Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Delta search toolbar and slower pc


  • Please log in to reply
11 replies to this topic

#1 Laverdure

Laverdure

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 07 August 2013 - 12:56 AM

Hello,

the Delta search spyware installed on my computer when trying to download something.

Now every attempt to remove the toolbar from my browsers is unuseful, but moreover the machine is starting to slow and not to respond as it should.

Mindful of a previous rootkit infection, I haven't run anything else than AVG antivirus before asking for advice from someone here on the forum.

Any suggestion or help please?

 

Thanks

 



BC AdBot (Login to Remove)

 


#2 cojc1

cojc1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 07 August 2013 - 01:41 AM

start from safe mode and remove



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:03 PM

Posted 07 August 2013 - 01:50 PM

Hello, Also go into Control Panel and see if you see it there and Uninstall then reboot.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Laverdure

Laverdure
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 08 August 2013 - 12:19 PM

Hello boopme,

here is the minitoolbox result.txt. I will post the other logs as soon as I'm done with each of them.

Just to let you and the others know: yesterday I ran Malwarebytes, which detected the infection and quarantined, but after the second reboot the browser redirecting is there once again. And the machine is slow...

 

**********

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Roots (administrator) on 08-08-2013 at 19:11:18
Running from "C:\Users\Roots\Desktop"
Microsoft® Windows Vista™ Business  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Configurazione IP di Windows
 
Cache del resolver DNS svuotata.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Intel® WiFi Link 5100 AGN = Connessione rete wireless (Connected)
Realtek PCIe GBE Family Controller = Connessione alla rete locale (LAN) (Media disconnected)
 
 
# ----------------------------------
# Configurazione IPv4
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# Fine configurazione IPv4
 
 
 
Configurazione IP di Windows
 
   Nome host . . . . . . . . . . . . . . : PC-Leranovo
   Suffisso DNS primario . . . . . . . . : 
   Tipo nodo . . . . . . . . . . . . . . : Ibrido
   Routing IP abilitato. . . . . . . . . : No
   Proxy WINS abilitato . . . . . . . .  : No
 
Scheda LAN wireless Connessione rete wireless:
 
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Indirizzo fisico. . . . . . . . . . . : 00-21-5D-62-01-5E
   DHCP abilitato. . . . . . . . . . . . : S
   Configurazione automatica abilitata   : S
   Indirizzo IPv6 locale rispetto al collegamento . : fe80::8529:a914:bfb5:78e0%13(Preferenziale) 
   Indirizzo IPv4. . . . . . . . . . . . : 192.168.1.2(Preferenziale) 
   Subnet mask . . . . . . . . . . . . . : 255.255.255.0
   Lease ottenuto. . . . . . . . . . . . : mercoled 7 agosto 2013 19.37.46
   Scadenza lease . . . . . . . . . . .  : gioved 28 gennaio 2021 10.54.22
   Gateway predefinito . . . . . . . . . : 192.168.1.1
   Server DHCP . . . . . . . . . . . . . : 192.168.1.1
   IAID DHCPv6 . . . . . . . . . . . : 285221213
   DUID Client DHCPv6. . . . . . . . : 00-01-00-01-10-59-43-AE-00-21-5D-62-01-5E
   Server DNS . . . . . . . . . . . . .  : 192.168.1.1
   NetBIOS su TCP/IP . . . . . . . . . . : Attivato
 
Scheda Ethernet Connessione alla rete locale (LAN):
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Indirizzo fisico. . . . . . . . . . . : 00-22-15-EB-41-66
   DHCP abilitato. . . . . . . . . . . . : S
   Configurazione automatica abilitata   : S
 
Scheda Tunnel Connessione alla rete locale (LAN)* 7:
 
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Indirizzo fisico. . . . . . . . . . . : 02-00-54-55-4E-01
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S
   Indirizzo IPv6 . . . . . . . . . . . . . . . . . : 2001:0:5ef5:79fb:1466:20dc:3f57:fefd(Preferenziale) 
   Indirizzo IPv6 locale rispetto al collegamento . : fe80::1466:20dc:3f57:fefd%15(Preferenziale) 
   Gateway predefinito . . . . . . . . . : ::
   NetBIOS su TCP/IP . . . . . . . . . . : Disattivato
 
Scheda Tunnel Connessione alla rete locale (LAN)* 11:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : isatap.{9B3C5514-0CE0-4E2B-8871-892F470077DB}
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S
 
Scheda Tunnel Connessione alla rete locale (LAN)* 12:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : isatap.{204E884B-0E7C-4B28-8C22-22444F57034D}
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S
 
Scheda Tunnel Connessione alla rete locale (LAN)* 13:
 
   Stato supporto. . . . . . . . . . . . : Supporto disconnesso
   Suffisso DNS specifico per connessione: 
   Descrizione . . . . . . . . . . . . . : 6TO4 Adapter
   Indirizzo fisico. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP abilitato. . . . . . . . . . . . : No
   Configurazione automatica abilitata   : S
Server:  UnKnown
Address:  192.168.1.1
 
Nome:    google.com
Addresses:  2a00:1450:4002:801::1007
 173.194.35.9
 173.194.35.3
 173.194.35.14
 173.194.35.7
 173.194.35.8
 173.194.35.5
 173.194.35.4
 173.194.35.1
 173.194.35.0
 173.194.35.6
 173.194.35.2
 
 
 
Esecuzione di Ping google.com [173.194.35.3] con 32 byte di dati:
 
Risposta da 173.194.35.3: byte=32 durata=25ms TTL=56
 
Risposta da 173.194.35.3: byte=32 durata=35ms TTL=56
 
 
 
Statistiche Ping per 173.194.35.3:
 
    Pacchetti: Trasmessi = 2, Ricevuti = 2, 
 
    Persi = 0 (0% persi),
 
Tempo approssimativo percorsi andata/ritorno in millisecondi:
 
    Minimo = 25ms, Massimo =  35ms, Medio =  30ms
 
Server:  UnKnown
Address:  192.168.1.1
 
Nome:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
 
Esecuzione di Ping yahoo.com [206.190.36.45] con 32 byte di dati:
 
Risposta da 206.190.36.45: byte=32 durata=305ms TTL=49
 
Risposta da 206.190.36.45: byte=32 durata=253ms TTL=49
 
 
 
Statistiche Ping per 206.190.36.45:
 
    Pacchetti: Trasmessi = 2, Ricevuti = 2, 
 
    Persi = 0 (0% persi),
 
Tempo approssimativo percorsi andata/ritorno in millisecondi:
 
    Minimo = 253ms, Massimo =  305ms, Medio =  279ms
 
 
 
Esecuzione di Ping 127.0.0.1 con 32 byte di dati:
 
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128
 
Risposta da 127.0.0.1: byte=32 durata<1ms TTL=128
 
 
 
Statistiche Ping per 127.0.0.1:
 
    Pacchetti: Trasmessi = 2, Ricevuti = 2, 
 
    Persi = 0 (0% persi),
 
Tempo approssimativo percorsi andata/ritorno in millisecondi:
 
    Minimo = 0ms, Massimo =  0ms, Medio =  0ms
 
===========================================================================
Elenco interfacce
 13 ...00 21 5d 62 01 5e ...... Intel® WiFi Link 5100 AGN
 10 ...00 22 15 eb 41 66 ...... Realtek PCIe GBE Family Controller
  1 ........................... Software Loopback Interface 1
 15 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 16 ...00 00 00 00 00 00 00 e0  isatap.{9B3C5514-0CE0-4E2B-8871-892F470077DB}
 17 ...00 00 00 00 00 00 00 e0  isatap.{204E884B-0E7C-4B28-8C22-22444F57034D}
 14 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================
 
IPv4 Tabella route
===========================================================================
Route attive:
     Indirizzo rete             Mask          Gateway     Interfaccia Metrica
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Route permanenti:
  Nessuna
 
IPv6 Tabella route
===========================================================================
Route attive:
 Interf Metrica Rete Destinazione      Gateway
 15     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     18 2001::/32                On-link
 15    266 2001:0:5ef5:79fb:1466:20dc:3f57:fefd/128
                                    On-link
 13    281 fe80::/64                On-link
 15    266 fe80::/64                On-link
 15    266 fe80::1466:20dc:3f57:fefd/128
                                    On-link
 13    281 fe80::8529:a914:bfb5:78e0/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    266 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Route permanenti:
  Nessuna
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/07/2013 07:37:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/07/2013 05:43:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/07/2013 05:38:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/07/2013 05:37:16 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 
Error: (08/04/2013 00:05:21 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/31/2013 09:44:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/29/2013 11:10:40 PM) (Source: Windows Search Service) (User: )
Description: Impossibile aggiornare la voce <C:\USERS\FUGAZI\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\ANDREA CORRETTA.LNK> nella mappa di hash.
 
