
23:36:29.0239 0x160c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:36:29.0243 0x160c THREADORDER - ok
23:36:29.0254 0x160c [ 5523C729F1ED31B63C88490AF3D220FA, 3172801BD47E053B2D6F94843342A7BB58EF3A5196F5F35E6A5FA331793C7004 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
23:36:29.0255 0x160c TPDIGIMN - ok
23:36:29.0271 0x160c [ ECB098A3404ACB8A05F0673DC086BB43, 46DC9CA4670A0A5D16703023CF40C82CDBF1789DD4AA664744E0941BD2FE9A2D ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
23:36:29.0276 0x160c TPHDEXLGSVC - ok
23:36:29.0346 0x160c [ 63626012E44CAAA162677B57B6DCB542, D83704F55EA191F93A3A6F5968610CC691F60774BF2BE4EB6B201DAC4EAB7ECE ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
23:36:29.0349 0x160c TPHKLOAD - ok
23:36:29.0355 0x160c [ 9E6E4A9789F76593CC5A6A5AF8FC5929, B4648D1142799AE713C0AB98C4AD366C589B48C70E7B558BEFA045397D71054A ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
23:36:29.0357 0x160c TPHKSVC - ok
23:36:29.0369 0x160c [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
23:36:29.0370 0x160c TPM - ok
23:36:29.0405 0x160c [ 7165B5A9B4867F64A6D6935F57D4196B, 716BF044005E11A84D2B114E4DBCDA390C7842EBD4B6E8FA710D2D002BAE09DC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
23:36:29.0406 0x160c TPPWRIF - ok
23:36:29.0432 0x160c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:36:29.0439 0x160c TrkWks - ok
23:36:29.0482 0x160c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:36:29.0487 0x160c TrustedInstaller - ok
23:36:29.0513 0x160c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:36:29.0515 0x160c tssecsrv - ok
23:36:29.0532 0x160c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:36:29.0535 0x160c TsUsbFlt - ok
23:36:29.0541 0x160c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:36:29.0543 0x160c TsUsbGD - ok
23:36:29.0592 0x160c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:36:29.0596 0x160c tunnel - ok
23:36:29.0607 0x160c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:36:29.0609 0x160c uagp35 - ok
23:36:29.0647 0x160c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:36:29.0655 0x160c udfs - ok
23:36:29.0673 0x160c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:36:29.0677 0x160c UI0Detect - ok
23:36:29.0688 0x160c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:36:29.0691 0x160c uliagpkx - ok
23:36:29.0697 0x160c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:36:29.0699 0x160c umbus - ok
23:36:29.0704 0x160c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
23:36:29.0705 0x160c UmPass - ok
23:36:29.0858 0x160c [ E91F8AFBD7FB96C94B266579D6BFA77A, 1931FA7C575DCC2FDDF4A8B88FC2718355539049A370985E7CF8906A389C4864 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:36:29.0918 0x160c UNS - ok
23:36:29.0952 0x160c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:36:29.0963 0x160c upnphost - ok
23:36:29.0992 0x160c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:36:29.0996 0x160c usbccgp - ok
23:36:30.0020 0x160c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:36:30.0023 0x160c usbcir - ok
23:36:30.0038 0x160c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:36:30.0041 0x160c usbehci - ok
23:36:30.0084 0x160c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:36:30.0093 0x160c usbhub - ok
23:36:30.0112 0x160c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:36:30.0114 0x160c usbohci - ok
23:36:30.0120 0x160c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:36:30.0121 0x160c usbprint - ok
23:36:30.0150 0x160c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:36:30.0153 0x160c USBSTOR - ok
23:36:30.0158 0x160c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:36:30.0161 0x160c usbuhci - ok
23:36:30.0196 0x160c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:36:30.0201 0x160c usbvideo - ok
23:36:30.0216 0x160c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:36:30.0221 0x160c UxSms - ok
23:36:30.0240 0x160c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
23:36:30.0243 0x160c VaultSvc - ok
23:36:30.0249 0x160c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:36:30.0251 0x160c vdrvroot - ok
23:36:30.0286 0x160c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:36:30.0301 0x160c vds - ok
23:36:30.0308 0x160c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:36:30.0310 0x160c vga - ok
23:36:30.0316 0x160c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:36:30.0318 0x160c VgaSave - ok
23:36:30.0342 0x160c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:36:30.0348 0x160c vhdmp - ok
23:36:30.0363 0x160c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:36:30.0365 0x160c viaide - ok
23:36:30.0371 0x160c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:36:30.0373 0x160c volmgr - ok
23:36:30.0397 0x160c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:36:30.0407 0x160c volmgrx - ok
23:36:30.0420 0x160c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:36:30.0429 0x160c volsnap - ok
23:36:30.0447 0x160c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:36:30.0451 0x160c vsmraid - ok
23:36:30.0522 0x160c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:36:30.0561 0x160c VSS - ok
23:36:30.0570 0x160c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:36:30.0571 0x160c vwifibus - ok
23:36:30.0587 0x160c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:36:30.0590 0x160c vwififlt - ok
23:36:30.0594 0x160c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:36:30.0596 0x160c vwifimp - ok
23:36:30.0611 0x160c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:36:30.0624 0x160c W32Time - ok
23:36:30.0632 0x160c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:36:30.0634 0x160c WacomPen - ok
23:36:30.0642 0x160c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:36:30.0646 0x160c WANARP - ok
23:36:30.0656 0x160c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:36:30.0659 0x160c Wanarpv6 - ok
23:36:30.0733 0x160c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:36:30.0762 0x160c WatAdminSvc - ok
23:36:30.0829 0x160c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:36:30.0868 0x160c wbengine - ok
23:36:30.0880 0x160c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:36:30.0888 0x160c WbioSrvc - ok
23:36:30.0903 0x160c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:36:30.0916 0x160c wcncsvc - ok
23:36:30.0926 0x160c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

[danek]

Konec logu TDS killer:

