TechSpot

Win64/Patched.A virus in Services.exe

Solved
By kayetea
Nov 1, 2012
  1. Another win64/patched.A virus. AVG picked it up, and my computer has been blue screening frequently. Thanks in advance.
     
  2. Broni

    Broni Malware Annihilator Posts: 47,995   +271

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    I keep trying to run the Malwarebyte scan, but my computer blue screens before it finishes.
     
  4. Broni

    Broni Malware Annihilator Posts: 47,995   +271

    What Windows version is it?
     
  5. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Windows 7 64 bit
     
  6. Broni

    Broni Malware Annihilator Posts: 47,995   +271

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    On the System Recovery Options menu you will get the following options:

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

    Next...

    Re-run FRST again.
    Type the following in the edit box after "Search:".

    services.exe

    Click Search button and post the log (Search.txt) it makes in your reply.

    I'll expect two logs:
    - FRST.txt
    - Search.txt
     
  7. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Note: My last attempted Malwarebyte scan actually did finish before I tried to reboot and run Farbar. Also, my DDS scan took longer than 10 minutes so my AVG re-enabled itself. Should I re-scan?

    =========================================================

    Malwarebytes Anti-Malware 1.65.1.1000
    www.malwarebytes.org

    Database version: v2012.11.01.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Katelyn :: WINSTON [administrator]

    11/1/2012 12:20:32 PM
    mbam-log-2012-11-01 (12-20-32).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 237188
    Time elapsed: 17 minute(s), 45 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 4
    C:\Users\Katelyn\AppData\Local\Temp\7zOA035.tmp\Adobe Photoshop CS4 KeyGenerator.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
    C:\Users\Katelyn\AppData\Local\Temp\Temp1_HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.zip\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

    (end)
    =========================================================
    no GMER data
     
  8. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    DDS (Ver_2012-10-19.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_37
    Run by Katelyn at 13:07:30 on 2012-11-01
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3892.1307 [GMT -4:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\windows\system32\wininit.exe
    C:\windows\system32\lsm.exe
    C:\windows\system32\svchost.exe -k DcomLaunch
    C:\windows\system32\svchost.exe -k RPCSS
    C:\windows\system32\atiesrxx.exe
    C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\windows\system32\svchost.exe -k netsvcs
    C:\windows\system32\svchost.exe -k LocalService
    C:\windows\system32\atieclxx.exe
    C:\windows\system32\svchost.exe -k NetworkService
    C:\windows\System32\spoolsv.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
    C:\windows\system32\dleecoms.exe
    C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\windows\system32\sesinetd.exe
    C:\windows\system32\hserver.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
    C:\windows\system32\taskhost.exe
    c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\windows\System32\svchost.exe -k HPZ12
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
    C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
    C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
    C:\Users\Katelyn\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
    C:\Users\Katelyn\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
    C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
    C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
    C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
    C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
    C:\Users\Katelyn\AppData\Local\Akamai\netsession_win.exe
    C:\Program Files (x86) (x86)\Dell V715w\dleemon.exe
    C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\SpScreen.exe
    C:\Program Files (x86) (x86)\Dell V715w\ezprint.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    C:\windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
    c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\windows\system32\svchost.exe -k imgsvc
    C:\windows\system32\Wacom_Tablet.exe
    C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\SpScreen64.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\windows\system32\WTablet\Wacom_TabletUser.exe
    C:\windows\system32\Wacom_Tablet.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Users\Katelyn\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\windows\sysWOW64\wbem\wmiprvse.exe
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    Q:\140061.enu\Office14\ONENOTEM.EXE
    C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\windows\system32\SearchIndexer.exe
    C:\windows\system32\svchost.exe -k bthsvcs
    C:\windows\SysWOW64\svchost.exe -k Akamai
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
    C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
    C:\windows\system32\NOTEPAD.EXE
    C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\windows\system32\svchost.exe -k HPService
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\windows\system32\svchost.exe -k SDRSVC
    C:\windows\system32\conhost.exe
    C:\Users\Katelyn\AppData\Local\Temp\nsi40.tmp\PEV.DAT
    C:\windows\system32\taskeng.exe
    "C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns
    C:\windows\system32\taskeng.exe
    C:\windows\System32\svchost.exe -k WerSvcGroup
    C:\windows\system32\SearchProtocolHost.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\windows\system32\taskeng.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\DllHost.exe
    C:\windows\system32\conhost.exe
    C:\windows\system32\wbem\wmiprvse.exe
    C:\windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    mWinlogon: Userinit = userinit.exe,
    BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
    uRun: [Google Update] "C:\Users\Katelyn\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [AdobeBridge] <no file>
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    mRun: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe
    mRun: [Lenovo SplitScreen] "C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe"
    mRun: [UCam_Menu] "c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
    mRun: [YouCam Mirror Tray icon] "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
    mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
    mRun: [MDS_Menu] "c:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
    mRun: [Lenovo SlideNav2] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe"
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    mRun: [dleemon.exe] "C:\Program Files (x86) (x86)\Dell V715w\dleemon.exe"
    mRun: [EzPrint] "C:\Program Files (x86) (x86)\Dell V715w\ezprint.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
    StartupFolder: C:\Users\Katelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Katelyn\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\Users\Katelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
    StartupFolder: C:\Users\Katelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
    LSP: mswsock.dll
    DPF: {74FFE28D-2378-11D5-990C-006094235084} - hxxp://www-307.ibm.com/pc/support/IbmEgath.cab
    DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: NameServer = 144.118.24.20 144.118.24.10
    TCP: Interfaces\{BB58BBFD-520F-474E-BCE2-154BFD3AEAD5} : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F} : NameServer = 208.67.220.220
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F} : DHCPNameServer = 144.118.24.20 144.118.24.10
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\2375942554530313 : NameServer = 208.67.220.220
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\2375942554530313 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\2456C6B696E6E253534414 : DHCPNameServer = 192.168.2.1
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\359676E61647572756 : NameServer = 208.67.220.220
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\359676E61647572756 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\4586562416374796F6E6 : NameServer = 208.67.220.220
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\4586562416374796F6E6 : DHCPNameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\C4962627162797F57457563747 : NameServer = 208.67.220.220
    TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\C4962627162797F57457563747 : DHCPNameServer = 192.168.60.2 4.2.2.2 4.2.2.3
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [SynBtnAsst] C:\Program Files (x86)\Synaptics\SynTP\SynBtnAsst.exe Utility_Window
    x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
    x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
    x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
    x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\skx248vc.default\
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
    FF - component: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\components\Contribute.dll
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
    FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
    FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Users\Katelyn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
    FF - plugin: C:\Users\Katelyn\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Katelyn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Users\Katelyn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: C:\Users\Katelyn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
    FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll
    FF - plugin: C:\windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
    R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2010-4-22 39008]
    R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-1-9 55280]
    R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
    R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-2-27 283200]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
    R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-3-16 202752]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 dlee_device;dlee_device;C:\windows\System32\dleecoms.exe -service --> C:\windows\System32\dleecoms.exe -service [?]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-22 13336]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 Slidebar Notifier Service;Slidebar Notifier Service;C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2010-4-22 69568]
    R2 TabletServiceWacom;TabletServiceWacom;C:\windows\System32\Wacom_Tablet.exe [2010-8-31 5521192]
    R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-22 2320920]
    R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-4-22 28176]
    R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atipmdag.sys [2010-3-16 6177280]
    R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2010-3-16 156160]
    R3 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
    R3 AVGIDSFilter;AVGIDSFilter;C:\windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
    R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-1-4 56344]
    R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2009-12-17 151936]
    R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2010-3-16 7843040]
    R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2010-2-25 157296]
    R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;C:\windows\System32\drivers\jmccgp.sys [2010-4-22 17904]
    R3 JmUsbVideo;JMicron 31x Upper Filter Driver;C:\windows\System32\drivers\jmcam.sys [2010-4-22 56688]
    R3 JmUsbVideo2;JMicron 31x Lower Filter Driver;C:\windows\System32\drivers\jmcam_lo.sys [2010-4-22 31088]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2009-10-15 321064]
    R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-1-4 6952960]
    R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    R3 wdmirror;wdmirror;C:\windows\System32\drivers\WDMirror.sys [2010-4-22 11280]
    S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 dleeCATSCustConnectService;dleeCATSCustConnectService;C:\windows\System32\spool\drivers\x64\3\dleeserv.exe [2009-7-1 33448]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-6 116648]
    S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-29 257224]
    S3 Bridge0;Bridge0;C:\windows\System32\drivers\WDBridge.sys [2010-4-22 79376]
    S3 btusbflt;Bluetooth USB Filter;C:\windows\System32\drivers\btusbflt.sys [2010-2-25 53800]
    S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2010-4-22 35104]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-7-28 1431888]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-6 116648]
    S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-15 38152]
    S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-4-22 509192]
    S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-4-22 575304]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-28 113120]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-10 4925184]
    S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
    S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 SxSmemcd;SxS Memory Card;C:\windows\System32\drivers\SxSmemcd.sys [2012-1-17 59392]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-24 59392]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S3 wacmoumonitor;Wacom Mode Helper;C:\windows\System32\drivers\wacmoumonitor.sys [2010-8-31 18216]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-7-3 1255736]
    S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
    S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
    S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
    S4 RsFx0105;RsFx0105 Driver;C:\windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
    S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
    .
    =============== File Associations ===============
    .
    FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
    ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
    .
    =============== Created Last 30 ================
    .
    2012-11-01 15:28:32--------d-----w-C:\Users\Katelyn\AppData\Roaming\Malwarebytes
    2012-11-01 15:28:17--------d-----w-C:\ProgramData\Malwarebytes
    2012-11-01 15:28:1525928----a-w-C:\windows\System32\drivers\mbam.sys
    2012-11-01 15:28:15--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-11-01 07:42:58--------d-sh--w-C:\windows\SysWow64\%APPDATA%
    2012-10-10 22:05:572048----a-w-C:\windows\SysWow64\user.exe
    2012-10-10 22:05:49220160----a-w-C:\windows\System32\wintrust.dll
    2012-10-10 22:05:48172544----a-w-C:\windows\SysWow64\wintrust.dll
    2012-10-10 22:05:352048----a-w-C:\windows\SysWow64\tzres.dll
    2012-10-10 22:05:352048----a-w-C:\windows\System32\tzres.dll
    2012-10-10 22:05:24715776----a-w-C:\windows\System32\kerberos.dll
    2012-10-10 22:05:24542208----a-w-C:\windows\SysWow64\kerberos.dll
    2012-10-10 22:05:051464320----a-w-C:\windows\System32\crypt32.dll
    2012-10-10 22:05:04184320----a-w-C:\windows\System32\cryptsvc.dll
    2012-10-10 22:05:04140288----a-w-C:\windows\SysWow64\cryptsvc.dll
    2012-10-10 22:05:04140288----a-w-C:\windows\System32\cryptnet.dll
    2012-10-10 22:05:041159680----a-w-C:\windows\SysWow64\crypt32.dll
    2012-10-10 22:05:04103936----a-w-C:\windows\SysWow64\cryptnet.dll
    2012-10-04 21:54:15--------d-----w-C:\Program Files (x86)\Common Files\HP
    2012-10-04 21:53:59248320----a-w-C:\windows\System32\Spool\prtprocs\x64\hpfpp70v.dll
    2012-10-04 21:51:50136704----a-w-C:\windows\System32\hpf3l70v.dll
    2012-10-04 21:47:48880640----a-w-C:\windows\System32\hposwia_p02c.dll
    2012-10-04 21:47:48642360----a-w-C:\windows\System32\hpzids40.dll
    2012-10-04 21:47:48551424----a-w-C:\windows\System32\hppldcoi.dll
    2012-10-04 21:47:481403904----a-w-C:\windows\System32\hpost_p02c.dll
    2012-10-04 21:47:47515072----a-w-C:\windows\System32\hposc_p02a.dll
    .
    ==================== Find3M ====================
    .
    2012-11-01 07:10:2570344----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-11-01 07:10:25426184----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
    2012-09-24 19:32:24477168----a-w-C:\windows\SysWow64\npdeployJava1.dll
    2012-09-24 19:32:20473072----a-w-C:\windows\SysWow64\deployJava1.dll
    2012-08-31 18:19:351659760----a-w-C:\windows\System32\drivers\ntfs.sys
    2012-08-30 18:03:455559664----a-w-C:\windows\System32\ntoskrnl.exe
    2012-08-30 17:12:023968880----a-w-C:\windows\SysWow64\ntkrnlpa.exe
    2012-08-30 17:12:023914096----a-w-C:\windows\SysWow64\ntoskrnl.exe
    2012-08-24 22:43:16384352----a-w-C:\windows\System32\drivers\avgtdia.sys
    2012-08-24 10:31:322312704----a-w-C:\windows\System32\jscript9.dll
    2012-08-24 10:21:181392128----a-w-C:\windows\System32\wininet.dll
    2012-08-24 10:20:111494528----a-w-C:\windows\System32\inetcpl.cpl
    2012-08-24 10:14:45173056----a-w-C:\windows\System32\ieUnatt.exe
    2012-08-24 10:13:29599040----a-w-C:\windows\System32\vbscript.dll
    2012-08-24 10:09:422382848----a-w-C:\windows\System32\mshtml.tlb
    2012-08-24 06:59:171800704----a-w-C:\windows\SysWow64\jscript9.dll
    2012-08-24 06:51:271129472----a-w-C:\windows\SysWow64\wininet.dll
    2012-08-24 06:51:021427968----a-w-C:\windows\SysWow64\inetcpl.cpl
    2012-08-24 06:47:26142848----a-w-C:\windows\SysWow64\ieUnatt.exe
    2012-08-24 06:47:12420864----a-w-C:\windows\SysWow64\vbscript.dll
    2012-08-24 06:43:582382848----a-w-C:\windows\SysWow64\mshtml.tlb
    2012-08-22 18:12:501913200----a-w-C:\windows\System32\drivers\tcpip.sys
    2012-08-22 18:12:40950128----a-w-C:\windows\System32\drivers\ndis.sys
    2012-08-22 18:12:40376688----a-w-C:\windows\System32\drivers\netio.sys
    2012-08-22 18:12:33288624----a-w-C:\windows\System32\drivers\FWPKCLNT.SYS
    2012-08-21 21:01:00245760----a-w-C:\windows\System32\OxpsConverter.exe
    2012-08-21 20:01:2033240----a-w-C:\windows\System32\drivers\GEARAspiWDM.sys
    2012-08-21 20:01:20125872----a-w-C:\windows\System32\GEARAspi64.dll
    2012-08-21 20:01:20106928----a-w-C:\windows\SysWow64\GEARAspi.dll
    2012-08-20 18:48:44362496----a-w-C:\windows\System32\wow64win.dll
    2012-08-20 18:48:44243200----a-w-C:\windows\System32\wow64.dll
    2012-08-20 18:48:4413312----a-w-C:\windows\System32\wow64cpu.dll
    2012-08-20 18:48:43215040----a-w-C:\windows\System32\winsrv.dll
    2012-08-20 18:48:3716384----a-w-C:\windows\System32\ntvdm64.dll
    2012-08-20 18:48:35424448----a-w-C:\windows\System32\KernelBase.dll
    2012-08-20 18:46:22338432----a-w-C:\windows\System32\conhost.exe
    2012-08-20 17:40:2114336----a-w-C:\windows\SysWow64\ntvdm64.dll
    2012-08-20 17:38:4444032----a-w-C:\windows\apppatch\acwow64.dll
    2012-08-20 17:38:2625600----a-w-C:\windows\SysWow64\setup16.exe
    2012-08-20 17:37:195120----a-w-C:\windows\SysWow64\wow32.dll
    2012-08-20 17:37:18274944----a-w-C:\windows\SysWow64\KernelBase.dll
    2012-08-20 15:38:217680----a-w-C:\windows\SysWow64\instnm.exe
    2012-08-20 15:33:286144---ha-w-C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 15:33:284608---ha-w-C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 15:33:283584---ha-w-C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 15:33:283072---ha-w-C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    .
    ============= FINISH: 13:12:00.16 ===============
     
  9. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-10-19.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 7/1/2010 4:56:48 PM
    System Uptime: 11/1/2012 12:50:30 PM (1 hours ago)
    .
    Motherboard: Lenovo | | KL3
    Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz | CPU 1 | 1178/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 387 GiB total, 139.325 GiB free.
    D: is FIXED (NTFS) - 30 GiB total, 28.688 GiB free.
    E: is CDROM ()
    F: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: hp color LaserJet 2550 series
    Device ID: ROOT\MULTIFUNCTION\0011
    Manufacturer:
    Name: hp color LaserJet 2550 series
    PNP Device ID: ROOT\MULTIFUNCTION\0011
    Service:
    .
    Class GUID:
    Description: Officejet Pro 8500 A909n
    Device ID: ROOT\MULTIFUNCTION\0013
    Manufacturer:
    Name: Officejet Pro 8500 A909n
    PNP Device ID: ROOT\MULTIFUNCTION\0013
    Service:
    .
    Class GUID:
    Description: hp LaserJet 4350
    Device ID: ROOT\MULTIFUNCTION\0014
    Manufacturer:
    Name: hp LaserJet 4350
    PNP Device ID: ROOT\MULTIFUNCTION\0014
    Service:
    .
    Class GUID:
    Description: HP Color LaserJet 3600
    Device ID: ROOT\MULTIFUNCTION\0015
    Manufacturer:
    Name: HP Color LaserJet 3600
    PNP Device ID: ROOT\MULTIFUNCTION\0015
    Service:
    .
    ==== System Restore Points ===================
    .
    RP503: 10/12/2012 5:48:30 PM - Windows Update
    RP504: 10/18/2012 4:46:43 PM - Installed Java(TM) 6 Update 37
    .
    ==== Installed Programs ======================
    .
    µTorrent
    64 Bit HP CIO Components Installer
    7-Zip 9.15 (x64 edition)
    Adobe AIR
    Adobe Community Help
    Adobe Connect Add-in
    Adobe Creative Suite 5 Master Collection
    Adobe Download Manager
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Media Player
    Adobe Photoshop CS5
    Adobe Reader 9.2
    Adobe Shockwave Player 11.5
    Akamai NetSession Interface
    Akamai NetSession Interface Service
    Amnesia - The Dark Descent
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Aquaria
    ATI Catalyst Install Manager
    Audacity 1.3.13 (Unicode)
    Audiosurf
    Aurora
    Autodesk Maya 2012 64-bit
    AVG 2012
    Back to the Future: Ep 1 - It's About Time
    Bastion
    Bonjour
    Braid (Version 1.015)
    Broadcom Gigabit NetLink Controller
    Business Contact Manager for Outlook 2007 SP2
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-core-static
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    CDisplayEx 1.4
    Crayon Physics Deluxe version 55
    Crystal Reports for Visual Studio
    CyberLink YouCam
    D3DX10
    DAEMON Tools Lite
    DAME
    Darwinia
    Dotfuscator Software Services - Community Edition
    Dropbox
    Energy Management
    Evernote v. 4.5.7
    Facebook Video Calling 1.2.0.287
    FlashDevelop 4.0.1
    GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
    Google Chrome
    Google Drive
    Google Talk Plugin
    Google Update Helper
    Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)
    Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
    Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
    Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
    Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
    Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
    Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
    Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
    Houdini 12.0.543.9
    HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
    Intel(R) Control Center
    Intel(R) Management Engine Components
    Intel(R) Rapid Storage Technology
    Intel(R) Turbo Boost Technology Driver
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 37
    JMicron Flash Media Controller Driver
    LAME v3.99.3 (for Windows)
    Lenovo Bluetooth with Enhanced Data Rate Software
    Lenovo DirectShare
    Lenovo EasyCamera
    Lenovo MuteSync
    Lenovo OneKey Recovery
    Lenovo ReadyComm 5
    Lenovo ReadyComm 5.0 Service
    Lenovo SlideNav
    Lenovo SplitScreen
    LIMBO
    Luxology modo 601_sp3 64-bit build 52162
    Machinarium
    Malwarebytes Anti-Malware version 1.65.1.1000
    MediaShow
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft .NET Framework 4 Multi-Targeting Pack
    Microsoft Application Error Reporting
    Microsoft ASP.NET MVC 2
    Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
    Microsoft Help Viewer 1.1
    Microsoft IntelliPoint 8.1
    Microsoft Office 2003 Web Components
    Microsoft Office Click-to-Run 2010
    Microsoft Office Home and Student 2010 - English
    Microsoft Office Small Business Connectivity Components
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft Silverlight 3 SDK
    Microsoft Silverlight 4 SDK
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft SQL Server 2005 Express Edition
    Microsoft SQL Server 2008 (64-bit)
    Microsoft SQL Server 2008 Browser
    Microsoft SQL Server 2008 Common Files
    Microsoft SQL Server 2008 Database Engine Services
    Microsoft SQL Server 2008 Database Engine Shared
    Microsoft SQL Server 2008 Native Client
    Microsoft SQL Server 2008 R2 Data-Tier Application Framework
    Microsoft SQL Server 2008 R2 Data-Tier Application Project
    Microsoft SQL Server 2008 R2 Management Objects
    Microsoft SQL Server 2008 R2 Management Objects (x64)
    Microsoft SQL Server 2008 R2 Transact-SQL Language Service
    Microsoft SQL Server 2008 RsFx Driver
    Microsoft SQL Server 2008 Setup Support Files
    Microsoft SQL Server Compact 3.5 SP2 ENU
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU
    Microsoft SQL Server Database Publishing Wizard 1.4
    Microsoft SQL Server Native Client
    Microsoft SQL Server Setup Support Files (English)
    Microsoft SQL Server System CLR Types
    Microsoft SQL Server System CLR Types (x64)
    Microsoft SQL Server VSS Writer
    Microsoft Sync Framework Runtime v1.0 SP1 (x64)
    Microsoft Sync Framework SDK v1.0 SP1
    Microsoft Sync Framework Services v1.0 SP1 (x64)
    Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
    Microsoft Team Foundation Server 2010 Object Model - ENU
    Microsoft Visual C++ Compilers 2010 Standard - enu - x64
    Microsoft Visual C++ Compilers 2010 Standard - enu - x86
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
    Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
    Microsoft Visual F# 2.0 Runtime
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
    Microsoft Visual Studio 2010 Office Developer Tools (x64)
    Microsoft Visual Studio 2010 Professional - ENU
    Microsoft Visual Studio 2010 Service Pack 1
    Microsoft Visual Studio 2010 SharePoint Developer Tools
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
    Microsoft Visual Studio Macro Tools
    Microsoft XNA Framework Redistributable 3.1
    Microsoft XNA Framework Redistributable 4.0
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_ATL_x86_x64
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_CRT_x86_x64
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFC_x86_x64
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC80_MFCLOC_x86_x64
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_ATL_x86_x64
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_CRT_x86_x64
    Microsoft_VC90_MFC_x86
    Microsoft_VC90_MFC_x86_x64
    Miro Video Converter
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Music Manager
    Network64
    Notepad++
    NVIDIA PhysX
    NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit
    Octodad
    Onekey Theater
    OpenAL
    PDF Settings CS5
    Portal
    Portal 2
    Portal 2 - The Final Hours
    Power2Go
    Project64 1.6
    PS_AIO_06_C4700_SW_Min
    Psychonauts
    PX Profile Update
    PxMergeModule
    QuickTime
    Realtek HDMI Audio Driver for ATI
    Realtek High Definition Audio Driver
    Remove Empty Directories version 2.2
    Scan
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
    Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
    Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
    Skype™ 5.10
    Splice
    Spotify
    Sql Server Customer Experience Improvement Program
    SSH Secure Shell
    Steam
    Synaptics Pointing Device Driver
    System Requirements Lab for Intel
    Terraria
    The Misadventures of P.B. Winterbottom
    Toolbox
    Trillian
    Unity
    Unity Web Player
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2600217)
    VC 9.0 Runtime
    Visual Studio 2008 x64 Redistributables
    Visual Studio 2010 Prerequisites - English
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
    VLC media player 2.0.1
    VVVVVV version 2.0
    Wacom Tablet
    WCF RIA Services V1.0 SP1
    Web Deployment Tool
    WebTablet IE Plugin
    WebTablet Netscape Plugin
    Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
    Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
    Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    World of Goo
    ZBrush 4R4
    .
    ==== Event Viewer Messages From Past Week ========
    .
    11/1/2012 12:55:50 PM, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
    11/1/2012 12:52:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    11/1/2012 12:52:03 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
    11/1/2012 12:51:13 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    11/1/2012 12:51:13 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the dleeCATSCustConnectService service to connect.
    11/1/2012 12:51:13 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
    11/1/2012 12:51:13 PM, Error: Service Control Manager [7000] - The dleeCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    11/1/2012 12:09:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041287, 0x0000000000000008, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-42416-01.
    11/1/2012 11:36:31 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff88001340039, 0xfffff8800cfe0d40, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-47564-01.
    11/1/2012 10:29:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff80003ffd477). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-56753-01.
    11/1/2012 10:15:48 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff80003ffa477). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-55941-01.
    10/31/2012 10:48:45 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-00-00-00-00-00. Network operations on this system may be disrupted as a result.
    10/30/2012 12:08:53 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.8 with the system having network hardware address 78-CA-39-BB-E3-AB. Network operations on this system may be disrupted as a result.
    10/30/2012 11:41:21 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.6 with the system having network hardware address 68-A3-C4-67-C4-10. Network operations on this system may be disrupted as a result.
    .
    ==== End Of File ===========================
     
  10. Broni

    Broni Malware Annihilator Posts: 47,995   +271

    You did fine but I still want to see FRST logs.
     
  11. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012
    Ran by SYSTEM at 01-11-2012 14:26:21
    Running from G:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-01-28] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [877600 2010-01-28] (Realtek Semiconductor)
    HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
    HKLM\...\Run: [SynBtnAsst] %ProgramFiles%\Synaptics\SynTP\SynBtnAsst.exe Utility_Window [x]
    HKLM\...\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-18] (Lenovo)
    HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited)
    HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
    HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2399632 2011-04-13] (Microsoft Corporation)
    HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
    HKLM-x32\...\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe [336384 2009-12-27] (Lenovo)
    HKLM-x32\...\Run: [Lenovo SplitScreen] "C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [779104 2010-01-25] (Lenovo)
    HKLM-x32\...\Run: [UCam_Menu] "c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [YouCam Mirror Tray icon] "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [167008 2010-02-03] (CyberLink Corp.)
    HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [x]
    HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [218408 2008-12-03] (CyberLink Corp.)
    HKLM-x32\...\Run: [MDS_Menu] "c:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" [218408 2009-02-25] (CyberLink Corp.)
    HKLM-x32\...\Run: [Lenovo SlideNav2] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [318400 2009-12-29] (Lenovo)
    HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [dleemon.exe] "C:\Program Files (x86) (x86)\Dell V715w\dleemon.exe" [766632 2009-07-09] ()
    HKLM-x32\...\Run: [EzPrint] "C:\Program Files (x86) (x86)\Dell V715w\ezprint.exe" [139944 2009-07-09] ()
    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-10-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [935288 2009-09-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2596984 2012-07-31] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
    HKU\Default\...\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized [x]
    HKU\Default\...\RunOnce: [LenovoWallpaper] "C:\Program Files\desktop\ChangeDesktop.exe" "C:\Program Files\desktop\Desktop.jpg" [53760 2009-09-29] ()
    HKU\Default\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [768336 2009-07-26] (Microsoft Corporation)
    HKU\Default User\...\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized [x]
    HKU\Default User\...\RunOnce: [LenovoWallpaper] "C:\Program Files\desktop\ChangeDesktop.exe" "C:\Program Files\desktop\Desktop.jpg" [53760 2009-09-29] ()
    HKU\Default User\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [768336 2009-07-26] (Microsoft Corporation)
    HKU\Katelyn\...\Run: [Google Update] "C:\Users\Katelyn\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-07-01] (Google Inc.)
    HKU\Katelyn\...\Run: [AdobeBridge] [x]
    HKU\Katelyn\...\Run: [Facebook Update] "C:\Users\Katelyn\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.)
    HKU\Katelyn\...\Run: [Akamai NetSession Interface] "C:\Users\Katelyn\AppData\Local\Akamai\netsession_win.exe" [4441920 2012-10-09] (Akamai Technologies, Inc.)
    HKU\Katelyn\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [16052192 2012-10-25] (Google)
    Tcpip\Parameters: [DhcpNameServer] 144.118.24.20 144.118.24.10
    Tcpip\..\Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}: [NameServer]208.67.220.220
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
    ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
    Startup: C:\Users\Katelyn\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> (No File)
    Startup: C:\Users\Katelyn\Start Menu\Programs\Startup\EvernoteClipper.lnk
    ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
    Startup: C:\Users\Katelyn\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE (Microsoft Corporation)

    ==================== Services (Whitelisted) ===================

    2 Akamai; C:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll [4539200 2012-11-01] (Akamai Technologies, Inc.)
    2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5167736 2012-08-13] (AVG Technologies CZ, s.r.o.)
    2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
    2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-01-12] (Broadcom Corporation.)
    2 dleeCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe [33448 2009-07-01] ()
    2 dlee_device; C:\windows\system32\dleecoms.exe -service [1054888 2009-07-01] ( )
    2 dlee_device; C:\windows\SysWow64\dleecoms.exe -service [602792 2009-07-01] ( )
    3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
    2 HoudiniLicenseServer; C:\windows\system32\sesinetd.exe [2454528 2012-02-28] (Side Effects Software Inc.)
    2 HoudiniServer; C:\windows\system32\hserver.exe [2336256 2012-02-28] (Side Effects Software Inc.)
    3 IGRS; "C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe" [38152 2009-07-14] (Lenovo Group Limited)
    3 Lenovo ReadyComm AppSvc; "C:\Program Files\Lenovo\ReadyComm\AppSvc.exe" [509192 2009-08-14] (Lenovo Group Limited)
    3 Lenovo ReadyComm ConnSvc; "C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe" [575304 2009-11-17] (Lenovo Group Limited)
    3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [53248 2011-03-29] (NOS Microsystems Ltd.)
    3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
    2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
    2 Slidebar Notifier Service; "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe" [69568 2009-12-29] (Lenovo)
    2 TabletServiceWacom; C:\windows\system32\Wacom_Tablet.exe [5521192 2009-11-24] (Wacom Technology, Corp.)

    ==================== Drivers (Whitelisted) =====================

    3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
    3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
    0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
    1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [291680 2012-07-26] (AVG Technologies CZ, s.r.o.)
    1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
    0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
    1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384352 2012-08-24] (AVG Technologies CZ, s.r.o.)
    3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-15] (Lenovo)
    1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-02-27] (DT Soft Ltd)
    3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-05] (JMicron Technology Corp.)
    3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [56688 2010-02-05] (JMicron Technology Corp.)
    3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31088 2010-02-05] (JMicron Technology Corp.)
    3 SxSmemcd; C:\Windows\System32\Drivers\SxSmemcd.sys [59392 2012-01-17] (Sony Corporation)
    3 wdmirror; C:\Windows\System32\Drivers\wdmirror.sys [11280 2009-07-16] (Lenovo)
    2 IviRegMgr; [x]
    3 vpnva; C:\Windows\System32\DRIVERS\vpnva64.sys [x]
    3 wacomvhid; C:\Windows\System32\DRIVERS\wacomvhid.sys [x]

    ==================== NetSvcs (Whitelisted) ====================


    ==================== One Month Created Files and Folders ========

    2012-11-01 10:14 - 2012-11-01 10:14 - 00000000 ____D C:\Users\Katelyn\Desktop\siggraph
    2012-11-01 09:12 - 2012-11-01 09:12 - 00032481 ____A C:\Users\Katelyn\Desktop\dds.txt
    2012-11-01 09:12 - 2012-11-01 09:12 - 00016915 ____A C:\Users\Katelyn\Desktop\attach.txt
    2012-11-01 08:59 - 2012-11-01 08:59 - 00687724 ____R (Swearware) C:\Users\Katelyn\Downloads\dds.com
    2012-11-01 08:57 - 2012-11-01 08:57 - 00000000 ____A C:\Users\Katelyn\Desktop\gmer.log
    2012-11-01 08:47 - 2012-11-01 08:47 - 00302592 ____A C:\Users\Katelyn\Desktop\o8pjbol7.exe
    2012-11-01 08:31 - 2012-11-01 08:31 - 01459963 ____A (Farbar) C:\Users\Katelyn\Downloads\FRST64 (1).exe
    2012-11-01 08:30 - 2012-11-01 08:31 - 01459963 ____A (Farbar) C:\Users\Katelyn\Desktop\FRST64.exe
    2012-11-01 08:09 - 2012-11-01 08:09 - 00277088 ____A C:\Windows\Minidump\110112-42416-01.dmp
    2012-11-01 07:36 - 2012-11-01 07:36 - 00277088 ____A C:\Windows\Minidump\110112-47564-01.dmp
    2012-11-01 07:28 - 2012-11-01 07:28 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-11-01 07:28 - 2012-11-01 07:28 - 00000000 ____D C:\Users\Katelyn\AppData\Roaming\Malwarebytes
    2012-11-01 07:28 - 2012-11-01 07:28 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2012-11-01 07:28 - 2012-11-01 07:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-11-01 07:28 - 2012-09-29 15:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-11-01 07:26 - 2012-11-01 07:26 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Katelyn\Desktop\mbam-setup-1.65.1.1000.exe
    2012-11-01 06:29 - 2012-11-01 06:29 - 00277088 ____A C:\Windows\Minidump\110112-56753-01.dmp
    2012-11-01 06:15 - 2012-11-01 06:15 - 00277088 ____A C:\Windows\Minidump\110112-55941-01.dmp
    2012-10-31 23:42 - 2012-10-31 23:42 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
    2012-10-31 23:08 - 2012-10-31 23:09 - 00000000 ____D C:\Users\Katelyn\Downloads\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen
    2012-10-31 23:07 - 2012-10-31 23:07 - 00167179 ____A C:\Users\Katelyn\Downloads\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.zip
    2012-10-31 14:24 - 2012-10-31 14:24 - 02563424 ____A C:\Users\Katelyn\Downloads\AdobeDownloadAssistant.exe
    2012-10-30 21:59 - 2012-10-30 21:59 - 00000000 ____D C:\Users\Katelyn\Downloads\ADOBE.CS6.0.MASTER.COLLECTION.WIN.OSX.KEYGEN-XFORCE
    2012-10-30 18:19 - 2012-10-30 18:19 - 03479504 ____A C:\Users\Katelyn\Downloads\IMG_0082.MOV
    2012-10-29 08:20 - 2012-10-30 16:10 - 00000000 ____D C:\Users\Katelyn\Desktop\rockClimb
    2012-10-28 16:20 - 2012-10-28 16:29 - 10332420 ____A C:\Users\Katelyn\Downloads\ui.zip
    2012-10-25 07:07 - 2012-10-28 17:36 - 00488308 ____A C:\Users\Katelyn\Downloads\00_icons.psd
    2012-10-20 13:09 - 2012-10-20 13:10 - 00000000 ____D C:\Users\Katelyn\AppData\Roaming\dvdcss
    2012-10-18 12:49 - 2012-09-24 11:23 - 00157680 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
    2012-10-18 12:49 - 2012-09-24 11:23 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
    2012-10-18 12:49 - 2012-09-24 11:23 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
    2012-10-18 12:47 - 2012-10-18 12:49 - 00003019 ____A C:\Windows\SysWOW64\jupdate-1.6.0_37-b06.log
    2012-10-10 14:06 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
    2012-10-10 14:06 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-10-10 14:06 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2012-10-10 14:06 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2012-10-10 14:06 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2012-10-10 14:06 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2012-10-10 14:06 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
    2012-10-10 14:06 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
    2012-10-10 14:06 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2012-10-10 14:06 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
    2012-10-10 14:06 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
    2012-10-10 14:06 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
    2012-10-10 14:06 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2012-10-10 14:06 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2012-10-10 14:06 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2012-10-10 14:06 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2012-10-10 14:06 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2012-10-10 14:06 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2012-10-10 14:06 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2012-10-10 14:05 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
    2012-10-10 14:05 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2012-10-10 14:05 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
    2012-10-10 14:05 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2012-10-10 14:05 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2012-10-10 14:05 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
    2012-10-10 14:05 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2012-10-10 14:05 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2012-10-10 14:05 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2012-10-10 14:05 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
    2012-10-10 14:05 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2012-10-10 14:05 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2012-10-10 14:05 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2012-10-08 19:34 - 2012-10-08 19:34 - 17730656 ____A C:\Users\Katelyn\Downloads\ZBrush 4 Sculpting for Games Beginner's Guide.zip
    2012-10-07 10:14 - 2012-11-01 05:30 - 00000000 ____D C:\Users\Katelyn\Desktop\GameDevWork
    2012-10-07 09:54 - 2012-10-18 07:10 - 00000000 ____D C:\Users\Katelyn\Desktop\MindingOfIssac
    2012-10-07 09:40 - 2012-10-30 18:08 - 00000000 ____D C:\Users\Katelyn\Desktop\GameDev
    2012-10-04 13:51 - 2009-04-16 10:08 - 00136704 ____A (Hewlett-Packard Company) C:\Windows\System32\hpf3l70v.dll
    2012-10-04 13:48 - 2012-10-04 13:55 - 00174495 ____A C:\Windows\hpoins43.dat
    2012-10-04 13:48 - 2010-01-30 03:51 - 00000601 ____N C:\Windows\hpomdl43.dat
    2012-10-04 13:47 - 2009-04-16 03:53 - 00642360 ____A (Hewlett-Packard) C:\Windows\System32\hpzids40.dll
    2012-10-04 13:47 - 2009-02-11 03:03 - 01403904 ____A (Hewlett-Packard Co.) C:\Windows\System32\hpost_p02c.dll
    2012-10-04 13:47 - 2009-02-11 03:03 - 00880640 ____A (Hewlett-Packard) C:\Windows\System32\hposwia_p02c.dll
    2012-10-04 13:47 - 2009-02-11 03:03 - 00515072 ____A (Hewlett-Packard Co.) C:\Windows\System32\hposc_p02a.dll
    2012-10-04 13:47 - 2008-10-28 16:27 - 00551424 ____A (Hewlett-Packard) C:\Windows\System32\hppldcoi.dll
    2012-10-04 13:42 - 2012-10-04 13:46 - 70832040 ____A C:\Users\Katelyn\Downloads\PS_AIO_06_C4700_USW_Basic_Win_enu_140_175.exe


    ==================== 3 Months Modified Files ==================

    2012-11-01 10:20 - 2012-03-29 12:36 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2012-11-01 10:17 - 2009-07-13 21:13 - 00939278 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-11-01 10:13 - 2012-05-06 10:21 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-11-01 09:45 - 2010-07-01 13:19 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004UA.job
    2012-11-01 09:12 - 2012-11-01 09:12 - 00032481 ____A C:\Users\Katelyn\Desktop\dds.txt
    2012-11-01 09:12 - 2012-11-01 09:12 - 00016915 ____A C:\Users\Katelyn\Desktop\attach.txt
    2012-11-01 09:04 - 2011-07-27 11:54 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004UA.job
    2012-11-01 09:01 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-11-01 09:01 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-11-01 08:59 - 2012-11-01 08:59 - 00687724 ____R (Swearware) C:\Users\Katelyn\Downloads\dds.com
    2012-11-01 08:57 - 2012-11-01 08:57 - 00000000 ____A C:\Users\Katelyn\Desktop\gmer.log
    2012-11-01 08:51 - 2012-05-06 10:21 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-11-01 08:51 - 2011-06-29 12:43 - 00036088 ____A C:\Users\All Users\dleescan.log
    2012-11-01 08:51 - 2010-04-22 12:56 - 00130657 ____A C:\Windows\setupact.log
    2012-11-01 08:51 - 2010-04-22 12:29 - 00573750 ____A C:\Windows\PFRO.log
    2012-11-01 08:51 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-11-01 08:47 - 2012-11-01 08:47 - 00302592 ____A C:\Users\Katelyn\Desktop\o8pjbol7.exe
    2012-11-01 08:31 - 2012-11-01 08:31 - 01459963 ____A (Farbar) C:\Users\Katelyn\Downloads\FRST64 (1).exe
    2012-11-01 08:31 - 2012-11-01 08:30 - 01459963 ____A (Farbar) C:\Users\Katelyn\Desktop\FRST64.exe
    2012-11-01 08:09 - 2012-11-01 08:09 - 00277088 ____A C:\Windows\Minidump\110112-42416-01.dmp
    2012-11-01 08:09 - 2010-07-03 12:47 - 624007448 ____A C:\Windows\MEMORY.DMP
    2012-11-01 07:36 - 2012-11-01 07:36 - 00277088 ____A C:\Windows\Minidump\110112-47564-01.dmp
    2012-11-01 07:28 - 2012-11-01 07:28 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2012-11-01 07:26 - 2012-11-01 07:26 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Katelyn\Desktop\mbam-setup-1.65.1.1000.exe
    2012-11-01 06:29 - 2012-11-01 06:29 - 00277088 ____A C:\Windows\Minidump\110112-56753-01.dmp
    2012-11-01 06:15 - 2012-11-01 06:15 - 00277088 ____A C:\Windows\Minidump\110112-55941-01.dmp
    2012-11-01 05:45 - 2010-07-01 13:19 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004Core.job
    2012-11-01 05:43 - 2010-07-15 15:45 - 00000132 ____A C:\Users\Katelyn\AppData\Roaming\Adobe PNG Format CS5 Prefs
    2012-10-31 23:10 - 2012-03-29 12:36 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2012-10-31 23:10 - 2011-06-24 13:28 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2012-10-31 23:10 - 2010-04-22 11:47 - 01593332 ____A C:\Windows\WindowsUpdate.log
    2012-10-31 23:07 - 2012-10-31 23:07 - 00167179 ____A C:\Users\Katelyn\Downloads\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.zip
    2012-10-31 15:11 - 2011-07-27 11:54 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004Core.job
    2012-10-31 14:24 - 2012-10-31 14:24 - 02563424 ____A C:\Users\Katelyn\Downloads\AdobeDownloadAssistant.exe
    2012-10-30 18:19 - 2012-10-30 18:19 - 03479504 ____A C:\Users\Katelyn\Downloads\IMG_0082.MOV
    2012-10-28 17:36 - 2012-10-25 07:07 - 00488308 ____A C:\Users\Katelyn\Downloads\00_icons.psd
    2012-10-28 16:29 - 2012-10-28 16:20 - 10332420 ____A C:\Users\Katelyn\Downloads\ui.zip
    2012-10-18 12:49 - 2012-10-18 12:47 - 00003019 ____A C:\Windows\SysWOW64\jupdate-1.6.0_37-b06.log
    2012-10-12 13:55 - 2010-07-27 17:14 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-10-08 19:34 - 2012-10-08 19:34 - 17730656 ____A C:\Users\Katelyn\Downloads\ZBrush 4 Sculpting for Games Beginner's Guide.zip
    2012-10-04 13:55 - 2012-10-04 13:48 - 00174495 ____A C:\Windows\hpoins43.dat
    2012-10-04 13:55 - 2012-02-04 07:46 - 00005042 ____A C:\Users\All Users\hpzinstall.log
    2012-10-04 13:46 - 2012-10-04 13:42 - 70832040 ____A C:\Users\Katelyn\Downloads\PS_AIO_06_C4700_USW_Basic_Win_enu_140_175.exe
    2012-10-03 06:12 - 2011-03-05 16:47 - 00001456 ____A C:\Users\Katelyn\AppData\Local\Adobe Save for Web 12.0 Prefs
    2012-09-30 11:45 - 2012-09-30 11:07 - 1037250456 ____A C:\Users\Katelyn\Downloads\rochard-windows-1.31-1348771540.exe
    2012-09-29 15:54 - 2012-11-01 07:28 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2012-09-24 11:32 - 2012-06-24 07:42 - 00477168 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
    2012-09-24 11:32 - 2010-10-02 13:47 - 00473072 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
    2012-09-24 11:23 - 2012-10-18 12:49 - 00157680 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
    2012-09-24 11:23 - 2012-10-18 12:49 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
    2012-09-24 11:23 - 2012-10-18 12:49 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
    2012-09-20 19:47 - 2012-09-20 19:44 - 330927763 ____A C:\Users\Katelyn\Downloads\dustforce-win-1347945918.zip
    2012-09-19 09:00 - 2012-04-13 16:45 - 00000090 ____A C:\Users\Katelyn\mm.cfg
    2012-09-15 21:58 - 2009-07-13 20:45 - 05168464 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-09-14 21:14 - 2010-07-01 12:57 - 00139752 ____A C:\Users\Katelyn\AppData\Local\GDIPFONTCACHEV1.DAT
    2012-09-14 15:28 - 2012-09-14 15:28 - 00040945 ____A C:\Users\Katelyn\Downloads\Good-Foot.zip
    2012-09-14 11:19 - 2012-10-10 14:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
    2012-09-14 10:28 - 2012-10-10 14:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2012-09-14 08:49 - 2012-09-14 08:40 - 729067520 ____A C:\Users\Katelyn\Downloads\ubuntu-12.04.1-desktop-i386.iso
    2012-09-11 17:05 - 2012-09-11 16:52 - 1157953892 ____A C:\Users\Katelyn\Downloads\amnesia_tdd_1.2.1.zip
    2012-09-06 12:44 - 2012-09-06 12:44 - 04592128 ____A C:\Users\Katelyn\Downloads\Chapter16.ppt
    2012-08-31 19:38 - 2012-08-31 19:32 - 226021774 ____A C:\Users\Katelyn\Downloads\Vertex.rar
    2012-08-31 10:19 - 2012-10-10 14:06 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
    2012-08-30 17:33 - 2012-08-30 17:33 - 00277144 ____A C:\Windows\Minidump\083012-57127-01.dmp
    2012-08-30 10:03 - 2012-10-10 14:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-08-30 09:12 - 2012-10-10 14:06 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2012-08-30 09:12 - 2012-10-10 14:06 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2012-08-28 15:00 - 2012-08-28 15:00 - 00999840 ____A (Solid State Networks) C:\Users\Katelyn\Downloads\install_flashplayer11x32_mssd_aih.exe
    2012-08-24 14:43 - 2012-08-24 14:43 - 00384352 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
    2012-08-24 10:05 - 2012-10-10 14:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
    2012-08-24 08:57 - 2012-10-10 14:05 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2012-08-24 03:15 - 2012-09-27 03:36 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-08-24 02:39 - 2012-09-27 03:36 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-08-24 02:31 - 2012-09-27 03:36 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-08-24 02:22 - 2012-09-27 03:36 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-08-24 02:21 - 2012-09-27 03:36 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-08-24 02:20 - 2012-09-27 03:36 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-08-24 02:18 - 2012-09-27 03:36 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-08-24 02:17 - 2012-09-27 03:36 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-08-24 02:14 - 2012-09-27 03:36 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-08-24 02:14 - 2012-09-27 03:36 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-08-24 02:13 - 2012-09-27 03:36 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-08-24 02:12 - 2012-09-27 03:36 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-08-24 02:11 - 2012-09-27 03:36 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-08-24 02:10 - 2012-09-27 03:36 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-08-24 02:09 - 2012-09-27 03:36 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-08-24 02:04 - 2012-09-27 03:36 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-08-23 23:27 - 2012-09-27 03:36 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-08-23 23:03 - 2012-09-27 03:36 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-08-23 22:59 - 2012-09-27 03:36 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-08-23 22:51 - 2012-09-27 03:36 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-08-23 22:51 - 2012-09-27 03:36 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-08-23 22:51 - 2012-09-27 03:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-08-23 22:49 - 2012-09-27 03:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-08-23 22:48 - 2012-09-27 03:36 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-08-23 22:47 - 2012-09-27 03:36 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-08-23 22:47 - 2012-09-27 03:36 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-08-23 22:47 - 2012-09-27 03:36 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-08-23 22:45 - 2012-09-27 03:36 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-08-23 22:44 - 2012-09-27 03:36 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-08-23 22:44 - 2012-09-27 03:36 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-08-23 22:43 - 2012-09-27 03:36 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-08-23 22:40 - 2012-09-27 03:36 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-08-22 10:12 - 2012-09-12 10:25 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2012-08-22 10:12 - 2012-09-12 10:25 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
    2012-08-22 10:12 - 2012-09-12 10:25 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
    2012-08-22 10:12 - 2012-09-12 10:25 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
    2012-08-21 13:01 - 2012-09-25 16:13 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
    2012-08-21 12:01 - 2012-09-21 11:04 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
    2012-08-21 12:01 - 2010-07-01 16:36 - 00125872 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll
    2012-08-21 12:01 - 2010-07-01 16:36 - 00106928 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
    2012-08-20 10:48 - 2012-10-10 14:06 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
    2012-08-20 10:46 - 2012-10-10 14:06 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
    2012-08-20 10:38 - 2012-10-10 14:06 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2012-08-20 09:40 - 2012-10-10 14:06 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2012-08-20 09:38 - 2012-10-10 14:06 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2012-08-20 09:37 - 2012-10-10 14:06 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2012-08-20 09:37 - 2012-10-10 14:06 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2012-08-20 09:37 - 2012-10-10 14:06 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2012-08-20 07:38 - 2012-10-10 14:06 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2012-08-20 07:38 - 2012-10-10 14:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2012-08-20 07:33 - 2012-10-10 14:06 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 07:33 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 07:33 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 07:33 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2012-08-18 19:04 - 2012-08-18 19:02 - 00277144 ____A C:\Windows\Minidump\081812-60247-01.dmp
    2012-08-15 15:52 - 2012-08-15 15:52 - 00002260 ____A C:\Users\Katelyn\Downloads\wk04.html
    2012-08-14 13:09 - 2012-08-14 13:08 - 440907128 ____A C:\Users\Katelyn\Downloads\modo601_SP3_win.exe
    2012-08-10 16:56 - 2012-10-10 14:05 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
    2012-08-10 15:56 - 2012-10-10 14:05 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

    ZeroAccess:
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\L
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\L\00000004.@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\L\201d3dde
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\00000004.@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\00000008.@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\000000cb.@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\80000000.@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\80000032.@
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\80000064.@

    ZeroAccess:
    C:\Windows\assembly\GAC_32\Desktop.ini

    ZeroAccess:
    C:\Windows\assembly\GAC_64\Desktop.ini
     
     
  12. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2012-10-12 13:50:09
    Restore point made on: 2012-10-18 12:47:25

    ==================== Memory info ===========================

    Percentage of memory in use: 17%
    Total physical RAM: 3892.48 MB
    Available physical RAM: 3213.27 MB
    Total Pagefile: 3890.63 MB
    Available Pagefile: 3213.91 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.9 MB

    ==================== Partitions =============================

    1 Drive c: () (Fixed) (Total:386.99 GB) (Free:138.77 GB) NTFS
    2 Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:28.69 GB) NTFS
    4 Drive g: (GODFREY3) (Removable) (Total:15.09 GB) (Free:15.08 GB) FAT32
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    6 Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 6144 KB
    Disk 1 Online 15 GB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 200 MB 1024 KB
    Partition 2 Primary 386 GB 201 MB
    Partition 0 Extended 63 GB 387 GB
    Partition 5 Logical 29 GB 387 GB
    Partition 6 Logical 3886 MB 416 GB
    Partition 4 Logical 30 GB 420 GB
    Partition 3 OEM 14 GB 451 GB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y NTFS Partition 200 MB Healthy

    =========================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 386 GB Healthy

    =========================================================

    Disk: 0
    Partition 5
    Type : 83
    Hidden: Yes
    Active: No

    There is no volume associated with this partition.

    =========================================================

    Disk: 0
    Partition 6
    Type : 82
    Hidden: Yes
    Active: No

    There is no volume associated with this partition.

    =========================================================

    Disk: 0
    Partition 4
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 D LENOVO NTFS Partition 30 GB Healthy


    =========================================================

    Disk: 0
    Partition 3
    Type : 12
    Hidden: Yes
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

    =========================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 15 GB 16 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 0C
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 G GODFREY3 FAT32 Removable 15 GB Healthy

    =========================================================

    Last Boot: 2012-10-16 07:46

    ==================== End Of Log =============================
     
  13. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Farbar Recovery Scan Tool (x64) Version: 30-10-2012
    Ran by SYSTEM at 2012-11-01 14:29:11
    Running from G:\
    ================== Search: "services.exe" ===================
    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
    C:\Windows\System32\services.exe
    [2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC
    ====== End Of Search ======
     
  14. Broni

    Broni Malware Annihilator Posts: 47,995   +271

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    Next...

    Restart normally.

    ==============================

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

    =============================

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    ==============================

    Download Malwarebytes' Anti-Malware (MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.
    Alternate download: http://www.filehippo.com/download_malwarebytes_anti_malware/
    NOTE. If you already have MBAM installed, update it before running the scan.

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    Be sure to restart the computer IF MBAM asks you to do so.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    ==================================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
     

    Attached Files:

  15. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2012
    Ran by SYSTEM at 2012-11-01 15:40:44 Run:1
    Running from G:\

    ==============================================

    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
    C:\Windows\System32\consrv.dll not found.
    C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6} moved successfully.
    C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
    C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
    C:\Windows\System32\services.exe moved successfully.
    C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

    ==== End of Fixlog ====
     
  16. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    15:47:26.0584 6980 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    15:47:27.0193 6980 ============================================================
    15:47:27.0193 6980 Current date / time: 2012/11/01 15:47:27.0193
    15:47:27.0193 6980 SystemInfo:
    15:47:27.0193 6980
    15:47:27.0193 6980 OS Version: 6.1.7601 ServicePack: 1.0
    15:47:27.0193 6980 Product type: Workstation
    15:47:27.0193 6980 ComputerName: WINSTON
    15:47:27.0193 6980 UserName: Katelyn
    15:47:27.0193 6980 Windows directory: C:\windows
    15:47:27.0193 6980 System windows directory: C:\windows
    15:47:27.0193 6980 Running under WOW64
    15:47:27.0193 6980 Processor architecture: Intel x64
    15:47:27.0193 6980 Number of processors: 4
    15:47:27.0193 6980 Page size: 0x1000
    15:47:27.0193 6980 Boot type: Normal boot
    15:47:27.0193 6980 ============================================================
    15:47:28.0238 6980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    15:47:28.0254 6980 Drive \Device\Harddisk1\DR1 - Size: 0x3C7800000 (15.12 Gb), SectorSize: 0x200, Cylinders: 0x7B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    15:47:28.0269 6980 ============================================================
    15:47:28.0269 6980 \Device\Harddisk0\DR0:
    15:47:28.0269 6980 MBR partitions:
    15:47:28.0269 6980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
    15:47:28.0269 6980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x305FB84C
    15:47:28.0394 6980 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3490F000, BlocksNum 0x3CF4800
    15:47:28.0472 6980 \Device\Harddisk1\DR1:
    15:47:28.0472 6980 MBR partitions:
    15:47:28.0472 6980 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1E3BFE0
    15:47:28.0472 6980 ============================================================
    15:47:28.0534 6980 C: <-> \Device\Harddisk0\DR0\Partition2
    15:47:28.0956 6980 D: <-> \Device\Harddisk0\DR0\Partition3
    15:47:28.0956 6980 ============================================================
    15:47:28.0956 6980 Initialize success
    15:47:28.0956 6980 ============================================================
    15:47:31.0764 6356 ============================================================
    15:47:31.0764 6356 Scan started
    15:47:31.0764 6356 Mode: Manual;
    15:47:31.0764 6356 ============================================================
    15:47:38.0706 6356 ================ Scan system memory ========================
    15:47:38.0706 6356 System memory - ok
    15:47:38.0706 6356 ================ Scan services =============================
    15:47:40.0624 6356 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
    15:47:40.0640 6356 1394ohci - ok
    15:47:40.0718 6356 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
    15:47:40.0734 6356 ACPI - ok
    15:47:40.0780 6356 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
    15:47:40.0796 6356 AcpiPmi - ok
    15:47:40.0874 6356 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
    15:47:40.0874 6356 ACPIVPC - ok
    15:47:42.0184 6356 [ F3CD7B20B27D1772C946DF993FF3635C ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    15:47:42.0184 6356 AdobeFlashPlayerUpdateSvc - ok
    15:47:42.0247 6356 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
    15:47:42.0262 6356 adp94xx - ok
    15:47:42.0340 6356 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
    15:47:42.0340 6356 adpahci - ok
    15:47:42.0387 6356 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
    15:47:42.0387 6356 adpu320 - ok
    15:47:42.0450 6356 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
    15:47:42.0450 6356 AeLookupSvc - ok
    15:47:42.0700 6356 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
    15:47:42.0700 6356 AFD - ok
    15:47:42.0794 6356 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
    15:47:42.0794 6356 agp440 - ok
    15:47:43.0714 6356 [ E1B1F152C4E82C85E846D25C9E6E6CC8 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll
    15:47:43.0714 6356 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll. md5: E1B1F152C4E82C85E846D25C9E6E6CC8
    15:47:43.0714 6356 Akamai ( HiddenFile.Multi.Generic ) - warning
    15:47:43.0714 6356 Akamai - detected HiddenFile.Multi.Generic (1)
    15:47:43.0792 6356 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
    15:47:43.0792 6356 ALG - ok
    15:47:43.0917 6356 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
    15:47:43.0917 6356 aliide - ok
    15:47:44.0042 6356 [ 52BC611119BDA4FBAD24DC1F577E68F4 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
    15:47:44.0042 6356 AMD External Events Utility - ok
    15:47:44.0135 6356 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
    15:47:44.0151 6356 amdide - ok
    15:47:44.0182 6356 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
    15:47:44.0198 6356 AmdK8 - ok
    15:47:45.0118 6356 [ F34CF764E8BC26E7BBEF0C82A8CE45DB ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
    15:47:45.0274 6356 amdkmdag - ok
    15:47:45.0305 6356 [ 0330B63509526D1074E119FFC1741EC3 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
    15:47:45.0321 6356 amdkmdap - ok
    15:47:45.0352 6356 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
    15:47:45.0368 6356 AmdPPM - ok
    15:47:45.0446 6356 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
    15:47:45.0446 6356 amdsata - ok
    15:47:45.0508 6356 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
    15:47:45.0524 6356 amdsbs - ok
    15:47:45.0539 6356 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
    15:47:45.0539 6356 amdxata - ok
    15:47:45.0586 6356 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
    15:47:45.0602 6356 AppID - ok
    15:47:45.0617 6356 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
    15:47:45.0617 6356 AppIDSvc - ok
    15:47:45.0695 6356 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
    15:47:45.0695 6356 Appinfo - ok
    15:47:45.0898 6356 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    15:47:45.0898 6356 Apple Mobile Device - ok
    15:47:45.0929 6356 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
    15:47:45.0929 6356 arc - ok
    15:47:45.0961 6356 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
    15:47:45.0961 6356 arcsas - ok
    15:47:46.0241 6356 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    15:47:46.0288 6356 aspnet_state - ok
    15:47:46.0335 6356 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
    15:47:46.0335 6356 AsyncMac - ok
    15:47:46.0413 6356 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
    15:47:46.0413 6356 atapi - ok
    15:47:46.0616 6356 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    15:47:46.0616 6356 AudioEndpointBuilder - ok
    15:47:46.0694 6356 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
    15:47:46.0694 6356 AudioSrv - ok
    15:47:47.0349 6356 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    15:47:47.0396 6356 AVGIDSAgent - ok
    15:47:47.0489 6356 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
    15:47:47.0489 6356 AVGIDSDriver - ok
    15:47:47.0536 6356 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys
    15:47:47.0536 6356 AVGIDSFilter - ok
    15:47:47.0552 6356 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
    15:47:47.0552 6356 AVGIDSHA - ok
    15:47:47.0645 6356 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
    15:47:47.0645 6356 Avgldx64 - ok
    15:47:47.0677 6356 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
    15:47:47.0677 6356 Avgmfx64 - ok
    15:47:47.0739 6356 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
    15:47:47.0739 6356 Avgrkx64 - ok
    15:47:47.0864 6356 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
    15:47:47.0879 6356 Avgtdia - ok
    15:47:47.0926 6356 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    15:47:47.0926 6356 avgwd - ok
    15:47:47.0989 6356 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
    15:47:47.0989 6356 AxInstSV - ok
    15:47:48.0035 6356 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
    15:47:48.0051 6356 b06bdrv - ok
    15:47:48.0098 6356 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
    15:47:48.0098 6356 b57nd60a - ok
    15:47:48.0176 6356 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    15:47:48.0176 6356 BcmSqlStartupSvc - ok
    15:47:48.0207 6356 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
    15:47:48.0223 6356 BDESVC - ok
    15:47:48.0269 6356 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
    15:47:48.0269 6356 Beep - ok
    15:47:48.0285 6356 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
    15:47:48.0285 6356 blbdrive - ok
    15:47:48.0425 6356 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    15:47:48.0441 6356 Bonjour Service - ok
    15:47:48.0488 6356 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
    15:47:48.0488 6356 bowser - ok
    15:47:48.0519 6356 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
    15:47:48.0535 6356 BrFiltLo - ok
    15:47:48.0550 6356 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
    15:47:48.0550 6356 BrFiltUp - ok
    15:47:48.0613 6356 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys
    15:47:48.0613 6356 Bridge0 - ok
    15:47:48.0675 6356 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
    15:47:48.0675 6356 Browser - ok
    15:47:48.0737 6356 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
    15:47:48.0753 6356 Brserid - ok
    15:47:48.0769 6356 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
    15:47:48.0769 6356 BrSerWdm - ok
    15:47:48.0784 6356 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
    15:47:48.0784 6356 BrUsbMdm - ok
    15:47:48.0800 6356 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
    15:47:48.0800 6356 BrUsbSer - ok
    15:47:48.0862 6356 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
    15:47:48.0878 6356 BthEnum - ok
    15:47:48.0893 6356 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
    15:47:48.0909 6356 BTHMODEM - ok
    15:47:48.0925 6356 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
    15:47:48.0925 6356 BthPan - ok
    15:47:49.0034 6356 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
    15:47:49.0065 6356 BTHPORT - ok
    15:47:49.0096 6356 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
    15:47:49.0096 6356 bthserv - ok
    15:47:49.0143 6356 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
    15:47:49.0143 6356 BTHUSB - ok
    15:47:49.0190 6356 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\windows\system32\drivers\btusbflt.sys
    15:47:49.0190 6356 btusbflt - ok
    15:47:49.0221 6356 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\windows\system32\drivers\btwaudio.sys
    15:47:49.0221 6356 btwaudio - ok
    15:47:49.0237 6356 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
    15:47:49.0237 6356 btwavdt - ok
    15:47:49.0330 6356 [ A8C22ACBE494D2F92FDB4C7EDD09528C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
    15:47:49.0346 6356 btwdins - ok
    15:47:49.0377 6356 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
    15:47:49.0377 6356 btwl2cap - ok
    15:47:49.0393 6356 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
    15:47:49.0393 6356 btwrchid - ok
    15:47:49.0424 6356 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
    15:47:49.0439 6356 cdfs - ok
    15:47:49.0517 6356 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
    15:47:49.0517 6356 cdrom - ok
    15:47:49.0595 6356 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
    15:47:49.0595 6356 CertPropSvc - ok
    15:47:49.0658 6356 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
    15:47:49.0658 6356 circlass - ok
    15:47:49.0673 6356 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
    15:47:49.0689 6356 CLFS - ok
    15:47:49.0767 6356 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    15:47:49.0767 6356 clr_optimization_v2.0.50727_32 - ok
    15:47:49.0892 6356 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    15:47:49.0907 6356 clr_optimization_v2.0.50727_64 - ok
    15:47:49.0985 6356 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    15:47:50.0157 6356 clr_optimization_v4.0.30319_32 - ok
    15:47:50.0204 6356 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    15:47:50.0235 6356 clr_optimization_v4.0.30319_64 - ok
    15:47:50.0266 6356 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
    15:47:50.0266 6356 CmBatt - ok
    15:47:50.0313 6356 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
    15:47:50.0313 6356 cmdide - ok
    15:47:50.0375 6356 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
    15:47:50.0391 6356 CNG - ok
    15:47:50.0422 6356 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
    15:47:50.0422 6356 Compbatt - ok
    15:47:50.0485 6356 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
    15:47:50.0485 6356 CompositeBus - ok
    15:47:50.0516 6356 COMSysApp - ok
    15:47:50.0516 6356 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
    15:47:50.0516 6356 crcdisk - ok
    15:47:50.0594 6356 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
    15:47:50.0594 6356 CryptSvc - ok
    15:47:50.0875 6356 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    15:47:50.0921 6356 cvhsvc - ok
    15:47:51.0124 6356 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
    15:47:51.0140 6356 DcomLaunch - ok
    15:47:51.0202 6356 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
    15:47:51.0202 6356 defragsvc - ok
    15:47:51.0249 6356 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
    15:47:51.0249 6356 DfsC - ok
    15:47:51.0343 6356 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
    15:47:51.0343 6356 Dhcp - ok
    15:47:51.0389 6356 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
    15:47:51.0389 6356 discache - ok
    15:47:51.0452 6356 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
    15:47:51.0452 6356 Disk - ok
    15:47:51.0577 6356 [ 6774B807CE89A5EC8F61551C15CCA964 ] dleeCATSCustConnectService C:\windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe
    15:47:51.0623 6356 dleeCATSCustConnectService - ok
    15:47:51.0639 6356 dlee_device - ok
    15:47:51.0670 6356 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
    15:47:51.0670 6356 Dnscache - ok
    15:47:51.0717 6356 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
    15:47:51.0733 6356 dot3svc - ok
    15:47:51.0795 6356 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
    15:47:51.0795 6356 dot4 - ok
    15:47:51.0889 6356 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
    15:47:51.0889 6356 Dot4Print - ok
    15:47:51.0904 6356 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
    15:47:51.0904 6356 dot4usb - ok
    15:47:51.0951 6356 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
    15:47:51.0951 6356 DPS - ok
    15:47:52.0013 6356 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
    15:47:52.0029 6356 drmkaud - ok
    15:47:52.0091 6356 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
    15:47:52.0091 6356 dtsoftbus01 - ok
    15:47:52.0310 6356 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
    15:47:52.0310 6356 DXGKrnl - ok
    15:47:52.0372 6356 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
    15:47:52.0372 6356 EapHost - ok
    15:47:52.0856 6356 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
    15:47:52.0934 6356 ebdrv - ok
    15:47:52.0996 6356 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
    15:47:52.0996 6356 EFS - ok
    15:47:53.0074 6356 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
    15:47:53.0074 6356 ehRecvr - ok
    15:47:53.0105 6356 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
    15:47:53.0105 6356 ehSched - ok
    15:47:53.0137 6356 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
    15:47:53.0168 6356 elxstor - ok
    15:47:53.0183 6356 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
    15:47:53.0183 6356 ErrDev - ok
    15:47:53.0261 6356 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
    15:47:53.0261 6356 EventSystem - ok
    15:47:53.0277 6356 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
    15:47:53.0277 6356 exfat - ok
    15:47:53.0308 6356 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
    15:47:53.0308 6356 fastfat - ok
    15:47:53.0371 6356 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
    15:47:53.0402 6356 Fax - ok
    15:47:53.0417 6356 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
    15:47:53.0417 6356 fdc - ok
    15:47:53.0464 6356 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
    15:47:53.0464 6356 fdPHost - ok
    15:47:53.0480 6356 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
    15:47:53.0480 6356 FDResPub - ok
    15:47:53.0495 6356 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
    15:47:53.0495 6356 FileInfo - ok
    15:47:53.0511 6356 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
    15:47:53.0511 6356 Filetrace - ok
    15:47:53.0698 6356 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    15:47:53.0761 6356 FLEXnet Licensing Service 64 - ok
    15:47:53.0776 6356 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
    15:47:53.0776 6356 flpydisk - ok
    15:47:53.0839 6356 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
    15:47:53.0839 6356 FltMgr - ok
    15:47:54.0151 6356 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
    15:47:54.0166 6356 FontCache - ok
    15:47:54.0260 6356 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    15:47:54.0260 6356 FontCache3.0.0.0 - ok
    15:47:54.0291 6356 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
    15:47:54.0291 6356 FsDepends - ok
    15:47:54.0353 6356 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
    15:47:54.0353 6356 Fs_Rec - ok
    15:47:54.0431 6356 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
    15:47:54.0431 6356 fvevol - ok
    15:47:54.0494 6356 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
    15:47:54.0509 6356 gagp30kx - ok
    15:47:54.0572 6356 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    15:47:54.0572 6356 GEARAspiWDM - ok
    15:47:54.0665 6356 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
    15:47:54.0665 6356 getPlusHelper - ok
    15:47:54.0759 6356 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
    15:47:54.0759 6356 gpsvc - ok
    15:47:54.0837 6356 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    15:47:54.0837 6356 gupdate - ok
    15:47:54.0853 6356 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    15:47:54.0853 6356 gupdatem - ok
    15:47:54.0884 6356 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
    15:47:54.0899 6356 hcw85cir - ok
    15:47:55.0009 6356 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    15:47:55.0040 6356 HdAudAddService - ok
    15:47:55.0102 6356 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
    15:47:55.0118 6356 HDAudBus - ok
    15:47:55.0149 6356 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
    15:47:55.0149 6356 HECIx64 - ok
    15:47:55.0211 6356 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
    15:47:55.0227 6356 HidBatt - ok
    15:47:55.0258 6356 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
    15:47:55.0258 6356 HidBth - ok
    15:47:55.0289 6356 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
    15:47:55.0289 6356 HidIr - ok
    15:47:55.0321 6356 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
    15:47:55.0321 6356 hidserv - ok
    15:47:55.0399 6356 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
    15:47:55.0414 6356 HidUsb - ok
    15:47:55.0477 6356 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
    15:47:55.0492 6356 hkmsvc - ok
    15:47:55.0555 6356 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
    15:47:55.0555 6356 HomeGroupListener - ok
    15:47:55.0617 6356 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    15:47:55.0633 6356 HomeGroupProvider - ok
    15:47:56.0007 6356 [ 5694549D12843046DC4D23DE86CB8447 ] HoudiniLicenseServer C:\windows\system32\sesinetd.exe
    15:47:56.0038 6356 HoudiniLicenseServer - ok
    15:47:56.0179 6356 [ B9B7C912D381F35E9CE66A58AA57A455 ] HoudiniServer C:\windows\system32\hserver.exe
    15:47:56.0210 6356 HoudiniServer - ok
    15:47:56.0288 6356 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
    15:47:56.0288 6356 HpSAMD - ok
    15:47:56.0787 6356 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
    15:47:56.0865 6356 HPSLPSVC - ok
    15:47:56.0943 6356 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
    15:47:56.0943 6356 HTTP - ok
    15:47:57.0005 6356 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
    15:47:57.0005 6356 hwpolicy - ok
    15:47:57.0068 6356 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
    15:47:57.0083 6356 i8042prt - ok
    15:47:57.0115 6356 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
    15:47:57.0115 6356 iaStor - ok
    15:47:57.0193 6356 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    15:47:57.0193 6356 IAStorDataMgrSvc - ok
    15:47:57.0255 6356 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
    15:47:57.0255 6356 iaStorV - ok
    15:47:57.0333 6356 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    15:47:57.0349 6356 idsvc - ok
    15:47:58.0129 6356 [ 90AFAB2B5962B1CD5BB23320675D6174 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
    15:47:58.0300 6356 igfx - ok
    15:47:58.0394 6356 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
    15:47:58.0394 6356 IGRS - ok
    15:47:58.0425 6356 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
    15:47:58.0441 6356 iirsp - ok
    15:47:58.0612 6356 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
    15:47:58.0675 6356 IKEEXT - ok
    15:47:58.0737 6356 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
    15:47:58.0737 6356 Impcd - ok
    15:47:59.0143 6356 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
    15:47:59.0158 6356 IntcAzAudAddService - ok
    15:47:59.0221 6356 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
    15:47:59.0221 6356 intelide - ok
    15:48:00.0095 6356 [ 90AFAB2B5962B1CD5BB23320675D6174 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
    15:48:00.0345 6356 intelkmd - ok
    15:48:00.0407 6356 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
    15:48:00.0407 6356 intelppm - ok
    15:48:00.0454 6356 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
    15:48:00.0454 6356 IPBusEnum - ok
    15:48:00.0516 6356 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
    15:48:00.0516 6356 IpFilterDriver - ok
    15:48:00.0563 6356 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
    15:48:00.0579 6356 IPMIDRV - ok
    15:48:00.0610 6356 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
    15:48:00.0610 6356 IPNAT - ok
    15:48:00.0704 6356 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    15:48:00.0719 6356 iPod Service - ok
    15:48:00.0766 6356 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
    15:48:00.0766 6356 IRENUM - ok
    15:48:00.0813 6356 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
    15:48:00.0813 6356 isapnp - ok
    15:48:00.0875 6356 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
    15:48:00.0875 6356 iScsiPrt - ok
    15:48:00.0922 6356 [ D95D5FF8793393B35500B08DCA5E4B72 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
    15:48:00.0922 6356 JMCR - ok
    15:48:00.0953 6356 [ CEE38AB6627CB2F8A97DD7D5A8449944 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys
    15:48:00.0953 6356 JmUsbCcgp - ok
    15:48:01.0000 6356 [ 6BA6296905D46C003838D1DD05F38DDD ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys
    15:48:01.0000 6356 JmUsbVideo - ok
    15:48:01.0016 6356 [ 4DCA10EF74CB49D6460F23A34C3593FB ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys
    15:48:01.0016 6356 JmUsbVideo2 - ok
    15:48:01.0062 6356 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
    15:48:01.0062 6356 k57nd60a - ok
    15:48:01.0078 6356 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
    15:48:01.0078 6356 kbdclass - ok
    15:48:01.0125 6356 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
    15:48:01.0125 6356 kbdhid - ok
    15:48:01.0140 6356 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
    15:48:01.0140 6356 KeyIso - ok
    15:48:01.0218 6356 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
    15:48:01.0234 6356 KSecDD - ok
    15:48:01.0296 6356 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
    15:48:01.0296 6356 KSecPkg - ok
    15:48:01.0328 6356 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
    15:48:01.0328 6356 ksthunk - ok
     
  17. kayetea

    kayetea TS Rookie Topic Starter Posts: 32



    15:48:01.0359 6356 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
    15:48:01.0390 6356 KtmRm - ok
    15:48:01.0452 6356 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
    15:48:01.0452 6356 LanmanServer - ok
    15:48:01.0515 6356 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    15:48:01.0515 6356 LanmanWorkstation - ok
    15:48:01.0718 6356 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
    15:48:01.0749 6356 Lenovo ReadyComm AppSvc - ok
    15:48:01.0780 6356 [ 04D9897EAAAE535C4B7DD61574F1A021 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
    15:48:01.0796 6356 Lenovo ReadyComm ConnSvc - ok
    15:48:01.0827 6356 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
    15:48:01.0827 6356 LHDmgr - ok
    15:48:01.0858 6356 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
    15:48:01.0858 6356 lltdio - ok
    15:48:01.0889 6356 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
    15:48:01.0905 6356 lltdsvc - ok
    15:48:01.0920 6356 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
    15:48:01.0920 6356 lmhosts - ok
    15:48:01.0998 6356 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    15:48:01.0998 6356 LMS - ok
    15:48:02.0045 6356 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
    15:48:02.0061 6356 LSI_FC - ok
    15:48:02.0076 6356 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
    15:48:02.0076 6356 LSI_SAS - ok
    15:48:02.0092 6356 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
    15:48:02.0108 6356 LSI_SAS2 - ok
    15:48:02.0108 6356 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
    15:48:02.0108 6356 LSI_SCSI - ok
    15:48:02.0123 6356 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
    15:48:02.0123 6356 luafv - ok
    15:48:02.0201 6356 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
    15:48:02.0232 6356 Mcx2Svc - ok
    15:48:02.0248 6356 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
    15:48:02.0248 6356 megasas - ok
    15:48:02.0264 6356 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
    15:48:02.0279 6356 MegaSR - ok
    15:48:02.0310 6356 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
    15:48:02.0310 6356 MMCSS - ok
    15:48:02.0326 6356 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
    15:48:02.0342 6356 Modem - ok
    15:48:02.0404 6356 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
    15:48:02.0404 6356 monitor - ok
    15:48:02.0451 6356 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
    15:48:02.0451 6356 mouclass - ok
    15:48:02.0482 6356 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
    15:48:02.0482 6356 mouhid - ok
    15:48:02.0560 6356 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
    15:48:02.0560 6356 mountmgr - ok
    15:48:02.0669 6356 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    15:48:02.0669 6356 MozillaMaintenance - ok
    15:48:02.0732 6356 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
    15:48:02.0732 6356 mpio - ok
    15:48:02.0747 6356 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
    15:48:02.0763 6356 mpsdrv - ok
    15:48:02.0888 6356 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
    15:48:02.0888 6356 MRxDAV - ok
    15:48:02.0934 6356 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
    15:48:02.0950 6356 mrxsmb - ok
    15:48:03.0044 6356 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
    15:48:03.0044 6356 mrxsmb10 - ok
    15:48:03.0090 6356 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
    15:48:03.0090 6356 mrxsmb20 - ok
    15:48:03.0122 6356 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
    15:48:03.0137 6356 msahci - ok
    15:48:03.0168 6356 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
    15:48:03.0184 6356 msdsm - ok
    15:48:03.0215 6356 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
    15:48:03.0215 6356 MSDTC - ok
    15:48:03.0246 6356 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
    15:48:03.0262 6356 Msfs - ok
    15:48:03.0278 6356 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
    15:48:03.0278 6356 mshidkmdf - ok
    15:48:03.0324 6356 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
    15:48:03.0324 6356 msisadrv - ok
    15:48:03.0356 6356 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
    15:48:03.0371 6356 MSiSCSI - ok
    15:48:03.0371 6356 msiserver - ok
    15:48:03.0402 6356 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
    15:48:03.0402 6356 MSKSSRV - ok
    15:48:03.0434 6356 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
    15:48:03.0434 6356 MSPCLOCK - ok
    15:48:03.0449 6356 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
    15:48:03.0449 6356 MSPQM - ok
    15:48:03.0543 6356 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
    15:48:03.0590 6356 MsRPC - ok
    15:48:03.0636 6356 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
    15:48:03.0636 6356 mssmbios - ok
    15:48:03.0730 6356 MSSQL$MSSMLBIZ - ok
    15:48:04.0182 6356 MSSQL$SQLEXPRESS - ok
    15:48:04.0354 6356 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
    15:48:04.0354 6356 MSSQLServerADHelper - ok
    15:48:04.0510 6356 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
    15:48:04.0526 6356 MSSQLServerADHelper100 - ok
    15:48:04.0760 6356 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
    15:48:04.0775 6356 MSTEE - ok
    15:48:04.0791 6356 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
    15:48:04.0806 6356 MTConfig - ok
    15:48:04.0853 6356 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
    15:48:04.0869 6356 Mup - ok
    15:48:04.0916 6356 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
    15:48:04.0931 6356 napagent - ok
    15:48:04.0978 6356 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
    15:48:04.0978 6356 NativeWifiP - ok
    15:48:05.0087 6356 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
    15:48:05.0103 6356 NDIS - ok
    15:48:05.0150 6356 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
    15:48:05.0165 6356 NdisCap - ok
    15:48:05.0196 6356 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
    15:48:05.0196 6356 NdisTapi - ok
    15:48:05.0259 6356 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
    15:48:05.0274 6356 Ndisuio - ok
    15:48:05.0352 6356 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
    15:48:05.0352 6356 NdisWan - ok
    15:48:05.0415 6356 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
    15:48:05.0415 6356 NDProxy - ok
    15:48:05.0508 6356 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
    15:48:05.0524 6356 Net Driver HPZ12 - ok
    15:48:05.0586 6356 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
    15:48:05.0586 6356 NetBIOS - ok
    15:48:05.0633 6356 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
    15:48:05.0633 6356 NetBT - ok
    15:48:05.0664 6356 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
    15:48:05.0664 6356 Netlogon - ok
    15:48:05.0696 6356 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
    15:48:05.0696 6356 Netman - ok
    15:48:05.0774 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:48:05.0836 6356 NetMsmqActivator - ok
    15:48:05.0898 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:48:05.0898 6356 NetPipeActivator - ok
    15:48:05.0930 6356 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
    15:48:05.0930 6356 netprofm - ok
    15:48:05.0945 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:48:05.0961 6356 NetTcpActivator - ok
    15:48:05.0961 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:48:05.0961 6356 NetTcpPortSharing - ok
    15:48:06.0881 6356 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
    15:48:07.0037 6356 NETw5s64 - ok
    15:48:07.0505 6356 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
    15:48:07.0646 6356 netw5v64 - ok
    15:48:07.0677 6356 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
    15:48:07.0677 6356 nfrd960 - ok
    15:48:07.0755 6356 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
    15:48:07.0755 6356 NlaSvc - ok
    15:48:07.0817 6356 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
    15:48:07.0817 6356 nosGetPlusHelper - ok
    15:48:07.0833 6356 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
    15:48:07.0848 6356 Npfs - ok
    15:48:07.0864 6356 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
    15:48:07.0864 6356 nsi - ok
    15:48:07.0926 6356 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
    15:48:07.0926 6356 nsiproxy - ok
    15:48:08.0036 6356 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
    15:48:08.0238 6356 Ntfs - ok
    15:48:08.0254 6356 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
    15:48:08.0270 6356 Null - ok
    15:48:08.0316 6356 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
    15:48:08.0316 6356 nvraid - ok
    15:48:08.0379 6356 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
    15:48:08.0379 6356 nvstor - ok
    15:48:08.0426 6356 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
    15:48:08.0426 6356 nv_agp - ok
    15:48:08.0472 6356 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
    15:48:08.0488 6356 ohci1394 - ok
    15:48:08.0566 6356 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    15:48:08.0566 6356 ose - ok
    15:48:08.0738 6356 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    15:48:08.0847 6356 osppsvc - ok
    15:48:08.0909 6356 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
    15:48:08.0909 6356 p2pimsvc - ok
    15:48:08.0956 6356 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
    15:48:08.0956 6356 p2psvc - ok
    15:48:08.0987 6356 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
    15:48:08.0987 6356 Parport - ok
    15:48:09.0034 6356 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
    15:48:09.0034 6356 partmgr - ok
    15:48:09.0065 6356 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
    15:48:09.0065 6356 PcaSvc - ok
    15:48:09.0128 6356 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
    15:48:09.0128 6356 pci - ok
    15:48:09.0206 6356 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
    15:48:09.0206 6356 pciide - ok
    15:48:09.0237 6356 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
    15:48:09.0252 6356 pcmcia - ok
    15:48:09.0284 6356 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
    15:48:09.0284 6356 pcw - ok
    15:48:09.0315 6356 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
    15:48:09.0330 6356 PEAUTH - ok
    15:48:09.0533 6356 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
    15:48:09.0533 6356 PerfHost - ok
    15:48:09.0627 6356 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
    15:48:09.0642 6356 pla - ok
    15:48:09.0705 6356 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
    15:48:09.0705 6356 PlugPlay - ok
    15:48:09.0845 6356 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
    15:48:09.0861 6356 Pml Driver HPZ12 - ok
    15:48:09.0908 6356 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
    15:48:09.0908 6356 PNRPAutoReg - ok
    15:48:09.0923 6356 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
    15:48:09.0939 6356 PNRPsvc - ok
    15:48:09.0986 6356 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\windows\system32\DRIVERS\point64.sys
    15:48:09.0986 6356 Point64 - ok
    15:48:10.0048 6356 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
    15:48:10.0079 6356 PolicyAgent - ok
    15:48:10.0110 6356 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
    15:48:10.0110 6356 Power - ok
    15:48:10.0188 6356 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
    15:48:10.0204 6356 PptpMiniport - ok
    15:48:10.0235 6356 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
    15:48:10.0235 6356 Processor - ok
    15:48:10.0360 6356 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
    15:48:10.0360 6356 ProfSvc - ok
    15:48:10.0376 6356 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
    15:48:10.0376 6356 ProtectedStorage - ok
    15:48:10.0485 6356 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
    15:48:10.0485 6356 Psched - ok
    15:48:10.0485 6356 PS_MDP - ok
    15:48:10.0625 6356 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
    15:48:10.0625 6356 PxHlpa64 - ok
    15:48:10.0734 6356 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
    15:48:10.0766 6356 ql2300 - ok
    15:48:10.0797 6356 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
    15:48:10.0797 6356 ql40xx - ok
    15:48:10.0828 6356 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
    15:48:10.0828 6356 QWAVE - ok
    15:48:10.0890 6356 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
    15:48:10.0890 6356 QWAVEdrv - ok
    15:48:10.0906 6356 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
    15:48:10.0906 6356 RasAcd - ok
    15:48:10.0953 6356 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
    15:48:10.0953 6356 RasAgileVpn - ok
    15:48:11.0000 6356 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
    15:48:11.0015 6356 RasAuto - ok
    15:48:11.0062 6356 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
    15:48:11.0078 6356 Rasl2tp - ok
    15:48:11.0156 6356 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
    15:48:11.0171 6356 RasMan - ok
    15:48:11.0202 6356 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
    15:48:11.0218 6356 RasPppoe - ok
    15:48:11.0234 6356 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
    15:48:11.0249 6356 RasSstp - ok
    15:48:11.0312 6356 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
    15:48:11.0343 6356 rdbss - ok
    15:48:11.0374 6356 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
    15:48:11.0374 6356 rdpbus - ok
    15:48:11.0405 6356 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
    15:48:11.0421 6356 RDPCDD - ok
    15:48:11.0421 6356 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
    15:48:11.0421 6356 RDPENCDD - ok
    15:48:11.0436 6356 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
    15:48:11.0436 6356 RDPREFMP - ok
    15:48:11.0514 6356 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
    15:48:11.0546 6356 RDPWD - ok
    15:48:11.0608 6356 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
    15:48:11.0624 6356 rdyboost - ok
    15:48:11.0624 6356 ReadyComm.DirectRouter - ok
    15:48:11.0655 6356 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
    15:48:11.0655 6356 RemoteAccess - ok
    15:48:11.0686 6356 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
    15:48:11.0686 6356 RemoteRegistry - ok
    15:48:11.0733 6356 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
    15:48:11.0748 6356 RFCOMM - ok
    15:48:11.0764 6356 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
    15:48:11.0764 6356 RpcEptMapper - ok
    15:48:11.0795 6356 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
    15:48:11.0795 6356 RpcLocator - ok
    15:48:11.0858 6356 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
    15:48:11.0858 6356 RpcSs - ok
    15:48:11.0951 6356 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\windows\system32\DRIVERS\RsFx0105.sys
    15:48:11.0951 6356 RsFx0105 - ok
    15:48:11.0998 6356 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
    15:48:11.0998 6356 rspndr - ok
    15:48:12.0045 6356 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
    15:48:12.0045 6356 RTHDMIAzAudService - ok
    15:48:12.0092 6356 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
    15:48:12.0092 6356 SamSs - ok
    15:48:12.0138 6356 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
    15:48:12.0138 6356 sbp2port - ok
    15:48:12.0170 6356 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
    15:48:12.0185 6356 SCardSvr - ok
    15:48:12.0216 6356 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
    15:48:12.0216 6356 scfilter - ok
    15:48:12.0419 6356 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
    15:48:12.0435 6356 Schedule - ok
    15:48:12.0466 6356 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
    15:48:12.0466 6356 SCPolicySvc - ok
    15:48:12.0513 6356 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
    15:48:12.0513 6356 sdbus - ok
    15:48:12.0560 6356 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
    15:48:12.0560 6356 SDRSVC - ok
    15:48:12.0669 6356 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    15:48:12.0669 6356 SeaPort - ok
    15:48:12.0700 6356 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
    15:48:12.0716 6356 secdrv - ok
    15:48:12.0762 6356 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
    15:48:12.0762 6356 seclogon - ok
    15:48:12.0809 6356 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
    15:48:12.0809 6356 SENS - ok
    15:48:12.0825 6356 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
    15:48:12.0825 6356 SensrSvc - ok
    15:48:12.0856 6356 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
    15:48:12.0856 6356 Serenum - ok
    15:48:12.0872 6356 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
    15:48:12.0872 6356 Serial - ok
    15:48:12.0950 6356 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
    15:48:12.0950 6356 sermouse - ok
    15:48:12.0996 6356 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
    15:48:12.0996 6356 SessionEnv - ok
    15:48:13.0028 6356 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
    15:48:13.0028 6356 sffdisk - ok
    15:48:13.0043 6356 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
    15:48:13.0043 6356 sffp_mmc - ok
    15:48:13.0059 6356 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
    15:48:13.0059 6356 sffp_sd - ok
    15:48:13.0090 6356 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
    15:48:13.0090 6356 sfloppy - ok
    15:48:13.0184 6356 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
    15:48:13.0199 6356 Sftfs - ok
    15:48:13.0371 6356 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    15:48:13.0386 6356 sftlist - ok
    15:48:13.0480 6356 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
    15:48:13.0480 6356 Sftplay - ok
    15:48:13.0496 6356 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
    15:48:13.0496 6356 Sftredir - ok
    15:48:13.0527 6356 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
    15:48:13.0527 6356 Sftvol - ok
    15:48:13.0542 6356 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    15:48:13.0542 6356 sftvsa - ok
    15:48:13.0589 6356 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
    15:48:13.0605 6356 ShellHWDetection - ok
    15:48:13.0620 6356 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
    15:48:13.0620 6356 SiSRaid2 - ok
    15:48:13.0636 6356 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
    15:48:13.0652 6356 SiSRaid4 - ok
    15:48:13.0745 6356 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    15:48:13.0745 6356 SkypeUpdate - ok
    15:48:13.0870 6356 [ AD2FA5CB9E9EBF668786CCDAE5CFE458 ] Slidebar Notifier Service C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
    15:48:13.0870 6356 Slidebar Notifier Service - ok
    15:48:13.0901 6356 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
    15:48:13.0917 6356 Smb - ok
    15:48:13.0979 6356 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
    15:48:13.0979 6356 SNMPTRAP - ok
    15:48:14.0010 6356 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
    15:48:14.0010 6356 spldr - ok
    15:48:14.0120 6356 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
    15:48:14.0135 6356 Spooler - ok
    15:48:14.0260 6356 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
    15:48:14.0276 6356 sppsvc - ok
    15:48:14.0322 6356 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
    15:48:14.0322 6356 sppuinotify - ok
    15:48:14.0463 6356 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
    15:48:14.0478 6356 SQLAgent$SQLEXPRESS - ok
    15:48:14.0603 6356 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    15:48:14.0603 6356 SQLBrowser - ok
    15:48:14.0681 6356 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    15:48:14.0681 6356 SQLWriter - ok
    15:48:14.0744 6356 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
    15:48:14.0744 6356 srv - ok
    15:48:14.0775 6356 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
    15:48:14.0790 6356 srv2 - ok
    15:48:14.0822 6356 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
    15:48:14.0822 6356 srvnet - ok
    15:48:14.0900 6356 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
    15:48:14.0915 6356 SSDPSRV - ok
    15:48:14.0915 6356 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
    15:48:14.0915 6356 SstpSvc - ok
    15:48:15.0040 6356 Steam Client Service - ok
    15:48:15.0102 6356 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
    15:48:15.0102 6356 stexstor - ok
    15:48:15.0243 6356 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
    15:48:15.0258 6356 stisvc - ok
    15:48:15.0290 6356 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
    15:48:15.0305 6356 swenum - ok
    15:48:15.0430 6356 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    15:48:15.0446 6356 SwitchBoard - ok
    15:48:15.0586 6356 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
    15:48:15.0602 6356 swprv - ok
    15:48:15.0664 6356 [ D0FDB0C4429209D7E2F073375EBD0074 ] SxSmemcd C:\windows\system32\DRIVERS\SxSmemcd.sys
    15:48:15.0664 6356 SxSmemcd - ok
    15:48:15.0726 6356 [ E5D73228176C9F69072D1F91CED83484 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
    15:48:15.0726 6356 SynTP - ok
    15:48:15.0960 6356 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
    15:48:15.0976 6356 SysMain - ok
    15:48:16.0132 6356 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
    15:48:16.0132 6356 TabletInputService - ok
    15:48:16.0506 6356 [ 9C2BA01C621448018DA14AF27F7BD48B ] TabletServiceWacom C:\windows\system32\Wacom_Tablet.exe
    15:48:16.0616 6356 TabletServiceWacom - ok
    15:48:16.0756 6356 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
    15:48:16.0756 6356 TapiSrv - ok
    15:48:16.0787 6356 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
    15:48:16.0787 6356 TBS - ok
    15:48:16.0881 6356 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
    15:48:16.0896 6356 Tcpip - ok
    15:48:16.0959 6356 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
    15:48:16.0974 6356 TCPIP6 - ok
    15:48:17.0193 6356 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
    15:48:17.0208 6356 tcpipreg - ok
    15:48:17.0240 6356 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
    15:48:17.0240 6356 TDPIPE - ok
    15:48:17.0286 6356 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
    15:48:17.0302 6356 TDTCP - ok
    15:48:17.0396 6356 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
    15:48:17.0396 6356 tdx - ok
    15:48:17.0442 6356 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
    15:48:17.0442 6356 TermDD - ok
    15:48:17.0474 6356 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
    15:48:17.0489 6356 TermService - ok
    15:48:17.0505 6356 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
    15:48:17.0505 6356 Themes - ok
    15:48:17.0536 6356 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
    15:48:17.0536 6356 THREADORDER - ok
    15:48:17.0567 6356 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
    15:48:17.0567 6356 TrkWks - ok
    15:48:17.0645 6356 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
     
  18. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    15:48:17.0645 6356 TrustedInstaller - ok
    15:48:17.0692 6356 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
    15:48:17.0692 6356 tssecsrv - ok
    15:48:17.0739 6356 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
    15:48:17.0739 6356 TsUsbFlt - ok
    15:48:17.0817 6356 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
    15:48:17.0817 6356 tunnel - ok
    15:48:17.0848 6356 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
    15:48:17.0848 6356 uagp35 - ok
    15:48:17.0895 6356 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
    15:48:17.0895 6356 udfs - ok
    15:48:17.0926 6356 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
    15:48:17.0926 6356 UI0Detect - ok
    15:48:18.0004 6356 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
    15:48:18.0004 6356 uliagpkx - ok
    15:48:18.0051 6356 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
    15:48:18.0051 6356 umbus - ok
    15:48:18.0082 6356 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
    15:48:18.0082 6356 UmPass - ok
    15:48:18.0456 6356 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    15:48:18.0519 6356 UNS - ok
    15:48:18.0566 6356 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
    15:48:18.0566 6356 upnphost - ok
    15:48:18.0612 6356 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
    15:48:18.0612 6356 USBAAPL64 - ok
    15:48:18.0675 6356 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
    15:48:18.0675 6356 usbccgp - ok
    15:48:18.0722 6356 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
    15:48:18.0737 6356 usbcir - ok
    15:48:18.0753 6356 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
    15:48:18.0753 6356 usbehci - ok
    15:48:18.0784 6356 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
    15:48:18.0784 6356 usbhub - ok
    15:48:18.0815 6356 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
    15:48:18.0815 6356 usbohci - ok
    15:48:18.0846 6356 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
    15:48:18.0846 6356 usbprint - ok
    15:48:18.0893 6356 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
    15:48:18.0909 6356 usbscan - ok
    15:48:18.0924 6356 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
    15:48:18.0924 6356 USBSTOR - ok
    15:48:18.0940 6356 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
    15:48:18.0940 6356 usbuhci - ok
    15:48:18.0971 6356 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
    15:48:18.0971 6356 usbvideo - ok
    15:48:19.0002 6356 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
    15:48:19.0002 6356 UxSms - ok
    15:48:19.0034 6356 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
    15:48:19.0034 6356 VaultSvc - ok
    15:48:19.0049 6356 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
    15:48:19.0049 6356 vdrvroot - ok
    15:48:19.0112 6356 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
    15:48:19.0127 6356 vds - ok
    15:48:19.0158 6356 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
    15:48:19.0158 6356 vga - ok
    15:48:19.0174 6356 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
    15:48:19.0174 6356 VgaSave - ok
    15:48:19.0221 6356 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
    15:48:19.0221 6356 vhdmp - ok
    15:48:19.0236 6356 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
    15:48:19.0252 6356 viaide - ok
    15:48:19.0268 6356 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
    15:48:19.0268 6356 volmgr - ok
    15:48:19.0314 6356 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
    15:48:19.0330 6356 volmgrx - ok
    15:48:19.0346 6356 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
    15:48:19.0361 6356 volsnap - ok
    15:48:19.0361 6356 vpnva - ok
    15:48:19.0392 6356 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
    15:48:19.0408 6356 vsmraid - ok
    15:48:19.0486 6356 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
    15:48:19.0502 6356 VSS - ok
    15:48:19.0564 6356 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
    15:48:19.0564 6356 vwifibus - ok
    15:48:19.0611 6356 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
    15:48:19.0611 6356 vwififlt - ok
    15:48:19.0626 6356 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
    15:48:19.0626 6356 vwifimp - ok
    15:48:19.0673 6356 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
    15:48:19.0673 6356 W32Time - ok
    15:48:19.0751 6356 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\windows\system32\DRIVERS\wacmoumonitor.sys
    15:48:19.0751 6356 wacmoumonitor - ok
    15:48:19.0829 6356 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys
    15:48:19.0845 6356 wacommousefilter - ok
    15:48:19.0876 6356 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
    15:48:19.0876 6356 WacomPen - ok
    15:48:19.0907 6356 wacomvhid - ok
    15:48:19.0970 6356 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
    15:48:19.0985 6356 WANARP - ok
    15:48:19.0985 6356 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
    15:48:19.0985 6356 Wanarpv6 - ok
    15:48:20.0063 6356 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
    15:48:20.0328 6356 WatAdminSvc - ok
    15:48:20.0406 6356 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
    15:48:20.0422 6356 wbengine - ok
    15:48:20.0438 6356 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
    15:48:20.0453 6356 WbioSrvc - ok
    15:48:20.0500 6356 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
    15:48:20.0500 6356 wcncsvc - ok
    15:48:20.0516 6356 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
    15:48:20.0516 6356 WcsPlugInService - ok
    15:48:20.0547 6356 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
    15:48:20.0547 6356 Wd - ok
    15:48:20.0609 6356 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys
    15:48:20.0609 6356 WDC_SAM - ok
    15:48:20.0640 6356 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
    15:48:20.0656 6356 Wdf01000 - ok
    15:48:20.0687 6356 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
    15:48:20.0687 6356 WdiServiceHost - ok
    15:48:20.0703 6356 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
    15:48:20.0703 6356 WdiSystemHost - ok
    15:48:20.0750 6356 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys
    15:48:20.0750 6356 wdmirror - ok
    15:48:20.0812 6356 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
    15:48:20.0812 6356 WebClient - ok
    15:48:20.0859 6356 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
    15:48:20.0874 6356 Wecsvc - ok
    15:48:20.0906 6356 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
    15:48:20.0906 6356 wercplsupport - ok
    15:48:20.0968 6356 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
    15:48:20.0968 6356 WerSvc - ok
    15:48:21.0015 6356 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
    15:48:21.0015 6356 WfpLwf - ok
    15:48:21.0046 6356 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
    15:48:21.0062 6356 WimFltr - ok
    15:48:21.0062 6356 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
    15:48:21.0077 6356 WIMMount - ok
    15:48:21.0093 6356 WinHttpAutoProxySvc - ok
    15:48:21.0155 6356 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
    15:48:21.0171 6356 Winmgmt - ok
    15:48:21.0264 6356 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
    15:48:21.0280 6356 WinRM - ok
    15:48:21.0436 6356 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
    15:48:21.0436 6356 WinUsb - ok
    15:48:21.0483 6356 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
    15:48:21.0498 6356 Wlansvc - ok
    15:48:21.0608 6356 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    15:48:21.0686 6356 wlidsvc - ok
    15:48:21.0732 6356 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
    15:48:21.0732 6356 WmiAcpi - ok
    15:48:21.0795 6356 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
    15:48:21.0795 6356 wmiApSrv - ok
    15:48:21.0826 6356 WMPNetworkSvc - ok
    15:48:21.0842 6356 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
    15:48:21.0842 6356 WPCSvc - ok
    15:48:21.0904 6356 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
    15:48:21.0920 6356 WPDBusEnum - ok
    15:48:21.0951 6356 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
    15:48:21.0951 6356 ws2ifsl - ok
    15:48:22.0013 6356 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
    15:48:22.0013 6356 WSDPrintDevice - ok
    15:48:22.0013 6356 WSearch - ok
    15:48:22.0076 6356 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
    15:48:22.0091 6356 wsvd - ok
    15:48:22.0107 6356 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
    15:48:22.0107 6356 WudfPf - ok
    15:48:22.0169 6356 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
    15:48:22.0169 6356 WUDFRd - ok
    15:48:22.0232 6356 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
    15:48:22.0232 6356 wudfsvc - ok
    15:48:22.0263 6356 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
    15:48:22.0263 6356 WwanSvc - ok
    15:48:22.0341 6356 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
    15:48:22.0341 6356 xusb21 - ok
    15:48:22.0403 6356 ================ Scan global ===============================
    15:48:22.0434 6356 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
    15:48:22.0481 6356 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
    15:48:22.0512 6356 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
    15:48:22.0528 6356 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
    15:48:22.0590 6356 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
    15:48:22.0590 6356 [Global] - ok
    15:48:22.0590 6356 ================ Scan MBR ==================================
    15:48:22.0606 6356 [ FF1761EF7140665743A6D636F95DFD81 ] \Device\Harddisk0\DR0
    15:48:22.0637 6356 \Device\Harddisk0\DR0 - ok
    15:48:22.0637 6356 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
    15:48:33.0510 6356 \Device\Harddisk1\DR1 - ok
    15:48:33.0510 6356 ================ Scan VBR ==================================
    15:48:33.0542 6356 [ 3384610CAF42FD514A87B6B32845DCE9 ] \Device\Harddisk0\DR0\Partition1
    15:48:33.0542 6356 \Device\Harddisk0\DR0\Partition1 - ok
    15:48:33.0557 6356 [ 037F10F67D64DA6F5B02CA06737C3F06 ] \Device\Harddisk0\DR0\Partition2
    15:48:33.0573 6356 \Device\Harddisk0\DR0\Partition2 - ok
    15:48:33.0604 6356 [ DAB9817966483A10B7ED13D86E269570 ] \Device\Harddisk0\DR0\Partition3
    15:48:33.0604 6356 \Device\Harddisk0\DR0\Partition3 - ok
    15:48:33.0604 6356 [ CEF03AD135D8F67E1B707B7F9ED27C21 ] \Device\Harddisk1\DR1\Partition1
    15:48:33.0604 6356 \Device\Harddisk1\DR1\Partition1 - ok
    15:48:33.0604 6356 ============================================================
    15:48:33.0604 6356 Scan finished
    15:48:33.0604 6356 ============================================================
    15:48:33.0620 3008 Detected object count: 1
    15:48:33.0620 3008 Actual detected object count: 1
    15:49:03.0899 3008 c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll - copied to quarantine
    15:49:03.0899 3008 Akamai ( HiddenFile.Multi.Generic ) - User select action: Quarantine
    15:49:57.0875 5964 ============================================================
    15:49:57.0875 5964 Scan started
    15:49:57.0875 5964 Mode: Manual;
    15:49:57.0875 5964 ============================================================
    15:49:58.0437 5964 ================ Scan system memory ========================
    15:49:58.0437 5964 System memory - ok
    15:49:58.0437 5964 ================ Scan services =============================
    15:49:59.0389 5964 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
    15:49:59.0404 5964 1394ohci - ok
    15:49:59.0482 5964 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
    15:49:59.0482 5964 ACPI - ok
    15:49:59.0529 5964 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
    15:49:59.0529 5964 AcpiPmi - ok
    15:49:59.0591 5964 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
    15:49:59.0591 5964 ACPIVPC - ok
    15:50:01.0214 5964 [ F3CD7B20B27D1772C946DF993FF3635C ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    15:50:01.0214 5964 AdobeFlashPlayerUpdateSvc - ok
    15:50:01.0307 5964 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
    15:50:01.0307 5964 adp94xx - ok
    15:50:01.0385 5964 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
    15:50:01.0401 5964 adpahci - ok
    15:50:01.0417 5964 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
    15:50:01.0417 5964 adpu320 - ok
    15:50:01.0495 5964 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
    15:50:01.0495 5964 AeLookupSvc - ok
    15:50:01.0588 5964 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
    15:50:01.0604 5964 AFD - ok
    15:50:01.0682 5964 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
    15:50:01.0682 5964 agp440 - ok
    15:50:02.0259 5964 [ E1B1F152C4E82C85E846D25C9E6E6CC8 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll
    15:50:02.0259 5964 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll. md5: E1B1F152C4E82C85E846D25C9E6E6CC8
    15:50:02.0275 5964 Akamai ( HiddenFile.Multi.Generic ) - warning
    15:50:02.0275 5964 Akamai - detected HiddenFile.Multi.Generic (1)
    15:50:02.0321 5964 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
    15:50:02.0321 5964 ALG - ok
    15:50:02.0368 5964 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
    15:50:02.0368 5964 aliide - ok
    15:50:02.0462 5964 [ 52BC611119BDA4FBAD24DC1F577E68F4 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
    15:50:02.0462 5964 AMD External Events Utility - ok
    15:50:02.0509 5964 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
    15:50:02.0509 5964 amdide - ok
    15:50:02.0540 5964 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
    15:50:02.0540 5964 AmdK8 - ok
    15:50:03.0460 5964 [ F34CF764E8BC26E7BBEF0C82A8CE45DB ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys
    15:50:03.0491 5964 amdkmdag - ok
    15:50:03.0538 5964 [ 0330B63509526D1074E119FFC1741EC3 ] amdkmdap
    C:\windows\system32\DRIVERS\atikmpag.sys
    15:50:03.0538 5964 amdkmdap - ok
    15:50:03.0585 5964 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
    15:50:03.0585 5964 AmdPPM - ok
    15:50:03.0679 5964 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
    15:50:03.0679 5964 amdsata - ok
    15:50:03.0710 5964 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
    15:50:03.0725 5964 amdsbs - ok
    15:50:03.0772 5964 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
    15:50:03.0772 5964 amdxata - ok
    15:50:03.0835 5964 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
    15:50:03.0835 5964 AppID - ok
    15:50:03.0897 5964 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
    15:50:03.0897 5964 AppIDSvc - ok
    15:50:03.0944 5964 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
    15:50:03.0944 5964 Appinfo - ok
    15:50:04.0100 5964 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    15:50:04.0115 5964 Apple Mobile Device - ok
    15:50:04.0131 5964 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
    15:50:04.0131 5964 arc - ok
    15:50:04.0178 5964 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
    15:50:04.0178 5964 arcsas - ok
    15:50:04.0552 5964 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    15:50:04.0552 5964 aspnet_state - ok
    15:50:04.0615 5964 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
    15:50:04.0615 5964 AsyncMac - ok
    15:50:04.0693 5964 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
    15:50:04.0693 5964 atapi - ok
    15:50:04.0817 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    15:50:04.0817 5964 AudioEndpointBuilder - ok
    15:50:04.0849 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
    15:50:04.0849 5964 AudioSrv - ok
    15:50:05.0457 5964 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
    15:50:05.0488 5964 AVGIDSAgent - ok
    15:50:05.0660 5964 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
    15:50:05.0660 5964 AVGIDSDriver - ok
    15:50:05.0707 5964 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys
    15:50:05.0707 5964 AVGIDSFilter - ok
    15:50:05.0753 5964 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
    15:50:05.0753 5964 AVGIDSHA - ok
    15:50:05.0925 5964 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
    15:50:05.0925 5964 Avgldx64 - ok
    15:50:05.0987 5964 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
    15:50:05.0987 5964 Avgmfx64 - ok
    15:50:06.0050 5964 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
    15:50:06.0050 5964 Avgrkx64 - ok
    15:50:06.0128 5964 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
    15:50:06.0128 5964 Avgtdia - ok
    15:50:06.0221 5964 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    15:50:06.0221 5964 avgwd - ok
    15:50:06.0268 5964 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
    15:50:06.0268 5964 AxInstSV - ok
    15:50:06.0455 5964 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
    15:50:06.0455 5964 b06bdrv - ok
    15:50:06.0518 5964 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
    15:50:06.0518 5964 b57nd60a - ok
    15:50:06.0736 5964 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
    15:50:06.0736 5964 BcmSqlStartupSvc - ok
    15:50:06.0799 5964 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
    15:50:06.0799 5964 BDESVC - ok
    15:50:06.0830 5964 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
    15:50:06.0830 5964 Beep - ok
    15:50:06.0861 5964 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
    15:50:06.0861 5964 blbdrive - ok
    15:50:07.0064 5964 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    15:50:07.0064 5964 Bonjour Service - ok
    15:50:07.0126 5964 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
    15:50:07.0126 5964 bowser - ok
    15:50:07.0189 5964 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
    15:50:07.0189 5964 BrFiltLo - ok
    15:50:07.0235 5964 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
    15:50:07.0235 5964 BrFiltUp - ok
    15:50:07.0298 5964 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys
    15:50:07.0298 5964 Bridge0 - ok
    15:50:07.0345 5964 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
    15:50:07.0345 5964 Browser - ok
    15:50:07.0376 5964 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
    15:50:07.0376 5964 Brserid - ok
    15:50:07.0391 5964 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
    15:50:07.0391 5964 BrSerWdm - ok
    15:50:07.0407 5964 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
    15:50:07.0407 5964 BrUsbMdm - ok
    15:50:07.0423 5964 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
    15:50:07.0423 5964 BrUsbSer - ok
    15:50:07.0501 5964 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
    15:50:07.0501 5964 BthEnum - ok
    15:50:07.0547 5964 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
    15:50:07.0547 5964 BTHMODEM - ok
    15:50:07.0594 5964 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
    15:50:07.0594 5964 BthPan - ok
    15:50:07.0766 5964 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
    15:50:07.0781 5964 BTHPORT - ok
    15:50:07.0813 5964 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
    15:50:07.0813 5964 bthserv - ok
    15:50:07.0859 5964 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
    15:50:07.0859 5964 BTHUSB - ok
    15:50:07.0922 5964 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\windows\system32\drivers\btusbflt.sys
    15:50:07.0922 5964 btusbflt - ok
    15:50:07.0969 5964 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\windows\system32\drivers\btwaudio.sys
    15:50:07.0969 5964 btwaudio - ok
    15:50:08.0015 5964 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
    15:50:08.0031 5964 btwavdt - ok
    15:50:08.0374 5964 [ A8C22ACBE494D2F92FDB4C7EDD09528C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
    15:50:08.0390 5964 btwdins - ok
    15:50:08.0405 5964 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
    15:50:08.0421 5964 btwl2cap - ok
    15:50:08.0452 5964 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
    15:50:08.0452 5964 btwrchid - ok
    15:50:08.0515 5964 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
    15:50:08.0515 5964 cdfs - ok
    15:50:08.0577 5964 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
    15:50:08.0577 5964 cdrom - ok
    15:50:08.0624 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
    15:50:08.0624 5964 CertPropSvc - ok
    15:50:08.0686 5964 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
    15:50:08.0686 5964 circlass - ok
    15:50:08.0811 5964 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
    15:50:08.0811 5964 CLFS - ok
    15:50:09.0014 5964 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    15:50:09.0014 5964 clr_optimization_v2.0.50727_32 - ok
    15:50:09.0154 5964 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    15:50:09.0154 5964 clr_optimization_v2.0.50727_64 - ok
    15:50:09.0653 5964 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    15:50:09.0653 5964 clr_optimization_v4.0.30319_32 - ok
    15:50:09.0685 5964 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    15:50:09.0685 5964 clr_optimization_v4.0.30319_64 - ok
    15:50:09.0716 5964 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
    15:50:09.0716 5964 CmBatt - ok
    15:50:09.0809 5964 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
    15:50:09.0809 5964 cmdide - ok
    15:50:09.0950 5964 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
    15:50:09.0950 5964 CNG - ok
    15:50:09.0997 5964 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
    15:50:09.0997 5964 Compbatt - ok
    15:50:10.0028 5964 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
    15:50:10.0043 5964 CompositeBus - ok
    15:50:10.0043 5964 COMSysApp - ok
    15:50:10.0075 5964 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
    15:50:10.0075 5964 crcdisk - ok
    15:50:10.0153 5964 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
    15:50:10.0153 5964 CryptSvc - ok
     
  19. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    15:50:10.0433 5964 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    15:50:10.0433 5964 cvhsvc - ok
    15:50:10.0574 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
    15:50:10.0574 5964 DcomLaunch - ok
    15:50:10.0636 5964 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
    15:50:10.0636 5964 defragsvc - ok
    15:50:10.0683 5964 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
    15:50:10.0683 5964 DfsC - ok
    15:50:10.0777 5964 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
    15:50:10.0777 5964 Dhcp - ok
    15:50:10.0808 5964 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
    15:50:10.0808 5964 discache - ok
    15:50:10.0855 5964 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
    15:50:10.0855 5964 Disk - ok
    15:50:11.0104 5964 [ 6774B807CE89A5EC8F61551C15CCA964 ] dleeCATSCustConnectService C:\windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe
    15:50:11.0120 5964 dleeCATSCustConnectService - ok
    15:50:11.0120 5964 dlee_device - ok
    15:50:11.0167 5964 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
    15:50:11.0167 5964 Dnscache - ok
    15:50:11.0229 5964 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
    15:50:11.0245 5964 dot3svc - ok
    15:50:11.0291 5964 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
    15:50:11.0291 5964 dot4 - ok
    15:50:11.0354 5964 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
    15:50:11.0354 5964 Dot4Print - ok
    15:50:11.0401 5964 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
    15:50:11.0401 5964 dot4usb - ok
    15:50:11.0447 5964 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
    15:50:11.0463 5964 DPS - ok
    15:50:11.0541 5964 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
    15:50:11.0541 5964 drmkaud - ok
    15:50:11.0603 5964 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
    15:50:11.0603 5964 dtsoftbus01 - ok
    15:50:11.0822 5964 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
    15:50:11.0822 5964 DXGKrnl - ok
    15:50:11.0869 5964 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
    15:50:11.0869 5964 EapHost - ok
    15:50:12.0493 5964 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
    15:50:12.0508 5964 ebdrv - ok
    15:50:12.0586 5964 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
    15:50:12.0586 5964 EFS - ok
    15:50:12.0976 5964 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
    15:50:12.0976 5964 ehRecvr - ok
    15:50:13.0054 5964 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
    15:50:13.0054 5964 ehSched - ok
    15:50:13.0179 5964 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
    15:50:13.0179 5964 elxstor - ok
    15:50:13.0210 5964 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
    15:50:13.0210 5964 ErrDev - ok
    15:50:13.0335 5964 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
    15:50:13.0335 5964 EventSystem - ok
    15:50:13.0366 5964 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
    15:50:13.0382 5964 exfat - ok
    15:50:13.0397 5964 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
    15:50:13.0397 5964 fastfat - ok
    15:50:13.0538 5964 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
    15:50:13.0553 5964 Fax - ok
    15:50:13.0585 5964 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
    15:50:13.0585 5964 fdc - ok
    15:50:13.0647 5964 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
    15:50:13.0647 5964 fdPHost - ok
    15:50:13.0694 5964 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
    15:50:13.0694 5964 FDResPub - ok
    15:50:13.0756 5964 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
    15:50:13.0756 5964 FileInfo - ok
    15:50:13.0803 5964 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
    15:50:13.0803 5964 Filetrace - ok
    15:50:14.0115 5964 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    15:50:14.0131 5964 FLEXnet Licensing Service 64 - ok
    15:50:14.0162 5964 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
    15:50:14.0162 5964 flpydisk - ok
    15:50:14.0209 5964 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
    15:50:14.0209 5964 FltMgr - ok
    15:50:14.0396 5964 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
    15:50:14.0411 5964 FontCache - ok
    15:50:14.0489 5964 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    15:50:14.0489 5964 FontCache3.0.0.0 - ok
    15:50:14.0567 5964 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
    15:50:14.0567 5964 FsDepends - ok
    15:50:14.0614 5964 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
    15:50:14.0614 5964 Fs_Rec - ok
    15:50:14.0677 5964 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
    15:50:14.0677 5964 fvevol - ok
    15:50:14.0692 5964 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
    15:50:14.0692 5964 gagp30kx - ok
    15:50:14.0770 5964 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    15:50:14.0770 5964 GEARAspiWDM - ok
    15:50:14.0864 5964 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll
    15:50:14.0864 5964 getPlusHelper - ok
    15:50:14.0942 5964 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
    15:50:14.0942 5964 gpsvc - ok
    15:50:15.0051 5964 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    15:50:15.0051 5964 gupdate - ok
    15:50:15.0051 5964 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    15:50:15.0051 5964 gupdatem - ok
    15:50:15.0129 5964 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
    15:50:15.0129 5964 hcw85cir - ok
    15:50:15.0254 5964 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    15:50:15.0254 5964 HdAudAddService - ok
    15:50:15.0301 5964 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
    15:50:15.0301 5964 HDAudBus - ok
    15:50:15.0363 5964 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
    15:50:15.0363 5964 HECIx64 - ok
    15:50:15.0379 5964 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
    15:50:15.0379 5964 HidBatt - ok
    15:50:15.0410 5964 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
    15:50:15.0410 5964 HidBth - ok
    15:50:15.0441 5964 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
    15:50:15.0441 5964 HidIr - ok
    15:50:15.0566 5964 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
    15:50:15.0566 5964 hidserv - ok
    15:50:15.0613 5964 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
    15:50:15.0628 5964 HidUsb - ok
    15:50:15.0706 5964 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
    15:50:15.0722 5964 hkmsvc - ok
    15:50:15.0800 5964 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
    15:50:15.0800 5964 HomeGroupListener - ok
    15:50:15.0847 5964 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    15:50:15.0862 5964 HomeGroupProvider - ok
    15:50:16.0283 5964 [ 5694549D12843046DC4D23DE86CB8447 ] HoudiniLicenseServer C:\windows\system32\sesinetd.exe
    15:50:16.0315 5964 HoudiniLicenseServer - ok
    15:50:16.0705 5964 [ B9B7C912D381F35E9CE66A58AA57A455 ] HoudiniServer C:\windows\system32\hserver.exe
    15:50:16.0736 5964 HoudiniServer - ok
    15:50:16.0798 5964 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
    15:50:16.0798 5964 HpSAMD - ok
    15:50:17.0126 5964 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
    15:50:17.0126 5964 HPSLPSVC - ok
    15:50:17.0282 5964 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
    15:50:17.0297 5964 HTTP - ok
    15:50:17.0360 5964 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
    15:50:17.0360 5964 hwpolicy - ok
    15:50:17.0422 5964 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
    15:50:17.0422 5964 i8042prt - ok
    15:50:17.0453 5964 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
    15:50:17.0453 5964 iaStor - ok
    15:50:17.0563 5964 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    15:50:17.0563 5964 IAStorDataMgrSvc - ok
    15:50:17.0672 5964 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
    15:50:17.0672 5964 iaStorV - ok
    15:50:17.0875 5964 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    15:50:17.0875 5964 idsvc - ok
    15:50:18.0998 5964 [ 90AFAB2B5962B1CD5BB23320675D6174 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
    15:50:19.0045 5964 igfx - ok
    15:50:19.0185 5964 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
    15:50:19.0185 5964 IGRS - ok
    15:50:19.0247 5964 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
    15:50:19.0247 5964 iirsp - ok
    15:50:19.0403 5964 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
    15:50:19.0403 5964 IKEEXT - ok
    15:50:19.0435 5964 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
    15:50:19.0435 5964 Impcd - ok
    15:50:19.0825 5964 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
    15:50:19.0840 5964 IntcAzAudAddService - ok
    15:50:19.0871 5964 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
    15:50:19.0871 5964 intelide - ok
    15:50:20.0277 5964 [ 90AFAB2B5962B1CD5BB23320675D6174 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
    15:50:20.0308 5964 intelkmd - ok
    15:50:20.0371 5964 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
    15:50:20.0371 5964 intelppm - ok
    15:50:20.0464 5964 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
    15:50:20.0464 5964 IPBusEnum - ok
    15:50:20.0558 5964 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
    15:50:20.0558 5964 IpFilterDriver - ok
    15:50:20.0620 5964 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
    15:50:20.0620 5964 IPMIDRV - ok
    15:50:20.0651 5964 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
    15:50:20.0667 5964 IPNAT - ok
    15:50:20.0870 5964 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    15:50:20.0885 5964 iPod Service - ok
    15:50:20.0901 5964 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
    15:50:20.0901 5964 IRENUM - ok
    15:50:20.0963 5964 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
    15:50:20.0963 5964 isapnp - ok
    15:50:21.0041 5964 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
    15:50:21.0057 5964 iScsiPrt - ok
    15:50:21.0073 5964 [ D95D5FF8793393B35500B08DCA5E4B72 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
    15:50:21.0088 5964 JMCR - ok
    15:50:21.0104 5964 [ CEE38AB6627CB2F8A97DD7D5A8449944 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys
    15:50:21.0104 5964 JmUsbCcgp - ok
    15:50:21.0119 5964 [ 6BA6296905D46C003838D1DD05F38DDD ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys
    15:50:21.0119 5964 JmUsbVideo - ok
    15:50:21.0151 5964 [ 4DCA10EF74CB49D6460F23A34C3593FB ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys
    15:50:21.0151 5964 JmUsbVideo2 - ok
    15:50:21.0197 5964 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
    15:50:21.0197 5964 k57nd60a - ok
    15:50:21.0229 5964 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
    15:50:21.0229 5964 kbdclass - ok
    15:50:21.0260 5964 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
    15:50:21.0260 5964 kbdhid - ok
    15:50:21.0291 5964 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
    15:50:21.0291 5964 KeyIso - ok
    15:50:21.0369 5964 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
    15:50:21.0369 5964 KSecDD - ok
    15:50:21.0431 5964 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
    15:50:21.0431 5964 KSecPkg - ok
    15:50:21.0447 5964 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
    15:50:21.0463 5964 ksthunk - ok
    15:50:21.0541 5964 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
    15:50:21.0541 5964 KtmRm - ok
    15:50:21.0603 5964 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
    15:50:21.0603 5964 LanmanServer - ok
    15:50:21.0899 5964 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    15:50:21.0899 5964 LanmanWorkstation - ok
    15:50:22.0133 5964 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
    15:50:22.0149 5964 Lenovo ReadyComm AppSvc - ok
    15:50:22.0274 5964 [ 04D9897EAAAE535C4B7DD61574F1A021 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
    15:50:22.0274 5964 Lenovo ReadyComm ConnSvc - ok
    15:50:22.0289 5964 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
    15:50:22.0289 5964 LHDmgr - ok
    15:50:22.0305 5964 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
    15:50:22.0321 5964 lltdio - ok
    15:50:22.0367 5964 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
    15:50:22.0367 5964 lltdsvc - ok
    15:50:22.0399 5964 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
    15:50:22.0399 5964 lmhosts - ok
    15:50:22.0492 5964 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    15:50:22.0492 5964 LMS - ok
    15:50:22.0523 5964 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
    15:50:22.0523 5964 LSI_FC - ok
    15:50:22.0539 5964 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
    15:50:22.0539 5964 LSI_SAS - ok
    15:50:22.0570 5964 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
    15:50:22.0570 5964 LSI_SAS2 - ok
    15:50:22.0586 5964 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
    15:50:22.0601 5964 LSI_SCSI - ok
    15:50:22.0617 5964 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
    15:50:22.0617 5964 luafv - ok
    15:50:22.0711 5964 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
    15:50:22.0711 5964 Mcx2Svc - ok
    15:50:22.0742 5964 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
    15:50:22.0742 5964 megasas - ok
    15:50:22.0773 5964 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
    15:50:22.0789 5964 MegaSR - ok
    15:50:22.0820 5964 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
    15:50:22.0820 5964 MMCSS - ok
    15:50:22.0851 5964 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
    15:50:22.0851 5964 Modem - ok
    15:50:22.0945 5964 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
    15:50:22.0945 5964 monitor - ok
    15:50:22.0991 5964 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
    15:50:22.0991 5964 mouclass - ok
    15:50:23.0007 5964 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
    15:50:23.0007 5964 mouhid - ok
    15:50:23.0116 5964 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
    15:50:23.0132 5964 mountmgr - ok
    15:50:23.0225 5964 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    15:50:23.0225 5964 MozillaMaintenance - ok
    15:50:23.0303 5964 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
    15:50:23.0303 5964 mpio - ok
    15:50:23.0350 5964 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
    15:50:23.0350 5964 mpsdrv - ok
    15:50:23.0397 5964 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
    15:50:23.0413 5964 MRxDAV - ok
    15:50:23.0459 5964 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
    15:50:23.0459 5964 mrxsmb - ok
    15:50:23.0537 5964 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
    15:50:23.0553 5964 mrxsmb10 - ok
    15:50:23.0615 5964 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
    15:50:23.0615 5964 mrxsmb20 - ok
    15:50:23.0678 5964 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
    15:50:23.0678 5964 msahci - ok
    15:50:23.0725 5964 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
    15:50:23.0725 5964 msdsm - ok
    15:50:23.0756 5964 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
    15:50:23.0756 5964 MSDTC - ok
    15:50:23.0818 5964 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
    15:50:23.0818 5964 Msfs - ok
    15:50:23.0834 5964 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
    15:50:23.0834 5964 mshidkmdf - ok
    15:50:23.0927 5964 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
    15:50:23.0927 5964 msisadrv - ok
    15:50:23.0943 5964 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
    15:50:23.0943 5964 MSiSCSI - ok
    15:50:23.0959 5964 msiserver - ok
    15:50:23.0990 5964 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
    15:50:23.0990 5964 MSKSSRV - ok
    15:50:24.0005 5964 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
    15:50:24.0005 5964 MSPCLOCK - ok
    15:50:24.0021 5964 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
    15:50:24.0021 5964 MSPQM - ok
    15:50:24.0099 5964 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
    15:50:24.0099 5964 MsRPC - ok
    15:50:24.0161 5964 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
    15:50:24.0177 5964 mssmbios - ok
    15:50:24.0255 5964 MSSQL$MSSMLBIZ - ok
    15:50:24.0380 5964 MSSQL$SQLEXPRESS - ok
    15:50:24.0473 5964 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
    15:50:24.0473 5964 MSSQLServerADHelper - ok
    15:50:24.0629 5964 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
    15:50:24.0629 5964 MSSQLServerADHelper100 - ok
    15:50:24.0676 5964 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
    15:50:24.0676 5964 MSTEE - ok
    15:50:24.0692 5964 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
    15:50:24.0692 5964 MTConfig - ok
    15:50:24.0723 5964 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
    15:50:24.0723 5964 Mup - ok
    15:50:24.0801 5964 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
    15:50:24.0801 5964 napagent - ok
    15:50:24.0863 5964 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
    15:50:24.0863 5964 NativeWifiP - ok
    15:50:25.0004 5964 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
    15:50:25.0019 5964 NDIS - ok
    15:50:25.0035 5964 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
    15:50:25.0035 5964 NdisCap - ok
    15:50:25.0051 5964 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
    15:50:25.0051 5964 NdisTapi - ok
    15:50:25.0113 5964 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
    15:50:25.0129 5964 Ndisuio - ok
    15:50:25.0191 5964 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
    15:50:25.0191 5964 NdisWan - ok
    15:50:25.0238 5964 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
    15:50:25.0238 5964 NDProxy - ok
    15:50:25.0285 5964 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
    15:50:25.0285 5964 Net Driver HPZ12 - ok
    15:50:25.0331 5964 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
    15:50:25.0331 5964 NetBIOS - ok
    15:50:25.0378 5964 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
    15:50:25.0378 5964 NetBT - ok
    15:50:25.0394 5964 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
    15:50:25.0394 5964 Netlogon - ok
    15:50:25.0425 5964 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
    15:50:25.0425 5964 Netman - ok
    15:50:25.0690 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:50:25.0690 5964 NetMsmqActivator - ok
    15:50:25.0706 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:50:25.0706 5964 NetPipeActivator - ok
    15:50:25.0815 5964 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
    15:50:25.0815 5964 netprofm - ok
    15:50:25.0815 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:50:25.0831 5964 NetTcpActivator - ok
    15:50:25.0831 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    15:50:25.0831 5964 NetTcpPortSharing - ok
    15:50:26.0657 5964 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
    15:50:26.0689 5964 NETw5s64 - ok
    15:50:27.0328 5964 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
    15:50:27.0359 5964 netw5v64 - ok
    15:50:27.0391 5964 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
    15:50:27.0391 5964 nfrd960 - ok
    15:50:27.0484 5964 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
    15:50:27.0484 5964 NlaSvc - ok
    15:50:27.0547 5964 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll
    15:50:27.0547 5964 nosGetPlusHelper - ok
    15:50:27.0578 5964 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
    15:50:27.0578 5964 Npfs - ok
    15:50:27.0656 5964 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
    15:50:27.0656 5964 nsi - ok
    15:50:27.0718 5964 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
    15:50:27.0718 5964 nsiproxy - ok
    15:50:27.0890 5964 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
    15:50:27.0890 5964 Ntfs - ok
    15:50:27.0937 5964 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
    15:50:27.0937 5964 Null - ok
    15:50:28.0015 5964 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
    15:50:28.0015 5964 nvraid - ok
    15:50:28.0077 5964 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
    15:50:28.0077 5964 nvstor - ok
    15:50:28.0139 5964 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
    15:50:28.0139 5964 nv_agp - ok
    15:50:28.0202 5964 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
    15:50:28.0202 5964 ohci1394 - ok
    15:50:28.0389 5964 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    15:50:28.0389 5964 ose - ok
    15:50:28.0966 5964 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    15:50:28.0997 5964 osppsvc - ok
    15:50:29.0107 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
    15:50:29.0107 5964 p2pimsvc - ok
    15:50:29.0185 5964 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
    15:50:29.0185 5964 p2psvc - ok
    15:50:29.0231 5964 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
    15:50:29.0231 5964 Parport - ok
    15:50:29.0294 5964 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
    15:50:29.0294 5964 partmgr - ok
     
  20. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    15:50:29.0341 5964 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
    15:50:29.0341 5964 PcaSvc - ok
    15:50:29.0403 5964 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
    15:50:29.0403 5964 pci - ok
    15:50:29.0419 5964 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
    15:50:29.0419 5964 pciide - ok
    15:50:29.0450 5964 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
    15:50:29.0450 5964 pcmcia - ok
    15:50:29.0481 5964 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
    15:50:29.0481 5964 pcw - ok
    15:50:29.0731 5964 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
    15:50:29.0746 5964 PEAUTH - ok
    15:50:30.0152 5964 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
    15:50:30.0152 5964 PerfHost - ok
    15:50:30.0339 5964 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
    15:50:30.0355 5964 pla - ok
    15:50:30.0433 5964 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
    15:50:30.0448 5964 PlugPlay - ok
    15:50:30.0495 5964 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
    15:50:30.0495 5964 Pml Driver HPZ12 - ok
    15:50:30.0542 5964 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
    15:50:30.0542 5964 PNRPAutoReg - ok
    15:50:30.0573 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
    15:50:30.0573 5964 PNRPsvc - ok
    15:50:30.0620 5964 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\windows\system32\DRIVERS\point64.sys
    15:50:30.0620 5964 Point64 - ok
    15:50:30.0667 5964 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
    15:50:30.0667 5964 PolicyAgent - ok
    15:50:30.0713 5964 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
    15:50:30.0713 5964 Power - ok
    15:50:30.0854 5964 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
    15:50:30.0854 5964 PptpMiniport - ok
    15:50:30.0947 5964 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
    15:50:30.0947 5964 Processor - ok
    15:50:31.0025 5964 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
    15:50:31.0025 5964 ProfSvc - ok
    15:50:31.0057 5964 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
    15:50:31.0057 5964 ProtectedStorage - ok
    15:50:31.0213 5964 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
    15:50:31.0213 5964 Psched - ok
    15:50:31.0213 5964 PS_MDP - ok
    15:50:31.0291 5964 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
    15:50:31.0291 5964 PxHlpa64 - ok
    15:50:31.0400 5964 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
    15:50:31.0415 5964 ql2300 - ok
    15:50:31.0447 5964 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
    15:50:31.0447 5964 ql40xx - ok
    15:50:31.0493 5964 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
    15:50:31.0493 5964 QWAVE - ok
    15:50:31.0525 5964 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
    15:50:31.0525 5964 QWAVEdrv - ok
    15:50:31.0556 5964 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
    15:50:31.0556 5964 RasAcd - ok
    15:50:31.0587 5964 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
    15:50:31.0587 5964 RasAgileVpn - ok
    15:50:31.0634 5964 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
    15:50:31.0634 5964 RasAuto - ok
    15:50:31.0712 5964 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
    15:50:31.0712 5964 Rasl2tp - ok
    15:50:31.0759 5964 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
    15:50:31.0774 5964 RasMan - ok
    15:50:31.0805 5964 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
    15:50:31.0805 5964 RasPppoe - ok
    15:50:31.0821 5964 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
    15:50:31.0821 5964 RasSstp - ok
    15:50:31.0883 5964 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
    15:50:31.0883 5964 rdbss - ok
    15:50:31.0899 5964 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
    15:50:31.0899 5964 rdpbus - ok
    15:50:31.0946 5964 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
    15:50:31.0946 5964 RDPCDD - ok
    15:50:31.0946 5964 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
    15:50:31.0946 5964 RDPENCDD - ok
    15:50:31.0977 5964 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
    15:50:31.0993 5964 RDPREFMP - ok
    15:50:32.0039 5964 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
    15:50:32.0055 5964 RDPWD - ok
    15:50:32.0149 5964 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
    15:50:32.0149 5964 rdyboost - ok
    15:50:32.0164 5964 ReadyComm.DirectRouter - ok
    15:50:32.0195 5964 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
    15:50:32.0195 5964 RemoteAccess - ok
    15:50:32.0227 5964 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
    15:50:32.0242 5964 RemoteRegistry - ok
    15:50:32.0289 5964 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
    15:50:32.0305 5964 RFCOMM - ok
    15:50:32.0351 5964 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
    15:50:32.0351 5964 RpcEptMapper - ok
    15:50:32.0383 5964 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
    15:50:32.0383 5964 RpcLocator - ok
    15:50:32.0476 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
    15:50:32.0476 5964 RpcSs - ok
    15:50:32.0554 5964 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\windows\system32\DRIVERS\RsFx0105.sys
    15:50:32.0554 5964 RsFx0105 - ok
    15:50:32.0601 5964 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
    15:50:32.0601 5964 rspndr - ok
    15:50:32.0632 5964 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys
    15:50:32.0632 5964 RTHDMIAzAudService - ok
    15:50:32.0663 5964 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
    15:50:32.0663 5964 SamSs - ok
    15:50:32.0726 5964 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
    15:50:32.0726 5964 sbp2port - ok
    15:50:32.0773 5964 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
    15:50:32.0773 5964 SCardSvr - ok
    15:50:32.0819 5964 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
    15:50:32.0819 5964 scfilter - ok
    15:50:32.0944 5964 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
    15:50:32.0960 5964 Schedule - ok
    15:50:33.0007 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
    15:50:33.0022 5964 SCPolicySvc - ok
    15:50:33.0053 5964 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
    15:50:33.0053 5964 sdbus - ok
    15:50:33.0131 5964 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
    15:50:33.0147 5964 SDRSVC - ok
    15:50:33.0272 5964 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    15:50:33.0272 5964 SeaPort - ok
    15:50:33.0365 5964 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
    15:50:33.0365 5964 secdrv - ok
    15:50:33.0412 5964 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
    15:50:33.0412 5964 seclogon - ok
    15:50:33.0459 5964 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
    15:50:33.0459 5964 SENS - ok
    15:50:33.0537 5964 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
    15:50:33.0537 5964 SensrSvc - ok
    15:50:33.0553 5964 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
    15:50:33.0553 5964 Serenum - ok
    15:50:33.0568 5964 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
    15:50:33.0584 5964 Serial - ok
    15:50:33.0662 5964 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
    15:50:33.0662 5964 sermouse - ok
    15:50:33.0740 5964 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
    15:50:33.0740 5964 SessionEnv - ok
    15:50:33.0755 5964 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
    15:50:33.0755 5964 sffdisk - ok
    15:50:33.0771 5964 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
    15:50:33.0771 5964 sffp_mmc - ok
    15:50:33.0802 5964 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
    15:50:33.0802 5964 sffp_sd - ok
    15:50:33.0865 5964 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
    15:50:33.0865 5964 sfloppy - ok
    15:50:33.0989 5964 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
    15:50:34.0005 5964 Sftfs - ok
    15:50:34.0099 5964 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    15:50:34.0099 5964 sftlist - ok
    15:50:34.0177 5964 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
    15:50:34.0177 5964 Sftplay - ok
    15:50:34.0192 5964 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
    15:50:34.0192 5964 Sftredir - ok
    15:50:34.0255 5964 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
    15:50:34.0255 5964 Sftvol - ok
    15:50:34.0286 5964 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    15:50:34.0286 5964 sftvsa - ok
    15:50:34.0364 5964 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
    15:50:34.0364 5964 ShellHWDetection - ok
    15:50:34.0395 5964 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
    15:50:34.0395 5964 SiSRaid2 - ok
    15:50:34.0411 5964 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
    15:50:34.0411 5964 SiSRaid4 - ok
    15:50:34.0489 5964 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    15:50:34.0489 5964 SkypeUpdate - ok
    15:50:34.0629 5964 [ AD2FA5CB9E9EBF668786CCDAE5CFE458 ] Slidebar Notifier Service C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
    15:50:34.0629 5964 Slidebar Notifier Service - ok
    15:50:34.0660 5964 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
    15:50:34.0660 5964 Smb - ok
    15:50:34.0723 5964 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
    15:50:34.0723 5964 SNMPTRAP - ok
    15:50:34.0738 5964 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
    15:50:34.0738 5964 spldr - ok
    15:50:34.0847 5964 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
    15:50:34.0863 5964 Spooler - ok
    15:50:35.0113 5964 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
    15:50:35.0144 5964 sppsvc - ok
    15:50:35.0175 5964 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
    15:50:35.0175 5964 sppuinotify - ok
    15:50:35.0362 5964 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
    15:50:35.0362 5964 SQLAgent$SQLEXPRESS - ok
    15:50:35.0471 5964 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    15:50:35.0471 5964 SQLBrowser - ok
    15:50:35.0549 5964 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    15:50:35.0549 5964 SQLWriter - ok
    15:50:35.0690 5964 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
    15:50:35.0690 5964 srv - ok
    15:50:35.0799 5964 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
    15:50:35.0799 5964 srv2 - ok
    15:50:35.0830 5964 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
    15:50:35.0846 5964 srvnet - ok
    15:50:35.0893 5964 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
    15:50:35.0893 5964 SSDPSRV - ok
    15:50:35.0939 5964 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
    15:50:35.0939 5964 SstpSvc - ok
    15:50:36.0017 5964 Steam Client Service - ok
    15:50:36.0111 5964 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
    15:50:36.0111 5964 stexstor - ok
    15:50:36.0298 5964 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
    15:50:36.0298 5964 stisvc - ok
    15:50:36.0361 5964 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
    15:50:36.0361 5964 swenum - ok
    15:50:36.0548 5964 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    15:50:36.0548 5964 SwitchBoard - ok
    15:50:36.0595 5964 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
    15:50:36.0595 5964 swprv - ok
    15:50:36.0673 5964 [ D0FDB0C4429209D7E2F073375EBD0074 ] SxSmemcd C:\windows\system32\DRIVERS\SxSmemcd.sys
    15:50:36.0673 5964 SxSmemcd - ok
    15:50:36.0922 5964 [ E5D73228176C9F69072D1F91CED83484 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
    15:50:36.0922 5964 SynTP - ok
    15:50:37.0250 5964 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
    15:50:37.0281 5964 SysMain - ok
    15:50:37.0328 5964 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
    15:50:37.0328 5964 TabletInputService - ok
    15:50:37.0702 5964 [ 9C2BA01C621448018DA14AF27F7BD48B ] TabletServiceWacom C:\windows\system32\Wacom_Tablet.exe
    15:50:37.0733 5964 TabletServiceWacom - ok
    15:50:37.0811 5964 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
    15:50:37.0811 5964 TapiSrv - ok
    15:50:37.0827 5964 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
    15:50:37.0827 5964 TBS - ok
    15:50:38.0108 5964 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
    15:50:38.0139 5964 Tcpip - ok
    15:50:38.0326 5964 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
    15:50:38.0342 5964 TCPIP6 - ok
    15:50:38.0451 5964 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
    15:50:38.0451 5964 tcpipreg - ok
    15:50:38.0482 5964 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
    15:50:38.0482 5964 TDPIPE - ok
    15:50:38.0576 5964 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
    15:50:38.0576 5964 TDTCP - ok
    15:50:38.0623 5964 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
    15:50:38.0623 5964 tdx - ok
    15:50:38.0685 5964 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
    15:50:38.0685 5964 TermDD - ok
    15:50:38.0779 5964 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
    15:50:38.0794 5964 TermService - ok
    15:50:38.0810 5964 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
    15:50:38.0810 5964 Themes - ok
    15:50:38.0888 5964 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
    15:50:38.0888 5964 THREADORDER - ok
    15:50:38.0903 5964 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
    15:50:38.0903 5964 TrkWks - ok
    15:50:39.0059 5964 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
    15:50:39.0059 5964 TrustedInstaller - ok
    15:50:39.0200 5964 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
    15:50:39.0200 5964 tssecsrv - ok
    15:50:39.0262 5964 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
    15:50:39.0262 5964 TsUsbFlt - ok
    15:50:39.0325 5964 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
    15:50:39.0325 5964 tunnel - ok
    15:50:39.0340 5964 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
    15:50:39.0340 5964 uagp35 - ok
    15:50:39.0403 5964 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
    15:50:39.0403 5964 udfs - ok
    15:50:39.0434 5964 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
    15:50:39.0434 5964 UI0Detect - ok
    15:50:39.0512 5964 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
    15:50:39.0512 5964 uliagpkx - ok
    15:50:39.0605 5964 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
    15:50:39.0605 5964 umbus - ok
    15:50:39.0637 5964 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
    15:50:39.0637 5964 UmPass - ok
    15:50:39.0933 5964 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    15:50:39.0949 5964 UNS - ok
    15:50:40.0011 5964 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
    15:50:40.0027 5964 upnphost - ok
    15:50:40.0073 5964 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
    15:50:40.0073 5964 USBAAPL64 - ok
    15:50:40.0151 5964 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
    15:50:40.0151 5964 usbccgp - ok
    15:50:40.0214 5964 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
    15:50:40.0229 5964 usbcir - ok
    15:50:40.0245 5964 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
    15:50:40.0245 5964 usbehci - ok
    15:50:40.0339 5964 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
    15:50:40.0339 5964 usbhub - ok
    15:50:40.0354 5964 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
    15:50:40.0370 5964 usbohci - ok
    15:50:40.0385 5964 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
    15:50:40.0385 5964 usbprint - ok
    15:50:40.0432 5964 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
    15:50:40.0432 5964 usbscan - ok
    15:50:40.0479 5964 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
    15:50:40.0479 5964 USBSTOR - ok
    15:50:40.0557 5964 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
    15:50:40.0557 5964 usbuhci - ok
    15:50:40.0588 5964 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
    15:50:40.0588 5964 usbvideo - ok
    15:50:40.0604 5964 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
    15:50:40.0604 5964 UxSms - ok
    15:50:40.0619 5964 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
    15:50:40.0619 5964 VaultSvc - ok
    15:50:40.0635 5964 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
    15:50:40.0635 5964 vdrvroot - ok
    15:50:40.0697 5964 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
    15:50:40.0697 5964 vds - ok
    15:50:40.0729 5964 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
    15:50:40.0729 5964 vga - ok
    15:50:40.0744 5964 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
    15:50:40.0744 5964 VgaSave - ok
    15:50:40.0807 5964 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
    15:50:40.0807 5964 vhdmp - ok
    15:50:40.0822 5964 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
    15:50:40.0822 5964 viaide - ok
    15:50:40.0853 5964 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
    15:50:40.0853 5964 volmgr - ok
    15:50:40.0900 5964 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
    15:50:40.0900 5964 volmgrx - ok
    15:50:40.0931 5964 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
    15:50:40.0931 5964 volsnap - ok
    15:50:40.0947 5964 vpnva - ok
    15:50:40.0978 5964 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
    15:50:40.0978 5964 vsmraid - ok
    15:50:41.0056 5964 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
    15:50:41.0087 5964 VSS - ok
    15:50:41.0119 5964 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
    15:50:41.0119 5964 vwifibus - ok
    15:50:41.0134 5964 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
    15:50:41.0134 5964 vwififlt - ok
    15:50:41.0165 5964 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
    15:50:41.0165 5964 vwifimp - ok
    15:50:41.0197 5964 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
    15:50:41.0197 5964 W32Time - ok
    15:50:41.0243 5964 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\windows\system32\DRIVERS\wacmoumonitor.sys
    15:50:41.0243 5964 wacmoumonitor - ok
    15:50:41.0290 5964 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys
    15:50:41.0290 5964 wacommousefilter - ok
    15:50:41.0321 5964 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
    15:50:41.0321 5964 WacomPen - ok
    15:50:41.0321 5964 wacomvhid - ok
    15:50:41.0384 5964 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
    15:50:41.0384 5964 WANARP - ok
    15:50:41.0384 5964 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
    15:50:41.0384 5964 Wanarpv6 - ok
    15:50:41.0431 5964 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
    15:50:41.0446 5964 WatAdminSvc - ok
    15:50:41.0524 5964 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
    15:50:41.0524 5964 wbengine - ok
    15:50:41.0555 5964 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
    15:50:41.0555 5964 WbioSrvc - ok
    15:50:41.0602 5964 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
    15:50:41.0618 5964 wcncsvc - ok
    15:50:41.0633 5964 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
    15:50:41.0633 5964 WcsPlugInService - ok
    15:50:41.0665 5964 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
    15:50:41.0665 5964 Wd - ok
    15:50:41.0758 5964 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys
    15:50:41.0758 5964 WDC_SAM - ok
    15:50:41.0836 5964 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
    15:50:41.0852 5964 Wdf01000 - ok
    15:50:41.0867 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
    15:50:41.0883 5964 WdiServiceHost - ok
    15:50:41.0883 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
    15:50:41.0883 5964 WdiSystemHost - ok
    15:50:41.0914 5964 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys
    15:50:41.0914 5964 wdmirror - ok
    15:50:41.0977 5964 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
    15:50:41.0992 5964 WebClient - ok
    15:50:42.0023 5964 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
    15:50:42.0023 5964 Wecsvc - ok
    15:50:42.0055 5964 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
    15:50:42.0055 5964 wercplsupport - ok
    15:50:42.0070 5964 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
    15:50:42.0070 5964 WerSvc - ok
    15:50:42.0101 5964 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
    15:50:42.0117 5964 WfpLwf - ok
    15:50:42.0148 5964 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
    15:50:42.0148 5964 WimFltr - ok
    15:50:42.0164 5964 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
    15:50:42.0164 5964 WIMMount - ok
    15:50:42.0179 5964 WinHttpAutoProxySvc - ok
    15:50:42.0289 5964 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
    15:50:42.0289 5964 Winmgmt - ok
    15:50:42.0476 5964 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
    15:50:42.0507 5964 WinRM - ok
    15:50:42.0554 5964 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
    15:50:42.0554 5964 WinUsb - ok
    15:50:42.0647 5964 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
    15:50:42.0663 5964 Wlansvc - ok
    15:50:42.0772 5964 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    15:50:42.0803 5964 wlidsvc - ok
    15:50:42.0850 5964 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
    15:50:42.0850 5964 WmiAcpi - ok
    15:50:42.0913 5964 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
    15:50:42.0913 5964 wmiApSrv - ok
    15:50:42.0944 5964 WMPNetworkSvc - ok
    15:50:42.0975 5964 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
    15:50:42.0975 5964 WPCSvc - ok
    15:50:43.0022 5964 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
    15:50:43.0037 5964 WPDBusEnum - ok
    15:50:43.0053 5964 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
    15:50:43.0053 5964 ws2ifsl - ok
    15:50:43.0069 5964 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
    15:50:43.0084 5964 WSDPrintDevice - ok
    15:50:43.0084 5964 WSearch - ok
    15:50:43.0115 5964 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
    15:50:43.0131 5964 wsvd - ok
    15:50:43.0147 5964 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
    15:50:43.0147 5964 WudfPf - ok
    15:50:43.0225 5964 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
    15:50:43.0225 5964 WUDFRd - ok
    15:50:43.0287 5964 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
    15:50:43.0287 5964 wudfsvc - ok
    15:50:43.0334 5964 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
    15:50:43.0334 5964 WwanSvc - ok
    15:50:43.0396 5964 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
    15:50:43.0396 5964 xusb21 - ok
    15:50:43.0427 5964 ================ Scan global ===============================
    15:50:43.0443 5964 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
    15:50:43.0490 5964 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
    15:50:43.0521 5964 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
    15:50:43.0552 5964 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
    15:50:43.0615 5964 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
    15:50:43.0630 5964 [Global] - ok
    15:50:43.0630 5964 ================ Scan MBR ==================================
    15:50:43.0646 5964 [ FF1761EF7140665743A6D636F95DFD81 ] \Device\Harddisk0\DR0
    15:50:43.0677 5964 \Device\Harddisk0\DR0 - ok
    15:50:43.0677 5964 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
    15:50:54.0628 5964 \Device\Harddisk1\DR1 - ok
    15:50:54.0628 5964 ================ Scan VBR ==================================
    15:50:54.0644 5964 [ 3384610CAF42FD514A87B6B32845DCE9 ] \Device\Harddisk0\DR0\Partition1
    15:50:54.0660 5964 \Device\Harddisk0\DR0\Partition1 - ok
    15:50:54.0675 5964 [ 037F10F67D64DA6F5B02CA06737C3F06 ] \Device\Harddisk0\DR0\Partition2
    15:50:54.0691 5964 \Device\Harddisk0\DR0\Partition2 - ok
    15:50:54.0722 5964 [ DAB9817966483A10B7ED13D86E269570 ] \Device\Harddisk0\DR0\Partition3
    15:50:54.0738 5964 \Device\Harddisk0\DR0\Partition3 - ok
    15:50:54.0738 5964 [ CEF03AD135D8F67E1B707B7F9ED27C21 ] \Device\Harddisk1\DR1\Partition1
    15:50:54.0738 5964 \Device\Harddisk1\DR1\Partition1 - ok
    15:50:54.0738 5964 ============================================================
    15:50:54.0738 5964 Scan finished
    15:50:54.0738 5964 ============================================================
    15:50:54.0753 5924 Detected object count: 1
    15:50:54.0753 5924 Actual detected object count: 1
    15:51:01.0508 5924 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
    15:51:01.0508 5924 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

     
  21. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Sorry for the bold, I didn't have it checked and when I try to edit the formatting it tells me I'm using too many characters.
     
  22. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    RogueKiller V8.2.1 [10/29/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website: http://tigzy.geekstogo.com/roguekiller.php
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Katelyn [Admin rights]
    Mode : Remove -- Date : 11/01/2012 16:03:39

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 3 ¤¤¤
    [TASK][SUSP PATH] {B4FB43BF-A081-4F56-B8E9-2DFFE831A04C} : C:\windows\system32\pcalua.exe -a C:\Users\Katelyn\AppData\Local\Temp\DivXSetup.exe -d C:\windows\SysWOW64 -c /update all -> DELETED
    [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\windows\system32\drivers\etc\hosts

    127.0.0.1 activate.adobe.com
    127.0.0.1 activate.adobe.com
    127.0.0.1 practivate.adobe.com
    127.0.0.1 ereg.adobe.com
    127.0.0.1 activate.wip3.adobe.com
    127.0.0.1 wip3.adobe.com
    127.0.0.1 3dns-3.adobe.com
    127.0.0.1 3dns-2.adobe.com
    127.0.0.1 adobe-dns.adobe.com
    127.0.0.1 adobe-dns-2.adobe.com
    127.0.0.1 adobe-dns-3.adobe.com
    127.0.0.1 ereg.wip3.adobe.com
    127.0.0.1 activate-sea.adobe.com
    127.0.0.1 wwis-dubc1-vip60.adobe.com
    127.0.0.1 activate-sjc0.adobe.com
    127.0.0.1 hl2rcv.adobe.com


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: ST9500325AS +++++
    --- User ---
    [MBR] 2f47bd8eb396a1e1e7bface63b09da24
    [BSP] 357e812403a36c0ec3698a7dc58e0b9b : Linux MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 396279 Mo
    2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 811993086 | Size: 65350 Mo
    3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: SMI USB DISK USB Device +++++
    --- User ---
    [MBR] 16c397d8283f7e139c8cfef808c7694d
    [BSP] 6f510daf46d274284f9a608a06c7db11 : Standard MBR Code
    Partition table:
    0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15479 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Finished : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt
     
  23. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    Malwarebytes Anti-Malware 1.65.1.1000
    www.malwarebytes.org
    Database version: v2012.11.01.04
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Katelyn :: WINSTON [administrator]
    11/1/2012 4:06:36 PM
    mbam-log-2012-11-01 (16-06-36).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 236841
    Time elapsed: 13 minute(s), 33 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)
     
  24. Broni

    Broni Malware Annihilator Posts: 47,995   +271

    aswMBR?
     
  25. kayetea

    kayetea TS Rookie Topic Starter Posts: 32

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-11-01 16:21:24
    -----------------------------
    16:21:24.495 OS Version: Windows x64 6.1.7601 Service Pack 1
    16:21:24.511 Number of processors: 4 586 0x2502
    16:21:24.511 ComputerName: WINSTON UserName: Katelyn
    16:21:26.055 Initialize success
    16:22:59.629 AVAST engine defs: 12110100
    16:23:29.971 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    16:23:29.986 Disk 0 Vendor: ST950032 0010 Size: 476940MB BusType: 3
    16:23:30.002 Disk 0 MBR read successfully
    16:23:30.002 Disk 0 MBR scan
    16:23:30.002 Disk 0 unknown MBR code
    16:23:30.017 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
    16:23:30.033 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 396279 MB offset 411648
    16:23:30.049 Disk 0 Partition - 00 0F Extended LBA 65350 MB offset 811993086
    16:23:30.095 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
    16:23:30.220 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31209 MB offset 881913856
    16:23:30.236 Disk 0 Partition - 00 05 Extended 30249 MB offset 811993087
    16:23:30.236 Disk 0 Partition 5 00 83 Linux 30249 MB offset 811993088
    16:23:30.251 Disk 0 Partition - 00 05 Extended 3887 MB offset 873943041
    16:23:30.283 Disk 0 Partition 6 00 82 Linux swap 3886 MB offset 873945088
    16:23:30.345 Disk 0 scanning C:\windows\system32\drivers
    16:23:49.081 Service scanning
    16:24:33.594 Modules scanning
    16:24:33.594 Disk 0 trace - called modules:
    16:24:33.781 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    16:24:33.796 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80052bb060]
    16:24:33.796 3 CLASSPNP.SYS[fffff880015b843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fb5050]
    16:24:35.622 AVAST engine scan C:\windows
    16:24:39.319 AVAST engine scan C:\windows\system32
    16:32:49.897 AVAST engine scan C:\windows\system32\drivers
    16:33:10.520 AVAST engine scan C:\Users\Katelyn
    16:35:20.172 Disk 0 MBR has been saved successfully to "C:\Users\Katelyn\Desktop\MBR.dat"
    16:35:20.187 The log file has been saved successfully to "C:\Users\Katelyn\Desktop\aswMBR.txt"
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.