Contesto: applicazione , catalogo SystemIndex
 
Dettagli:
Un dispositivo collegato al sistema non è in funzione.   (0x8007001f)
 
Error: (07/29/2013 11:10:40 PM) (Source: Windows Search Service) (User: )
Description: Impossibile aggiornare la voce <C:\USERS\FUGAZI\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\ANDREA CORRETTA.LNK> nella mappa di hash.
 
Contesto: applicazione , catalogo SystemIndex
 
Dettagli:
Un dispositivo collegato al sistema non è in funzione.   (0x8007001f)
 
Error: (07/28/2013 11:55:35 PM) (Source: Application Hang) (User: )
Description: Il programma iexplore.exe versione 9.0.8112.16490 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Segnalazioni di problemi e soluzioni nel Pannello di controllo.
ID processo: 8024
Ora di avvio: 01ce8bdd18b845b0
Ora di chiusura: 10
 
Error: (07/28/2013 11:54:39 PM) (Source: Application Hang) (User: )
Description: Il programma iexplore.exe versione 9.0.8112.16490 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Segnalazioni di problemi e soluzioni nel Pannello di controllo.
ID processo: 4c94
Ora di avvio: 01ce8bdcb946dc90
Ora di chiusura: 16
 
 
System errors:
=============
Error: (08/07/2013 08:14:16 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
Error: (08/07/2013 08:13:10 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
Error: (08/07/2013 07:47:59 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
Error: (08/07/2013 07:44:13 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
Error: (08/07/2013 07:38:43 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032
 
Error: (08/07/2013 07:37:53 PM) (Source: Service Control Manager) (User: )
Description: tvtumon
 
Error: (08/07/2013 07:37:45 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
Error: (08/07/2013 07:36:01 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
Error: (08/07/2013 07:35:53 PM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5
 
Error: (08/07/2013 07:32:44 PM) (Source: cdrom) (User: )
Description: Il dispositivo \Device\CdRom0 non è ancora pronto per l'accesso.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-08-07 19:14:29.610
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:29.470
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:29.345
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:29.220
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:29.095
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:28.955
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:28.768
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:28.643
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:28.518
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
  Date: 2013-08-07 19:14:28.393
  Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.3.0.29342)
2007 Microsoft Office system (Version: 12.0.6612.1000)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Italiano (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Auslogics Disk Defrag (Version: version 3.4)
Auslogics Registry Defrag (Version: version 6.2)
AVG 2013 (Version: 13.0.3209)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
Bing HRS Toolbar (Version: 3.6.17)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
calibre (Version: 0.8.44)
Camera Center (Version: 1.0.25)
Celtx (2.9.1) (Version: 2.9.1 (en-US))
Client Security - Password Manager (Version: 8.20.0023.00)
Conexant HD Audio (Version: 4.47.0.50)
CutePDF Writer 2.8
Disk Cleaner (remove only)
Display su Schermo (Version: 6.60.03)
Free ISO Burn Wizard 4.1.5
GIMP 2.6.12-2 (Version: 2.6.12)
Glary Utilities 2.44.0.1450 (Version: 2.44.0.1450)
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.73.00.50)
Help Center (Version: 2.00h)
Integrated Camera (Version: 5.8.35003.0)
InterVideo Register Manager (Version: 1.0.4.0)
InterVideo WinDVD (Version: 5.0-B11.1243)
IrfanView (remove only) (Version: 4.32)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 22 (Version: 6.0.220)
Lenovo Auto Scroll Utility (Version: 1.11)
Lenovo Care (Version: 3.00b)
Lenovo Care Supplement (Version: 3.00b)
Lenovo Patch Utility (Version: 1.0.1.1)
Lenovo Registration
Lenovo System Interface Driver (Version: 1.05)
Lenovo Welcome v1.0.24.3
Lenovo_ATK_Package (Version: 0.00.04.0)
Macrium Reflect Free Edition (Version: 5.0.4368)
Malwarebytes Anti-Malware versione 1.75.0.1300 (Version: 1.75.0.1300)
Message Center (Version: 2.01d)
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)
Microsoft .NET Framework 3.5 Language Pack SP1 - ita (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile ITA Language Pack (Version: 4.0.30319)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 – Italiano (per Office Outlook 2007 con Business Contact Manager SP1) (Version: 3.0.7311.0)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (Italian) 2007 (Version: 12.0.4518.1018)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mobile Broadband Connect (Version: 3.1.3050)
Mozilla Firefox 11.0 (x86 it) (Version: 11.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MWSnap 3 (Version: 3.0.0.74)
NVIDIA Driver audio HD 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Drivers (Version: 1.3)
NVIDIA Install Application (Version: 2.1002.109.718)
Olympus DSS Player Standard (Version: 1.0.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
PC-Doctor 5 for Windows (Version: 5.1.4957.02)
pdfsam (Version: 2.2.1)
Presentation Director (Version: 4.00a)
Product Recovery Disc Burning Utility (Version: 1.0.0019.00)
QuickTime (Version: 7.71.80.42)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
Registry patch for Windows Vista USB S3 PM Enablement (Version: 1.00)
Registry patch of Changing Timing of IDLE IRP by Finger Print Driver for Windows Vista  (Version: 1.01)
Registry Patch of Enabling Device Initiated Power Management(DIPM) on SATA for Windows Vista (Version: 1.01)
Registry patch to improve USB device detection on resume from sleep for Windows Vista (Version: 1.01.0000)
Rescue and Recovery (Version: 4.21.0014.00)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 (Version: 3.55.01)
SBITS (Version: 1.1.1)
Skype™ 6.3 (Version: 6.3.107)
Software Intel® PROSet/Wireless WiFi (Version: 13.04.0000)
swMSM (Version: 12.0.0.1)
System Update (Version: 3.15.0017)
ThinkPad Bluetooth with Enhanced Data Rate Software 6.1.0.4500 (Version: 6.1.0.4500)
ThinkPad EasyEject Utility  (Version: 2.36)
ThinkPad FullScreen Magnifier (Version: 2.02)
ThinkPad Mobility Center Customization (Version: 1.50.0000)
ThinkPad Power Management Driver for SL Series (Version: 1.44)
ThinkPad Power Manager (Version: 2.33)
ThinkPad UltraNav Driver (Version: 15.0.18.0)
ThinkPad UltraNav Utility (Version: 2.04)
ThinkVantage Access Connections (Version: 5.01)
ThinkVantage Active Protection System (Version: 1.61)
ThinkVantage Fingerprint Software 5.8 (Version: 5.8.2.4462)
ThinkVantage Status Gadget (Version: 1.0.3022)
ThinkVantage Technologies Welcome Message (Version: 2.00)
TinyGrab (Version: 2.0.4)
TweetDeck (Version: 2.7.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Verizon Wireless BroadbandAccess Self Activation (Version: 1.3.2)
VLC media player 2.0.1 (Version: 2.0.1)
Vym (remove only)
Wallpapers
Windows Driver Package - Lenovo 1.44 (05/14/2008 1.44) (Version: 05/14/2008 1.44)
WinRAR 4.11 (32-bit) (Version: 4.11.0)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 2046.54 MB
Available physical RAM: 887.93 MB
Total Pagefile: 4334.39 MB
Available Pagefile: 2917.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.96 MB
 
========================= Partitions: =====================================
 
1 Drive c: (SW_Preload) (Fixed) (Total:86.83 GB) (Free:40.06 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:50.98 GB) (Free:8.64 GB) NTFS
4 Drive q: (Lenovo) (Fixed) (Total:9.77 GB) (Free:3.1 GB) NTFS
5 Drive s: (SERVICEV003) (Fixed) (Total:1.46 GB) (Free:0.67 GB) NTFS
 
========================= Users: ========================================
 
Account utente per \\PC-LERANOVO
 
Administrator            Fugazi                   Guest                    
Roots                    
Esecuzione comando riuscita.
 