23:36:32.0263 0x160c ================ Scan global ===============================
23:36:32.0292 0x160c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:36:32.0328 0x160c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:36:32.0361 0x160c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:36:32.0391 0x160c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:36:32.0427 0x160c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:36:32.0441 0x160c [ Global ] - ok
23:36:32.0441 0x160c ================ Scan MBR ==================================
23:36:32.0454 0x160c [ 09CB596BADE278A01A4532735FF15308 ] \Device\Harddisk0\DR0
23:36:32.0766 0x160c \Device\Harddisk0\DR0 - ok
23:36:32.0767 0x160c ================ Scan VBR ==================================
23:36:32.0770 0x160c [ 92447561E29EAABA4BAEF5165730A3D8 ] \Device\Harddisk0\DR0\Partition1
23:36:32.0781 0x160c \Device\Harddisk0\DR0\Partition1 - ok
23:36:32.0788 0x160c [ 5A267BE18230209ED484D67F6DC4464A ] \Device\Harddisk0\DR0\Partition2
23:36:32.0797 0x160c \Device\Harddisk0\DR0\Partition2 - ok
23:36:32.0831 0x160c [ FDC1B1F99DBAD2AE92291BEFA73CF5D2 ] \Device\Harddisk0\DR0\Partition3
23:36:32.0842 0x160c \Device\Harddisk0\DR0\Partition3 - ok
23:36:32.0842 0x160c ================ Scan generic autorun ======================
23:36:32.0843 0x160c SynTPEnh - ok
23:36:32.0955 0x160c [ 23E6E5C5061A44C32E9922B4AF22D895, B166E2DB3E9C2B8234CEE3B001D63BFFC4F41635455016DD54CD0F03B08410A0 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
23:36:32.0999 0x160c IntelWireless - ok
23:36:33.0031 0x160c [ DB0CE31BEBF21542890941744FC576D3, 6114512FA828D2CBA67C0742D2D8E6AC96E7DEFBC5BBA190D0446A877FE21077 ] C:\Windows\system32\TpShocks.exe
23:36:33.0043 0x160c TpShocks - ok
23:36:33.0077 0x160c [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
23:36:33.0079 0x160c ForteConfig - ok
23:36:33.0131 0x160c [ 1A51E9C642ED4658600F4DF4683EFAE9, 4219218534ACB330B044545EB8025C1A4B1C2BB5A9A25572D1770515BEA90309 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
23:36:33.0138 0x160c SmartAudio - ok
23:36:33.0171 0x160c [ C48A6FCEF9CE8BCE3BA0D486C0FED950, 86BBAC0E956F0E54345B097E347C9D4A05198325956361B8449B8AC2E1BB2716 ] C:\Windows\system32\igfxtray.exe
23:36:33.0177 0x160c IgfxTray - ok
23:36:33.0208 0x160c [ 3DE53AEB74CA9C2955349DCFFCD677F4, 38FD602B16ED5A4BA44161D17243A260D5510B98F86E2D271DACCA9AE8D81E5D ] C:\Windows\system32\hkcmd.exe
23:36:33.0218 0x160c HotKeysCmds - ok
23:36:33.0244 0x160c [ 475EE62C77A778A0AD24DA5A7231DECE, DC24882EA7176A1ED9A048896514854CA22EE28C4E797D5AFEEDA6EEAA0B025D ] C:\Windows\system32\igfxpers.exe
23:36:33.0255 0x160c Persistence - ok
23:36:33.0298 0x160c [ 070010472D683D76CB3EAF95911342B0, B3F163B12E045C8C898E7B16CD2DD8314E95BD8880B1AE8C50AD65D318EA431C ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
23:36:33.0299 0x160c LENOVO.TPKNRRES - ok
23:36:33.0328 0x160c [ D55B7BF09343335902AE9C2B2C0B8860, 2660E835AA8F7CE0950EA5678A6922781A61A5A8FDF2F754AA03F4CD0B04E7B2 ] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
23:36:33.0337 0x160c ALCKRESI.EXE - ok
23:36:33.0373 0x160c [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
23:36:33.0376 0x160c RotateImage - ok
23:36:33.0507 0x160c [ AE04ACCE2CC8395A4CAECFFC8AAA1E39, 6A97C5C3B7F84EC046EF65702065BC56199A1E7E2E6E90AB7EC8EC5F2F02F080 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
23:36:33.0516 0x160c StartCCC - ok
23:36:33.0519 0x160c PWMTRV - ok
23:36:33.0741 0x160c [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:36:33.0832 0x160c AvastUI.exe - ok
23:36:33.0914 0x160c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:36:33.0940 0x160c Sidebar - ok
23:36:33.0971 0x160c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:36:33.0976 0x160c mctadmin - ok
23:36:34.0029 0x160c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:36:34.0057 0x160c Sidebar - ok
23:36:34.0070 0x160c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:36:34.0076 0x160c mctadmin - ok

23:36:34.0077 0x160c Waiting for KSN requests completion. In queue: 76
23:36:35.0077 0x160c Waiting for KSN requests completion. In queue: 76
23:36:36.0077 0x160c Waiting for KSN requests completion. In queue: 76
23:36:37.0093 0x160c AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\WSCStub.exe ( 18.7.0.0 ), 0x51000 ( enabled : updated )
23:36:37.0094 0x160c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
23:36:37.0096 0x160c FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\WSCStub.exe ( 18.7.0.0 ), 0x51010 ( enabled )
23:36:39.0795 0x160c ============================================================
23:36:39.0795 0x160c Scan finished
23:36:39.0795 0x160c ============================================================
23:36:39.0803 0x1798 Detected object count: 0
23:36:39.0803 0x1798 Actual detected object count: 0

[danek]

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-09-29 23:46:13
-----------------------------
23:46:13.872 OS Version: Windows x64 6.1.7601 Service Pack 1
23:46:13.872 Number of processors: 4 586 0x2A07
23:46:13.872 ComputerName: CYPRIS UserName: Dan
23:46:20.128 Initialize success
23:46:20.128 VM: initialized successfully
23:46:20.144 VM: Intel CPU BiosDisabled
23:46:30.457 VM: supported disk I/O iaStor.sys
23:46:34.248 AVAST engine defs: 14092901
23:46:44.575 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:46:44.575 Disk 0 Vendor: ST950042 0003 Size: 476940MB BusType: 3
23:46:44.700 Disk 0 MBR read successfully
23:46:44.715 Disk 0 MBR scan
23:46:44.715 Disk 0 unknown MBR code
23:46:44.731 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
23:46:44.731 Disk 0 Boot: NTFS code=1
23:46:44.746 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 463738 MB offset 2459648
23:46:44.778 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12000 MB offset 952195072
23:46:44.840 Disk 0 scanning C:\Windows\system32\drivers
23:46:52.266 Service scanning
23:46:54.372 Service BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140912.003\BHDrvx64.sys **LOCKED** 5
23:46:56.228 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
23:46:56.446 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
23:46:57.866 Service IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140925.004\IDSvia64.sys **LOCKED** 5
23:47:00.284 Service NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140925.001\ENG64.SYS **LOCKED** 5
23:47:00.362 Service NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140925.001\EX64.SYS **LOCKED** 5
23:47:04.075 Service SRTSPX C:\Windows\system32\drivers\NISx64\1207010.003\SRTSPX64.SYS **LOCKED** 5
23:47:04.465 Service SymDS C:\Windows\system32\drivers\NISx64\1207010.003\SYMDS64.SYS **LOCKED** 5
23:47:04.543 Service SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS **LOCKED** 5
23:47:04.590 Service SymIRON C:\Windows\system32\drivers\NISx64\1207010.003\Ironx64.SYS **LOCKED** 5
23:47:04.636 Service SymNetS C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS **LOCKED** 5
23:47:08.178 Modules scanning
23:47:08.178 Disk 0 trace - called modules:
23:47:08.224 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
23:47:08.240 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80066a1790]
23:47:08.240 3 CLASSPNP.SYS[fffff880011b743f] -> nt!IofCallDriver -> [0xfffffa80047b2e40]
23:47:08.240 5 ACPI.sys[fffff88000f337a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047b5050]
23:47:09.535 AVAST engine scan C:\Windows
23:47:12.655 AVAST engine scan C:\Windows\system32
23:50:40.650 AVAST engine scan C:\Windows\system32\drivers
23:50:51.476 AVAST engine scan C:\Users\Dan
23:51:57.340 AVAST engine scan C:\ProgramData
23:53:37.119 Scan finished successfully
23:57:22.991 Disk 0 MBR has been saved successfully to "C:\Users\Dan\Desktop\MBR.dat"
23:57:23.007 The log file has been saved successfully to "C:\Users\Dan\Desktop\aswMBR.txt"

[Márty84]

Zdravim

Kde Avast hlasi havet?

Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=13&t=130786

[danek]

Dobrý večer,

Avast hlásil rootkit někde v adresáři Program files, ale bohužel už si nepamatuju jméno souboru. Dal jsem smazat, bylo to hned po stažení a nainstalování avastu, pak nabídl nějaký test po restartu, to jsem dal, ale počítač se strašně dlouho vypínal, musel jsem ho vypnout ručně, pak naběhl nouzový režim, dal jsem manuálně test po restartu, chvíli testoval, pak se testování ukončilo, nic nenašel, ale podle mě neotestoval všechno, protože test byl podezřele krátký.

Níže log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Dan at 2014-09-30 18:55:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 423 GB (91%) free of 464 GB
Total RAM: 4007 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:54, on 30.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files\trend micro\Dan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\System Update\SUService.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11015 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 35912128
\??\C:\Windows\system32\conhost.exe "2045684808-2088485076-19052049672012504457234728938654996711939941160-717519782
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"taskhost.exe"
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
C:\Windows\Explorer.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\ccSvcHst.exe" /c /a /s UserSession2
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3244
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Windows\System32\TpShocks.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\ThinkPad\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Windows\System32\rundll32.exe" C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Lenovo\System Update\SUService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskeng.exe {6591E5A3-7AC1-4D92-9BB2-DA40C6E44768}
"C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start

"C:\Users\Dan\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\uaclauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently
C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\pcdrcui.exe -silentenumeration -st SystemToolsDailyTest

=========Mozilla firefox=========

ProfilePath - C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\v6ijk9bb.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-09-29 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll [2011-12-09 436152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-09-29 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.1.3\coIEPlg.dll [2011-12-09 436152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-24 2731304]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-12-17 1933584]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2011-01-14 380776]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-04-28 307768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-26 418840]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2011-01-27 41320]
"ALCKRESI.EXE"=C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [2010-12-17 281448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-31 55808]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-02-05 336384]
"PWMTRV"=rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-09-29 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-12-08 135504]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-30 18:55:01 ----D---- C:\Program Files\trend micro
2014-09-30 18:55:00 ----D---- C:\rsit
2014-09-29 23:35:56 ----A---- C:\TDSSKiller.3.0.0.40_29.09.2014_23.35.56_log.txt
2014-09-29 23:34:44 ----A---- C:\TDSSKiller.3.0.0.40_29.09.2014_23.34.44_log.txt
2014-09-29 23:27:13 ----A---- C:\TDSSKiller.3.0.0.40_29.09.2014_23.27.13_log.txt
2014-09-29 21:45:56 ----D---- C:\Program Files (x86)\GUM3C25.tmp
2014-09-29 21:45:56 ----A---- C:\Program Files (x86)\GUT3C26.tmp
2014-09-29 21:43:17 ----D---- C:\Users\Dan\AppData\Roaming\AVAST Software
2014-09-29 21:40:44 ----D---- C:\Program Files (x86)\Google
2014-09-29 21:40:30 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-09-29 21:40:29 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-09-29 21:40:29 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-09-29 21:40:28 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-09-29 21:40:28 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-09-29 21:40:28 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-09-29 21:40:28 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-09-29 21:40:28 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-09-29 21:40:26 ----A---- C:\Windows\system32\aswBoot.exe
2014-09-29 21:40:24 ----A---- C:\Windows\avastSS.scr
2014-09-29 21:37:40 ----D---- C:\Program Files\AVAST Software
2014-09-29 21:37:13 ----D---- C:\ProgramData\AVAST Software
2014-09-28 18:56:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-28 18:48:36 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-09-28 18:48:36 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-09-28 18:23:20 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-09-28 18:23:20 ----A---- C:\Windows\explorer.exe
2014-09-28 18:23:19 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-09-28 18:23:19 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-09-28 18:23:19 ----A---- C:\Windows\system32\WMPhoto.dll
2014-09-28 18:23:19 ----A---- C:\Windows\system32\d3d10warp.dll
2014-09-28 18:21:32 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-09-28 18:21:32 ----A---- C:\Windows\system32\d2d1.dll
2014-09-28 18:21:31 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-09-28 18:21:31 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-09-28 18:21:27 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2014-09-28 18:21:27 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-09-28 18:21:27 ----A---- C:\Windows\system32\fsutil.exe
2014-09-28 18:21:27 ----A---- C:\Windows\system32\esent.dll
2014-09-28 18:21:27 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-09-28 18:21:27 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-09-28 18:21:27 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-09-28 18:21:27 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-09-28 18:21:27 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-09-28 18:21:26 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-09-28 18:20:38 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-09-28 18:20:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-09-28 18:20:35 ----A---- C:\Windows\system32\spoolsv.exe
2014-09-28 18:20:34 ----A---- C:\Windows\splwow64.exe
2014-09-28 17:25:15 ----D---- C:\Windows\Minidump
2014-09-28 17:25:08 ----A---- C:\Windows\ntbtlog.txt
2014-09-28 16:50:31 ----D---- C:\Users\Dan\AppData\Roaming\Mozilla
2014-09-28 16:50:20 ----D---- C:\ProgramData\Mozilla
2014-09-28 16:50:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-28 16:50:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-09-26 07:40:41 ----D---- C:\Program Files (x86)\MSXML 4.0
2014-09-26 06:37:04 ----D---- C:\Users\Dan\AppData\Roaming\Adobe
2014-09-26 05:08:52 ----SHD---- C:\System Volume Information
2014-09-26 05:08:52 ----ASH---- C:\pagefile.sys
2014-09-26 05:08:46 ----ASH---- C:\hiberfil.sys
2014-09-26 03:40:56 ----D---- C:\Windows\SYSWOW64\Wat
2014-09-26 03:40:56 ----D---- C:\Windows\system32\Wat
2014-09-26 03:39:17 ----SD---- C:\Windows\system32\CompatTel
2014-09-26 02:12:48 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-09-26 02:12:48 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-09-26 02:12:48 ----A---- C:\Windows\system32\wmploc.DLL
2014-09-26 02:12:46 ----A---- C:\Windows\system32\wmp.dll
2014-09-26 01:57:53 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-09-26 01:55:35 ----D---- C:\Windows\Migration
2014-09-26 01:40:33 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-09-26 01:30:45 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\url.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-09-26 01:30:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-09-26 01:30:41 ----A---- C:\Windows\system32\elshyph.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-09-26 01:30:40 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\wininet.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\urlmon.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-26 01:30:40 ----A---- C:\Windows\system32\msrating.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\msls31.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\jsIntl.dll
2014-09-26 01:30:40 ----A---- C:\Windows\system32\iertutil.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\wextract.exe
2014-09-26 01:30:39 ----A---- C:\Windows\system32\webcheck.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\vbscript.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\url.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-09-26 01:30:39 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\mshtmler.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\msfeedssync.exe
2014-09-26 01:30:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\licmgr10.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\jscript9.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\inseng.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\iexpress.exe
2014-09-26 01:30:39 ----A---- C:\Windows\system32\ieui.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\iesysprep.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\iesetup.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\iernonce.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\ieframe.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\ieapfltr.dat
2014-09-26 01:30:39 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-26 01:30:39 ----A---- C:\Windows\system32\icardie.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-26 01:30:39 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\pngfilt.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\occache.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\mshtml.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\mshta.exe
2014-09-26 01:30:38 ----A---- C:\Windows\system32\jscript.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\imgutil.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-26 01:30:38 ----A---- C:\Windows\system32\iepeers.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-26 01:30:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-09-26 01:23:50 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-09-26 01:23:50 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\XpsPrint.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\UIAnimation.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\FntCache.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\dxgi.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\DWrite.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\d3d10level9.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\d3d10core.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\d3d10_1.dll
2014-09-26 01:23:50 ----A---- C:\Windows\system32\d3d10.dll
2014-09-25 23:05:38 ----A---- C:\Windows\system32\browserchoice.exe
2014-09-25 22:24:29 ----A---- C:\Windows\system32\WUDFx.dll
2014-09-25 22:24:29 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-09-25 22:24:29 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-09-25 22:24:29 ----A---- C:\Windows\system32\WUDFHost.exe
2014-09-25 22:24:29 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-09-25 22:24:29 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-09-25 22:24:29 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-09-25 22:16:48 ----D---- C:\Windows\system32\MRT
2014-09-25 22:16:44 ----A---- C:\Windows\system32\MRT.exe
2014-09-25 22:04:13 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-09-25 22:04:12 ----A---- C:\Windows\SYSWOW64\wmi.dll
2014-09-25 22:04:12 ----A---- C:\Windows\system32\wmi.dll
2014-09-25 21:53:48 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-09-25 21:53:48 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-09-25 21:53:48 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-25 21:53:48 ----A---- C:\Windows\system32\icardagt.exe
2014-09-25 21:53:47 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-09-25 21:53:47 ----A---- C:\Windows\system32\icardres.dll
2014-09-25 21:53:38 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-09-25 21:53:38 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-25 21:51:51 ----A---- C:\Windows\system32\sspisrv.dll
2014-09-25 21:51:51 ----A---- C:\Windows\system32\sspicli.dll
2014-09-25 21:51:51 ----A---- C:\Windows\system32\secur32.dll
2014-09-25 21:51:51 ----A---- C:\Windows\system32\lsass.exe
2014-09-25 21:51:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-09-25 21:51:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-09-25 21:51:51 ----A---- C:\Windows\system32\drivers\cng.sys
2014-09-25 21:51:42 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-09-25 21:51:42 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-09-25 21:51:42 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-09-25 21:51:42 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-09-25 21:51:42 ----A---- C:\Windows\system32\secproc_isv.dll
2014-09-25 21:51:42 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-09-25 21:51:42 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-09-25 21:51:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-09-25 21:51:42 ----A---- C:\Windows\system32\RMActivate.exe