 
**** End of log ****


#5 Laverdure

Laverdure
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 08 August 2013 - 12:23 PM

19:21:00.0435 5352  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
19:21:01.0117 5352  ============================================================
19:21:01.0117 5352  Current date / time: 2013/08/08 19:21:01.0117
19:21:01.0117 5352  SystemInfo:
19:21:01.0117 5352  
19:21:01.0117 5352  OS Version: 6.0.6002 ServicePack: 2.0
19:21:01.0117 5352  Product type: Workstation
19:21:01.0117 5352  ComputerName: PC-LERANOVO
19:21:01.0118 5352  UserName: Roots
19:21:01.0118 5352  Windows directory: C:\Windows
19:21:01.0118 5352  System windows directory: C:\Windows
19:21:01.0118 5352  Processor architecture: Intel x86
19:21:01.0118 5352  Number of processors: 2
19:21:01.0118 5352  Page size: 0x1000
19:21:01.0118 5352  Boot type: Normal boot
19:21:01.0118 5352  ============================================================
19:21:01.0823 5352  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:21:01.0825 5352  ============================================================
19:21:01.0825 5352  \Device\Harddisk0\DR0:
19:21:01.0826 5352  MBR partitions:
19:21:01.0826 5352  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2ED800
19:21:01.0826 5352  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE000, BlocksNum 0xADAAFF8
19:21:01.0852 5352  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xB099800, BlocksNum 0x65F7800
19:21:01.0852 5352  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x11691000, BlocksNum 0x1388000
19:21:01.0852 5352  ============================================================
19:21:01.0886 5352  C: <-> \Device\Harddisk0\DR0\Partition2
19:21:01.0924 5352  S: <-> \Device\Harddisk0\DR0\Partition1
19:21:01.0983 5352  Q: <-> \Device\Harddisk0\DR0\Partition4
19:21:02.0027 5352  D: <-> \Device\Harddisk0\DR0\Partition3
19:21:02.0028 5352  ============================================================
19:21:02.0028 5352  Initialize success
19:21:02.0028 5352  ============================================================
19:21:38.0576 0784  ============================================================
19:21:38.0576 0784  Scan started
19:21:38.0576 0784  Mode: Manual; TDLFS; 
19:21:38.0576 0784  ============================================================
19:21:39.0136 0784  ================ Scan system memory ========================
19:21:39.0136 0784  System memory - ok
19:21:39.0137 0784  ================ Scan services =============================
19:21:39.0425 0784  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
19:21:39.0435 0784  ACPI - ok
19:21:39.0565 0784  [ F7128B4CA71ADA9ABA113318829C56CE ] AcPrfMgrSvc     C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
19:21:39.0571 0784  AcPrfMgrSvc - ok
19:21:39.0601 0784  [ 11F39BF8D4543083B5A9F67BDD29E0C4 ] AcSvc           C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
19:21:39.0609 0784  AcSvc - ok
19:21:39.0724 0784  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:21:39.0728 0784  AdobeARMservice - ok
19:21:39.0798 0784  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:21:39.0806 0784  AdobeFlashPlayerUpdateSvc - ok
19:21:39.0883 0784  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:21:39.0898 0784  adp94xx - ok
19:21:39.0926 0784  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:21:39.0937 0784  adpahci - ok
19:21:39.0975 0784  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
19:21:39.0981 0784  adpu160m - ok
19:21:40.0009 0784  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:21:40.0015 0784  adpu320 - ok
19:21:40.0070 0784  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:21:40.0071 0784  AeLookupSvc - ok
19:21:40.0116 0784  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
19:21:40.0122 0784  AFD - ok
19:21:40.0169 0784  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:21:40.0171 0784  agp440 - ok
19:21:40.0196 0784  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:21:40.0199 0784  aic78xx - ok
19:21:40.0210 0784  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
19:21:40.0211 0784  ALG - ok
19:21:40.0225 0784  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:21:40.0226 0784  aliide - ok
19:21:40.0245 0784  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:21:40.0247 0784  amdagp - ok
19:21:40.0263 0784  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:21:40.0265 0784  amdide - ok
19:21:40.0282 0784  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
19:21:40.0284 0784  AmdK7 - ok
19:21:40.0291 0784  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:21:40.0294 0784  AmdK8 - ok
19:21:40.0347 0784  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
19:21:40.0348 0784  Appinfo - ok
19:21:40.0423 0784  [ 0FE769CAE5855B53C90E23F85E7E89FF ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:21:40.0426 0784  AppMgmt - ok
19:21:40.0458 0784  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
19:21:40.0461 0784  arc - ok
19:21:40.0479 0784  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:21:40.0481 0784  arcsas - ok
19:21:40.0545 0784  [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService    C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe
19:21:40.0548 0784  ASLDRService - ok
19:21:40.0557 0784  [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP          C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys
19:21:40.0559 0784  ASMMAP - ok
19:21:40.0591 0784  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:21:40.0592 0784  AsyncMac - ok
19:21:40.0633 0784  [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:21:40.0635 0784  atapi - ok
19:21:40.0650 0784  [ 0110D75B791B0758E6C81CA8CACE31F8 ] ATKGFNEXSrv     C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe
19:21:40.0652 0784  ATKGFNEXSrv - ok
19:21:40.0696 0784  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:21:40.0702 0784  AudioEndpointBuilder - ok
19:21:40.0711 0784  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:21:40.0713 0784  Audiosrv - ok
19:21:40.0953 0784  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
19:21:41.0107 0784  AVGIDSAgent - ok
19:21:41.0150 0784  [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
19:21:41.0156 0784  AVGIDSDriver - ok
19:21:41.0203 0784  [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
19:21:41.0206 0784  AVGIDSHX - ok
19:21:41.0246 0784  [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
19:21:41.0248 0784  AVGIDSShim - ok
19:21:41.0283 0784  [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
19:21:41.0288 0784  Avgldx86 - ok
19:21:41.0333 0784  [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
19:21:41.0342 0784  Avglogx - ok
19:21:41.0390 0784  [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
19:21:41.0394 0784  Avgmfx86 - ok
19:21:41.0417 0784  [ EDDE28E993496EE1DC3F0937DFF7BF28 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
19:21:41.0420 0784  Avgrkx86 - ok
19:21:41.0468 0784  [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
19:21:41.0475 0784  Avgtdix - ok
19:21:41.0521 0784  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
19:21:41.0530 0784  avgwd - ok
19:21:41.0617 0784  [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:21:41.0620 0784  BcmSqlStartupSvc - ok
19:21:41.0650 0784  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:21:41.0653 0784  Beep - ok
19:21:41.0716 0784  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
19:21:41.0727 0784  BFE - ok
19:21:41.0792 0784  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
19:21:41.0817 0784  BITS - ok
19:21:41.0853 0784  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
19:21:41.0857 0784  blbdrive - ok
19:21:41.0892 0784  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:21:41.0897 0784  bowser - ok
19:21:41.0924 0784  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
19:21:41.0928 0784  BrFiltLo - ok
19:21:41.0941 0784  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
19:21:41.0945 0784  BrFiltUp - ok
19:21:41.0987 0784  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
19:21:41.0991 0784  Browser - ok
19:21:42.0028 0784  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
19:21:42.0032 0784  Brserid - ok
19:21:42.0076 0784  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
19:21:42.0081 0784  BrSerWdm - ok
19:21:42.0101 0784  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
19:21:42.0104 0784  BrUsbMdm - ok
19:21:42.0150 0784  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
19:21:42.0152 0784  BrUsbSer - ok
19:21:42.0188 0784  [ 6D39C954799B63BA866910234CF7D726 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
19:21:42.0190 0784  BthEnum - ok
19:21:42.0212 0784  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:21:42.0215 0784  BTHMODEM - ok
19:21:42.0231 0784  [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
19:21:42.0235 0784  BthPan - ok
19:21:42.0292 0784  [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
19:21:42.0304 0784  BTHPORT - ok
19:21:42.0361 0784  [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ         C:\Windows\System32\bthserv.dll
19:21:42.0362 0784  BthServ - ok
19:21:42.0382 0784  [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
19:21:42.0384 0784  BTHUSB - ok
19:21:42.0427 0784  [ F2F7342742180D5060285499DEE50F99 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
19:21:42.0431 0784  btwaudio - ok
19:21:42.0446 0784  [ 32F59F26A30CFC508DA11DB3EA0F8B77 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
19:21:42.0450 0784  btwavdt - ok
19:21:42.0511 0784  [ 97689D6A5C74226071A8B19F68CB0D35 ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
19:21:42.0525 0784  btwdins - ok
19:21:42.0552 0784  [ ECB98391C756A7B9CFBAE89D9D1235E1 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
19:21:42.0556 0784  btwl2cap - ok
19:21:42.0596 0784  [ 03658734EF7D0F3B3F4636D3E8A38964 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
19:21:42.0599 0784  btwrchid - ok
19:21:42.0623 0784  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:21:42.0628 0784  cdfs - ok
19:21:42.0671 0784  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:21:42.0675 0784  cdrom - ok
19:21:42.0727 0784  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:21:42.0730 0784  CertPropSvc - ok
19:21:42.0760 0784  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
19:21:42.0763 0784  circlass - ok
19:21:42.0801 0784  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
19:21:42.0809 0784  CLFS - ok
19:21:42.0879 0784  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:21:42.0884 0784  clr_optimization_v2.0.50727_32 - ok