2014-09-25 21:51:41 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-09-25 21:51:41 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-09-25 21:51:41 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-09-25 21:51:41 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-09-25 21:51:41 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-09-25 21:51:41 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-09-25 21:51:41 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-09-25 21:51:41 ----A---- C:\Windows\system32\secproc.dll
2014-09-25 21:51:41 ----A---- C:\Windows\system32\msdrm.dll
2014-09-25 21:50:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-09-25 21:50:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-09-25 21:50:51 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-09-25 21:50:51 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-09-25 21:50:51 ----A---- C:\Windows\system32\winlogon.exe
2014-09-25 21:50:51 ----A---- C:\Windows\system32\objsel.dll
2014-09-25 21:50:51 ----A---- C:\Windows\system32\KernelBase.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2014-09-25 21:50:50 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\wincredprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\smss.exe
2014-09-25 21:50:50 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\dimsroam.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\csrsrv.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\cngprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\capiprovider.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\apisetschema.dll
2014-09-25 21:50:50 ----A---- C:\Windows\system32\adprovider.dll
2014-09-25 21:50:40 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-09-25 21:50:40 ----A---- C:\Windows\system32\d3d11.dll
2014-09-25 21:50:37 ----A---- C:\Windows\system32\tdh.dll
2014-09-25 21:50:37 ----A---- C:\Windows\system32\ntdll.dll
2014-09-25 21:50:37 ----A---- C:\Windows\system32\advapi32.dll
2014-09-25 21:50:36 ----A---- C:\Windows\SYSWOW64\tdh.dll
2014-09-25 21:50:36 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-09-25 21:50:36 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2014-09-25 21:50:29 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2014-09-25 21:50:29 ----A---- C:\Windows\SYSWOW64\gameux.dll
2014-09-25 21:50:29 ----A---- C:\Windows\system32\Wpc.dll
2014-09-25 21:50:29 ----A---- C:\Windows\system32\gameux.dll
2014-09-25 21:50:01 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-09-25 21:50:01 ----A---- C:\Windows\system32\mstscax.dll
2014-09-25 21:50:00 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2014-09-25 21:50:00 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-09-25 21:50:00 ----A---- C:\Windows\system32\tsgqec.dll
2014-09-25 21:50:00 ----A---- C:\Windows\system32\aaclient.dll
2014-09-25 21:49:53 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-25 21:49:53 ----A---- C:\Windows\system32\kerberos.dll
2014-09-25 21:49:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-09-25 21:49:46 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-09-25 21:49:44 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-09-25 21:49:31 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2014-09-25 21:49:31 ----A---- C:\Windows\system32\cryptdlg.dll
2014-09-25 21:48:57 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-09-25 21:48:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-09-25 21:48:57 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-09-25 21:48:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-09-25 21:48:57 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-09-25 21:48:57 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-09-25 21:48:57 ----A---- C:\Windows\system32\wdigest.dll
2014-09-25 21:48:57 ----A---- C:\Windows\system32\TSpkg.dll
2014-09-25 21:48:57 ----A---- C:\Windows\system32\schannel.dll
2014-09-25 21:48:57 ----A---- C:\Windows\system32\ncrypt.dll
2014-09-25 21:48:57 ----A---- C:\Windows\system32\msv1_0.dll
2014-09-25 21:48:57 ----A---- C:\Windows\system32\credssp.dll
2014-09-25 21:48:37 ----A---- C:\Windows\system32\wow64win.dll
2014-09-25 21:48:37 ----A---- C:\Windows\system32\wow64.dll
2014-09-25 21:48:37 ----A---- C:\Windows\system32\kernel32.dll
2014-09-25 21:48:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-25 21:48:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-25 21:48:36 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-25 21:48:36 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-25 21:48:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2014-09-25 21:48:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2014-09-25 21:48:36 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2014-09-25 21:48:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2014-09-25 21:48:36 ----A---- C:\Windows\SYSWOW64\instnm.exe
2014-09-25 21:48:36 ----A---- C:\Windows\system32\wow64cpu.dll
2014-09-25 21:48:36 ----A---- C:\Windows\system32\winsrv.dll
2014-09-25 21:48:36 ----A---- C:\Windows\system32\ntvdm64.dll
2014-09-25 21:48:36 ----A---- C:\Windows\system32\conhost.exe
2014-09-25 21:48:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-25 21:48:35 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-25 21:48:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-25 21:48:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-25 21:48:33 ----A---- C:\Windows\SYSWOW64\user.exe
2014-09-25 21:48:29 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2014-09-25 21:48:29 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2014-09-25 21:48:29 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2014-09-25 21:48:29 ----A---- C:\Windows\system32\nlasvc.dll
2014-09-25 21:48:29 ----A---- C:\Windows\system32\netcorehc.dll
2014-09-25 21:48:29 ----A---- C:\Windows\system32\ncsi.dll
2014-09-25 21:48:29 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-09-25 21:48:28 ----A---- C:\Windows\SYSWOW64\netevent.dll
2014-09-25 21:48:28 ----A---- C:\Windows\system32\nlaapi.dll
2014-09-25 21:48:28 ----A---- C:\Windows\system32\netevent.dll
2014-09-25 21:48:28 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-09-25 21:48:00 ----A---- C:\Windows\SYSWOW64\certutil.exe
2014-09-25 21:48:00 ----A---- C:\Windows\SYSWOW64\certenc.dll
2014-09-25 21:48:00 ----A---- C:\Windows\system32\certutil.exe
2014-09-25 21:48:00 ----A---- C:\Windows\system32\certenc.dll
2014-09-25 21:47:55 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2014-09-25 21:47:55 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-09-25 21:47:49 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-09-25 21:47:49 ----A---- C:\Windows\system32\osk.exe
2014-09-25 21:47:44 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2014-09-25 21:47:44 ----A---- C:\Windows\system32\ntshrui.dll
2014-09-25 21:47:40 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2014-09-25 21:47:40 ----A---- C:\Windows\system32\cdosys.dll
2014-09-25 21:47:38 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-09-25 21:47:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-09-25 21:47:38 ----A---- C:\Windows\system32\msi.dll
2014-09-25 21:47:38 ----A---- C:\Windows\system32\authui.dll
2014-09-25 21:47:38 ----A---- C:\Windows\system32\appinfo.dll
2014-09-25 21:47:37 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-09-25 21:47:37 ----A---- C:\Windows\system32\msihnd.dll
2014-09-25 21:47:37 ----A---- C:\Windows\system32\consent.exe
2014-09-25 21:47:31 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-09-25 21:47:31 ----A---- C:\Windows\system32\wintrust.dll
2014-09-25 21:47:26 ----A---- C:\Windows\system32\shell32.dll
2014-09-25 21:47:25 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-09-25 21:47:18 ----A---- C:\Windows\system32\shdocvw.dll
2014-09-25 21:47:17 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2014-09-25 21:47:15 ----A---- C:\Windows\SYSWOW64\wer.dll
2014-09-25 21:47:15 ----A---- C:\Windows\system32\wer.dll
2014-09-25 21:47:15 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-09-25 21:47:14 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2014-09-25 21:47:14 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2014-09-25 21:47:14 ----A---- C:\Windows\system32\nshwfp.dll
2014-09-25 21:47:14 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-09-25 21:47:14 ----A---- C:\Windows\system32\drivers\srvnet.sys
2014-09-25 21:47:14 ----A---- C:\Windows\system32\drivers\srv2.sys
2014-09-25 21:47:14 ----A---- C:\Windows\system32\drivers\srv.sys
2014-09-25 21:47:12 ----A---- C:\Windows\system32\tquery.dll
2014-09-25 21:47:12 ----A---- C:\Windows\system32\mssrch.dll
2014-09-25 21:47:11 ----A---- C:\Windows\SYSWOW64\tquery.dll
2014-09-25 21:47:11 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2014-09-25 21:47:11 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2014-09-25 21:47:11 ----A---- C:\Windows\system32\SearchIndexer.exe
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\mssph.dll
2014-09-25 21:47:10 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2014-09-25 21:47:10 ----A---- C:\Windows\system32\SearchFilterHost.exe
2014-09-25 21:47:10 ----A---- C:\Windows\system32\mssvp.dll
2014-09-25 21:47:10 ----A---- C:\Windows\system32\mssphtb.dll
2014-09-25 21:47:10 ----A---- C:\Windows\system32\mssph.dll
2014-09-25 21:47:10 ----A---- C:\Windows\system32\msscntrs.dll
2014-09-25 21:47:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-09-25 21:47:06 ----A---- C:\Windows\system32\cryptsvc.dll
2014-09-25 21:47:06 ----A---- C:\Windows\system32\cryptnet.dll
2014-09-25 21:47:06 ----A---- C:\Windows\system32\crypt32.dll
2014-09-25 21:47:05 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-09-25 21:47:05 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2014-09-25 21:47:01 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2014-09-25 21:47:01 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2014-09-25 21:47:01 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-09-25 21:47:01 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-09-25 21:46:58 ----A---- C:\Windows\system32\scavengeui.dll
2014-09-25 21:46:55 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-09-25 21:46:55 ----A---- C:\Windows\SYSWOW64\credui.dll
2014-09-25 21:46:55 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-09-25 21:46:55 ----A---- C:\Windows\system32\credui.dll
2014-09-25 21:46:51 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2014-09-25 21:46:51 ----A---- C:\Windows\system32\iologmsg.dll
2014-09-25 21:46:51 ----A---- C:\Windows\system32\drivers\storport.sys
2014-09-25 21:46:51 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-09-25 21:46:51 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-09-25 21:46:47 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-09-25 21:46:45 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-09-25 21:46:45 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2014-09-25 21:46:45 ----A---- C:\Windows\system32\oleaut32.dll
2014-09-25 21:46:45 ----A---- C:\Windows\system32\oleacc.dll
2014-09-25 21:46:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-09-25 21:46:44 ----A---- C:\Windows\system32\tzres.dll
2014-09-25 21:46:39 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-09-25 21:46:38 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2014-09-25 21:46:38 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2014-09-25 21:46:38 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2014-09-25 21:46:36 ----A---- C:\Windows\SYSWOW64\lpk.dll
2014-09-25 21:46:36 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2014-09-25 21:46:36 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2014-09-25 21:46:36 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2014-09-25 21:46:36 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2014-09-25 21:46:36 ----A---- C:\Windows\system32\lpk.dll