19:21:42.0966 0784  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:21:42.0995 0784  clr_optimization_v4.0.30319_32 - ok
19:21:43.0028 0784  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:21:43.0031 0784  CmBatt - ok
19:21:43.0068 0784  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:21:43.0071 0784  cmdide - ok
19:21:43.0121 0784  [ 9EE20B227083B6E8A0D1C61B2A122B0B ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
19:21:43.0130 0784  CnxtHdAudService - ok
19:21:43.0163 0784  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:21:43.0166 0784  Compbatt - ok
19:21:43.0176 0784  COMSysApp - ok
19:21:43.0206 0784  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:21:43.0209 0784  crcdisk - ok
19:21:43.0237 0784  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
19:21:43.0240 0784  Crusoe - ok
19:21:43.0313 0784  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:21:43.0319 0784  CryptSvc - ok
19:21:43.0384 0784  [ 9BDB2E89BE8D0EF37B1F25C3D3FC192C ] CSC             C:\Windows\system32\drivers\csc.sys
19:21:43.0396 0784  CSC - ok
19:21:43.0435 0784  [ 0A2095F92F6AE4FE6484D911B0C21E95 ] CscService      C:\Windows\System32\cscsvc.dll
19:21:43.0450 0784  CscService - ok
19:21:43.0529 0784  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:21:43.0548 0784  DcomLaunch - ok
19:21:43.0622 0784  [ 0181F7AEEF7E3FB5317097A0370BD61A ] DDNIOEMService  C:\Program Files\DDNI\SBITS\DDNIOEMService.exe
19:21:43.0628 0784  DDNIOEMService - ok
19:21:43.0665 0784  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:21:43.0668 0784  DfsC - ok
19:21:43.0797 0784  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
19:21:43.0855 0784  DFSR - ok
19:21:43.0928 0784  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
19:21:43.0935 0784  Dhcp - ok
19:21:43.0966 0784  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
19:21:43.0970 0784  disk - ok
19:21:44.0024 0784  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:21:44.0029 0784  Dnscache - ok
19:21:44.0053 0784  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:21:44.0060 0784  dot3svc - ok
19:21:44.0099 0784  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
19:21:44.0105 0784  DPS - ok
19:21:44.0148 0784  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:21:44.0151 0784  drmkaud - ok
19:21:44.0209 0784  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:21:44.0229 0784  DXGKrnl - ok
19:21:44.0284 0784  [ 908ED85B7806E8AF3AF5E9B74F7809D4 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
19:21:44.0292 0784  e1express - ok
19:21:44.0321 0784  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
19:21:44.0328 0784  E1G60 - ok
19:21:44.0386 0784  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
19:21:44.0390 0784  EapHost - ok
19:21:44.0439 0784  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
19:21:44.0445 0784  Ecache - ok
19:21:44.0506 0784  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:21:44.0517 0784  elxstor - ok
19:21:44.0577 0784  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
19:21:44.0595 0784  EMDMgmt - ok
19:21:44.0626 0784  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:21:44.0629 0784  ErrDev - ok
19:21:44.0677 0784  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
19:21:44.0684 0784  EventSystem - ok
19:21:44.0757 0784  [ 33ABDDB21DE2F4BB1B05A5A3A671BD64 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:21:44.0776 0784  EvtEng - ok
19:21:44.0823 0784  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
19:21:44.0828 0784  exfat - ok
19:21:44.0882 0784  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:21:44.0886 0784  fastfat - ok
19:21:44.0930 0784  [ DFBA0F60FA301E5B1BFB1403A93EE23E ] Fax             C:\Windows\system32\fxssvc.exe
19:21:44.0943 0784  Fax - ok
19:21:44.0977 0784  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:21:44.0979 0784  fdc - ok
19:21:45.0002 0784  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:21:45.0004 0784  fdPHost - ok
19:21:45.0011 0784  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:21:45.0014 0784  FDResPub - ok
19:21:45.0028 0784  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:21:45.0032 0784  FileInfo - ok
19:21:45.0053 0784  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:21:45.0057 0784  Filetrace - ok
19:21:45.0078 0784  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:21:45.0082 0784  flpydisk - ok
19:21:45.0125 0784  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:21:45.0132 0784  FltMgr - ok
19:21:45.0208 0784  [ 8CE364388C8ECA59B14B539179276D44 ] FontCache       C:\Windows\system32\FntCache.dll
19:21:45.0232 0784  FontCache - ok
19:21:45.0298 0784  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:21:45.0302 0784  FontCache3.0.0.0 - ok
19:21:45.0344 0784  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:21:45.0347 0784  Fs_Rec - ok
19:21:45.0391 0784  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:21:45.0395 0784  gagp30kx - ok
19:21:45.0449 0784  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:21:45.0467 0784  gpsvc - ok
19:21:45.0517 0784  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:21:45.0522 0784  gupdate - ok
19:21:45.0533 0784  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:21:45.0536 0784  gupdatem - ok
19:21:45.0580 0784  [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:21:45.0590 0784  HdAudAddService - ok
19:21:45.0641 0784  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:21:45.0659 0784  HDAudBus - ok
19:21:45.0690 0784  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:21:45.0693 0784  HidBth - ok
19:21:45.0717 0784  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:21:45.0721 0784  HidIr - ok
19:21:45.0754 0784  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
19:21:45.0757 0784  hidserv - ok
19:21:45.0788 0784  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:21:45.0791 0784  HidUsb - ok
19:21:45.0825 0784  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:21:45.0831 0784  hkmsvc - ok
19:21:45.0855 0784  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
19:21:45.0858 0784  HpCISSs - ok
19:21:45.0916 0784  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
19:21:45.0925 0784  HSFHWAZL - ok
19:21:45.0991 0784  [ FADD7095163CB3CB4073793EBB50FE75 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:21:46.0021 0784  HSF_DPV - ok
19:21:46.0076 0784  [ 058783BEDD17615D1FECE09F77960436 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:21:46.0084 0784  HSXHWAZL - ok
19:21:46.0133 0784  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:21:46.0146 0784  HTTP - ok
19:21:46.0182 0784  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
19:21:46.0185 0784  i2omp - ok
19:21:46.0226 0784  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:21:46.0230 0784  i8042prt - ok
19:21:46.0272 0784  [ 9F1220113A3A7F4F08042C699324D073 ] iaStor          C:\Windows\system32\drivers\iastor.sys
19:21:46.0278 0784  iaStor - ok
19:21:46.0305 0784  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
19:21:46.0314 0784  iaStorV - ok
19:21:46.0341 0784  [ 4A8AB38FDF3649C1FE3E9D16BF79927D ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
19:21:46.0345 0784  IBMPMDRV - ok
19:21:46.0361 0784  [ BB5CB196922C9F57598AE98C036DE246 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
19:21:46.0365 0784  IBMPMSVC - ok
19:21:46.0434 0784  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:21:46.0471 0784  IDriverT - ok
19:21:46.0546 0784  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:21:46.0572 0784  idsvc - ok
19:21:46.0608 0784  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:21:46.0612 0784  iirsp - ok
19:21:46.0666 0784  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:21:46.0679 0784  IKEEXT - ok
19:21:46.0738 0784  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:21:46.0741 0784  intelide - ok
19:21:46.0773 0784  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:21:46.0777 0784  intelppm - ok
19:21:46.0812 0784  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:21:46.0817 0784  IPBusEnum - ok
19:21:46.0840 0784  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:21:46.0847 0784  IpFilterDriver - ok
19:21:46.0877 0784  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:21:46.0885 0784  iphlpsvc - ok
19:21:46.0898 0784  IpInIp - ok
19:21:46.0919 0784  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
19:21:46.0922 0784  IPMIDRV - ok
19:21:46.0947 0784  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
19:21:46.0950 0784  IPNAT - ok
19:21:46.0972 0784  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:21:46.0973 0784  IRENUM - ok
19:21:46.0993 0784  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:21:46.0995 0784  isapnp - ok
19:21:47.0031 0784  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
19:21:47.0035 0784  iScsiPrt - ok
19:21:47.0057 0784  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
19:21:47.0059 0784  iteatapi - ok
19:21:47.0076 0784  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
19:21:47.0078 0784  iteraid - ok
19:21:47.0118 0784  [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
19:21:47.0121 0784  IviRegMgr - ok
19:21:47.0143 0784  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:21:47.0145 0784  kbdclass - ok
19:21:47.0181 0784  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:21:47.0182 0784  kbdhid - ok
19:21:47.0220 0784  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
19:21:47.0222 0784  KeyIso - ok
19:21:47.0245 0784  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:21:47.0254 0784  KSecDD - ok
19:21:47.0297 0784  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:21:47.0304 0784  KtmRm - ok
19:21:47.0338 0784  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:21:47.0343 0784  LanmanServer - ok
19:21:47.0385 0784  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:21:47.0390 0784  LanmanWorkstation - ok
19:21:47.0438 0784  [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi      C:\Windows\system32\DRIVERS\smiif32.sys
19:21:47.0440 0784  lenovo.smi - ok
19:21:47.0452 0784  [ 158B67696EC8602CE71F9AA4F14AA96F ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
19:21:47.0455 0784  Lenovo.VIRTSCRLSVC - ok
19:21:47.0491 0784  [ 2F21D22F994D6B40ABFD9C7745A11E4E ] LFKAS           C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe
19:21:47.0496 0784  LFKAS - ok
19:21:47.0526 0784  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:21:47.0528 0784  lltdio - ok
19:21:47.0561 0784  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:21:47.0565 0784  lltdsvc - ok