2014-09-25 21:46:36 ----A---- C:\Windows\system32\fontsub.dll
2014-09-25 21:46:36 ----A---- C:\Windows\system32\dciman32.dll
2014-09-25 21:46:36 ----A---- C:\Windows\system32\atmlib.dll
2014-09-25 21:46:36 ----A---- C:\Windows\system32\atmfd.dll
2014-09-25 21:46:35 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2014-09-25 21:46:35 ----A---- C:\Windows\system32\psisdecd.dll
2014-09-25 21:46:21 ----A---- C:\Windows\SYSWOW64\webio.dll
2014-09-25 21:46:21 ----A---- C:\Windows\system32\webio.dll
2014-09-25 21:46:19 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-09-25 21:46:19 ----A---- C:\Windows\system32\qedit.dll
2014-09-25 21:46:17 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2014-09-25 21:46:17 ----A---- C:\Windows\system32\poqexec.exe
2014-09-25 21:46:16 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2014-09-25 21:46:16 ----A---- C:\Windows\system32\mswsock.dll
2014-09-25 21:46:14 ----A---- C:\Windows\system32\winresume.exe
2014-09-25 21:46:14 ----A---- C:\Windows\system32\winload.exe
2014-09-25 21:46:14 ----A---- C:\Windows\system32\kdusb.dll
2014-09-25 21:46:14 ----A---- C:\Windows\system32\kdcom.dll
2014-09-25 21:46:14 ----A---- C:\Windows\system32\kd1394.dll
2014-09-25 21:46:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-09-25 21:46:13 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2014-09-25 21:46:13 ----A---- C:\Windows\system32\usp10.dll
2014-09-25 21:46:13 ----A---- C:\Windows\system32\inetcomm.dll
2014-09-25 21:46:12 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2014-09-25 21:46:12 ----A---- C:\Windows\system32\win32spl.dll
2014-09-25 21:46:09 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2014-09-25 21:46:09 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2014-09-25 21:46:09 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2014-09-25 21:46:09 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2014-09-25 21:46:09 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2014-09-25 21:46:09 ----A---- C:\Windows\system32\odbctrac.dll
2014-09-25 21:46:09 ----A---- C:\Windows\system32\odbccu32.dll
2014-09-25 21:46:09 ----A---- C:\Windows\system32\odbccr32.dll
2014-09-25 21:46:09 ----A---- C:\Windows\system32\odbccp32.dll
2014-09-25 21:46:08 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-09-25 21:46:08 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-09-25 21:46:07 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2014-09-25 21:46:07 ----A---- C:\Windows\system32\imagehlp.dll
2014-09-25 21:46:06 ----A---- C:\Windows\system32\profsvc.dll
2014-09-25 21:46:06 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-09-25 21:45:53 ----A---- C:\Windows\system32\aepdu.dll
2014-09-25 21:45:53 ----A---- C:\Windows\system32\aeinv.dll
2014-09-25 21:45:49 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-09-25 21:45:49 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-09-25 21:45:49 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-09-25 21:45:49 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-09-25 21:45:49 ----A---- C:\Windows\system32\msxml6r.dll
2014-09-25 21:45:49 ----A---- C:\Windows\system32\msxml6.dll
2014-09-25 21:45:49 ----A---- C:\Windows\system32\msxml3r.dll
2014-09-25 21:45:49 ----A---- C:\Windows\system32\msxml3.dll
2014-09-25 21:45:46 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-09-25 21:45:43 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2014-09-25 21:45:43 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2014-09-25 21:45:43 ----A---- C:\Windows\system32\WebClnt.dll
2014-09-25 21:45:43 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-09-25 21:45:43 ----A---- C:\Windows\system32\davclnt.dll
2014-09-25 21:45:39 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2014-09-25 21:45:39 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2014-09-25 21:45:39 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-09-25 21:45:39 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-09-25 21:45:39 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-09-25 21:45:39 ----A---- C:\Windows\system32\dnscacheugc.exe
2014-09-25 21:45:39 ----A---- C:\Windows\system32\dnsapi.dll
2014-09-25 21:45:37 ----A---- C:\Windows\system32\Wdfres.dll
2014-09-25 21:45:37 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-09-25 21:45:37 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-09-25 21:45:35 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-09-25 21:45:34 ----A---- C:\Windows\system32\FXSCOVER.exe
2014-09-25 21:45:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-09-25 21:45:33 ----A---- C:\Windows\system32\drivers\netio.sys
2014-09-25 21:45:33 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-09-25 21:45:32 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-09-25 21:45:32 ----A---- C:\Windows\system32\rdpwsx.dll
2014-09-25 21:45:32 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-09-25 21:45:32 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-09-25 21:45:31 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2014-09-25 21:45:31 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2014-09-25 21:45:31 ----A---- C:\Windows\system32\mfc42u.dll
2014-09-25 21:45:31 ----A---- C:\Windows\system32\mfc42.dll
2014-09-25 21:45:30 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2014-09-25 21:45:30 ----A---- C:\Windows\system32\EncDec.dll
2014-09-25 21:45:29 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-09-25 21:45:29 ----A---- C:\Windows\system32\win32k.sys
2014-09-25 21:45:29 ----A---- C:\Windows\system32\gdi32.dll
2014-09-25 21:45:27 ----A---- C:\Windows\system32\drivers\afd.sys
2014-09-25 21:45:26 ----A---- C:\Windows\system32\localspl.dll
2014-09-25 21:45:21 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-09-25 21:45:21 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-09-25 21:45:21 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-09-25 21:45:21 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-09-25 21:45:21 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-09-25 21:45:20 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2014-09-25 21:45:20 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-09-25 21:45:20 ----A---- C:\Windows\system32\dpnet.dll
2014-09-25 21:45:19 ----A---- C:\Windows\SYSWOW64\synceng.dll
2014-09-25 21:45:19 ----A---- C:\Windows\system32\synceng.dll
2014-09-25 21:45:18 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-09-25 21:45:18 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-09-25 21:45:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2014-09-25 21:45:16 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2014-09-25 21:45:16 ----A---- C:\Windows\SYSWOW64\cscript.exe
2014-09-25 21:45:16 ----A---- C:\Windows\system32\wscript.exe
2014-09-25 21:45:16 ----A---- C:\Windows\system32\scrrun.dll
2014-09-25 21:45:16 ----A---- C:\Windows\system32\cscript.exe
2014-09-25 21:45:14 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-09-25 21:45:14 ----A---- C:\Windows\SYSWOW64\prevhost.exe
2014-09-25 21:45:14 ----A---- C:\Windows\system32\srcore.dll
2014-09-25 21:45:14 ----A---- C:\Windows\system32\prevhost.exe
2014-09-25 21:45:13 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2014-09-25 21:45:13 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2014-09-25 21:45:13 ----A---- C:\Windows\SYSWOW64\devobj.dll
2014-09-25 21:45:13 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2014-09-25 21:45:13 ----A---- C:\Windows\system32\umpnpmgr.dll
2014-09-25 21:45:12 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-09-25 21:45:11 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2014-09-25 21:45:11 ----A---- C:\Windows\system32\msvcrt.dll
2014-09-25 21:45:08 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2014-09-25 21:45:07 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-09-25 21:45:07 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-09-25 21:45:07 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-09-25 21:45:05 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-09-25 21:45:05 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-09-25 21:45:05 ----A---- C:\Windows\system32\quartz.dll
2014-09-25 21:45:05 ----A---- C:\Windows\system32\qdvd.dll
2014-09-25 21:45:03 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2014-09-25 21:45:03 ----A---- C:\Windows\system32\msieftp.dll
2014-09-25 21:45:02 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2014-09-25 21:45:02 ----A---- C:\Windows\SYSWOW64\browcli.dll
2014-09-25 21:45:02 ----A---- C:\Windows\system32\netapi32.dll
2014-09-25 21:45:02 ----A---- C:\Windows\system32\browser.dll
2014-09-25 21:45:02 ----A---- C:\Windows\system32\browcli.dll
2014-09-25 21:45:01 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2014-09-25 21:45:01 ----A---- C:\Windows\system32\xmllite.dll
2014-09-25 21:45:00 ----A---- C:\Windows\system32\comctl32.dll
2014-09-25 21:44:59 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2014-09-25 21:44:59 ----A---- C:\Windows\system32\wwansvc.dll
2014-09-25 21:44:59 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-09-25 21:44:58 ----A---- C:\Windows\system32\taskhost.exe
2014-09-25 21:36:19 ----A---- C:\Windows\system32\drivers\bowser.sys
2014-09-25 21:35:30 ----A---- C:\Windows\system32\rpcrt4.dll
2014-09-25 21:35:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-09-25 21:35:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-09-25 21:35:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-25 21:35:29 ----A---- C:\Windows\system32\cdd.dll
2014-09-25 21:34:50 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-09-25 21:34:50 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-09-25 21:29:24 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-09-25 21:29:24 ----A---- C:\Windows\system32\packager.dll
2014-09-25 20:37:23 ----D---- C:\Users\Dan\AppData\Roaming\PwrMgr
2014-09-25 20:37:13 ----D---- C:\Users\Dan\AppData\Roaming\ATI
2014-09-25 20:36:54 ----D---- C:\Users\Dan\AppData\Roaming\Identities
2014-09-25 20:24:19 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2014-09-25 20:24:19 ----A---- C:\Windows\system32\rdpcore.dll
2014-09-25 20:24:19 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-09-25 20:18:33 ----A---- C:\Windows\system32\wups2.dll
2014-09-25 20:18:33 ----A---- C:\Windows\system32\wucltux.dll
2014-09-25 20:18:33 ----A---- C:\Windows\system32\wuaueng.dll
2014-09-25 20:18:33 ----A---- C:\Windows\system32\wuauclt.exe
2014-09-25 20:18:29 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-09-25 20:18:29 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-09-25 20:18:29 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-09-25 20:18:29 ----A---- C:\Windows\system32\wups.dll
2014-09-25 20:18:29 ----A---- C:\Windows\system32\wudriver.dll
2014-09-25 20:18:29 ----A---- C:\Windows\system32\wuapi.dll
2014-09-25 20:18:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-09-25 20:18:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-09-25 20:18:21 ----A---- C:\Windows\system32\wuwebv.dll
2014-09-25 20:18:21 ----A---- C:\Windows\system32\wuapp.exe
2014-09-25 20:15:54 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2014-09-25 20:15:02 ----D---- C:\Users\Dan\AppData\Roaming\Intel
2014-09-25 20:15:00 ----SD---- C:\Users\Dan\AppData\Roaming\Microsoft
2014-09-25 20:15:00 ----D---- C:\Users\Dan\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 1 month======

2014-09-30 18:56:25 ----D---- C:\Windows\system32\drivers\NISx64
2014-09-30 18:55:01 ----RD---- C:\Program Files
2014-09-30 18:43:39 ----D---- C:\Windows\Temp
2014-09-30 18:41:04 ----D---- C:\Windows\System32
2014-09-30 18:41:04 ----D---- C:\Windows\inf
2014-09-30 18:41:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-30 18:36:08 ----A---- C:\Windows\SYSWOW64\log.txt
2014-09-30 18:34:08 ----D---- C:\Windows\system32\config
2014-09-29 23:36:00 ----D---- C:\Windows\system32\drivers
2014-09-29 22:54:34 ----D---- C:\Windows\system32\Tasks
2014-09-29 21:50:47 ----SHD---- C:\Windows\Installer
2014-09-29 21:50:47 ----D---- C:\Windows\Tasks
2014-09-29 21:45:56 ----RD---- C:\Program Files (x86)
2014-09-29 21:40:26 ----D---- C:\Windows\winsxs
2014-09-29 21:40:26 ----D---- C:\Windows
2014-09-29 21:37:13 ----HD---- C:\ProgramData
2014-09-29 21:20:53 ----D---- C:\Windows\Logs
2014-09-29 07:35:36 ----D---- C:\Windows\system32\catroot2
2014-09-29 07:32:58 ----D---- C:\Windows\SysWOW64
2014-09-29 07:32:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-09-29 07:32:56 ----D---- C:\Windows\system32\cs-CZ
2014-09-29 07:32:53 ----D---- C:\Windows\system32\DriverStore
2014-09-28 19:00:44 ----D---- C:\Windows\system32\catroot
2014-09-28 19:00:36 ----D---- C:\Windows\Microsoft.NET
2014-09-26 23:33:38 ----D---- C:\Windows\system32\LogFiles
2014-09-26 12:46:29 ----D---- C:\Windows\rescache
2014-09-26 12:45:03 ----D---- C:\Windows\Prefetch
2014-09-26 07:42:54 ----D---- C:\Program Files\Windows Mail
2014-09-26 07:42:53 ----D---- C:\Program Files\Windows Photo Viewer
2014-09-26 07:42:53 ----D---- C:\Program Files\Windows Media Player
2014-09-26 07:42:53 ----D---- C:\Program Files\Windows Journal
2014-09-26 07:42:53 ----D---- C:\Program Files\Windows Defender
2014-09-26 07:42:53 ----D---- C:\Program Files\DVD Maker
2014-09-26 07:42:53 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-09-26 07:42:53 ----D---- C:\Program Files (x86)\Windows Media Player
2014-09-26 07:42:53 ----D---- C:\Program Files (x86)\Windows Mail
2014-09-26 07:42:52 ----D---- C:\Windows\SYSWOW64\migwiz
2014-09-26 07:42:52 ----D---- C:\Windows\SYSWOW64\en
2014-09-26 07:42:52 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2014-09-26 07:42:52 ----D---- C:\Windows\servicing
2014-09-26 07:42:52 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-09-26 07:42:52 ----D---- C:\Program Files (x86)\Windows Defender
2014-09-26 07:42:51 ----D---- C:\Windows\SYSWOW64\en-US
2014-09-26 07:42:42 ----D---- C:\Windows\SYSWOW64\DriverStore
2014-09-26 07:42:42 ----D---- C:\Windows\SYSWOW64\Dism
2014-09-26 07:42:41 ----D---- C:\Windows\system32\winrm
2014-09-26 07:42:41 ----D---- C:\Windows\system32\slmgr
2014-09-26 07:42:41 ----D---- C:\Windows\system32\migwiz
2014-09-26 07:42:41 ----D---- C:\Windows\system32\en-US
2014-09-26 07:42:41 ----D---- C:\Windows\system32\en
2014-09-26 07:42:41 ----D---- C:\Windows\system32\Boot
2014-09-26 07:42:41 ----D---- C:\Windows\en-US
2014-09-26 07:42:32 ----D---- C:\Windows\system32\WCN
2014-09-26 07:42:32 ----D---- C:\Windows\system32\drivers\en-US
2014-09-26 07:42:32 ----D---- C:\Windows\system32\Dism
2014-09-26 07:42:30 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-09-26 07:42:29 ----D---- C:\Windows\Speech
2014-09-26 05:08:46 ----D---- C:\Program Files\ThinkVantage Fingerprint Software
2014-09-26 04:06:43 ----RSD---- C:\Windows\assembly
2014-09-26 03:40:55 ----D---- C:\Windows\ehome
2014-09-26 03:40:54 ----D---- C:\Program Files\Common Files\System
2014-09-26 03:40:51 ----D---- C:\Program Files\Internet Explorer
2014-09-26 03:40:51 ----D---- C:\Program Files (x86)\Internet Explorer
2014-09-26 03:40:48 ----D---- C:\Windows\SYSWOW64\migration
2014-09-26 03:40:44 ----D---- C:\Windows\system32\migration
2014-09-26 03:40:44 ----D---- C:\Windows\PolicyDefinitions
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\zh-HK
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\tr-TR
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\sv-SE
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\pt-PT
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\pt-BR
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\pl-PL
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\ko-KR
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\it-IT
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\hu-HU
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\fi-FI
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\es-ES
2014-09-26 03:40:38 ----D---- C:\Windows\SYSWOW64\el-GR
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\zh-TW
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\zh-CN
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\ru-RU
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\nb-NO
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\ja-JP
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\de-DE
2014-09-26 03:40:37 ----D---- C:\Windows\SYSWOW64\da-DK
2014-09-26 03:40:36 ----D---- C:\Windows\system32\zh-HK
2014-09-26 03:40:36 ----D---- C:\Windows\system32\pt-PT
2014-09-26 03:40:36 ----D---- C:\Windows\system32\pt-BR
2014-09-26 03:40:36 ----D---- C:\Windows\system32\pl-PL
2014-09-26 03:40:36 ----D---- C:\Windows\system32\ko-KR
2014-09-26 03:40:36 ----D---- C:\Windows\system32\it-IT
2014-09-26 03:40:36 ----D---- C:\Windows\system32\hu-HU
2014-09-26 03:40:36 ----D---- C:\Windows\system32\el-GR
2014-09-26 03:40:35 ----D---- C:\Windows\system32\zh-TW
2014-09-26 03:40:35 ----D---- C:\Windows\system32\tr-TR
2014-09-26 03:40:35 ----D---- C:\Windows\system32\sv-SE
2014-09-26 03:40:35 ----D---- C:\Windows\system32\nl-NL
2014-09-26 03:40:35 ----D---- C:\Windows\system32\fr-FR
2014-09-26 03:40:35 ----D---- C:\Windows\system32\fi-FI
2014-09-26 03:40:35 ----D---- C:\Windows\system32\es-ES
2014-09-26 03:40:35 ----D---- C:\Windows\system32\de-DE
2014-09-26 03:40:34 ----D---- C:\Windows\system32\zh-CN
2014-09-26 03:40:34 ----D---- C:\Windows\system32\ru-RU
2014-09-26 03:40:34 ----D---- C:\Windows\system32\nb-NO
2014-09-26 03:40:34 ----D---- C:\Windows\system32\ja-JP
2014-09-26 03:40:34 ----D---- C:\Windows\system32\da-DK
2014-09-26 03:40:32 ----D---- C:\Windows\AppPatch
2014-09-26 03:40:10 ----D---- C:\Windows\system32\drivers\cs-CZ
2014-09-26 03:40:09 ----RSD---- C:\Windows\Fonts
2014-09-26 03:40:02 ----D---- C:\Windows\system32\wbem
2014-09-26 03:36:16 ----D---- C:\Windows\system32\wdi
2014-09-26 01:55:35 ----SD---- C:\ProgramData\Microsoft
2014-09-26 00:02:44 ----D---- C:\Program Files (x86)\Common Files
2014-09-25 23:52:35 ----D---- C:\Program Files\Symantec
2014-09-25 22:16:48 ----D---- C:\Windows\debug
2014-09-25 20:39:12 ----D---- C:\ProgramData\Norton
2014-09-25 20:37:04 ----D---- C:\Windows\SoftwareDistribution
2014-09-25 20:36:52 ----SHD---- C:\$Recycle.Bin
2014-09-25 20:36:50 ----D---- C:\SWTOOLS
2014-09-25 20:18:07 ----D---- C:\Windows\system32\restore
2014-09-25 20:16:02 ----D---- C:\Windows\Panther
2014-09-25 20:16:00 ----D---- C:\swshare
2014-09-25 20:15:54 ----D---- C:\ProgramData\PCDr
2014-09-25 20:15:00 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-09-29 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-09-29 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2011-01-13 139888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2011-01-13 23664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-09-29 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-09-29 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-09-29 427360]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [2014-09-12 1586904]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-25 487216]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20140925.004\IDSvia64.sys [2014-09-25 633560]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2010-12-03 31592]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2011-02-03 14960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-09-29 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-09-29 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-09-29 92008]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2010-12-15 98816]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-02-05 8283136]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-02-05 295424]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-11-23 1567360]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-09-25 142640]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2010-11-12 39024]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140925.001\ENG64.SYS [2014-09-25 129752]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20140925.001\EX64.SYS [2014-09-25 2137304]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-07-02 40512]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-07 412776]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1207010.003\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2014-09-25 174200]
R3 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1207010.003\SYMNETS.SYS [2011-04-21 386168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-24 1423408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2011-04-09 42392]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2010-12-18 425000]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-12-18 145960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-12-18 162344]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-12-18 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-12-18 21416]
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0;PCDSRVC{127174DC-C366ED8B-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [2010-12-10 25072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-02-05 203776]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-09-29 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2010-12-19 962848]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-12-17 1515792]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2010-11-12 45928]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2011-01-27 40808]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-11-24 45496]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-01-27 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-22 326168]
R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-12-17 836880]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 SUService;System Update; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [2010-11-25 28672]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2010-12-03 114024]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-12-02 64440]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2010-12-03 116072]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-26 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-24 114288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2011-02-03 79208]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2011-01-13 47728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-26 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[Márty84]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[danek]