19:21:47.0589 0784  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:21:47.0591 0784  lmhosts - ok
19:21:47.0609 0784  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:21:47.0612 0784  LSI_FC - ok
19:21:47.0632 0784  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:21:47.0635 0784  LSI_SAS - ok
19:21:47.0654 0784  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:21:47.0658 0784  LSI_SCSI - ok
19:21:47.0674 0784  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
19:21:47.0677 0784  luafv - ok
19:21:47.0719 0784  [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys
19:21:47.0721 0784  MBAMSwissArmy - ok
19:21:47.0743 0784  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:21:47.0744 0784  mdmxsdk - ok
19:21:47.0785 0784  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:21:47.0787 0784  megasas - ok
19:21:47.0821 0784  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
19:21:47.0830 0784  MegaSR - ok
19:21:47.0864 0784  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
19:21:47.0867 0784  MMCSS - ok
19:21:47.0877 0784  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
19:21:47.0879 0784  Modem - ok
19:21:47.0911 0784  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:21:47.0913 0784  monitor - ok
19:21:47.0942 0784  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:21:47.0945 0784  mouclass - ok
19:21:47.0958 0784  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:21:47.0961 0784  mouhid - ok
19:21:47.0988 0784  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
19:21:47.0991 0784  MountMgr - ok
19:21:48.0014 0784  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:21:48.0018 0784  mpio - ok
19:21:48.0044 0784  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:21:48.0047 0784  mpsdrv - ok
19:21:48.0093 0784  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:21:48.0104 0784  MpsSvc - ok
19:21:48.0139 0784  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
19:21:48.0142 0784  Mraid35x - ok
19:21:48.0171 0784  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:21:48.0175 0784  MRxDAV - ok
19:21:48.0214 0784  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:21:48.0218 0784  mrxsmb - ok
19:21:48.0253 0784  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:21:48.0261 0784  mrxsmb10 - ok
19:21:48.0284 0784  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:21:48.0288 0784  mrxsmb20 - ok
19:21:48.0317 0784  [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci          C:\Windows\system32\drivers\msahci.sys
19:21:48.0321 0784  msahci - ok
19:21:48.0349 0784  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:21:48.0356 0784  msdsm - ok
19:21:48.0398 0784  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
19:21:48.0405 0784  MSDTC - ok
19:21:48.0455 0784  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:21:48.0458 0784  Msfs - ok
19:21:48.0489 0784  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:21:48.0493 0784  msisadrv - ok
19:21:48.0522 0784  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:21:48.0529 0784  MSiSCSI - ok
19:21:48.0541 0784  msiserver - ok
19:21:48.0584 0784  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:21:48.0587 0784  MSKSSRV - ok
19:21:48.0603 0784  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:21:48.0606 0784  MSPCLOCK - ok
19:21:48.0631 0784  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:21:48.0635 0784  MSPQM - ok
19:21:48.0679 0784  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:21:48.0685 0784  MsRPC - ok
19:21:48.0725 0784  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:21:48.0729 0784  mssmbios - ok
19:21:48.0774 0784  MSSQL$MSSMLBIZ - ok
19:21:48.0807 0784  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
19:21:48.0811 0784  MSSQLServerADHelper - ok
19:21:48.0840 0784  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:21:48.0844 0784  MSTEE - ok
19:21:48.0871 0784  [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor        C:\Windows\system32\DRIVERS\A0101V32.sys
19:21:48.0875 0784  MTsensor - ok
19:21:48.0902 0784  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
19:21:48.0907 0784  Mup - ok
19:21:48.0948 0784  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
19:21:48.0954 0784  napagent - ok
19:21:48.0990 0784  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:21:48.0994 0784  NativeWifiP - ok
19:21:49.0026 0784  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:21:49.0036 0784  NDIS - ok
19:21:49.0059 0784  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:21:49.0061 0784  NdisTapi - ok
19:21:49.0070 0784  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:21:49.0072 0784  Ndisuio - ok
19:21:49.0106 0784  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:21:49.0109 0784  NdisWan - ok
19:21:49.0118 0784  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:21:49.0120 0784  NDProxy - ok
19:21:49.0129 0784  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:21:49.0131 0784  NetBIOS - ok
19:21:49.0150 0784  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
19:21:49.0155 0784  netbt - ok
19:21:49.0161 0784  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
19:21:49.0163 0784  Netlogon - ok
19:21:49.0194 0784  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
19:21:49.0201 0784  Netman - ok
19:21:49.0226 0784  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
19:21:49.0232 0784  netprofm - ok
19:21:49.0267 0784  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:21:49.0270 0784  NetTcpPortSharing - ok
19:21:49.0417 0784  [ 840D89327C45B0CB9E1AB130249046E2 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
19:21:49.0516 0784  NETw5v32 - ok
19:21:49.0758 0784  [ 372F80936353C72A273FF92401FAA55F ] NETwNv32        C:\Windows\system32\DRIVERS\NETwNv32.sys
19:21:49.0966 0784  NETwNv32 - ok
19:21:49.0995 0784  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:21:49.0998 0784  nfrd960 - ok
19:21:50.0034 0784  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:21:50.0040 0784  NlaSvc - ok
19:21:50.0080 0784  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:21:50.0082 0784  Npfs - ok
19:21:50.0118 0784  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
19:21:50.0122 0784  nsi - ok
19:21:50.0145 0784  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:21:50.0147 0784  nsiproxy - ok
19:21:50.0216 0784  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:21:50.0240 0784  Ntfs - ok
19:21:50.0270 0784  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
19:21:50.0272 0784  ntrigdigi - ok
19:21:50.0294 0784  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
19:21:50.0296 0784  Null - ok
19:21:50.0333 0784  [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
19:21:50.0338 0784  NVHDA - ok
19:21:50.0601 0784  [ 00D9589B379710782E7B341433190FC9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:21:50.0813 0784  nvlddmkm - ok
19:21:50.0851 0784  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:21:50.0855 0784  nvraid - ok
19:21:50.0874 0784  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:21:50.0877 0784  nvstor - ok
19:21:50.0934 0784  [ C8BCEFFE0E985B2DF352F9C899450A60 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:21:50.0941 0784  nvsvc - ok
19:21:50.0965 0784  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:21:50.0970 0784  nv_agp - ok
19:21:50.0977 0784  NwlnkFlt - ok
19:21:50.0987 0784  NwlnkFwd - ok
19:21:51.0055 0784  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:21:51.0066 0784  odserv - ok
19:21:51.0113 0784  [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
19:21:51.0116 0784  ohci1394 - ok
19:21:51.0179 0784  [ 0F7B2D0A2D7182B318B358E2B9C498E2 ] Olympus DVR Service C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
19:21:51.0202 0784  Olympus DVR Service - ok
19:21:51.0238 0784  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:21:51.0244 0784  ose - ok
19:21:51.0318 0784  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
19:21:51.0339 0784  p2pimsvc - ok
19:21:51.0363 0784  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:21:51.0376 0784  p2psvc - ok
19:21:51.0417 0784  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
19:21:51.0422 0784  Parport - ok
19:21:51.0465 0784  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:21:51.0469 0784  partmgr - ok
19:21:51.0490 0784  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:21:51.0494 0784  Parvdm - ok
19:21:51.0529 0784  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:21:51.0535 0784  PcaSvc - ok
19:21:51.0575 0784  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
19:21:51.0581 0784  pci - ok
19:21:51.0613 0784  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
19:21:51.0616 0784  pciide - ok
19:21:51.0655 0784  [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:21:51.0663 0784  pcmcia - ok
19:21:51.0714 0784  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:21:51.0739 0784  PEAUTH - ok
19:21:51.0850 0784  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
19:21:51.0894 0784  pla - ok
19:21:51.0947 0784  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:21:51.0958 0784  PlugPlay - ok
19:21:51.0996 0784  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
19:21:52.0010 0784  PNRPAutoReg - ok
19:21:52.0035 0784  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
19:21:52.0049 0784  PNRPsvc - ok
19:21:52.0095 0784  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:21:52.0109 0784  PolicyAgent - ok
19:21:52.0177 0784  [ D5B88B34655EC34308BF470E022BA80F ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
19:21:52.0180 0784  Power Manager DBC Service - ok
19:21:52.0217 0784  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:21:52.0222 0784  PptpMiniport - ok
19:21:52.0245 0784  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
19:21:52.0249 0784  Processor - ok
19:21:52.0288 0784  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:21:52.0296 0784  ProfSvc - ok
19:21:52.0320 0784  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
19:21:52.0323 0784  ProtectedStorage - ok
19:21:52.0357 0784  [ F8A25F1DD8B2C332CBC663E3579566E7 ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
19:21:52.0360 0784  psadd - ok
19:21:52.0400 0784  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
19:21:52.0403 0784  PSched - ok
19:21:52.0440 0784  [ 2A52F9452557855D57CB61DD70D748DC ] pssnap          C:\Windows\system32\DRIVERS\pssnap.sys
19:21:52.0442 0784  pssnap - ok
19:21:52.0529 0784  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:21:52.0553 0784  ql2300 - ok
19:21:52.0575 0784  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:21:52.0579 0784  ql40xx - ok
19:21:52.0609 0784  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
19:21:52.0617 0784  QWAVE - ok
19:21:52.0633 0784  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:21:52.0635 0784  QWAVEdrv - ok
19:21:52.0653 0784  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:21:52.0656 0784  RasAcd - ok
19:21:52.0689 0784  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
19:21:52.0694 0784  RasAuto - ok
19:21:52.0715 0784  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:21:52.0718 0784  Rasl2tp - ok
19:21:52.0778 0784  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
19:21:52.0790 0784  RasMan - ok
19:21:52.0816 0784  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:21:52.0820 0784  RasPppoe - ok
19:21:52.0846 0784  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:21:52.0851 0784  RasSstp - ok
19:21:52.0872 0784  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:21:52.0880 0784  rdbss - ok
19:21:52.0896 0784  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:21:52.0900 0784  RDPCDD - ok
19:21:52.0955 0784  [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
19:21:52.0960 0784  rdpdr - ok
19:21:52.0973 0784  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:21:52.0975 0784  RDPENCDD - ok
19:21:53.0012 0784  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:21:53.0017 0784  RDPWD - ok
19:21:53.0093 0784  [ 698BAB6D6F048F8B21D817D8512FDF2C ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
19:21:53.0098 0784  ReflectService.exe - ok
19:21:53.0171 0784  [ 03D281098CE722210C48E1E8CAFEA260 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:21:53.0179 0784  RegSrvc - ok
19:21:53.0217 0784  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:21:53.0219 0784  RemoteAccess - ok
19:21:53.0263 0784  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:21:53.0267 0784  RemoteRegistry - ok
19:21:53.0310 0784  [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
19:21:53.0314 0784  RFCOMM - ok
19:21:53.0354 0784  [ A5B12A4B3B774432DB9B9FA221190E59 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
19:21:53.0356 0784  rimmptsk - ok
19:21:53.0385 0784  [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
19:21:53.0387 0784  rimsptsk - ok
19:21:53.0395 0784  [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
19:21:53.0397 0784  rismxdp - ok
19:21:53.0420 0784  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
19:21:53.0422 0784  RpcLocator - ok
19:21:53.0448 0784  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
19:21:53.0453 0784  RpcSs - ok
19:21:53.0489 0784  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:21:53.0491 0784  rspndr - ok
19:21:53.0549 0784  [ 2D19A7469EA19993D0C12E627F4530BC ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
19:21:53.0577 0784  RTL8169 - ok
19:21:53.0598 0784  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
19:21:53.0599 0784  SamSs - ok
19:21:53.0627 0784  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:21:53.0630 0784  sbp2port - ok
19:21:53.0663 0784  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:21:53.0667 0784  SCardSvr - ok
19:21:53.0711 0784  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
19:21:53.0725 0784  Schedule - ok
19:21:53.0760 0784  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:21:53.0761 0784  SCPolicySvc - ok
19:21:53.0791 0784  [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
19:21:53.0794 0784  sdbus - ok
19:21:53.0826 0784  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:21:53.0830 0784  SDRSVC - ok
19:21:53.0863 0784  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:21:53.0865 0784  secdrv - ok
19:21:53.0877 0784  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
19:21:53.0880 0784  seclogon - ok
19:21:53.0896 0784  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
19:21:53.0899 0784  SENS - ok
19:21:53.0917 0784  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:21:53.0919 0784  Serenum - ok
19:21:53.0944 0784  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
19:21:53.0948 0784  Serial - ok
19:21:53.0963 0784  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:21:53.0966 0784  sermouse - ok
19:21:54.0017 0784  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:21:54.0022 0784  SessionEnv - ok
19:21:54.0045 0784  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
19:21:54.0047 0784  sffdisk - ok
19:21:54.0078 0784  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:21:54.0080 0784  sffp_mmc - ok
19:21:54.0108 0784  [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
19:21:54.0111 0784  sffp_sd - ok
19:21:54.0134 0784  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:21:54.0136 0784  sfloppy - ok
19:21:54.0168 0784  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:21:54.0175 0784  SharedAccess - ok
19:21:54.0206 0784  [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:21:54.0215 0784  ShellHWDetection - ok
19:21:54.0252 0784  [ 1310C5E81966E86B2CED7AE8CE3D74F1 ] Shockprf        C:\Windows\system32\DRIVERS\Apsx86.sys
19:21:54.0256 0784  Shockprf - ok
19:21:54.0303 0784  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:21:54.0306 0784  sisagp - ok
19:21:54.0345 0784  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
19:21:54.0347 0784  SiSRaid2 - ok
19:21:54.0368 0784  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:21:54.0372 0784  SiSRaid4 - ok
19:21:54.0450 0784  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:21:54.0454 0784  SkypeUpdate - ok
19:21:54.0624 0784  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
19:21:54.0745 0784  slsvc - ok
19:21:54.0794 0784  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
19:21:54.0800 0784  SLUINotify - ok
19:21:54.0829 0784  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:21:54.0834 0784  Smb - ok
19:21:54.0879 0784  [ FCC8EDD602B50247C3E75BD23D4FACE6 ] smihlp          C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys
19:21:54.0881 0784  smihlp - ok
19:21:54.0929 0784  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:21:54.0935 0784  SNMPTRAP - ok
19:21:55.0322 0784  [ 5A440E4D29FF4EADD05A0331A27D7FF2 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
19:21:55.0573 0784  SNP2UVC - ok
19:21:55.0599 0784  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
19:21:55.0601 0784  spldr - ok
19:21:55.0628 0784  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
19:21:55.0632 0784  Spooler - ok
19:21:55.0658 0784  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:21:55.0664 0784  SQLBrowser - ok
19:21:55.0707 0784  [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:21:55.0710 0784  SQLWriter - ok
19:21:55.0742 0784  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:21:55.0748 0784  srv - ok
19:21:55.0787 0784  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:21:55.0791 0784  srv2 - ok
19:21:55.0806 0784  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:21:55.0809 0784  srvnet - ok
19:21:55.0834 0784  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:21:55.0839 0784  SSDPSRV - ok
19:21:55.0860 0784  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:21:55.0864 0784  SstpSvc - ok
19:21:55.0909 0784  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
19:21:55.0919 0784  stisvc - ok
19:21:55.0953 0784  [ C2191C1A5DFED0795E3D3B68905B195B ] SUService       C:\Program Files\Lenovo\System Update\SUService.exe
19:21:55.0955 0784  SUService - ok
19:21:55.0987 0784  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:21:55.0989 0784  swenum - ok
19:21:56.0026 0784  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
19:21:56.0034 0784  swprv - ok
19:21:56.0055 0784  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
19:21:56.0057 0784  Symc8xx - ok
19:21:56.0079 0784  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
19:21:56.0081 0784  Sym_hi - ok
19:21:56.0096 0784  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
19:21:56.0098 0784  Sym_u3 - ok
19:21:56.0141 0784  [ D7DC30B8B41E7A913C3FCCC0631E72EC ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:21:56.0147 0784  SynTP - ok
19:21:56.0194 0784  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
19:21:56.0208 0784  SysMain - ok
19:21:56.0234 0784  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:21:56.0238 0784  TabletInputService - ok
19:21:56.0279 0784  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:21:56.0286 0784  TapiSrv - ok
19:21:56.0305 0784  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
19:21:56.0309 0784  TBS - ok
19:21:56.0352 0784  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:21:56.0372 0784  Tcpip - ok
19:21:56.0397 0784  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
19:21:56.0408 0784  Tcpip6 - ok
19:21:56.0439 0784  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:21:56.0442 0784  tcpipreg - ok
19:21:56.0462 0784  [ 72B9E77565DA5FA564581976E000D29B ] TcUsb           C:\Windows\system32\Drivers\tcusb.sys
19:21:56.0465 0784  TcUsb - ok
19:21:56.0494 0784  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:21:56.0496 0784  TDPIPE - ok
19:21:56.0509 0784  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:21:56.0512 0784  TDTCP - ok
19:21:56.0542 0784  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:21:56.0546 0784  tdx - ok
19:21:56.0564 0784  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:21:56.0567 0784  TermDD - ok
19:21:56.0598 0784  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
19:21:56.0610 0784  TermService - ok
19:21:56.0632 0784  [ C7230FBEE14437716701C15BE02C27B8 ] Themes          C:\Windows\system32\shsvcs.dll
19:21:56.0643 0784  Themes - ok
19:21:56.0725 0784  [ EB90A37AABAEFD7B4F4F92BEFEA8C2E2 ] ThinkVantage Registry Monitor Service c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
19:21:56.0746 0784  ThinkVantage Registry Monitor Service - ok
19:21:56.0765 0784  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
19:21:56.0770 0784  THREADORDER - ok
19:21:56.0795 0784  [ D7A29E343632E2FC5F7EBFC886F12675 ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM86.sys
19:21:56.0798 0784  TPDIGIMN - ok
19:21:56.0828 0784  [ 51B679F627A43A25EF9444AD23BBFF9A ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG.exe
19:21:56.0831 0784  TPHDEXLGSVC - ok
19:21:56.0897 0784  [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
19:21:56.0901 0784  TPHKSVC - ok
19:21:56.0934 0784  [ CB258C2F726F1BE73C507022BE33EBB3 ] TPM             C:\Windows\system32\drivers\tpm.sys
19:21:56.0936 0784  TPM - ok
19:21:56.0965 0784  [ 1BD5719EF160E0AB739CD0FF3BA5E298 ] TPPWRIF         C:\Windows\system32\drivers\Tppwr32v.sys
19:21:56.0966 0784  TPPWRIF - ok
19:21:56.0980 0784  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
19:21:56.0984 0784  TrkWks - ok
19:21:57.0040 0784  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:21:57.0042 0784  TrustedInstaller - ok
19:21:57.0085 0784  [ 4A4FFDEB90A151B734A0BEA3D420FD3B ] TSSCoreService  C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
19:21:57.0099 0784  TSSCoreService - ok
19:21:57.0115 0784  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:21:57.0117 0784  tssecsrv - ok
19:21:57.0137 0784  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
19:21:57.0139 0784  tunmp - ok
19:21:57.0163 0784  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:21:57.0165 0784  tunnel - ok
19:21:57.0225 0784  [ 1A9F115D6F82FC0753D06599E42B2295 ] TVT Backup Protection Service C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
19:21:57.0235 0784  TVT Backup Protection Service - ok
19:21:57.0265 0784  [ 43FFBB6AF7245C97865ADA74B8CEECF9 ] TVT Backup Service C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
19:21:57.0284 0784  TVT Backup Service - ok
19:21:57.0357 0784  [ 58BC366538A8A1F252D2750C1F5193B6 ] TVT Scheduler   c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
19:21:57.0378 0784  TVT Scheduler - ok
19:21:57.0403 0784  [ 49258A02A1E8D304ED88B0F1C56B1738 ] tvtfilter       C:\Windows\system32\DRIVERS\tvtfilter.sys
19:21:57.0404 0784  tvtfilter - ok
19:21:57.0438 0784  [ 2D1EC233C89416BA8187C9D7D49A075A ] tvtumon         C:\Windows\system32\DRIVERS\tvtumon.sys
19:21:57.0440 0784  tvtumon - ok
19:21:57.0458 0784  [ 3152355EA8E8274D4FDA092F454DA7C0 ] TVT_UpdateMonitor C:\Program Files\Lenovo\Rescue and Recovery\UpdateMonitor.exe
19:21:57.0463 0784  TVT_UpdateMonitor - ok
19:21:57.0494 0784  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:21:57.0496 0784  uagp35 - ok
19:21:57.0531 0784  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:21:57.0537 0784  udfs - ok
19:21:57.0582 0784  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:21:57.0586 0784  UI0Detect - ok
19:21:57.0606 0784  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:21:57.0609 0784  uliagpkx - ok
19:21:57.0632 0784  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
19:21:57.0638 0784  uliahci - ok
19:21:57.0677 0784  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
19:21:57.0681 0784  UlSata - ok
19:21:57.0703 0784  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
19:21:57.0707 0784  ulsata2 - ok
19:21:57.0733 0784  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:21:57.0736 0784  umbus - ok
19:21:57.0772 0784  [ 8A66360F38F81E960E2367B428CBD5D9 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:21:57.0779 0784  UmRdpService - ok
19:21:57.0810 0784  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
19:21:57.0817 0784  upnphost - ok
19:21:57.0850 0784  [ 922B2EBD5118B9AB120410807131A921 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:21:57.0854 0784  usbccgp - ok
19:21:57.0882 0784  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:21:57.0886 0784  usbcir - ok
19:21:57.0917 0784  [ 3D045EAA73414BE8F877F292A84ABBA2 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:21:57.0920 0784  usbehci - ok
19:21:57.0948 0784  [ 1AE77A4C4E4F526EF9759C31A123F2B0 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:21:57.0954 0784  usbhub - ok
19:21:57.0977 0784  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:21:57.0980 0784  usbohci - ok
19:21:58.0007 0784  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:21:58.0009 0784  usbprint - ok
19:21:58.0039 0784  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:21:58.0042 0784  USBSTOR - ok
19:21:58.0073 0784  [ F69C1AAD04F28415F3FBE99FBE56030B ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:21:58.0076 0784  usbuhci - ok
19:21:58.0115 0784  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:21:58.0120 0784  usbvideo - ok
19:21:58.0156 0784  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
19:21:58.0163 0784  UxSms - ok
19:21:58.0198 0784  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
19:21:58.0214 0784  vds - ok
19:21:58.0253 0784  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:21:58.0257 0784  vga - ok
19:21:58.0283 0784  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:21:58.0288 0784  VgaSave - ok
19:21:58.0318 0784  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:21:58.0322 0784  viaagp - ok
19:21:58.0352 0784  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:21:58.0356 0784  ViaC7 - ok
19:21:58.0382 0784  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
19:21:58.0386 0784  viaide - ok
19:21:58.0421 0784  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:21:58.0425 0784  volmgr - ok
19:21:58.0480 0784  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:21:58.0490 0784  volmgrx - ok
19:21:58.0529 0784  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:21:58.0538 0784  volsnap - ok
19:21:58.0584 0784  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:21:58.0590 0784  vsmraid - ok
19:21:58.0658 0784  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
19:21:58.0691 0784  VSS - ok
19:21:58.0740 0784  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
19:21:58.0753 0784  W32Time - ok
19:21:58.0786 0784  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:21:58.0790 0784  WacomPen - ok
19:21:58.0814 0784  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
19:21:58.0819 0784  Wanarp - ok
19:21:58.0828 0784  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:21:58.0831 0784  Wanarpv6 - ok
19:21:58.0878 0784  [ 20B23332885DFB93FE0185362EE811E9 ] wbengine        C:\Windows\system32\wbengine.exe
19:21:58.0909 0784  wbengine - ok
19:21:58.0961 0784  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:21:58.0974 0784  wcncsvc - ok
19:21:59.0003 0784  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:21:59.0008 0784  WcsPlugInService - ok
19:21:59.0031 0784  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
19:21:59.0034 0784  Wd - ok
19:21:59.0078 0784  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:21:59.0091 0784  Wdf01000 - ok
19:21:59.0115 0784  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:21:59.0121 0784  WdiServiceHost - ok
19:21:59.0127 0784  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:21:59.0132 0784  WdiSystemHost - ok
19:21:59.0170 0784  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
19:21:59.0177 0784  WebClient - ok
19:21:59.0209 0784  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:21:59.0217 0784  Wecsvc - ok
19:21:59.0249 0784  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:21:59.0254 0784  wercplsupport - ok
19:21:59.0288 0784  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:21:59.0294 0784  WerSvc - ok
19:21:59.0336 0784  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
19:21:59.0340 0784  WimFltr - ok
19:21:59.0409 0784  [ BB9CBAF6AC20452B245C324F1F50EE81 ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:21:59.0427 0784  winachsf - ok
19:21:59.0494 0784  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:21:59.0502 0784  WinDefend - ok
19:21:59.0515 0784  WinHttpAutoProxySvc - ok
19:21:59.0589 0784  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:21:59.0595 0784  Winmgmt - ok
19:21:59.0669 0784  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
19:21:59.0705 0784  WinRM - ok
19:21:59.0775 0784  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:21:59.0795 0784  Wlansvc - ok
19:21:59.0835 0784  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:21:59.0838 0784  WmiAcpi - ok
19:21:59.0880 0784  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:21:59.0885 0784  wmiApSrv - ok
19:21:59.0970 0784  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:21:59.0997 0784  WMPNetworkSvc - ok
19:22:00.0046 0784  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:22:00.0054 0784  WPDBusEnum - ok
19:22:00.0157 0784  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:22:00.0180 0784  WPFFontCache_v0400 - ok
19:22:00.0207 0784  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:22:00.0212 0784  ws2ifsl - ok
19:22:00.0267 0784  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
19:22:00.0275 0784  wscsvc - ok
19:22:00.0286 0784  WSearch - ok
19:22:00.0395 0784  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:22:00.0453 0784  wuauserv - ok
19:22:00.0500 0784  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:22:00.0504 0784  WudfPf - ok
19:22:00.0537 0784  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:22:00.0582 0784  WUDFRd - ok
19:22:00.0622 0784  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:22:00.0630 0784  wudfsvc - ok
19:22:00.0663 0784  [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
19:22:00.0666 0784  XAudio - ok
19:22:00.0695 0784  [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
19:22:00.0708 0784  XAudioService - ok
19:22:00.0741 0784  ================ Scan global ===============================
19:22:00.0776 0784  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:22:00.0818 0784  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:22:00.0850 0784  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
19:22:00.0905 0784  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:22:00.0918 0784  [Global] - ok
19:22:00.0918 0784  ================ Scan MBR ==================================
19:22:00.0938 0784  [ EABA3355207DF03239D94BA5ABFFC16F ] \Device\Harddisk0\DR0
19:22:01.0321 0784  \Device\Harddisk0\DR0 - ok
19:22:01.0322 0784  ================ Scan VBR ==================================
19:22:01.0329 0784  [ 6937A5290B304FFBB27D2AA3AE69D5E3 ] \Device\Harddisk0\DR0\Partition1
19:22:01.0331 0784  \Device\Harddisk0\DR0\Partition1 - ok
19:22:01.0358 0784  [ D24A233C381B164C758FA9FD28C67356 ] \Device\Harddisk0\DR0\Partition2
19:22:01.0362 0784  \Device\Harddisk0\DR0\Partition2 - ok
19:22:01.0392 0784  [ 02F95063DE50E92DCA00C0A825C5D77A ] \Device\Harddisk0\DR0\Partition3
19:22:01.0396 0784  \Device\Harddisk0\DR0\Partition3 - ok
19:22:01.0423 0784  [ 222EB78C9AE8A74885B5CA0CBF50A609 ] \Device\Harddisk0\DR0\Partition4
19:22:01.0426 0784  \Device\Harddisk0\DR0\Partition4 - ok
19:22:01.0427 0784  ============================================================
19:22:01.0428 0784  Scan finished
19:22:01.0428 0784  ============================================================
19:22:01.0457 6272  Detected object count: 0
19:22:01.0457 6272  Actual detected object count: 0


#6 Laverdure

Laverdure
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 08 August 2013 - 12:34 PM

# AdwCleaner v2.306 - Logfile creato il 08/08/2013 alle 19:25:29
# Aggiornamento 19/07/2013 by Xplode
# Sistema Operativo : Windows Vista ™ Business Service Pack 2 (32 bits)
# Utente : Roots - PC-LERANOVO
# Modalità Avvio : Modalità Normale
# Eseguito da : C:\Users\Roots\Desktop\AdwCleaner.exe
# Opzioni [Elimina]
 
 
***** [Servizi] *****
 
 
***** [File / Cartelle] *****
 
Cartella Eliminato : C:\Program Files\Conduit
Cartella Eliminato : C:\ProgramData\Babylon
Cartella Eliminato : C:\Users\Fugazi\AppData\LocalLow\Conduit
Cartella Eliminato : C:\Users\Roots\AppData\Local\Conduit
Cartella Eliminato : C:\Users\Roots\AppData\Local\Temp\CT2737658
Cartella Eliminato : C:\Users\Roots\AppData\LocalLow\Conduit
Cartella Eliminato : C:\Users\Roots\AppData\LocalLow\PriceGong
Cartella Eliminato : C:\Users\Roots\AppData\Roaming\Mozilla\Firefox\Profiles\uttm7z7s.default\extensions\{f999a48b-1950-4d81-9971-79018f807b4b}
Cartella Eliminato : C:\Users\Roots\AppData\Roaming\Mozilla\Firefox\Profiles\uttm7z7s.default\extensions\ffxtlbr@babylon.com
Cartella Eliminato : C:\Users\Roots\AppData\Roaming\OpenCandy
File Eliminato : C:\Users\Fugazi\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Eliminato : C:\Users\Fugazi\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Eliminato : C:\Users\Fugazi\AppData\Roaming\Mozilla\Firefox\Profiles\xtjor814.default\bprotector_extensions.sqlite
File Eliminato : C:\Users\Fugazi\AppData\Roaming\Mozilla\Firefox\Profiles\xtjor814.default\bprotector_prefs.js
File Eliminato : C:\Users\Roots\AppData\Roaming\Mozilla\Firefox\Profiles\uttm7z7s.default\searchplugins\Babylon.xml
 
***** [Registro] *****
 
Chiave Eliminata : HKCU\Software\AppDataLow\Software\PriceGong
Chiave Eliminata : HKCU\Software\BabSolution
Chiave Eliminata : HKCU\Software\Conduit
Chiave Eliminata : HKCU\Software\DataMngr
Chiave Eliminata : HKCU\Software\DataMngr_Toolbar
Chiave Eliminata : HKCU\Software\Delta
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chiave Eliminata : HKLM\SOFTWARE\5948fd9bd3eba45
Chiave Eliminata : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Prod.cap
Chiave Eliminata : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Chiave Eliminata : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Chiave Eliminata : HKLM\Software\Conduit
Chiave Eliminata : HKLM\Software\DataMngr
Chiave Eliminata : HKLM\Software\Delta
 
***** [Browser Internet] *****
 
-\\ Internet Explorer v9.0.8112.16490
 
[OK] Registro Pulito.
 
-\\ Mozilla Firefox v11.0 (it)
 
File : C:\Users\Roots\AppData\Roaming\Mozilla\Firefox\Profiles\uttm7z7s.default\prefs.js
 
C:\Users\Roots\AppData\Roaming\Mozilla\Firefox\Profiles\uttm7z7s.default\user.js ... Eliminato !
 
[OK] File Pulito.
 
File : C:\Users\Fugazi\AppData\Roaming\Mozilla\Firefox\Profiles\xtjor814.default\prefs.js
 
Eliminata : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=22A000215D62015E&[...]
Eliminata : user_pref("browser.search.order.1", "Delta Search");
Eliminata : user_pref("browser.search.selectedEngine", "Delta Search");
 
-\\ Google Chrome v28.0.1500.95
 
File : C:\Users\Roots\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
Eliminata [l.54] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Eliminata [l.57] : keyword = "delta-search.com",
Eliminata [l.61] : search_url = "hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=22A000215D620[...]
Eliminata [l.2304] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=22A000215D62015E&affID=121564&tsp=[...]
 
File : C:\Users\Fugazi\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
[OK] File Pulito.
 
*************************
 
AdwCleaner[S1].txt - [4380 octets] - [08/08/2013 19:25:29]
 
########## EOF - C:\AdwCleaner[S1].txt - [4440 octets] ##########


#7 Laverdure

Laverdure
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 08 August 2013 - 02:46 PM

ESET LOG

 

**********************************

 

C:\Users\Fugazi\Downloads\OrbitSetup4.1.18_20130502_1.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Roots\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\Roots\AppData\Local\Temp\jar_cache6322256401073806039.tmp a variant of Java/Exploit.CVE-2012-0507.Q trojan cleaned by deleting - quarantined
C:\Users\Roots\AppData\Local\Temp\E994FF8B-BAB0-7891-9C6F-C218899009E5\Latest\BExternal.dll a variant of Win32/Toolbar.Babylon.F application cleaned by deleting - quarantined
C:\Users\Roots\AppData\Local\Temp\E994FF8B-BAB0-7891-9C6F-C218899009E5\Latest\IEHelper.dll Win32/Toolbar.Babylon.E application cleaned by deleting - quarantined


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:03 PM

Posted 08 August 2013 - 08:15 PM

Hello Laverdure
Should be much better now.

I Conrol Panel,uninstall ...Java™ 6 Update 22 (Version: 6.0.220)
Older versions are exploitable.

Run these last 2,they are quick to see if there's anything left.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Laverdure

Laverdure
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 09 August 2013 - 02:00 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.9 (08.09.2013:1)
OS: Windows Vista ™ Business x86
Ran by Roots on 09/08/2013 at 19.38.14,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted [File] C:\Windows\system32\tasks\CreateChoiceProcessTask
Successfully deleted [File] C:\Windows\system32\tasks\PMTask
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Successfully deleted: [File] C:\Users\Roots\AppData\Roaming\mozilla\firefox\profiles\uttm7z7s.default\invalidprefs.js
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/08/2013 at 19.40.14,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:03 PM

Posted 09 August 2013 - 02:42 PM

This looks cleaned to me, any thing on your end?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Laverdure

Laverdure
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lombardia, Italy
  • Local time:07:03 PM

Posted 09 August 2013 - 05:07 PM

This looks cleaned to me, any thing on your end?

 

Yes indeed, boopme.

Thank you very much for your help and clearness.

You confirm this is the best forum for this kind of problems.

Let me know if I can reciprocate somehow.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:03 PM

Posted 11 August 2013 - 07:23 PM

You're welcome!! Well I'd settle for a kettle of Ossobuco :)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users