Kopíruji log z AdwCleaner...

# AdwCleaner v3.311 - Report created 02/10/2014 at 21:14:24
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dan - CYPRIS
# Running from : C:\Users\Dan\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Dan\AppData\Roaming\Mozilla\Firefox\Profiles\v6ijk9bb.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Dan\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [922 octets] - [02/10/2014 21:13:15]
AdwCleaner[S0].txt - [844 octets] - [02/10/2014 21:14:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [903 octets] ##########

[danek]

Přidávám log z malwarebytes:


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2.10.2014
Scan Time: 21:37:41
Logfile: Malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.02.07
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303800
Time Elapsed: 7 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Test s MBAM nebyl nastaven podle navodu, cili se nekontroloval cely pc. Takze repete s presnym nastavenim

[danek]

Tak ještě jednou. Tentokrát přesně podle návodu včetně nové instalace:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3.10.2014
Scan Time: 19:07:40
Logfile: Malwarebytes2.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.03.05
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dan

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 456859
Time Elapsed: 1 hr, 13 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Vyborne, MBAM odinstalujte.

Postupujte podle navodu kolegy

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[danek]

Kopíruji log z Malware Antirootkit:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17280

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.095000 GHz
Memory total: 4201889792, free: 1960873984

Downloaded database version: v2014.10.04.11
Downloaded database version: v2014.09.19.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F46580DE

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 2457600
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2459648 Numsec = 949735424

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 952195072 Numsec = 24576000

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

[danek]

Ještě jsem to pro jistotu pustil jednou a kopíruji log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17280

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.095000 GHz
Memory total: 4201889792, free: 1960873984

Downloaded database version: v2014.10.04.11
Downloaded database version: v2014.09.19.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F46580DE

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 2457600
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2459648 Numsec = 949735424

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 952195072 Numsec = 24576000

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17280

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.095000 GHz
Memory total: 4201889792, free: 2254114816

=======================================
Initializing...
------------ Kernel report ------------
10/04/2014 21:05:06
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\DRIVERS\ApsHM64.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\DRIVERS\Apsx64.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\drivers\Tppwr64v.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\SystemRoot\system32\drivers\NISx64\1207020.003\Ironx64.SYS
\SystemRoot\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\smiifx64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20140912.003\BHDrvx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\risdxc64.sys
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\ibmpmdrv.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\psadd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\WDKMD.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\CHDRT64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\5U877.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20141003.017\EX64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20141003.017\ENG64.SYS
\??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20141003.001\IDSvia64.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\wininet.dll
\Windows\System32\psapi.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\user32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\lpk.dll
\Windows\System32\normaliz.dll
\Windows\System32\advapi32.dll
\Windows\System32\setupapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\nsi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\urlmon.dll
\Windows\System32\ole32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\oleaut32.dll
\Windows\System32\msctf.dll
\Windows\System32\msvcrt.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\difxapi.dll
\Windows\System32\sechost.dll
\Windows\System32\shell32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80066a1790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa80047a1050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80066a1790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80066a2b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80066a2040, DeviceName: Unknown, DriverName: \Driver\Shockprf\
DevicePointer: 0xfffffa80066a1790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003c99800, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80047a1050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\Shockprf\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F46580DE

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 2457600
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2459648 Numsec = 949735424

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 952195072 Numsec = 24576000

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku