Solved Win64/Patched.A virus in Services.exe

kayetea

Posts: 32   +0
Another win64/patched.A virus. AVG picked it up, and my computer has been blue screening frequently. Thanks in advance.
 
Welcome aboard
yahooo.gif


Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

    • Startup Repair
      System Restore
      Windows Complete PC Restore
      Windows Memory Diagnostic Tool
      Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Next...

Re-run FRST again.
Type the following in the edit box after "Search:".

services.exe

Click Search button and post the log (Search.txt) it makes in your reply.

I'll expect two logs:
- FRST.txt
- Search.txt
 
Note: My last attempted Malwarebyte scan actually did finish before I tried to reboot and run Farbar. Also, my DDS scan took longer than 10 minutes so my AVG re-enabled itself. Should I re-scan?

=========================================================

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Katelyn :: WINSTON [administrator]

11/1/2012 12:20:32 PM
mbam-log-2012-11-01 (12-20-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237188
Time elapsed: 17 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Katelyn\AppData\Local\Temp\7zOA035.tmp\Adobe Photoshop CS4 KeyGenerator.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\Katelyn\AppData\Local\Temp\Temp1_HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.zip\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.

(end)
=========================================================
no GMER data
 
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_37
Run by Katelyn at 13:07:30 on 2012-11-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3892.1307 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\windows\system32\dleecoms.exe
C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\sesinetd.exe
C:\windows\system32\hserver.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\windows\system32\taskhost.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Users\Katelyn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Users\Katelyn\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Users\Katelyn\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86) (x86)\Dell V715w\dleemon.exe
C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\SpScreen.exe
C:\Program Files (x86) (x86)\Dell V715w\ezprint.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\Wacom_Tablet.exe
C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\SpScreen64.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\windows\system32\WTablet\Wacom_TabletUser.exe
C:\windows\system32\Wacom_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Users\Katelyn\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\windows\sysWOW64\wbem\wmiprvse.exe
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
Q:\140061.enu\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\windows\system32\NOTEPAD.EXE
C:\Users\Katelyn\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgcfgex.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\conhost.exe
C:\Users\Katelyn\AppData\Local\Temp\nsi40.tmp\PEV.DAT
C:\windows\system32\taskeng.exe
"C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\windows\system32\taskeng.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe,
BHO: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
uRun: [Google Update] "C:\Users\Katelyn\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe
mRun: [Lenovo SplitScreen] "C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe"
mRun: [UCam_Menu] "c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
mRun: [YouCam Mirror Tray icon] "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
mRun: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
mRun: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
mRun: [MDS_Menu] "c:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
mRun: [Lenovo SlideNav2] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [dleemon.exe] "C:\Program Files (x86) (x86)\Dell V715w\dleemon.exe"
mRun: [EzPrint] "C:\Program Files (x86) (x86)\Dell V715w\ezprint.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage
StartupFolder: C:\Users\Katelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Katelyn\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Katelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\Katelyn\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
LSP: mswsock.dll
DPF: {74FFE28D-2378-11D5-990C-006094235084} - hxxp://www-307.ibm.com/pc/support/IbmEgath.cab
DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - hxxp://support.lenovo.com/Resources/Lenovo/AutoDetect/Lenovo_AutoDetect2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 144.118.24.20 144.118.24.10
TCP: Interfaces\{BB58BBFD-520F-474E-BCE2-154BFD3AEAD5} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F} : NameServer = 208.67.220.220
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F} : DHCPNameServer = 144.118.24.20 144.118.24.10
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\2375942554530313 : NameServer = 208.67.220.220
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\2375942554530313 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\2456C6B696E6E253534414 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\359676E61647572756 : NameServer = 208.67.220.220
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\359676E61647572756 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\4586562416374796F6E6 : NameServer = 208.67.220.220
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\4586562416374796F6E6 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\C4962627162797F57457563747 : NameServer = 208.67.220.220
TCP: Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}\C4962627162797F57457563747 : DHCPNameServer = 192.168.60.2 4.2.2.2 4.2.2.3
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SynBtnAsst] C:\Program Files (x86)\Synaptics\SynTP\SynBtnAsst.exe Utility_Window
x64-Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\skx248vc.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\components\Contribute.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Katelyn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Katelyn\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Katelyn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Katelyn\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Katelyn\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll
FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2010-4-22 39008]
R0 PxHlpa64;PxHlpa64;C:\windows\System32\drivers\PxHlpa64.sys [2011-1-9 55280]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\System32\drivers\dtsoftbus01.sys [2012-2-27 283200]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2010-3-16 202752]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 dlee_device;dlee_device;C:\windows\System32\dleecoms.exe -service --> C:\windows\System32\dleecoms.exe -service [?]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-4-22 13336]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Slidebar Notifier Service;Slidebar Notifier Service;C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe [2010-4-22 69568]
R2 TabletServiceWacom;TabletServiceWacom;C:\windows\System32\Wacom_Tablet.exe [2010-8-31 5521192]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-4-22 2320920]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-4-22 28176]
R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atipmdag.sys [2010-3-16 6177280]
R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2010-3-16 156160]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2010-1-4 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2009-12-17 151936]
R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2010-3-16 7843040]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2010-2-25 157296]
R3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;C:\windows\System32\drivers\jmccgp.sys [2010-4-22 17904]
R3 JmUsbVideo;JMicron 31x Upper Filter Driver;C:\windows\System32\drivers\jmcam.sys [2010-4-22 56688]
R3 JmUsbVideo2;JMicron 31x Lower Filter Driver;C:\windows\System32\drivers\jmcam_lo.sys [2010-4-22 31088]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\windows\System32\drivers\k57nd60a.sys [2009-10-15 321064]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-1-4 6952960]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
R3 wdmirror;wdmirror;C:\windows\System32\drivers\WDMirror.sys [2010-4-22 11280]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 dleeCATSCustConnectService;dleeCATSCustConnectService;C:\windows\System32\spool\drivers\x64\3\dleeserv.exe [2009-7-1 33448]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-6 116648]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-29 257224]
S3 Bridge0;Bridge0;C:\windows\System32\drivers\WDBridge.sys [2010-4-22 79376]
S3 btusbflt;Bluetooth USB Filter;C:\windows\System32\drivers\btusbflt.sys [2010-2-25 53800]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2010-4-22 35104]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-7-28 1431888]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-6 116648]
S3 IGRS;IGRS;C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-7-15 38152]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2010-4-22 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2010-4-22 575304]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-28 113120]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;C:\windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-10 4925184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service;C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 SxSmemcd;SxS Memory Card;C:\windows\System32\drivers\SxSmemcd.sys [2012-1-17 59392]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2011-6-24 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 wacmoumonitor;Wacom Mode Helper;C:\windows\System32\drivers\wacmoumonitor.sys [2010-8-31 18216]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2010-7-3 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\System32\drivers\WSDPrint.sys [2009-7-13 23040]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0105;RsFx0105 Driver;C:\windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-9-22 431464]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-01 15:28:32--------d-----w-C:\Users\Katelyn\AppData\Roaming\Malwarebytes
2012-11-01 15:28:17--------d-----w-C:\ProgramData\Malwarebytes
2012-11-01 15:28:1525928----a-w-C:\windows\System32\drivers\mbam.sys
2012-11-01 15:28:15--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-01 07:42:58--------d-sh--w-C:\windows\SysWow64\%APPDATA%
2012-10-10 22:05:572048----a-w-C:\windows\SysWow64\user.exe
2012-10-10 22:05:49220160----a-w-C:\windows\System32\wintrust.dll
2012-10-10 22:05:48172544----a-w-C:\windows\SysWow64\wintrust.dll
2012-10-10 22:05:352048----a-w-C:\windows\SysWow64\tzres.dll
2012-10-10 22:05:352048----a-w-C:\windows\System32\tzres.dll
2012-10-10 22:05:24715776----a-w-C:\windows\System32\kerberos.dll
2012-10-10 22:05:24542208----a-w-C:\windows\SysWow64\kerberos.dll
2012-10-10 22:05:051464320----a-w-C:\windows\System32\crypt32.dll
2012-10-10 22:05:04184320----a-w-C:\windows\System32\cryptsvc.dll
2012-10-10 22:05:04140288----a-w-C:\windows\SysWow64\cryptsvc.dll
2012-10-10 22:05:04140288----a-w-C:\windows\System32\cryptnet.dll
2012-10-10 22:05:041159680----a-w-C:\windows\SysWow64\crypt32.dll
2012-10-10 22:05:04103936----a-w-C:\windows\SysWow64\cryptnet.dll
2012-10-04 21:54:15--------d-----w-C:\Program Files (x86)\Common Files\HP
2012-10-04 21:53:59248320----a-w-C:\windows\System32\Spool\prtprocs\x64\hpfpp70v.dll
2012-10-04 21:51:50136704----a-w-C:\windows\System32\hpf3l70v.dll
2012-10-04 21:47:48880640----a-w-C:\windows\System32\hposwia_p02c.dll
2012-10-04 21:47:48642360----a-w-C:\windows\System32\hpzids40.dll
2012-10-04 21:47:48551424----a-w-C:\windows\System32\hppldcoi.dll
2012-10-04 21:47:481403904----a-w-C:\windows\System32\hpost_p02c.dll
2012-10-04 21:47:47515072----a-w-C:\windows\System32\hposc_p02a.dll
.
==================== Find3M ====================
.
2012-11-01 07:10:2570344----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-01 07:10:25426184----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2012-09-24 19:32:24477168----a-w-C:\windows\SysWow64\npdeployJava1.dll
2012-09-24 19:32:20473072----a-w-C:\windows\SysWow64\deployJava1.dll
2012-08-31 18:19:351659760----a-w-C:\windows\System32\drivers\ntfs.sys
2012-08-30 18:03:455559664----a-w-C:\windows\System32\ntoskrnl.exe
2012-08-30 17:12:023968880----a-w-C:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:023914096----a-w-C:\windows\SysWow64\ntoskrnl.exe
2012-08-24 22:43:16384352----a-w-C:\windows\System32\drivers\avgtdia.sys
2012-08-24 10:31:322312704----a-w-C:\windows\System32\jscript9.dll
2012-08-24 10:21:181392128----a-w-C:\windows\System32\wininet.dll
2012-08-24 10:20:111494528----a-w-C:\windows\System32\inetcpl.cpl
2012-08-24 10:14:45173056----a-w-C:\windows\System32\ieUnatt.exe
2012-08-24 10:13:29599040----a-w-C:\windows\System32\vbscript.dll
2012-08-24 10:09:422382848----a-w-C:\windows\System32\mshtml.tlb
2012-08-24 06:59:171800704----a-w-C:\windows\SysWow64\jscript9.dll
2012-08-24 06:51:271129472----a-w-C:\windows\SysWow64\wininet.dll
2012-08-24 06:51:021427968----a-w-C:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26142848----a-w-C:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12420864----a-w-C:\windows\SysWow64\vbscript.dll
2012-08-24 06:43:582382848----a-w-C:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12:501913200----a-w-C:\windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40950128----a-w-C:\windows\System32\drivers\ndis.sys
2012-08-22 18:12:40376688----a-w-C:\windows\System32\drivers\netio.sys
2012-08-22 18:12:33288624----a-w-C:\windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00245760----a-w-C:\windows\System32\OxpsConverter.exe
2012-08-21 20:01:2033240----a-w-C:\windows\System32\drivers\GEARAspiWDM.sys
2012-08-21 20:01:20125872----a-w-C:\windows\System32\GEARAspi64.dll
2012-08-21 20:01:20106928----a-w-C:\windows\SysWow64\GEARAspi.dll
2012-08-20 18:48:44362496----a-w-C:\windows\System32\wow64win.dll
2012-08-20 18:48:44243200----a-w-C:\windows\System32\wow64.dll
2012-08-20 18:48:4413312----a-w-C:\windows\System32\wow64cpu.dll
2012-08-20 18:48:43215040----a-w-C:\windows\System32\winsrv.dll
2012-08-20 18:48:3716384----a-w-C:\windows\System32\ntvdm64.dll
2012-08-20 18:48:35424448----a-w-C:\windows\System32\KernelBase.dll
2012-08-20 18:46:22338432----a-w-C:\windows\System32\conhost.exe
2012-08-20 17:40:2114336----a-w-C:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:4444032----a-w-C:\windows\apppatch\acwow64.dll
2012-08-20 17:38:2625600----a-w-C:\windows\SysWow64\setup16.exe
2012-08-20 17:37:195120----a-w-C:\windows\SysWow64\wow32.dll
2012-08-20 17:37:18274944----a-w-C:\windows\SysWow64\KernelBase.dll
2012-08-20 15:38:217680----a-w-C:\windows\SysWow64\instnm.exe
2012-08-20 15:33:286144---ha-w-C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:284608---ha-w-C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:283584---ha-w-C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:283072---ha-w-C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 13:12:00.16 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/1/2010 4:56:48 PM
System Uptime: 11/1/2012 12:50:30 PM (1 hours ago)
.
Motherboard: Lenovo | | KL3
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz | CPU 1 | 1178/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 387 GiB total, 139.325 GiB free.
D: is FIXED (NTFS) - 30 GiB total, 28.688 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: hp color LaserJet 2550 series
Device ID: ROOT\MULTIFUNCTION\0011
Manufacturer:
Name: hp color LaserJet 2550 series
PNP Device ID: ROOT\MULTIFUNCTION\0011
Service:
.
Class GUID:
Description: Officejet Pro 8500 A909n
Device ID: ROOT\MULTIFUNCTION\0013
Manufacturer:
Name: Officejet Pro 8500 A909n
PNP Device ID: ROOT\MULTIFUNCTION\0013
Service:
.
Class GUID:
Description: hp LaserJet 4350
Device ID: ROOT\MULTIFUNCTION\0014
Manufacturer:
Name: hp LaserJet 4350
PNP Device ID: ROOT\MULTIFUNCTION\0014
Service:
.
Class GUID:
Description: HP Color LaserJet 3600
Device ID: ROOT\MULTIFUNCTION\0015
Manufacturer:
Name: HP Color LaserJet 3600
PNP Device ID: ROOT\MULTIFUNCTION\0015
Service:
.
==== System Restore Points ===================
.
RP503: 10/12/2012 5:48:30 PM - Windows Update
RP504: 10/18/2012 4:46:43 PM - Installed Java(TM) 6 Update 37
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
7-Zip 9.15 (x64 edition)
Adobe AIR
Adobe Community Help
Adobe Connect Add-in
Adobe Creative Suite 5 Master Collection
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.2
Adobe Shockwave Player 11.5
Akamai NetSession Interface
Akamai NetSession Interface Service
Amnesia - The Dark Descent
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aquaria
ATI Catalyst Install Manager
Audacity 1.3.13 (Unicode)
Audiosurf
Aurora
Autodesk Maya 2012 64-bit
AVG 2012
Back to the Future: Ep 1 - It's About Time
Bastion
Bonjour
Braid (Version 1.015)
Broadcom Gigabit NetLink Controller
Business Contact Manager for Outlook 2007 SP2
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CDisplayEx 1.4
Crayon Physics Deluxe version 55
Crystal Reports for Visual Studio
CyberLink YouCam
D3DX10
DAEMON Tools Lite
DAME
Darwinia
Dotfuscator Software Services - Community Edition
Dropbox
Energy Management
Evernote v. 4.5.7
Facebook Video Calling 1.2.0.287
FlashDevelop 4.0.1
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
Google Chrome
Google Drive
Google Talk Plugin
Google Update Helper
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2529927)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2542054)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2548139)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2549864)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2635973)
Hotfix for Microsoft Visual Studio 2010 Professional - ENU (KB2736182)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Houdini 12.0.543.9
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
iTunes
Java Auto Updater
Java(TM) 6 Update 37
JMicron Flash Media Controller Driver
LAME v3.99.3 (for Windows)
Lenovo Bluetooth with Enhanced Data Rate Software
Lenovo DirectShare
Lenovo EasyCamera
Lenovo MuteSync
Lenovo OneKey Recovery
Lenovo ReadyComm 5
Lenovo ReadyComm 5.0 Service
Lenovo SlideNav
Lenovo SplitScreen
LIMBO
Luxology modo 601_sp3 64-bit build 52162
Machinarium
Malwarebytes Anti-Malware version 1.65.1.1000
MediaShow
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Help Viewer 1.1
Microsoft IntelliPoint 8.1
Microsoft Office 2003 Web Components
Microsoft Office Click-to-Run 2010
Microsoft Office Home and Student 2010 - English
Microsoft Office Small Business Connectivity Components
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ Compilers 2010 Standard - enu - x64
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Professional - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio Macro Tools
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Miro Video Converter
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Music Manager
Network64
Notepad++
NVIDIA PhysX
NVIDIA PhysX Plug-in for Autodesk Maya 2012 64 bit
Octodad
Onekey Theater
OpenAL
PDF Settings CS5
Portal
Portal 2
Portal 2 - The Final Hours
Power2Go
Project64 1.6
PS_AIO_06_C4700_SW_Min
Psychonauts
PX Profile Update
PxMergeModule
QuickTime
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Remove Empty Directories version 2.2
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Visual Studio 2010 Professional - ENU (KB2645410)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)
Skype™ 5.10
Splice
Spotify
Sql Server Customer Experience Improvement Program
SSH Secure Shell
Steam
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Terraria
The Misadventures of P.B. Winterbottom
Toolbox
Trillian
Unity
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
VC 9.0 Runtime
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VLC media player 2.0.1
VVVVVV version 2.0
Wacom Tablet
WCF RIA Services V1.0 SP1
Web Deployment Tool
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Goo
ZBrush 4R4
.
==== Event Viewer Messages From Past Week ========
.
11/1/2012 12:55:50 PM, Error: Service Control Manager [7000] - The ReadyComm.DirectRouter service failed to start due to the following error: The system cannot find the file specified.
11/1/2012 12:52:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
11/1/2012 12:52:03 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
11/1/2012 12:51:13 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
11/1/2012 12:51:13 PM, Error: Service Control Manager [7009] - A timeout was reached (120000 milliseconds) while waiting for the dleeCATSCustConnectService service to connect.
11/1/2012 12:51:13 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
11/1/2012 12:51:13 PM, Error: Service Control Manager [7000] - The dleeCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/1/2012 12:09:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041287, 0x0000000000000008, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-42416-01.
11/1/2012 11:36:31 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff88001340039, 0xfffff8800cfe0d40, 0x0000000000000000). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-47564-01.
11/1/2012 10:29:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff80003ffd477). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-56753-01.
11/1/2012 10:15:48 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000000, 0xfffff80003ffa477). A dump was saved in: C:\windows\MEMORY.DMP. Report Id: 110112-55941-01.
10/31/2012 10:48:45 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-00-00-00-00-00. Network operations on this system may be disrupted as a result.
10/30/2012 12:08:53 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.8 with the system having network hardware address 78-CA-39-BB-E3-AB. Network operations on this system may be disrupted as a result.
10/30/2012 11:41:21 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.6 with the system having network hardware address 68-A3-C4-67-C4-10. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2012
Ran by SYSTEM at 01-11-2012 14:26:21
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-01-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [877600 2010-01-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [SynBtnAsst] %ProgramFiles%\Synaptics\SynTP\SynBtnAsst.exe Utility_Window [x]
HKLM\...\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [776608 2009-12-18] (Lenovo)
HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4448704 2010-03-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [7056832 2010-03-11] (Lenovo (Beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2399632 2011-04-13] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2009-11-20] (Intel Corporation)
HKLM-x32\...\Run: [MuteSync] C:\PROGRA~2\Lenovo\LENOVO~1\MuteSync.exe [336384 2009-12-27] (Lenovo)
HKLM-x32\...\Run: [Lenovo SplitScreen] "C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe" [779104 2010-01-25] (Lenovo)
HKLM-x32\...\Run: [UCam_Menu] "c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] "c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [167008 2010-02-03] (CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [x]
HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] "c:\Program Files (x86)\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1" [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo SlideNav2] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe" [318400 2009-12-29] (Lenovo)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [dleemon.exe] "C:\Program Files (x86) (x86)\Dell V715w\dleemon.exe" [766632 2009-07-09] ()
HKLM-x32\...\Run: [EzPrint] "C:\Program Files (x86) (x86)\Dell V715w\ezprint.exe" [139944 2009-07-09] ()
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2596984 2012-07-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254896 2012-09-17] (Sun Microsystems, Inc.)
HKU\Default\...\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized [x]
HKU\Default\...\RunOnce: [LenovoWallpaper] "C:\Program Files\desktop\ChangeDesktop.exe" "C:\Program Files\desktop\Desktop.jpg" [53760 2009-09-29] ()
HKU\Default\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [768336 2009-07-26] (Microsoft Corporation)
HKU\Default User\...\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized [x]
HKU\Default User\...\RunOnce: [LenovoWallpaper] "C:\Program Files\desktop\ChangeDesktop.exe" "C:\Program Files\desktop\Desktop.jpg" [53760 2009-09-29] ()
HKU\Default User\...\RunOnce: [WLStart] "C:\Program Files (x86)\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage [768336 2009-07-26] (Microsoft Corporation)
HKU\Katelyn\...\Run: [Google Update] "C:\Users\Katelyn\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-07-01] (Google Inc.)
HKU\Katelyn\...\Run: [AdobeBridge] [x]
HKU\Katelyn\...\Run: [Facebook Update] "C:\Users\Katelyn\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-11] (Facebook Inc.)
HKU\Katelyn\...\Run: [Akamai NetSession Interface] "C:\Users\Katelyn\AppData\Local\Akamai\netsession_win.exe" [4441920 2012-10-09] (Akamai Technologies, Inc.)
HKU\Katelyn\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [16052192 2012-10-25] (Google)
Tcpip\Parameters: [DhcpNameServer] 144.118.24.20 144.118.24.10
Tcpip\..\Interfaces\{F4DAA9BF-A5BB-4193-9D7C-1F87BD05D26F}: [NameServer]208.67.220.220
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Katelyn\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Katelyn\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
Startup: C:\Users\Katelyn\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ===================

2 Akamai; C:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll [4539200 2012-11-01] (Akamai Technologies, Inc.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5167736 2012-08-13] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [873248 2010-01-12] (Broadcom Corporation.)
2 dleeCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe [33448 2009-07-01] ()
2 dlee_device; C:\windows\system32\dleecoms.exe -service [1054888 2009-07-01] ( )
2 dlee_device; C:\windows\SysWow64\dleecoms.exe -service [602792 2009-07-01] ( )
3 getPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
2 HoudiniLicenseServer; C:\windows\system32\sesinetd.exe [2454528 2012-02-28] (Side Effects Software Inc.)
2 HoudiniServer; C:\windows\system32\hserver.exe [2336256 2012-02-28] (Side Effects Software Inc.)
3 IGRS; "C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe" [38152 2009-07-14] (Lenovo Group Limited)
3 Lenovo ReadyComm AppSvc; "C:\Program Files\Lenovo\ReadyComm\AppSvc.exe" [509192 2009-08-14] (Lenovo Group Limited)
3 Lenovo ReadyComm ConnSvc; "C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe" [575304 2009-11-17] (Lenovo Group Limited)
3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [53248 2011-03-29] (NOS Microsystems Ltd.)
3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
2 Slidebar Notifier Service; "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe" [69568 2009-12-29] (Lenovo)
2 TabletServiceWacom; C:\windows\system32\Wacom_Tablet.exe [5521192 2009-11-24] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) =====================

3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [291680 2012-07-26] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384352 2012-08-24] (AVG Technologies CZ, s.r.o.)
3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-15] (Lenovo)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [283200 2012-02-27] (DT Soft Ltd)
3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17904 2010-02-05] (JMicron Technology Corp.)
3 JmUsbVideo; C:\Windows\System32\Drivers\jmcam.sys [56688 2010-02-05] (JMicron Technology Corp.)
3 JmUsbVideo2; C:\Windows\System32\Drivers\jmcam_lo.sys [31088 2010-02-05] (JMicron Technology Corp.)
3 SxSmemcd; C:\Windows\System32\Drivers\SxSmemcd.sys [59392 2012-01-17] (Sony Corporation)
3 wdmirror; C:\Windows\System32\Drivers\wdmirror.sys [11280 2009-07-16] (Lenovo)
2 IviRegMgr; [x]
3 vpnva; C:\Windows\System32\DRIVERS\vpnva64.sys [x]
3 wacomvhid; C:\Windows\System32\DRIVERS\wacomvhid.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-01 10:14 - 2012-11-01 10:14 - 00000000 ____D C:\Users\Katelyn\Desktop\siggraph
2012-11-01 09:12 - 2012-11-01 09:12 - 00032481 ____A C:\Users\Katelyn\Desktop\dds.txt
2012-11-01 09:12 - 2012-11-01 09:12 - 00016915 ____A C:\Users\Katelyn\Desktop\attach.txt
2012-11-01 08:59 - 2012-11-01 08:59 - 00687724 ____R (Swearware) C:\Users\Katelyn\Downloads\dds.com
2012-11-01 08:57 - 2012-11-01 08:57 - 00000000 ____A C:\Users\Katelyn\Desktop\gmer.log
2012-11-01 08:47 - 2012-11-01 08:47 - 00302592 ____A C:\Users\Katelyn\Desktop\o8pjbol7.exe
2012-11-01 08:31 - 2012-11-01 08:31 - 01459963 ____A (Farbar) C:\Users\Katelyn\Downloads\FRST64 (1).exe
2012-11-01 08:30 - 2012-11-01 08:31 - 01459963 ____A (Farbar) C:\Users\Katelyn\Desktop\FRST64.exe
2012-11-01 08:09 - 2012-11-01 08:09 - 00277088 ____A C:\Windows\Minidump\110112-42416-01.dmp
2012-11-01 07:36 - 2012-11-01 07:36 - 00277088 ____A C:\Windows\Minidump\110112-47564-01.dmp
2012-11-01 07:28 - 2012-11-01 07:28 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-01 07:28 - 2012-11-01 07:28 - 00000000 ____D C:\Users\Katelyn\AppData\Roaming\Malwarebytes
2012-11-01 07:28 - 2012-11-01 07:28 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-01 07:28 - 2012-11-01 07:28 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-01 07:28 - 2012-09-29 15:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-01 07:26 - 2012-11-01 07:26 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Katelyn\Desktop\mbam-setup-1.65.1.1000.exe
2012-11-01 06:29 - 2012-11-01 06:29 - 00277088 ____A C:\Windows\Minidump\110112-56753-01.dmp
2012-11-01 06:15 - 2012-11-01 06:15 - 00277088 ____A C:\Windows\Minidump\110112-55941-01.dmp
2012-10-31 23:42 - 2012-10-31 23:42 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-10-31 23:08 - 2012-10-31 23:09 - 00000000 ____D C:\Users\Katelyn\Downloads\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen
2012-10-31 23:07 - 2012-10-31 23:07 - 00167179 ____A C:\Users\Katelyn\Downloads\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.zip
2012-10-31 14:24 - 2012-10-31 14:24 - 02563424 ____A C:\Users\Katelyn\Downloads\AdobeDownloadAssistant.exe
2012-10-30 21:59 - 2012-10-30 21:59 - 00000000 ____D C:\Users\Katelyn\Downloads\ADOBE.CS6.0.MASTER.COLLECTION.WIN.OSX.KEYGEN-XFORCE
2012-10-30 18:19 - 2012-10-30 18:19 - 03479504 ____A C:\Users\Katelyn\Downloads\IMG_0082.MOV
2012-10-29 08:20 - 2012-10-30 16:10 - 00000000 ____D C:\Users\Katelyn\Desktop\rockClimb
2012-10-28 16:20 - 2012-10-28 16:29 - 10332420 ____A C:\Users\Katelyn\Downloads\ui.zip
2012-10-25 07:07 - 2012-10-28 17:36 - 00488308 ____A C:\Users\Katelyn\Downloads\00_icons.psd
2012-10-20 13:09 - 2012-10-20 13:10 - 00000000 ____D C:\Users\Katelyn\AppData\Roaming\dvdcss
2012-10-18 12:49 - 2012-09-24 11:23 - 00157680 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-10-18 12:49 - 2012-09-24 11:23 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-10-18 12:49 - 2012-09-24 11:23 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-10-18 12:47 - 2012-10-18 12:49 - 00003019 ____A C:\Windows\SysWOW64\jupdate-1.6.0_37-b06.log
2012-10-10 14:06 - 2012-08-31 10:19 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-10 14:06 - 2012-08-30 10:03 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-10 14:06 - 2012-08-30 09:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-10 14:06 - 2012-08-30 09:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-10 14:06 - 2012-08-20 10:48 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-10 14:06 - 2012-08-20 10:48 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-10 14:06 - 2012-08-20 10:48 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-10 14:06 - 2012-08-20 10:48 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-10 14:06 - 2012-08-20 10:48 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-10 14:06 - 2012-08-20 10:48 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-10 14:06 - 2012-08-20 10:48 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-10 14:06 - 2012-08-20 10:46 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-10 14:06 - 2012-08-20 10:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 10:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:40 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-10 14:06 - 2012-08-20 09:38 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-10 14:06 - 2012-08-20 09:37 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-10 14:06 - 2012-08-20 09:37 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-10 14:06 - 2012-08-20 09:37 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 09:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 07:38 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-10 14:06 - 2012-08-20 07:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 07:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 07:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 14:06 - 2012-08-20 07:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-10 14:05 - 2012-09-14 11:19 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 14:05 - 2012-09-14 10:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-10 14:05 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 14:05 - 2012-08-24 08:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-10 14:05 - 2012-08-20 07:38 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-10 14:05 - 2012-08-10 16:56 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 14:05 - 2012-08-10 15:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-10 14:05 - 2012-06-01 21:41 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 14:05 - 2012-06-01 21:41 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 14:05 - 2012-06-01 21:41 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 14:05 - 2012-06-01 20:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-10 14:05 - 2012-06-01 20:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-10 14:05 - 2012-06-01 20:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-08 19:34 - 2012-10-08 19:34 - 17730656 ____A C:\Users\Katelyn\Downloads\ZBrush 4 Sculpting for Games Beginner's Guide.zip
2012-10-07 10:14 - 2012-11-01 05:30 - 00000000 ____D C:\Users\Katelyn\Desktop\GameDevWork
2012-10-07 09:54 - 2012-10-18 07:10 - 00000000 ____D C:\Users\Katelyn\Desktop\MindingOfIssac
2012-10-07 09:40 - 2012-10-30 18:08 - 00000000 ____D C:\Users\Katelyn\Desktop\GameDev
2012-10-04 13:51 - 2009-04-16 10:08 - 00136704 ____A (Hewlett-Packard Company) C:\Windows\System32\hpf3l70v.dll
2012-10-04 13:48 - 2012-10-04 13:55 - 00174495 ____A C:\Windows\hpoins43.dat
2012-10-04 13:48 - 2010-01-30 03:51 - 00000601 ____N C:\Windows\hpomdl43.dat
2012-10-04 13:47 - 2009-04-16 03:53 - 00642360 ____A (Hewlett-Packard) C:\Windows\System32\hpzids40.dll
2012-10-04 13:47 - 2009-02-11 03:03 - 01403904 ____A (Hewlett-Packard Co.) C:\Windows\System32\hpost_p02c.dll
2012-10-04 13:47 - 2009-02-11 03:03 - 00880640 ____A (Hewlett-Packard) C:\Windows\System32\hposwia_p02c.dll
2012-10-04 13:47 - 2009-02-11 03:03 - 00515072 ____A (Hewlett-Packard Co.) C:\Windows\System32\hposc_p02a.dll
2012-10-04 13:47 - 2008-10-28 16:27 - 00551424 ____A (Hewlett-Packard) C:\Windows\System32\hppldcoi.dll
2012-10-04 13:42 - 2012-10-04 13:46 - 70832040 ____A C:\Users\Katelyn\Downloads\PS_AIO_06_C4700_USW_Basic_Win_enu_140_175.exe


==================== 3 Months Modified Files ==================

2012-11-01 10:20 - 2012-03-29 12:36 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-01 10:17 - 2009-07-13 21:13 - 00939278 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-01 10:13 - 2012-05-06 10:21 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-01 09:45 - 2010-07-01 13:19 - 00000916 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004UA.job
2012-11-01 09:12 - 2012-11-01 09:12 - 00032481 ____A C:\Users\Katelyn\Desktop\dds.txt
2012-11-01 09:12 - 2012-11-01 09:12 - 00016915 ____A C:\Users\Katelyn\Desktop\attach.txt
2012-11-01 09:04 - 2011-07-27 11:54 - 00000936 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004UA.job
2012-11-01 09:01 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-01 09:01 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-01 08:59 - 2012-11-01 08:59 - 00687724 ____R (Swearware) C:\Users\Katelyn\Downloads\dds.com
2012-11-01 08:57 - 2012-11-01 08:57 - 00000000 ____A C:\Users\Katelyn\Desktop\gmer.log
2012-11-01 08:51 - 2012-05-06 10:21 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-01 08:51 - 2011-06-29 12:43 - 00036088 ____A C:\Users\All Users\dleescan.log
2012-11-01 08:51 - 2010-04-22 12:56 - 00130657 ____A C:\Windows\setupact.log
2012-11-01 08:51 - 2010-04-22 12:29 - 00573750 ____A C:\Windows\PFRO.log
2012-11-01 08:51 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-01 08:47 - 2012-11-01 08:47 - 00302592 ____A C:\Users\Katelyn\Desktop\o8pjbol7.exe
2012-11-01 08:31 - 2012-11-01 08:31 - 01459963 ____A (Farbar) C:\Users\Katelyn\Downloads\FRST64 (1).exe
2012-11-01 08:31 - 2012-11-01 08:30 - 01459963 ____A (Farbar) C:\Users\Katelyn\Desktop\FRST64.exe
2012-11-01 08:09 - 2012-11-01 08:09 - 00277088 ____A C:\Windows\Minidump\110112-42416-01.dmp
2012-11-01 08:09 - 2010-07-03 12:47 - 624007448 ____A C:\Windows\MEMORY.DMP
2012-11-01 07:36 - 2012-11-01 07:36 - 00277088 ____A C:\Windows\Minidump\110112-47564-01.dmp
2012-11-01 07:28 - 2012-11-01 07:28 - 00001113 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-01 07:26 - 2012-11-01 07:26 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Katelyn\Desktop\mbam-setup-1.65.1.1000.exe
2012-11-01 06:29 - 2012-11-01 06:29 - 00277088 ____A C:\Windows\Minidump\110112-56753-01.dmp
2012-11-01 06:15 - 2012-11-01 06:15 - 00277088 ____A C:\Windows\Minidump\110112-55941-01.dmp
2012-11-01 05:45 - 2010-07-01 13:19 - 00000864 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004Core.job
2012-11-01 05:43 - 2010-07-15 15:45 - 00000132 ____A C:\Users\Katelyn\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-10-31 23:10 - 2012-03-29 12:36 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-31 23:10 - 2011-06-24 13:28 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-31 23:10 - 2010-04-22 11:47 - 01593332 ____A C:\Windows\WindowsUpdate.log
2012-10-31 23:07 - 2012-10-31 23:07 - 00167179 ____A C:\Users\Katelyn\Downloads\HEADUS.UVLAYOUT.V2.06.00D.PRO.keygen.zip
2012-10-31 15:11 - 2011-07-27 11:54 - 00000914 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3694585094-1687816597-3818613799-1004Core.job
2012-10-31 14:24 - 2012-10-31 14:24 - 02563424 ____A C:\Users\Katelyn\Downloads\AdobeDownloadAssistant.exe
2012-10-30 18:19 - 2012-10-30 18:19 - 03479504 ____A C:\Users\Katelyn\Downloads\IMG_0082.MOV
2012-10-28 17:36 - 2012-10-25 07:07 - 00488308 ____A C:\Users\Katelyn\Downloads\00_icons.psd
2012-10-28 16:29 - 2012-10-28 16:20 - 10332420 ____A C:\Users\Katelyn\Downloads\ui.zip
2012-10-18 12:49 - 2012-10-18 12:47 - 00003019 ____A C:\Windows\SysWOW64\jupdate-1.6.0_37-b06.log
2012-10-12 13:55 - 2010-07-27 17:14 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-08 19:34 - 2012-10-08 19:34 - 17730656 ____A C:\Users\Katelyn\Downloads\ZBrush 4 Sculpting for Games Beginner's Guide.zip
2012-10-04 13:55 - 2012-10-04 13:48 - 00174495 ____A C:\Windows\hpoins43.dat
2012-10-04 13:55 - 2012-02-04 07:46 - 00005042 ____A C:\Users\All Users\hpzinstall.log
2012-10-04 13:46 - 2012-10-04 13:42 - 70832040 ____A C:\Users\Katelyn\Downloads\PS_AIO_06_C4700_USW_Basic_Win_enu_140_175.exe
2012-10-03 06:12 - 2011-03-05 16:47 - 00001456 ____A C:\Users\Katelyn\AppData\Local\Adobe Save for Web 12.0 Prefs
2012-09-30 11:45 - 2012-09-30 11:07 - 1037250456 ____A C:\Users\Katelyn\Downloads\rochard-windows-1.31-1348771540.exe
2012-09-29 15:54 - 2012-11-01 07:28 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-09-24 11:32 - 2012-06-24 07:42 - 00477168 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2012-09-24 11:32 - 2010-10-02 13:47 - 00473072 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-09-24 11:23 - 2012-10-18 12:49 - 00157680 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-09-24 11:23 - 2012-10-18 12:49 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-09-24 11:23 - 2012-10-18 12:49 - 00149488 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-09-20 19:47 - 2012-09-20 19:44 - 330927763 ____A C:\Users\Katelyn\Downloads\dustforce-win-1347945918.zip
2012-09-19 09:00 - 2012-04-13 16:45 - 00000090 ____A C:\Users\Katelyn\mm.cfg
2012-09-15 21:58 - 2009-07-13 20:45 - 05168464 ____A C:\Windows\System32\FNTCACHE.DAT
2012-09-14 21:14 - 2010-07-01 12:57 - 00139752 ____A C:\Users\Katelyn\AppData\Local\GDIPFONTCACHEV1.DAT
2012-09-14 15:28 - 2012-09-14 15:28 - 00040945 ____A C:\Users\Katelyn\Downloads\Good-Foot.zip
2012-09-14 11:19 - 2012-10-10 14:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:28 - 2012-10-10 14:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-14 08:49 - 2012-09-14 08:40 - 729067520 ____A C:\Users\Katelyn\Downloads\ubuntu-12.04.1-desktop-i386.iso
2012-09-11 17:05 - 2012-09-11 16:52 - 1157953892 ____A C:\Users\Katelyn\Downloads\amnesia_tdd_1.2.1.zip
2012-09-06 12:44 - 2012-09-06 12:44 - 04592128 ____A C:\Users\Katelyn\Downloads\Chapter16.ppt
2012-08-31 19:38 - 2012-08-31 19:32 - 226021774 ____A C:\Users\Katelyn\Downloads\Vertex.rar
2012-08-31 10:19 - 2012-10-10 14:06 - 01659760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 17:33 - 2012-08-30 17:33 - 00277144 ____A C:\Windows\Minidump\083012-57127-01.dmp
2012-08-30 10:03 - 2012-10-10 14:06 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:12 - 2012-10-10 14:06 - 03968880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:12 - 2012-10-10 14:06 - 03914096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-28 15:00 - 2012-08-28 15:00 - 00999840 ____A (Solid State Networks) C:\Users\Katelyn\Downloads\install_flashplayer11x32_mssd_aih.exe
2012-08-24 14:43 - 2012-08-24 14:43 - 00384352 ____A (AVG Technologies CZ, s.r.o.) C:\Windows\System32\Drivers\avgtdia.sys
2012-08-24 10:05 - 2012-10-10 14:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 08:57 - 2012-10-10 14:05 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 03:15 - 2012-09-27 03:36 - 17810944 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 02:39 - 2012-09-27 03:36 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 02:31 - 2012-09-27 03:36 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-24 02:22 - 2012-09-27 03:36 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 02:21 - 2012-09-27 03:36 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 02:20 - 2012-09-27 03:36 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-24 02:18 - 2012-09-27 03:36 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 02:17 - 2012-09-27 03:36 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 02:14 - 2012-09-27 03:36 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-24 02:14 - 2012-09-27 03:36 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-24 02:13 - 2012-09-27 03:36 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-24 02:12 - 2012-09-27 03:36 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 02:11 - 2012-09-27 03:36 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 02:10 - 2012-09-27 03:36 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 02:09 - 2012-09-27 03:36 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 02:04 - 2012-09-27 03:36 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 23:27 - 2012-09-27 03:36 - 12319744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-23 23:03 - 2012-09-27 03:36 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-23 22:59 - 2012-09-27 03:36 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-23 22:51 - 2012-09-27 03:36 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-23 22:51 - 2012-09-27 03:36 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-23 22:51 - 2012-09-27 03:36 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-23 22:49 - 2012-09-27 03:36 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-23 22:48 - 2012-09-27 03:36 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-23 22:47 - 2012-09-27 03:36 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-23 22:47 - 2012-09-27 03:36 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-08-23 22:47 - 2012-09-27 03:36 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-23 22:45 - 2012-09-27 03:36 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-23 22:44 - 2012-09-27 03:36 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-23 22:44 - 2012-09-27 03:36 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-23 22:43 - 2012-09-27 03:36 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 22:40 - 2012-09-27 03:36 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-22 10:12 - 2012-09-12 10:25 - 01913200 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:12 - 2012-09-12 10:25 - 00950128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:12 - 2012-09-12 10:25 - 00376688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:12 - 2012-09-12 10:25 - 00288624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 13:01 - 2012-09-25 16:13 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-21 12:01 - 2012-09-21 11:04 - 00033240 ____A (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2012-08-21 12:01 - 2010-07-01 16:36 - 00125872 ____A (GEAR Software Inc.) C:\Windows\System32\GEARAspi64.dll
2012-08-21 12:01 - 2010-07-01 16:36 - 00106928 ____A (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-20 10:48 - 2012-10-10 14:06 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-20 10:46 - 2012-10-10 14:06 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 10:38 - 2012-10-10 14:06 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 10:38 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 09:40 - 2012-10-10 14:06 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-20 09:38 - 2012-10-10 14:06 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-20 09:37 - 2012-10-10 14:06 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-20 09:37 - 2012-10-10 14:06 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-20 09:37 - 2012-10-10 14:06 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 09:32 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 07:38 - 2012-10-10 14:06 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-20 07:38 - 2012-10-10 14:05 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-20 07:33 - 2012-10-10 14:06 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 14:06 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 14:06 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 07:33 - 2012-10-10 14:06 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-18 19:04 - 2012-08-18 19:02 - 00277144 ____A C:\Windows\Minidump\081812-60247-01.dmp
2012-08-15 15:52 - 2012-08-15 15:52 - 00002260 ____A C:\Users\Katelyn\Downloads\wk04.html
2012-08-14 13:09 - 2012-08-14 13:08 - 440907128 ____A C:\Users\Katelyn\Downloads\modo601_SP3_win.exe
2012-08-10 16:56 - 2012-10-10 14:05 - 00715776 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:56 - 2012-10-10 14:05 - 00542208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

ZeroAccess:
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\L
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\L\00000004.@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\L\201d3dde
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\00000004.@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\00000008.@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\000000cb.@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\80000000.@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\80000032.@
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
 
==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 50BEA589F7D7958BDD2528A8F69D05CC ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-10-12 13:50:09
Restore point made on: 2012-10-18 12:47:25

==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 3892.48 MB
Available physical RAM: 3213.27 MB
Total Pagefile: 3890.63 MB
Available Pagefile: 3213.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:386.99 GB) (Free:138.77 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:30.48 GB) (Free:28.69 GB) NTFS
4 Drive g: (GODFREY3) (Removable) (Total:15.09 GB) (Free:15.08 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 6144 KB
Disk 1 Online 15 GB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 200 MB 1024 KB
Partition 2 Primary 386 GB 201 MB
Partition 0 Extended 63 GB 387 GB
Partition 5 Logical 29 GB 387 GB
Partition 6 Logical 3886 MB 416 GB
Partition 4 Logical 30 GB 420 GB
Partition 3 OEM 14 GB 451 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y NTFS Partition 200 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 386 GB Healthy

=========================================================

Disk: 0
Partition 5
Type : 83
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 6
Type : 82
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D LENOVO NTFS Partition 30 GB Healthy


=========================================================

Disk: 0
Partition 3
Type : 12
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 15 GB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G GODFREY3 FAT32 Removable 15 GB Healthy

=========================================================

Last Boot: 2012-10-16 07:46

==================== End Of Log =============================
 
Farbar Recovery Scan Tool (x64) Version: 30-10-2012
Ran by SYSTEM at 2012-11-01 14:29:11
Running from G:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0329216 ____A (Microsoft Corporation) 50BEA589F7D7958BDD2528A8F69D05CC
====== End Of Search ======
 
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Next...

Restart normally.

==============================

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

=============================

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

==============================

Download Malwarebytes' Anti-Malware (MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.
Alternate download: http://www.filehippo.com/download_malwarebytes_anti_malware/
NOTE. If you already have MBAM installed, update it before running the scan.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer IF MBAM asks you to do so.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

==================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 

Attachments

  • fixlist.txt
    385 bytes · Views: 1
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-10-2012
Ran by SYSTEM at 2012-11-01 15:40:44 Run:1
Running from G:\

==============================================

HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\SubSystems\\Windows No ZeroAccess entry found.
C:\Windows\System32\consrv.dll not found.
C:\Windows\Installer\{208b961b-3c1a-36e5-913c-578d327fdbc6} moved successfully.
C:\Windows\assembly\GAC_32\Desktop.ini moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
C:\Windows\System32\services.exe moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe copied successfully to C:\Windows\System32\services.exe

==== End of Fixlog ====
 
[FONT=Times New Roman][FONT=Arial]15:47:26.0584 6980 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35[/FONT]
[FONT=Arial]15:47:27.0193 6980 ============================================================[/FONT]
[FONT=Arial]15:47:27.0193 6980 Current date / time: 2012/11/01 15:47:27.0193[/FONT]
[FONT=Arial]15:47:27.0193 6980 SystemInfo:[/FONT]
[FONT=Arial]15:47:27.0193 6980 [/FONT]
[FONT=Arial]15:47:27.0193 6980 OS Version: 6.1.7601 ServicePack: 1.0[/FONT]
[FONT=Arial]15:47:27.0193 6980 Product type: Workstation[/FONT]
[FONT=Arial]15:47:27.0193 6980 ComputerName: WINSTON[/FONT]
[FONT=Arial]15:47:27.0193 6980 UserName: Katelyn[/FONT]
[FONT=Arial]15:47:27.0193 6980 Windows directory: C:\windows[/FONT]
[FONT=Arial]15:47:27.0193 6980 System windows directory: C:\windows[/FONT]
[FONT=Arial]15:47:27.0193 6980 Running under WOW64[/FONT]
[FONT=Arial]15:47:27.0193 6980 Processor architecture: Intel x64[/FONT]
[FONT=Arial]15:47:27.0193 6980 Number of processors: 4[/FONT]
[FONT=Arial]15:47:27.0193 6980 Page size: 0x1000[/FONT]
[FONT=Arial]15:47:27.0193 6980 Boot type: Normal boot[/FONT]
[FONT=Arial]15:47:27.0193 6980 ============================================================[/FONT]
[FONT=Arial]15:47:28.0238 6980 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040[/FONT]
[FONT=Arial]15:47:28.0254 6980 Drive \Device\Harddisk1\DR1 - Size: 0x3C7800000 (15.12 Gb), SectorSize: 0x200, Cylinders: 0x7B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'[/FONT]
[FONT=Arial]15:47:28.0269 6980 ============================================================[/FONT]
[FONT=Arial]15:47:28.0269 6980 \Device\Harddisk0\DR0:[/FONT]
[FONT=Arial]15:47:28.0269 6980 MBR partitions:[/FONT]
[FONT=Arial]15:47:28.0269 6980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000[/FONT]
[FONT=Arial]15:47:28.0269 6980 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x305FB84C[/FONT]
[FONT=Arial]15:47:28.0394 6980 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3490F000, BlocksNum 0x3CF4800[/FONT]
[FONT=Arial]15:47:28.0472 6980 \Device\Harddisk1\DR1:[/FONT]
[FONT=Arial]15:47:28.0472 6980 MBR partitions:[/FONT]
[FONT=Arial]15:47:28.0472 6980 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1E3BFE0[/FONT]
[FONT=Arial]15:47:28.0472 6980 ============================================================[/FONT]
[FONT=Arial]15:47:28.0534 6980 C: <-> \Device\Harddisk0\DR0\Partition2[/FONT]
[FONT=Arial]15:47:28.0956 6980 D: <-> \Device\Harddisk0\DR0\Partition3[/FONT]
[FONT=Arial]15:47:28.0956 6980 ============================================================[/FONT]
[FONT=Arial]15:47:28.0956 6980 Initialize success[/FONT]
[FONT=Arial]15:47:28.0956 6980 ============================================================[/FONT]
[FONT=Arial]15:47:31.0764 6356 ============================================================[/FONT]
[FONT=Arial]15:47:31.0764 6356 Scan started[/FONT]
[FONT=Arial]15:47:31.0764 6356 Mode: Manual; [/FONT]
[FONT=Arial]15:47:31.0764 6356 ============================================================[/FONT]
[FONT=Arial]15:47:38.0706 6356 ================ Scan system memory ========================[/FONT]
[FONT=Arial]15:47:38.0706 6356 System memory - ok[/FONT]
[FONT=Arial]15:47:38.0706 6356 ================ Scan services =============================[/FONT]
[FONT=Arial]15:47:40.0624 6356 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys[/FONT]
[FONT=Arial]15:47:40.0640 6356 1394ohci - ok[/FONT]
[FONT=Arial]15:47:40.0718 6356 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys[/FONT]
[FONT=Arial]15:47:40.0734 6356 ACPI - ok[/FONT]
[FONT=Arial]15:47:40.0780 6356 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys[/FONT]
[FONT=Arial]15:47:40.0796 6356 AcpiPmi - ok[/FONT]
[FONT=Arial]15:47:40.0874 6356 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys[/FONT]
[FONT=Arial]15:47:40.0874 6356 ACPIVPC - ok[/FONT]
[FONT=Arial]15:47:42.0184 6356 [ F3CD7B20B27D1772C946DF993FF3635C ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[/FONT]
[FONT=Arial]15:47:42.0184 6356 AdobeFlashPlayerUpdateSvc - ok[/FONT]
[FONT=Arial]15:47:42.0247 6356 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys[/FONT]
[FONT=Arial]15:47:42.0262 6356 adp94xx - ok[/FONT]
[FONT=Arial]15:47:42.0340 6356 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys[/FONT]
[FONT=Arial]15:47:42.0340 6356 adpahci - ok[/FONT]
[FONT=Arial]15:47:42.0387 6356 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys[/FONT]
[FONT=Arial]15:47:42.0387 6356 adpu320 - ok[/FONT]
[FONT=Arial]15:47:42.0450 6356 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll[/FONT]
[FONT=Arial]15:47:42.0450 6356 AeLookupSvc - ok[/FONT]
[FONT=Arial]15:47:42.0700 6356 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys[/FONT]
[FONT=Arial]15:47:42.0700 6356 AFD - ok[/FONT]
[FONT=Arial]15:47:42.0794 6356 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys[/FONT]
[FONT=Arial]15:47:42.0794 6356 agp440 - ok[/FONT]
[FONT=Arial]15:47:43.0714 6356 [ E1B1F152C4E82C85E846D25C9E6E6CC8 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll[/FONT]
[FONT=Arial]15:47:43.0714 6356 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll. md5: E1B1F152C4E82C85E846D25C9E6E6CC8[/FONT]
[FONT=Arial]15:47:43.0714 6356 Akamai ( HiddenFile.Multi.Generic ) - warning[/FONT]
[FONT=Arial]15:47:43.0714 6356 Akamai - detected HiddenFile.Multi.Generic (1)[/FONT]
[FONT=Arial]15:47:43.0792 6356 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe[/FONT]
[FONT=Arial]15:47:43.0792 6356 ALG - ok[/FONT]
[FONT=Arial]15:47:43.0917 6356 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys[/FONT]
[FONT=Arial]15:47:43.0917 6356 aliide - ok[/FONT]
[FONT=Arial]15:47:44.0042 6356 [ 52BC611119BDA4FBAD24DC1F577E68F4 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe[/FONT]
[FONT=Arial]15:47:44.0042 6356 AMD External Events Utility - ok[/FONT]
[FONT=Arial]15:47:44.0135 6356 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys[/FONT]
[FONT=Arial]15:47:44.0151 6356 amdide - ok[/FONT]
[FONT=Arial]15:47:44.0182 6356 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys[/FONT]
[FONT=Arial]15:47:44.0198 6356 AmdK8 - ok[/FONT]
[FONT=Arial]15:47:45.0118 6356 [ F34CF764E8BC26E7BBEF0C82A8CE45DB ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys[/FONT]
[FONT=Arial]15:47:45.0274 6356 amdkmdag - ok[/FONT]
[FONT=Arial]15:47:45.0305 6356 [ 0330B63509526D1074E119FFC1741EC3 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys[/FONT]
[FONT=Arial]15:47:45.0321 6356 amdkmdap - ok[/FONT]
[FONT=Arial]15:47:45.0352 6356 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys[/FONT]
[FONT=Arial]15:47:45.0368 6356 AmdPPM - ok[/FONT]
[FONT=Arial]15:47:45.0446 6356 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys[/FONT]
[FONT=Arial]15:47:45.0446 6356 amdsata - ok[/FONT]
[FONT=Arial]15:47:45.0508 6356 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys[/FONT]
[FONT=Arial]15:47:45.0524 6356 amdsbs - ok[/FONT]
[FONT=Arial]15:47:45.0539 6356 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys[/FONT]
[FONT=Arial]15:47:45.0539 6356 amdxata - ok[/FONT]
[FONT=Arial]15:47:45.0586 6356 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys[/FONT]
[FONT=Arial]15:47:45.0602 6356 AppID - ok[/FONT]
[FONT=Arial]15:47:45.0617 6356 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll[/FONT]
[FONT=Arial]15:47:45.0617 6356 AppIDSvc - ok[/FONT]
[FONT=Arial]15:47:45.0695 6356 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll[/FONT]
[FONT=Arial]15:47:45.0695 6356 Appinfo - ok[/FONT]
[FONT=Arial]15:47:45.0898 6356 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[/FONT]
[FONT=Arial]15:47:45.0898 6356 Apple Mobile Device - ok[/FONT]
[FONT=Arial]15:47:45.0929 6356 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys[/FONT]
[FONT=Arial]15:47:45.0929 6356 arc - ok[/FONT]
[FONT=Arial]15:47:45.0961 6356 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys[/FONT]
[FONT=Arial]15:47:45.0961 6356 arcsas - ok[/FONT]
[FONT=Arial]15:47:46.0241 6356 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe[/FONT]
[FONT=Arial]15:47:46.0288 6356 aspnet_state - ok[/FONT]
[FONT=Arial]15:47:46.0335 6356 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys[/FONT]
[FONT=Arial]15:47:46.0335 6356 AsyncMac - ok[/FONT]
[FONT=Arial]15:47:46.0413 6356 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys[/FONT]
[FONT=Arial]15:47:46.0413 6356 atapi - ok[/FONT]
[FONT=Arial]15:47:46.0616 6356 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll[/FONT]
[FONT=Arial]15:47:46.0616 6356 AudioEndpointBuilder - ok[/FONT]
[FONT=Arial]15:47:46.0694 6356 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll[/FONT]
[FONT=Arial]15:47:46.0694 6356 AudioSrv - ok[/FONT]
[FONT=Arial]15:47:47.0349 6356 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe[/FONT]
[FONT=Arial]15:47:47.0396 6356 AVGIDSAgent - ok[/FONT]
[FONT=Arial]15:47:47.0489 6356 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys[/FONT]
[FONT=Arial]15:47:47.0489 6356 AVGIDSDriver - ok[/FONT]
[FONT=Arial]15:47:47.0536 6356 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys[/FONT]
[FONT=Arial]15:47:47.0536 6356 AVGIDSFilter - ok[/FONT]
[FONT=Arial]15:47:47.0552 6356 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys[/FONT]
[FONT=Arial]15:47:47.0552 6356 AVGIDSHA - ok[/FONT]
[FONT=Arial]15:47:47.0645 6356 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys[/FONT]
[FONT=Arial]15:47:47.0645 6356 Avgldx64 - ok[/FONT]
[FONT=Arial]15:47:47.0677 6356 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys[/FONT]
[FONT=Arial]15:47:47.0677 6356 Avgmfx64 - ok[/FONT]
[FONT=Arial]15:47:47.0739 6356 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys[/FONT]
[FONT=Arial]15:47:47.0739 6356 Avgrkx64 - ok[/FONT]
[FONT=Arial]15:47:47.0864 6356 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys[/FONT]
[FONT=Arial]15:47:47.0879 6356 Avgtdia - ok[/FONT]
[FONT=Arial]15:47:47.0926 6356 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe[/FONT]
[FONT=Arial]15:47:47.0926 6356 avgwd - ok[/FONT]
[FONT=Arial]15:47:47.0989 6356 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll[/FONT]
[FONT=Arial]15:47:47.0989 6356 AxInstSV - ok[/FONT]
[FONT=Arial]15:47:48.0035 6356 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys[/FONT]
[FONT=Arial]15:47:48.0051 6356 b06bdrv - ok[/FONT]
[FONT=Arial]15:47:48.0098 6356 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys[/FONT]
[FONT=Arial]15:47:48.0098 6356 b57nd60a - ok[/FONT]
[FONT=Arial]15:47:48.0176 6356 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[/FONT]
[FONT=Arial]15:47:48.0176 6356 BcmSqlStartupSvc - ok[/FONT]
[FONT=Arial]15:47:48.0207 6356 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll[/FONT]
[FONT=Arial]15:47:48.0223 6356 BDESVC - ok[/FONT]
[FONT=Arial]15:47:48.0269 6356 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys[/FONT]
[FONT=Arial]15:47:48.0269 6356 Beep - ok[/FONT]
[FONT=Arial]15:47:48.0285 6356 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys[/FONT]
[FONT=Arial]15:47:48.0285 6356 blbdrive - ok[/FONT]
[FONT=Arial]15:47:48.0425 6356 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe[/FONT]
[FONT=Arial]15:47:48.0441 6356 Bonjour Service - ok[/FONT]
[FONT=Arial]15:47:48.0488 6356 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys[/FONT]
[FONT=Arial]15:47:48.0488 6356 bowser - ok[/FONT]
[FONT=Arial]15:47:48.0519 6356 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys[/FONT]
[FONT=Arial]15:47:48.0535 6356 BrFiltLo - ok[/FONT]
[FONT=Arial]15:47:48.0550 6356 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys[/FONT]
[FONT=Arial]15:47:48.0550 6356 BrFiltUp - ok[/FONT]
[FONT=Arial]15:47:48.0613 6356 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys[/FONT]
[FONT=Arial]15:47:48.0613 6356 Bridge0 - ok[/FONT]
[FONT=Arial]15:47:48.0675 6356 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll[/FONT]
[FONT=Arial]15:47:48.0675 6356 Browser - ok[/FONT]
[FONT=Arial]15:47:48.0737 6356 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys[/FONT]
[FONT=Arial]15:47:48.0753 6356 Brserid - ok[/FONT]
[FONT=Arial]15:47:48.0769 6356 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys[/FONT]
[FONT=Arial]15:47:48.0769 6356 BrSerWdm - ok[/FONT]
[FONT=Arial]15:47:48.0784 6356 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys[/FONT]
[FONT=Arial]15:47:48.0784 6356 BrUsbMdm - ok[/FONT]
[FONT=Arial]15:47:48.0800 6356 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys[/FONT]
[FONT=Arial]15:47:48.0800 6356 BrUsbSer - ok[/FONT]
[FONT=Arial]15:47:48.0862 6356 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys[/FONT]
[FONT=Arial]15:47:48.0878 6356 BthEnum - ok[/FONT]
[FONT=Arial]15:47:48.0893 6356 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys[/FONT]
[FONT=Arial]15:47:48.0909 6356 BTHMODEM - ok[/FONT]
[FONT=Arial]15:47:48.0925 6356 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys[/FONT]
[FONT=Arial]15:47:48.0925 6356 BthPan - ok[/FONT]
[FONT=Arial]15:47:49.0034 6356 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys[/FONT]
[FONT=Arial]15:47:49.0065 6356 BTHPORT - ok[/FONT]
[FONT=Arial]15:47:49.0096 6356 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll[/FONT]
[FONT=Arial]15:47:49.0096 6356 bthserv - ok[/FONT]
[FONT=Arial]15:47:49.0143 6356 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys[/FONT]
[FONT=Arial]15:47:49.0143 6356 BTHUSB - ok[/FONT]
[FONT=Arial]15:47:49.0190 6356 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\windows\system32\drivers\btusbflt.sys[/FONT]
[FONT=Arial]15:47:49.0190 6356 btusbflt - ok[/FONT]
[FONT=Arial]15:47:49.0221 6356 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\windows\system32\drivers\btwaudio.sys[/FONT]
[FONT=Arial]15:47:49.0221 6356 btwaudio - ok[/FONT]
[FONT=Arial]15:47:49.0237 6356 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\windows\system32\drivers\btwavdt.sys[/FONT]
[FONT=Arial]15:47:49.0237 6356 btwavdt - ok[/FONT]
[FONT=Arial]15:47:49.0330 6356 [ A8C22ACBE494D2F92FDB4C7EDD09528C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe[/FONT]
[FONT=Arial]15:47:49.0346 6356 btwdins - ok[/FONT]
[FONT=Arial]15:47:49.0377 6356 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys[/FONT]
[FONT=Arial]15:47:49.0377 6356 btwl2cap - ok[/FONT]
[FONT=Arial]15:47:49.0393 6356 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys[/FONT]
[FONT=Arial]15:47:49.0393 6356 btwrchid - ok[/FONT]
[FONT=Arial]15:47:49.0424 6356 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys[/FONT]
[FONT=Arial]15:47:49.0439 6356 cdfs - ok[/FONT]
[FONT=Arial]15:47:49.0517 6356 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys[/FONT]
[FONT=Arial]15:47:49.0517 6356 cdrom - ok[/FONT]
[FONT=Arial]15:47:49.0595 6356 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll[/FONT]
[FONT=Arial]15:47:49.0595 6356 CertPropSvc - ok[/FONT]
[FONT=Arial]15:47:49.0658 6356 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys[/FONT]
[FONT=Arial]15:47:49.0658 6356 circlass - ok[/FONT]
[FONT=Arial]15:47:49.0673 6356 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys[/FONT]
[FONT=Arial]15:47:49.0689 6356 CLFS - ok[/FONT]
[FONT=Arial]15:47:49.0767 6356 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe[/FONT]
[FONT=Arial]15:47:49.0767 6356 clr_optimization_v2.0.50727_32 - ok[/FONT]
[FONT=Arial]15:47:49.0892 6356 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe[/FONT]
[FONT=Arial]15:47:49.0907 6356 clr_optimization_v2.0.50727_64 - ok[/FONT]
[FONT=Arial]15:47:49.0985 6356 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[/FONT]
[FONT=Arial]15:47:50.0157 6356 clr_optimization_v4.0.30319_32 - ok[/FONT]
[FONT=Arial]15:47:50.0204 6356 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe[/FONT]
[FONT=Arial]15:47:50.0235 6356 clr_optimization_v4.0.30319_64 - ok[/FONT]
[FONT=Arial]15:47:50.0266 6356 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys[/FONT]
[FONT=Arial]15:47:50.0266 6356 CmBatt - ok[/FONT]
[FONT=Arial]15:47:50.0313 6356 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys[/FONT]
[FONT=Arial]15:47:50.0313 6356 cmdide - ok[/FONT]
[FONT=Arial]15:47:50.0375 6356 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys[/FONT]
[FONT=Arial]15:47:50.0391 6356 CNG - ok[/FONT]
[FONT=Arial]15:47:50.0422 6356 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys[/FONT]
[FONT=Arial]15:47:50.0422 6356 Compbatt - ok[/FONT]
[FONT=Arial]15:47:50.0485 6356 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys[/FONT]
[FONT=Arial]15:47:50.0485 6356 CompositeBus - ok[/FONT]
[FONT=Arial]15:47:50.0516 6356 COMSysApp - ok[/FONT]
[FONT=Arial]15:47:50.0516 6356 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys[/FONT]
[FONT=Arial]15:47:50.0516 6356 crcdisk - ok[/FONT]
[FONT=Arial]15:47:50.0594 6356 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll[/FONT]
[FONT=Arial]15:47:50.0594 6356 CryptSvc - ok[/FONT]
[FONT=Arial]15:47:50.0875 6356 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[/FONT]
[FONT=Arial]15:47:50.0921 6356 cvhsvc - ok[/FONT]
[FONT=Arial]15:47:51.0124 6356 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll[/FONT]
[FONT=Arial]15:47:51.0140 6356 DcomLaunch - ok[/FONT]
[FONT=Arial]15:47:51.0202 6356 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll[/FONT]
[FONT=Arial]15:47:51.0202 6356 defragsvc - ok[/FONT]
[FONT=Arial]15:47:51.0249 6356 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys[/FONT]
[FONT=Arial]15:47:51.0249 6356 DfsC - ok[/FONT]
[FONT=Arial]15:47:51.0343 6356 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll[/FONT]
[FONT=Arial]15:47:51.0343 6356 Dhcp - ok[/FONT]
[FONT=Arial]15:47:51.0389 6356 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys[/FONT]
[FONT=Arial]15:47:51.0389 6356 discache - ok[/FONT]
[FONT=Arial]15:47:51.0452 6356 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys[/FONT]
[FONT=Arial]15:47:51.0452 6356 Disk - ok[/FONT]
[FONT=Arial]15:47:51.0577 6356 [ 6774B807CE89A5EC8F61551C15CCA964 ] dleeCATSCustConnectService C:\windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe[/FONT]
[FONT=Arial]15:47:51.0623 6356 dleeCATSCustConnectService - ok[/FONT]
[FONT=Arial]15:47:51.0639 6356 dlee_device - ok[/FONT]
[FONT=Arial]15:47:51.0670 6356 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll[/FONT]
[FONT=Arial]15:47:51.0670 6356 Dnscache - ok[/FONT]
[FONT=Arial]15:47:51.0717 6356 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll[/FONT]
[FONT=Arial]15:47:51.0733 6356 dot3svc - ok[/FONT]
[FONT=Arial]15:47:51.0795 6356 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys[/FONT]
[FONT=Arial]15:47:51.0795 6356 dot4 - ok[/FONT]
[FONT=Arial]15:47:51.0889 6356 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys[/FONT]
[FONT=Arial]15:47:51.0889 6356 Dot4Print - ok[/FONT]
[FONT=Arial]15:47:51.0904 6356 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys[/FONT]
[FONT=Arial]15:47:51.0904 6356 dot4usb - ok[/FONT]
[FONT=Arial]15:47:51.0951 6356 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll[/FONT]
[FONT=Arial]15:47:51.0951 6356 DPS - ok[/FONT]
[FONT=Arial]15:47:52.0013 6356 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys[/FONT]
[FONT=Arial]15:47:52.0029 6356 drmkaud - ok[/FONT]
[FONT=Arial]15:47:52.0091 6356 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys[/FONT]
[FONT=Arial]15:47:52.0091 6356 dtsoftbus01 - ok[/FONT]
[FONT=Arial]15:47:52.0310 6356 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys[/FONT]
[FONT=Arial]15:47:52.0310 6356 DXGKrnl - ok[/FONT]
[FONT=Arial]15:47:52.0372 6356 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll[/FONT]
[FONT=Arial]15:47:52.0372 6356 EapHost - ok[/FONT]
[FONT=Arial]15:47:52.0856 6356 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys[/FONT]
[FONT=Arial]15:47:52.0934 6356 ebdrv - ok[/FONT]
[FONT=Arial]15:47:52.0996 6356 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe[/FONT]
[FONT=Arial]15:47:52.0996 6356 EFS - ok[/FONT]
[FONT=Arial]15:47:53.0074 6356 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe[/FONT]
[FONT=Arial]15:47:53.0074 6356 ehRecvr - ok[/FONT]
[FONT=Arial]15:47:53.0105 6356 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe[/FONT]
[FONT=Arial]15:47:53.0105 6356 ehSched - ok[/FONT]
[FONT=Arial]15:47:53.0137 6356 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys[/FONT]
[FONT=Arial]15:47:53.0168 6356 elxstor - ok[/FONT]
[FONT=Arial]15:47:53.0183 6356 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys[/FONT]
[FONT=Arial]15:47:53.0183 6356 ErrDev - ok[/FONT]
[FONT=Arial]15:47:53.0261 6356 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll[/FONT]
[FONT=Arial]15:47:53.0261 6356 EventSystem - ok[/FONT]
[FONT=Arial]15:47:53.0277 6356 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys[/FONT]
[FONT=Arial]15:47:53.0277 6356 exfat - ok[/FONT]
[FONT=Arial]15:47:53.0308 6356 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys[/FONT]
[FONT=Arial]15:47:53.0308 6356 fastfat - ok[/FONT]
[FONT=Arial]15:47:53.0371 6356 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe[/FONT]
[FONT=Arial]15:47:53.0402 6356 Fax - ok[/FONT]
[FONT=Arial]15:47:53.0417 6356 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys[/FONT]
[FONT=Arial]15:47:53.0417 6356 fdc - ok[/FONT]
[FONT=Arial]15:47:53.0464 6356 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll[/FONT]
[FONT=Arial]15:47:53.0464 6356 fdPHost - ok[/FONT]
[FONT=Arial]15:47:53.0480 6356 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll[/FONT]
[FONT=Arial]15:47:53.0480 6356 FDResPub - ok[/FONT]
[FONT=Arial]15:47:53.0495 6356 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys[/FONT]
[FONT=Arial]15:47:53.0495 6356 FileInfo - ok[/FONT]
[FONT=Arial]15:47:53.0511 6356 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys[/FONT]
[FONT=Arial]15:47:53.0511 6356 Filetrace - ok[/FONT]
[FONT=Arial]15:47:53.0698 6356 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe[/FONT]
[FONT=Arial]15:47:53.0761 6356 FLEXnet Licensing Service 64 - ok[/FONT]
[FONT=Arial]15:47:53.0776 6356 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys[/FONT]
[FONT=Arial]15:47:53.0776 6356 flpydisk - ok[/FONT]
[FONT=Arial]15:47:53.0839 6356 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys[/FONT]
[FONT=Arial]15:47:53.0839 6356 FltMgr - ok[/FONT]
[FONT=Arial]15:47:54.0151 6356 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll[/FONT]
[FONT=Arial]15:47:54.0166 6356 FontCache - ok[/FONT]
[FONT=Arial]15:47:54.0260 6356 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[/FONT]
[FONT=Arial]15:47:54.0260 6356 FontCache3.0.0.0 - ok[/FONT]
[FONT=Arial]15:47:54.0291 6356 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys[/FONT]
[FONT=Arial]15:47:54.0291 6356 FsDepends - ok[/FONT]
[FONT=Arial]15:47:54.0353 6356 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys[/FONT]
[FONT=Arial]15:47:54.0353 6356 Fs_Rec - ok[/FONT]
[FONT=Arial]15:47:54.0431 6356 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys[/FONT]
[FONT=Arial]15:47:54.0431 6356 fvevol - ok[/FONT]
[FONT=Arial]15:47:54.0494 6356 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys[/FONT]
[FONT=Arial]15:47:54.0509 6356 gagp30kx - ok[/FONT]
[FONT=Arial]15:47:54.0572 6356 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys[/FONT]
[FONT=Arial]15:47:54.0572 6356 GEARAspiWDM - ok[/FONT]
[FONT=Arial]15:47:54.0665 6356 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll[/FONT]
[FONT=Arial]15:47:54.0665 6356 getPlusHelper - ok[/FONT]
[FONT=Arial]15:47:54.0759 6356 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll[/FONT]
[FONT=Arial]15:47:54.0759 6356 gpsvc - ok[/FONT]
[FONT=Arial]15:47:54.0837 6356 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[/FONT]
[FONT=Arial]15:47:54.0837 6356 gupdate - ok[/FONT]
[FONT=Arial]15:47:54.0853 6356 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[/FONT]
[FONT=Arial]15:47:54.0853 6356 gupdatem - ok[/FONT]
[FONT=Arial]15:47:54.0884 6356 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys[/FONT]
[FONT=Arial]15:47:54.0899 6356 hcw85cir - ok[/FONT]
[FONT=Arial]15:47:55.0009 6356 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys[/FONT]
[FONT=Arial]15:47:55.0040 6356 HdAudAddService - ok[/FONT]
[FONT=Arial]15:47:55.0102 6356 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys[/FONT]
[FONT=Arial]15:47:55.0118 6356 HDAudBus - ok[/FONT]
[FONT=Arial]15:47:55.0149 6356 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys[/FONT]
[FONT=Arial]15:47:55.0149 6356 HECIx64 - ok[/FONT]
[FONT=Arial]15:47:55.0211 6356 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys[/FONT]
[FONT=Arial]15:47:55.0227 6356 HidBatt - ok[/FONT]
[FONT=Arial]15:47:55.0258 6356 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys[/FONT]
[FONT=Arial]15:47:55.0258 6356 HidBth - ok[/FONT]
[FONT=Arial]15:47:55.0289 6356 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys[/FONT]
[FONT=Arial]15:47:55.0289 6356 HidIr - ok[/FONT]
[FONT=Arial]15:47:55.0321 6356 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll[/FONT]
[FONT=Arial]15:47:55.0321 6356 hidserv - ok[/FONT]
[FONT=Arial]15:47:55.0399 6356 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys[/FONT]
[FONT=Arial]15:47:55.0414 6356 HidUsb - ok[/FONT]
[FONT=Arial]15:47:55.0477 6356 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll[/FONT]
[FONT=Arial]15:47:55.0492 6356 hkmsvc - ok[/FONT]
[FONT=Arial]15:47:55.0555 6356 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll[/FONT]
[FONT=Arial]15:47:55.0555 6356 HomeGroupListener - ok[/FONT]
[FONT=Arial]15:47:55.0617 6356 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll[/FONT]
[FONT=Arial]15:47:55.0633 6356 HomeGroupProvider - ok[/FONT]
[FONT=Arial]15:47:56.0007 6356 [ 5694549D12843046DC4D23DE86CB8447 ] HoudiniLicenseServer C:\windows\system32\sesinetd.exe[/FONT]
[FONT=Arial]15:47:56.0038 6356 HoudiniLicenseServer - ok[/FONT]
[FONT=Arial]15:47:56.0179 6356 [ B9B7C912D381F35E9CE66A58AA57A455 ] HoudiniServer C:\windows\system32\hserver.exe[/FONT]
[FONT=Arial]15:47:56.0210 6356 HoudiniServer - ok[/FONT]
[FONT=Arial]15:47:56.0288 6356 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys[/FONT]
[FONT=Arial]15:47:56.0288 6356 HpSAMD - ok[/FONT]
[FONT=Arial]15:47:56.0787 6356 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL[/FONT]
[FONT=Arial]15:47:56.0865 6356 HPSLPSVC - ok[/FONT]
[FONT=Arial]15:47:56.0943 6356 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys[/FONT]
[FONT=Arial]15:47:56.0943 6356 HTTP - ok[/FONT]
[FONT=Arial]15:47:57.0005 6356 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys[/FONT]
[FONT=Arial]15:47:57.0005 6356 hwpolicy - ok[/FONT]
[FONT=Arial]15:47:57.0068 6356 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys[/FONT]
[FONT=Arial]15:47:57.0083 6356 i8042prt - ok[/FONT]
[FONT=Arial]15:47:57.0115 6356 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys[/FONT]
[FONT=Arial]15:47:57.0115 6356 iaStor - ok[/FONT]
[FONT=Arial]15:47:57.0193 6356 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[/FONT]
[FONT=Arial]15:47:57.0193 6356 IAStorDataMgrSvc - ok[/FONT]
[FONT=Arial]15:47:57.0255 6356 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys[/FONT]
[FONT=Arial]15:47:57.0255 6356 iaStorV - ok[/FONT]
[FONT=Arial]15:47:57.0333 6356 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[/FONT]
[FONT=Arial]15:47:57.0349 6356 idsvc - ok[/FONT]
[FONT=Arial]15:47:58.0129 6356 [ 90AFAB2B5962B1CD5BB23320675D6174 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys[/FONT]
[FONT=Arial]15:47:58.0300 6356 igfx - ok[/FONT]
[FONT=Arial]15:47:58.0394 6356 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe[/FONT]
[FONT=Arial]15:47:58.0394 6356 IGRS - ok[/FONT]
[FONT=Arial]15:47:58.0425 6356 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys[/FONT]
[FONT=Arial]15:47:58.0441 6356 iirsp - ok[/FONT]
[FONT=Arial]15:47:58.0612 6356 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll[/FONT]
[FONT=Arial]15:47:58.0675 6356 IKEEXT - ok[/FONT]
[FONT=Arial]15:47:58.0737 6356 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys[/FONT]
[FONT=Arial]15:47:58.0737 6356 Impcd - ok[/FONT]
[FONT=Arial]15:47:59.0143 6356 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys[/FONT]
[FONT=Arial]15:47:59.0158 6356 IntcAzAudAddService - ok[/FONT]
[FONT=Arial]15:47:59.0221 6356 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys[/FONT]
[FONT=Arial]15:47:59.0221 6356 intelide - ok[/FONT]
[FONT=Arial]15:48:00.0095 6356 [ 90AFAB2B5962B1CD5BB23320675D6174 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys[/FONT]
[FONT=Arial]15:48:00.0345 6356 intelkmd - ok[/FONT]
[FONT=Arial]15:48:00.0407 6356 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys[/FONT]
[FONT=Arial]15:48:00.0407 6356 intelppm - ok[/FONT]
[FONT=Arial]15:48:00.0454 6356 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll[/FONT]
[FONT=Arial]15:48:00.0454 6356 IPBusEnum - ok[/FONT]
[FONT=Arial]15:48:00.0516 6356 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys[/FONT]
[FONT=Arial]15:48:00.0516 6356 IpFilterDriver - ok[/FONT]
[FONT=Arial]15:48:00.0563 6356 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys[/FONT]
[FONT=Arial]15:48:00.0579 6356 IPMIDRV - ok[/FONT]
[FONT=Arial]15:48:00.0610 6356 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys[/FONT]
[FONT=Arial]15:48:00.0610 6356 IPNAT - ok[/FONT]
[FONT=Arial]15:48:00.0704 6356 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe[/FONT]
[FONT=Arial]15:48:00.0719 6356 iPod Service - ok[/FONT]
[FONT=Arial]15:48:00.0766 6356 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys[/FONT]
[FONT=Arial]15:48:00.0766 6356 IRENUM - ok[/FONT]
[FONT=Arial]15:48:00.0813 6356 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys[/FONT]
[FONT=Arial]15:48:00.0813 6356 isapnp - ok[/FONT]
[FONT=Arial]15:48:00.0875 6356 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys[/FONT]
[FONT=Arial]15:48:00.0875 6356 iScsiPrt - ok[/FONT]
[FONT=Arial]15:48:00.0922 6356 [ D95D5FF8793393B35500B08DCA5E4B72 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys[/FONT]
[FONT=Arial]15:48:00.0922 6356 JMCR - ok[/FONT]
[FONT=Arial]15:48:00.0953 6356 [ CEE38AB6627CB2F8A97DD7D5A8449944 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys[/FONT]
[FONT=Arial]15:48:00.0953 6356 JmUsbCcgp - ok[/FONT]
[FONT=Arial]15:48:01.0000 6356 [ 6BA6296905D46C003838D1DD05F38DDD ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys[/FONT]
[FONT=Arial]15:48:01.0000 6356 JmUsbVideo - ok[/FONT]
[FONT=Arial]15:48:01.0016 6356 [ 4DCA10EF74CB49D6460F23A34C3593FB ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys[/FONT]
[FONT=Arial]15:48:01.0016 6356 JmUsbVideo2 - ok[/FONT]
[FONT=Arial]15:48:01.0062 6356 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys[/FONT]
[FONT=Arial]15:48:01.0062 6356 k57nd60a - ok[/FONT]
[FONT=Arial]15:48:01.0078 6356 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys[/FONT]
[FONT=Arial]15:48:01.0078 6356 kbdclass - ok[/FONT]
[FONT=Arial]15:48:01.0125 6356 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys[/FONT]
[FONT=Arial]15:48:01.0125 6356 kbdhid - ok[/FONT]
[FONT=Arial]15:48:01.0140 6356 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:48:01.0140 6356 KeyIso - ok[/FONT]
[FONT=Arial]15:48:01.0218 6356 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys[/FONT]
[FONT=Arial]15:48:01.0234 6356 KSecDD - ok[/FONT]
[FONT=Arial]15:48:01.0296 6356 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys[/FONT]
[FONT=Arial]15:48:01.0296 6356 KSecPkg - ok[/FONT]
[FONT=Arial]15:48:01.0328 6356 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys[/FONT]
[FONT=Arial]15:48:01.0328 6356 ksthunk - ok[/FONT]
[/FONT]
 
[FONT=Times New Roman]

[FONT=Arial]15:48:01.0359 6356 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll[/FONT]
[FONT=Arial]15:48:01.0390 6356 KtmRm - ok[/FONT]
[FONT=Arial]15:48:01.0452 6356 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll[/FONT]
[FONT=Arial]15:48:01.0452 6356 LanmanServer - ok[/FONT]
[FONT=Arial]15:48:01.0515 6356 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll[/FONT]
[FONT=Arial]15:48:01.0515 6356 LanmanWorkstation - ok[/FONT]
[FONT=Arial]15:48:01.0718 6356 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe[/FONT]
[FONT=Arial]15:48:01.0749 6356 Lenovo ReadyComm AppSvc - ok[/FONT]
[FONT=Arial]15:48:01.0780 6356 [ 04D9897EAAAE535C4B7DD61574F1A021 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe[/FONT]
[FONT=Arial]15:48:01.0796 6356 Lenovo ReadyComm ConnSvc - ok[/FONT]
[FONT=Arial]15:48:01.0827 6356 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys[/FONT]
[FONT=Arial]15:48:01.0827 6356 LHDmgr - ok[/FONT]
[FONT=Arial]15:48:01.0858 6356 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys[/FONT]
[FONT=Arial]15:48:01.0858 6356 lltdio - ok[/FONT]
[FONT=Arial]15:48:01.0889 6356 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll[/FONT]
[FONT=Arial]15:48:01.0905 6356 lltdsvc - ok[/FONT]
[FONT=Arial]15:48:01.0920 6356 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll[/FONT]
[FONT=Arial]15:48:01.0920 6356 lmhosts - ok[/FONT]
[FONT=Arial]15:48:01.0998 6356 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[/FONT]
[FONT=Arial]15:48:01.0998 6356 LMS - ok[/FONT]
[FONT=Arial]15:48:02.0045 6356 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys[/FONT]
[FONT=Arial]15:48:02.0061 6356 LSI_FC - ok[/FONT]
[FONT=Arial]15:48:02.0076 6356 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys[/FONT]
[FONT=Arial]15:48:02.0076 6356 LSI_SAS - ok[/FONT]
[FONT=Arial]15:48:02.0092 6356 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys[/FONT]
[FONT=Arial]15:48:02.0108 6356 LSI_SAS2 - ok[/FONT]
[FONT=Arial]15:48:02.0108 6356 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys[/FONT]
[FONT=Arial]15:48:02.0108 6356 LSI_SCSI - ok[/FONT]
[FONT=Arial]15:48:02.0123 6356 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys[/FONT]
[FONT=Arial]15:48:02.0123 6356 luafv - ok[/FONT]
[FONT=Arial]15:48:02.0201 6356 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll[/FONT]
[FONT=Arial]15:48:02.0232 6356 Mcx2Svc - ok[/FONT]
[FONT=Arial]15:48:02.0248 6356 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys[/FONT]
[FONT=Arial]15:48:02.0248 6356 megasas - ok[/FONT]
[FONT=Arial]15:48:02.0264 6356 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys[/FONT]
[FONT=Arial]15:48:02.0279 6356 MegaSR - ok[/FONT]
[FONT=Arial]15:48:02.0310 6356 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll[/FONT]
[FONT=Arial]15:48:02.0310 6356 MMCSS - ok[/FONT]
[FONT=Arial]15:48:02.0326 6356 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys[/FONT]
[FONT=Arial]15:48:02.0342 6356 Modem - ok[/FONT]
[FONT=Arial]15:48:02.0404 6356 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys[/FONT]
[FONT=Arial]15:48:02.0404 6356 monitor - ok[/FONT]
[FONT=Arial]15:48:02.0451 6356 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys[/FONT]
[FONT=Arial]15:48:02.0451 6356 mouclass - ok[/FONT]
[FONT=Arial]15:48:02.0482 6356 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys[/FONT]
[FONT=Arial]15:48:02.0482 6356 mouhid - ok[/FONT]
[FONT=Arial]15:48:02.0560 6356 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys[/FONT]
[FONT=Arial]15:48:02.0560 6356 mountmgr - ok[/FONT]
[FONT=Arial]15:48:02.0669 6356 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe[/FONT]
[FONT=Arial]15:48:02.0669 6356 MozillaMaintenance - ok[/FONT]
[FONT=Arial]15:48:02.0732 6356 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys[/FONT]
[FONT=Arial]15:48:02.0732 6356 mpio - ok[/FONT]
[FONT=Arial]15:48:02.0747 6356 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys[/FONT]
[FONT=Arial]15:48:02.0763 6356 mpsdrv - ok[/FONT]
[FONT=Arial]15:48:02.0888 6356 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys[/FONT]
[FONT=Arial]15:48:02.0888 6356 MRxDAV - ok[/FONT]
[FONT=Arial]15:48:02.0934 6356 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys[/FONT]
[FONT=Arial]15:48:02.0950 6356 mrxsmb - ok[/FONT]
[FONT=Arial]15:48:03.0044 6356 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys[/FONT]
[FONT=Arial]15:48:03.0044 6356 mrxsmb10 - ok[/FONT]
[FONT=Arial]15:48:03.0090 6356 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys[/FONT]
[FONT=Arial]15:48:03.0090 6356 mrxsmb20 - ok[/FONT]
[FONT=Arial]15:48:03.0122 6356 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys[/FONT]
[FONT=Arial]15:48:03.0137 6356 msahci - ok[/FONT]
[FONT=Arial]15:48:03.0168 6356 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys[/FONT]
[FONT=Arial]15:48:03.0184 6356 msdsm - ok[/FONT]
[FONT=Arial]15:48:03.0215 6356 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe[/FONT]
[FONT=Arial]15:48:03.0215 6356 MSDTC - ok[/FONT]
[FONT=Arial]15:48:03.0246 6356 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys[/FONT]
[FONT=Arial]15:48:03.0262 6356 Msfs - ok[/FONT]
[FONT=Arial]15:48:03.0278 6356 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys[/FONT]
[FONT=Arial]15:48:03.0278 6356 mshidkmdf - ok[/FONT]
[FONT=Arial]15:48:03.0324 6356 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys[/FONT]
[FONT=Arial]15:48:03.0324 6356 msisadrv - ok[/FONT]
[FONT=Arial]15:48:03.0356 6356 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll[/FONT]
[FONT=Arial]15:48:03.0371 6356 MSiSCSI - ok[/FONT]
[FONT=Arial]15:48:03.0371 6356 msiserver - ok[/FONT]
[FONT=Arial]15:48:03.0402 6356 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys[/FONT]
[FONT=Arial]15:48:03.0402 6356 MSKSSRV - ok[/FONT]
[FONT=Arial]15:48:03.0434 6356 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys[/FONT]
[FONT=Arial]15:48:03.0434 6356 MSPCLOCK - ok[/FONT]
[FONT=Arial]15:48:03.0449 6356 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys[/FONT]
[FONT=Arial]15:48:03.0449 6356 MSPQM - ok[/FONT]
[FONT=Arial]15:48:03.0543 6356 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys[/FONT]
[FONT=Arial]15:48:03.0590 6356 MsRPC - ok[/FONT]
[FONT=Arial]15:48:03.0636 6356 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys[/FONT]
[FONT=Arial]15:48:03.0636 6356 mssmbios - ok[/FONT]
[FONT=Arial]15:48:03.0730 6356 MSSQL$MSSMLBIZ - ok[/FONT]
[FONT=Arial]15:48:04.0182 6356 MSSQL$SQLEXPRESS - ok[/FONT]
[FONT=Arial]15:48:04.0354 6356 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe[/FONT]
[FONT=Arial]15:48:04.0354 6356 MSSQLServerADHelper - ok[/FONT]
[FONT=Arial]15:48:04.0510 6356 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE[/FONT]
[FONT=Arial]15:48:04.0526 6356 MSSQLServerADHelper100 - ok[/FONT]
[FONT=Arial]15:48:04.0760 6356 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys[/FONT]
[FONT=Arial]15:48:04.0775 6356 MSTEE - ok[/FONT]
[FONT=Arial]15:48:04.0791 6356 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys[/FONT]
[FONT=Arial]15:48:04.0806 6356 MTConfig - ok[/FONT]
[FONT=Arial]15:48:04.0853 6356 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys[/FONT]
[FONT=Arial]15:48:04.0869 6356 Mup - ok[/FONT]
[FONT=Arial]15:48:04.0916 6356 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll[/FONT]
[FONT=Arial]15:48:04.0931 6356 napagent - ok[/FONT]
[FONT=Arial]15:48:04.0978 6356 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys[/FONT]
[FONT=Arial]15:48:04.0978 6356 NativeWifiP - ok[/FONT]
[FONT=Arial]15:48:05.0087 6356 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys[/FONT]
[FONT=Arial]15:48:05.0103 6356 NDIS - ok[/FONT]
[FONT=Arial]15:48:05.0150 6356 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys[/FONT]
[FONT=Arial]15:48:05.0165 6356 NdisCap - ok[/FONT]
[FONT=Arial]15:48:05.0196 6356 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys[/FONT]
[FONT=Arial]15:48:05.0196 6356 NdisTapi - ok[/FONT]
[FONT=Arial]15:48:05.0259 6356 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys[/FONT]
[FONT=Arial]15:48:05.0274 6356 Ndisuio - ok[/FONT]
[FONT=Arial]15:48:05.0352 6356 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys[/FONT]
[FONT=Arial]15:48:05.0352 6356 NdisWan - ok[/FONT]
[FONT=Arial]15:48:05.0415 6356 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys[/FONT]
[FONT=Arial]15:48:05.0415 6356 NDProxy - ok[/FONT]
[FONT=Arial]15:48:05.0508 6356 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll[/FONT]
[FONT=Arial]15:48:05.0524 6356 Net Driver HPZ12 - ok[/FONT]
[FONT=Arial]15:48:05.0586 6356 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys[/FONT]
[FONT=Arial]15:48:05.0586 6356 NetBIOS - ok[/FONT]
[FONT=Arial]15:48:05.0633 6356 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys[/FONT]
[FONT=Arial]15:48:05.0633 6356 NetBT - ok[/FONT]
[FONT=Arial]15:48:05.0664 6356 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:48:05.0664 6356 Netlogon - ok[/FONT]
[FONT=Arial]15:48:05.0696 6356 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll[/FONT]
[FONT=Arial]15:48:05.0696 6356 Netman - ok[/FONT]
[FONT=Arial]15:48:05.0774 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:48:05.0836 6356 NetMsmqActivator - ok[/FONT]
[FONT=Arial]15:48:05.0898 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:48:05.0898 6356 NetPipeActivator - ok[/FONT]
[FONT=Arial]15:48:05.0930 6356 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll[/FONT]
[FONT=Arial]15:48:05.0930 6356 netprofm - ok[/FONT]
[FONT=Arial]15:48:05.0945 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:48:05.0961 6356 NetTcpActivator - ok[/FONT]
[FONT=Arial]15:48:05.0961 6356 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:48:05.0961 6356 NetTcpPortSharing - ok[/FONT]
[FONT=Arial]15:48:06.0881 6356 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys[/FONT]
[FONT=Arial]15:48:07.0037 6356 NETw5s64 - ok[/FONT]
[FONT=Arial]15:48:07.0505 6356 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys[/FONT]
[FONT=Arial]15:48:07.0646 6356 netw5v64 - ok[/FONT]
[FONT=Arial]15:48:07.0677 6356 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys[/FONT]
[FONT=Arial]15:48:07.0677 6356 nfrd960 - ok[/FONT]
[FONT=Arial]15:48:07.0755 6356 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll[/FONT]
[FONT=Arial]15:48:07.0755 6356 NlaSvc - ok[/FONT]
[FONT=Arial]15:48:07.0817 6356 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll[/FONT]
[FONT=Arial]15:48:07.0817 6356 nosGetPlusHelper - ok[/FONT]
[FONT=Arial]15:48:07.0833 6356 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys[/FONT]
[FONT=Arial]15:48:07.0848 6356 Npfs - ok[/FONT]
[FONT=Arial]15:48:07.0864 6356 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll[/FONT]
[FONT=Arial]15:48:07.0864 6356 nsi - ok[/FONT]
[FONT=Arial]15:48:07.0926 6356 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys[/FONT]
[FONT=Arial]15:48:07.0926 6356 nsiproxy - ok[/FONT]
[FONT=Arial]15:48:08.0036 6356 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys[/FONT]
[FONT=Arial]15:48:08.0238 6356 Ntfs - ok[/FONT]
[FONT=Arial]15:48:08.0254 6356 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys[/FONT]
[FONT=Arial]15:48:08.0270 6356 Null - ok[/FONT]
[FONT=Arial]15:48:08.0316 6356 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys[/FONT]
[FONT=Arial]15:48:08.0316 6356 nvraid - ok[/FONT]
[FONT=Arial]15:48:08.0379 6356 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys[/FONT]
[FONT=Arial]15:48:08.0379 6356 nvstor - ok[/FONT]
[FONT=Arial]15:48:08.0426 6356 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys[/FONT]
[FONT=Arial]15:48:08.0426 6356 nv_agp - ok[/FONT]
[FONT=Arial]15:48:08.0472 6356 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys[/FONT]
[FONT=Arial]15:48:08.0488 6356 ohci1394 - ok[/FONT]
[FONT=Arial]15:48:08.0566 6356 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE[/FONT]
[FONT=Arial]15:48:08.0566 6356 ose - ok[/FONT]
[FONT=Arial]15:48:08.0738 6356 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[/FONT]
[FONT=Arial]15:48:08.0847 6356 osppsvc - ok[/FONT]
[FONT=Arial]15:48:08.0909 6356 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll[/FONT]
[FONT=Arial]15:48:08.0909 6356 p2pimsvc - ok[/FONT]
[FONT=Arial]15:48:08.0956 6356 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll[/FONT]
[FONT=Arial]15:48:08.0956 6356 p2psvc - ok[/FONT]
[FONT=Arial]15:48:08.0987 6356 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys[/FONT]
[FONT=Arial]15:48:08.0987 6356 Parport - ok[/FONT]
[FONT=Arial]15:48:09.0034 6356 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys[/FONT]
[FONT=Arial]15:48:09.0034 6356 partmgr - ok[/FONT]
[FONT=Arial]15:48:09.0065 6356 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll[/FONT]
[FONT=Arial]15:48:09.0065 6356 PcaSvc - ok[/FONT]
[FONT=Arial]15:48:09.0128 6356 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys[/FONT]
[FONT=Arial]15:48:09.0128 6356 pci - ok[/FONT]
[FONT=Arial]15:48:09.0206 6356 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys[/FONT]
[FONT=Arial]15:48:09.0206 6356 pciide - ok[/FONT]
[FONT=Arial]15:48:09.0237 6356 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys[/FONT]
[FONT=Arial]15:48:09.0252 6356 pcmcia - ok[/FONT]
[FONT=Arial]15:48:09.0284 6356 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys[/FONT]
[FONT=Arial]15:48:09.0284 6356 pcw - ok[/FONT]
[FONT=Arial]15:48:09.0315 6356 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys[/FONT]
[FONT=Arial]15:48:09.0330 6356 PEAUTH - ok[/FONT]
[FONT=Arial]15:48:09.0533 6356 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe[/FONT]
[FONT=Arial]15:48:09.0533 6356 PerfHost - ok[/FONT]
[FONT=Arial]15:48:09.0627 6356 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll[/FONT]
[FONT=Arial]15:48:09.0642 6356 pla - ok[/FONT]
[FONT=Arial]15:48:09.0705 6356 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll[/FONT]
[FONT=Arial]15:48:09.0705 6356 PlugPlay - ok[/FONT]
[FONT=Arial]15:48:09.0845 6356 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll[/FONT]
[FONT=Arial]15:48:09.0861 6356 Pml Driver HPZ12 - ok[/FONT]
[FONT=Arial]15:48:09.0908 6356 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll[/FONT]
[FONT=Arial]15:48:09.0908 6356 PNRPAutoReg - ok[/FONT]
[FONT=Arial]15:48:09.0923 6356 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll[/FONT]
[FONT=Arial]15:48:09.0939 6356 PNRPsvc - ok[/FONT]
[FONT=Arial]15:48:09.0986 6356 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\windows\system32\DRIVERS\point64.sys[/FONT]
[FONT=Arial]15:48:09.0986 6356 Point64 - ok[/FONT]
[FONT=Arial]15:48:10.0048 6356 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll[/FONT]
[FONT=Arial]15:48:10.0079 6356 PolicyAgent - ok[/FONT]
[FONT=Arial]15:48:10.0110 6356 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll[/FONT]
[FONT=Arial]15:48:10.0110 6356 Power - ok[/FONT]
[FONT=Arial]15:48:10.0188 6356 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys[/FONT]
[FONT=Arial]15:48:10.0204 6356 PptpMiniport - ok[/FONT]
[FONT=Arial]15:48:10.0235 6356 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys[/FONT]
[FONT=Arial]15:48:10.0235 6356 Processor - ok[/FONT]
[FONT=Arial]15:48:10.0360 6356 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll[/FONT]
[FONT=Arial]15:48:10.0360 6356 ProfSvc - ok[/FONT]
[FONT=Arial]15:48:10.0376 6356 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:48:10.0376 6356 ProtectedStorage - ok[/FONT]
[FONT=Arial]15:48:10.0485 6356 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys[/FONT]
[FONT=Arial]15:48:10.0485 6356 Psched - ok[/FONT]
[FONT=Arial]15:48:10.0485 6356 PS_MDP - ok[/FONT]
[FONT=Arial]15:48:10.0625 6356 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys[/FONT]
[FONT=Arial]15:48:10.0625 6356 PxHlpa64 - ok[/FONT]
[FONT=Arial]15:48:10.0734 6356 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys[/FONT]
[FONT=Arial]15:48:10.0766 6356 ql2300 - ok[/FONT]
[FONT=Arial]15:48:10.0797 6356 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys[/FONT]
[FONT=Arial]15:48:10.0797 6356 ql40xx - ok[/FONT]
[FONT=Arial]15:48:10.0828 6356 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll[/FONT]
[FONT=Arial]15:48:10.0828 6356 QWAVE - ok[/FONT]
[FONT=Arial]15:48:10.0890 6356 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys[/FONT]
[FONT=Arial]15:48:10.0890 6356 QWAVEdrv - ok[/FONT]
[FONT=Arial]15:48:10.0906 6356 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys[/FONT]
[FONT=Arial]15:48:10.0906 6356 RasAcd - ok[/FONT]
[FONT=Arial]15:48:10.0953 6356 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys[/FONT]
[FONT=Arial]15:48:10.0953 6356 RasAgileVpn - ok[/FONT]
[FONT=Arial]15:48:11.0000 6356 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll[/FONT]
[FONT=Arial]15:48:11.0015 6356 RasAuto - ok[/FONT]
[FONT=Arial]15:48:11.0062 6356 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys[/FONT]
[FONT=Arial]15:48:11.0078 6356 Rasl2tp - ok[/FONT]
[FONT=Arial]15:48:11.0156 6356 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll[/FONT]
[FONT=Arial]15:48:11.0171 6356 RasMan - ok[/FONT]
[FONT=Arial]15:48:11.0202 6356 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys[/FONT]
[FONT=Arial]15:48:11.0218 6356 RasPppoe - ok[/FONT]
[FONT=Arial]15:48:11.0234 6356 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys[/FONT]
[FONT=Arial]15:48:11.0249 6356 RasSstp - ok[/FONT]
[FONT=Arial]15:48:11.0312 6356 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys[/FONT]
[FONT=Arial]15:48:11.0343 6356 rdbss - ok[/FONT]
[FONT=Arial]15:48:11.0374 6356 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys[/FONT]
[FONT=Arial]15:48:11.0374 6356 rdpbus - ok[/FONT]
[FONT=Arial]15:48:11.0405 6356 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys[/FONT]
[FONT=Arial]15:48:11.0421 6356 RDPCDD - ok[/FONT]
[FONT=Arial]15:48:11.0421 6356 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys[/FONT]
[FONT=Arial]15:48:11.0421 6356 RDPENCDD - ok[/FONT]
[FONT=Arial]15:48:11.0436 6356 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys[/FONT]
[FONT=Arial]15:48:11.0436 6356 RDPREFMP - ok[/FONT]
[FONT=Arial]15:48:11.0514 6356 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys[/FONT]
[FONT=Arial]15:48:11.0546 6356 RDPWD - ok[/FONT]
[FONT=Arial]15:48:11.0608 6356 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys[/FONT]
[FONT=Arial]15:48:11.0624 6356 rdyboost - ok[/FONT]
[FONT=Arial]15:48:11.0624 6356 ReadyComm.DirectRouter - ok[/FONT]
[FONT=Arial]15:48:11.0655 6356 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll[/FONT]
[FONT=Arial]15:48:11.0655 6356 RemoteAccess - ok[/FONT]
[FONT=Arial]15:48:11.0686 6356 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll[/FONT]
[FONT=Arial]15:48:11.0686 6356 RemoteRegistry - ok[/FONT]
[FONT=Arial]15:48:11.0733 6356 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys[/FONT]
[FONT=Arial]15:48:11.0748 6356 RFCOMM - ok[/FONT]
[FONT=Arial]15:48:11.0764 6356 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll[/FONT]
[FONT=Arial]15:48:11.0764 6356 RpcEptMapper - ok[/FONT]
[FONT=Arial]15:48:11.0795 6356 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe[/FONT]
[FONT=Arial]15:48:11.0795 6356 RpcLocator - ok[/FONT]
[FONT=Arial]15:48:11.0858 6356 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll[/FONT]
[FONT=Arial]15:48:11.0858 6356 RpcSs - ok[/FONT]
[FONT=Arial]15:48:11.0951 6356 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\windows\system32\DRIVERS\RsFx0105.sys[/FONT]
[FONT=Arial]15:48:11.0951 6356 RsFx0105 - ok[/FONT]
[FONT=Arial]15:48:11.0998 6356 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys[/FONT]
[FONT=Arial]15:48:11.0998 6356 rspndr - ok[/FONT]
[FONT=Arial]15:48:12.0045 6356 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys[/FONT]
[FONT=Arial]15:48:12.0045 6356 RTHDMIAzAudService - ok[/FONT]
[FONT=Arial]15:48:12.0092 6356 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:48:12.0092 6356 SamSs - ok[/FONT]
[FONT=Arial]15:48:12.0138 6356 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys[/FONT]
[FONT=Arial]15:48:12.0138 6356 sbp2port - ok[/FONT]
[FONT=Arial]15:48:12.0170 6356 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll[/FONT]
[FONT=Arial]15:48:12.0185 6356 SCardSvr - ok[/FONT]
[FONT=Arial]15:48:12.0216 6356 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys[/FONT]
[FONT=Arial]15:48:12.0216 6356 scfilter - ok[/FONT]
[FONT=Arial]15:48:12.0419 6356 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll[/FONT]
[FONT=Arial]15:48:12.0435 6356 Schedule - ok[/FONT]
[FONT=Arial]15:48:12.0466 6356 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll[/FONT]
[FONT=Arial]15:48:12.0466 6356 SCPolicySvc - ok[/FONT]
[FONT=Arial]15:48:12.0513 6356 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys[/FONT]
[FONT=Arial]15:48:12.0513 6356 sdbus - ok[/FONT]
[FONT=Arial]15:48:12.0560 6356 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll[/FONT]
[FONT=Arial]15:48:12.0560 6356 SDRSVC - ok[/FONT]
[FONT=Arial]15:48:12.0669 6356 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[/FONT]
[FONT=Arial]15:48:12.0669 6356 SeaPort - ok[/FONT]
[FONT=Arial]15:48:12.0700 6356 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys[/FONT]
[FONT=Arial]15:48:12.0716 6356 secdrv - ok[/FONT]
[FONT=Arial]15:48:12.0762 6356 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll[/FONT]
[FONT=Arial]15:48:12.0762 6356 seclogon - ok[/FONT]
[FONT=Arial]15:48:12.0809 6356 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll[/FONT]
[FONT=Arial]15:48:12.0809 6356 SENS - ok[/FONT]
[FONT=Arial]15:48:12.0825 6356 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll[/FONT]
[FONT=Arial]15:48:12.0825 6356 SensrSvc - ok[/FONT]
[FONT=Arial]15:48:12.0856 6356 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys[/FONT]
[FONT=Arial]15:48:12.0856 6356 Serenum - ok[/FONT]
[FONT=Arial]15:48:12.0872 6356 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys[/FONT]
[FONT=Arial]15:48:12.0872 6356 Serial - ok[/FONT]
[FONT=Arial]15:48:12.0950 6356 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys[/FONT]
[FONT=Arial]15:48:12.0950 6356 sermouse - ok[/FONT]
[FONT=Arial]15:48:12.0996 6356 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll[/FONT]
[FONT=Arial]15:48:12.0996 6356 SessionEnv - ok[/FONT]
[FONT=Arial]15:48:13.0028 6356 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys[/FONT]
[FONT=Arial]15:48:13.0028 6356 sffdisk - ok[/FONT]
[FONT=Arial]15:48:13.0043 6356 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys[/FONT]
[FONT=Arial]15:48:13.0043 6356 sffp_mmc - ok[/FONT]
[FONT=Arial]15:48:13.0059 6356 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys[/FONT]
[FONT=Arial]15:48:13.0059 6356 sffp_sd - ok[/FONT]
[FONT=Arial]15:48:13.0090 6356 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys[/FONT]
[FONT=Arial]15:48:13.0090 6356 sfloppy - ok[/FONT]
[FONT=Arial]15:48:13.0184 6356 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys[/FONT]
[FONT=Arial]15:48:13.0199 6356 Sftfs - ok[/FONT]
[FONT=Arial]15:48:13.0371 6356 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[/FONT]
[FONT=Arial]15:48:13.0386 6356 sftlist - ok[/FONT]
[FONT=Arial]15:48:13.0480 6356 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys[/FONT]
[FONT=Arial]15:48:13.0480 6356 Sftplay - ok[/FONT]
[FONT=Arial]15:48:13.0496 6356 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys[/FONT]
[FONT=Arial]15:48:13.0496 6356 Sftredir - ok[/FONT]
[FONT=Arial]15:48:13.0527 6356 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys[/FONT]
[FONT=Arial]15:48:13.0527 6356 Sftvol - ok[/FONT]
[FONT=Arial]15:48:13.0542 6356 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe[/FONT]
[FONT=Arial]15:48:13.0542 6356 sftvsa - ok[/FONT]
[FONT=Arial]15:48:13.0589 6356 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll[/FONT]
[FONT=Arial]15:48:13.0605 6356 ShellHWDetection - ok[/FONT]
[FONT=Arial]15:48:13.0620 6356 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys[/FONT]
[FONT=Arial]15:48:13.0620 6356 SiSRaid2 - ok[/FONT]
[FONT=Arial]15:48:13.0636 6356 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys[/FONT]
[FONT=Arial]15:48:13.0652 6356 SiSRaid4 - ok[/FONT]
[FONT=Arial]15:48:13.0745 6356 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe[/FONT]
[FONT=Arial]15:48:13.0745 6356 SkypeUpdate - ok[/FONT]
[FONT=Arial]15:48:13.0870 6356 [ AD2FA5CB9E9EBF668786CCDAE5CFE458 ] Slidebar Notifier Service C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe[/FONT]
[FONT=Arial]15:48:13.0870 6356 Slidebar Notifier Service - ok[/FONT]
[FONT=Arial]15:48:13.0901 6356 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys[/FONT]
[FONT=Arial]15:48:13.0917 6356 Smb - ok[/FONT]
[FONT=Arial]15:48:13.0979 6356 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe[/FONT]
[FONT=Arial]15:48:13.0979 6356 SNMPTRAP - ok[/FONT]
[FONT=Arial]15:48:14.0010 6356 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys[/FONT]
[FONT=Arial]15:48:14.0010 6356 spldr - ok[/FONT]
[FONT=Arial]15:48:14.0120 6356 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe[/FONT]
[FONT=Arial]15:48:14.0135 6356 Spooler - ok[/FONT]
[FONT=Arial]15:48:14.0260 6356 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe[/FONT]
[FONT=Arial]15:48:14.0276 6356 sppsvc - ok[/FONT]
[FONT=Arial]15:48:14.0322 6356 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll[/FONT]
[FONT=Arial]15:48:14.0322 6356 sppuinotify - ok[/FONT]
[FONT=Arial]15:48:14.0463 6356 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE[/FONT]
[FONT=Arial]15:48:14.0478 6356 SQLAgent$SQLEXPRESS - ok[/FONT]
[FONT=Arial]15:48:14.0603 6356 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[/FONT]
[FONT=Arial]15:48:14.0603 6356 SQLBrowser - ok[/FONT]
[FONT=Arial]15:48:14.0681 6356 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[/FONT]
[FONT=Arial]15:48:14.0681 6356 SQLWriter - ok[/FONT]
[FONT=Arial]15:48:14.0744 6356 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys[/FONT]
[FONT=Arial]15:48:14.0744 6356 srv - ok[/FONT]
[FONT=Arial]15:48:14.0775 6356 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys[/FONT]
[FONT=Arial]15:48:14.0790 6356 srv2 - ok[/FONT]
[FONT=Arial]15:48:14.0822 6356 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys[/FONT]
[FONT=Arial]15:48:14.0822 6356 srvnet - ok[/FONT]
[FONT=Arial]15:48:14.0900 6356 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll[/FONT]
[FONT=Arial]15:48:14.0915 6356 SSDPSRV - ok[/FONT]
[FONT=Arial]15:48:14.0915 6356 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll[/FONT]
[FONT=Arial]15:48:14.0915 6356 SstpSvc - ok[/FONT]
[FONT=Arial]15:48:15.0040 6356 Steam Client Service - ok[/FONT]
[FONT=Arial]15:48:15.0102 6356 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys[/FONT]
[FONT=Arial]15:48:15.0102 6356 stexstor - ok[/FONT]
[FONT=Arial]15:48:15.0243 6356 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll[/FONT]
[FONT=Arial]15:48:15.0258 6356 stisvc - ok[/FONT]
[FONT=Arial]15:48:15.0290 6356 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys[/FONT]
[FONT=Arial]15:48:15.0305 6356 swenum - ok[/FONT]
[FONT=Arial]15:48:15.0430 6356 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[/FONT]
[FONT=Arial]15:48:15.0446 6356 SwitchBoard - ok[/FONT]
[FONT=Arial]15:48:15.0586 6356 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll[/FONT]
[FONT=Arial]15:48:15.0602 6356 swprv - ok[/FONT]
[FONT=Arial]15:48:15.0664 6356 [ D0FDB0C4429209D7E2F073375EBD0074 ] SxSmemcd C:\windows\system32\DRIVERS\SxSmemcd.sys[/FONT]
[FONT=Arial]15:48:15.0664 6356 SxSmemcd - ok[/FONT]
[FONT=Arial]15:48:15.0726 6356 [ E5D73228176C9F69072D1F91CED83484 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys[/FONT]
[FONT=Arial]15:48:15.0726 6356 SynTP - ok[/FONT]
[FONT=Arial]15:48:15.0960 6356 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll[/FONT]
[FONT=Arial]15:48:15.0976 6356 SysMain - ok[/FONT]
[FONT=Arial]15:48:16.0132 6356 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll[/FONT]
[FONT=Arial]15:48:16.0132 6356 TabletInputService - ok[/FONT]
[FONT=Arial]15:48:16.0506 6356 [ 9C2BA01C621448018DA14AF27F7BD48B ] TabletServiceWacom C:\windows\system32\Wacom_Tablet.exe[/FONT]
[FONT=Arial]15:48:16.0616 6356 TabletServiceWacom - ok[/FONT]
[FONT=Arial]15:48:16.0756 6356 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll[/FONT]
[FONT=Arial]15:48:16.0756 6356 TapiSrv - ok[/FONT]
[FONT=Arial]15:48:16.0787 6356 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll[/FONT]
[FONT=Arial]15:48:16.0787 6356 TBS - ok[/FONT]
[FONT=Arial]15:48:16.0881 6356 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys[/FONT]
[FONT=Arial]15:48:16.0896 6356 Tcpip - ok[/FONT]
[FONT=Arial]15:48:16.0959 6356 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys[/FONT]
[FONT=Arial]15:48:16.0974 6356 TCPIP6 - ok[/FONT]
[FONT=Arial]15:48:17.0193 6356 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys[/FONT]
[FONT=Arial]15:48:17.0208 6356 tcpipreg - ok[/FONT]
[FONT=Arial]15:48:17.0240 6356 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys[/FONT]
[FONT=Arial]15:48:17.0240 6356 TDPIPE - ok[/FONT]
[FONT=Arial]15:48:17.0286 6356 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys[/FONT]
[FONT=Arial]15:48:17.0302 6356 TDTCP - ok[/FONT]
[FONT=Arial]15:48:17.0396 6356 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys[/FONT]
[FONT=Arial]15:48:17.0396 6356 tdx - ok[/FONT]
[FONT=Arial]15:48:17.0442 6356 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys[/FONT]
[FONT=Arial]15:48:17.0442 6356 TermDD - ok[/FONT]
[FONT=Arial]15:48:17.0474 6356 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll[/FONT]
[FONT=Arial]15:48:17.0489 6356 TermService - ok[/FONT]
[FONT=Arial]15:48:17.0505 6356 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll[/FONT]
[FONT=Arial]15:48:17.0505 6356 Themes - ok[/FONT]
[FONT=Arial]15:48:17.0536 6356 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll[/FONT]
[FONT=Arial]15:48:17.0536 6356 THREADORDER - ok[/FONT]
[FONT=Arial]15:48:17.0567 6356 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll[/FONT]
[FONT=Arial]15:48:17.0567 6356 TrkWks - ok[/FONT]
[FONT=Arial]15:48:17.0645 6356 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe[/FONT]
[/FONT]
 
[FONT=Times New Roman][FONT=Arial]15:48:17.0645 6356 TrustedInstaller - ok[/FONT]
[FONT=Arial]15:48:17.0692 6356 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys[/FONT]
[FONT=Arial]15:48:17.0692 6356 tssecsrv - ok[/FONT]
[FONT=Arial]15:48:17.0739 6356 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys[/FONT]
[FONT=Arial]15:48:17.0739 6356 TsUsbFlt - ok[/FONT]
[FONT=Arial]15:48:17.0817 6356 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys[/FONT]
[FONT=Arial]15:48:17.0817 6356 tunnel - ok[/FONT]
[FONT=Arial]15:48:17.0848 6356 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys[/FONT]
[FONT=Arial]15:48:17.0848 6356 uagp35 - ok[/FONT]
[FONT=Arial]15:48:17.0895 6356 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys[/FONT]
[FONT=Arial]15:48:17.0895 6356 udfs - ok[/FONT]
[FONT=Arial]15:48:17.0926 6356 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe[/FONT]
[FONT=Arial]15:48:17.0926 6356 UI0Detect - ok[/FONT]
[FONT=Arial]15:48:18.0004 6356 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys[/FONT]
[FONT=Arial]15:48:18.0004 6356 uliagpkx - ok[/FONT]
[FONT=Arial]15:48:18.0051 6356 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys[/FONT]
[FONT=Arial]15:48:18.0051 6356 umbus - ok[/FONT]
[FONT=Arial]15:48:18.0082 6356 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys[/FONT]
[FONT=Arial]15:48:18.0082 6356 UmPass - ok[/FONT]
[FONT=Arial]15:48:18.0456 6356 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[/FONT]
[FONT=Arial]15:48:18.0519 6356 UNS - ok[/FONT]
[FONT=Arial]15:48:18.0566 6356 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll[/FONT]
[FONT=Arial]15:48:18.0566 6356 upnphost - ok[/FONT]
[FONT=Arial]15:48:18.0612 6356 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys[/FONT]
[FONT=Arial]15:48:18.0612 6356 USBAAPL64 - ok[/FONT]
[FONT=Arial]15:48:18.0675 6356 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys[/FONT]
[FONT=Arial]15:48:18.0675 6356 usbccgp - ok[/FONT]
[FONT=Arial]15:48:18.0722 6356 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys[/FONT]
[FONT=Arial]15:48:18.0737 6356 usbcir - ok[/FONT]
[FONT=Arial]15:48:18.0753 6356 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys[/FONT]
[FONT=Arial]15:48:18.0753 6356 usbehci - ok[/FONT]
[FONT=Arial]15:48:18.0784 6356 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys[/FONT]
[FONT=Arial]15:48:18.0784 6356 usbhub - ok[/FONT]
[FONT=Arial]15:48:18.0815 6356 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys[/FONT]
[FONT=Arial]15:48:18.0815 6356 usbohci - ok[/FONT]
[FONT=Arial]15:48:18.0846 6356 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys[/FONT]
[FONT=Arial]15:48:18.0846 6356 usbprint - ok[/FONT]
[FONT=Arial]15:48:18.0893 6356 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys[/FONT]
[FONT=Arial]15:48:18.0909 6356 usbscan - ok[/FONT]
[FONT=Arial]15:48:18.0924 6356 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS[/FONT]
[FONT=Arial]15:48:18.0924 6356 USBSTOR - ok[/FONT]
[FONT=Arial]15:48:18.0940 6356 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys[/FONT]
[FONT=Arial]15:48:18.0940 6356 usbuhci - ok[/FONT]
[FONT=Arial]15:48:18.0971 6356 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys[/FONT]
[FONT=Arial]15:48:18.0971 6356 usbvideo - ok[/FONT]
[FONT=Arial]15:48:19.0002 6356 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll[/FONT]
[FONT=Arial]15:48:19.0002 6356 UxSms - ok[/FONT]
[FONT=Arial]15:48:19.0034 6356 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:48:19.0034 6356 VaultSvc - ok[/FONT]
[FONT=Arial]15:48:19.0049 6356 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys[/FONT]
[FONT=Arial]15:48:19.0049 6356 vdrvroot - ok[/FONT]
[FONT=Arial]15:48:19.0112 6356 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe[/FONT]
[FONT=Arial]15:48:19.0127 6356 vds - ok[/FONT]
[FONT=Arial]15:48:19.0158 6356 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys[/FONT]
[FONT=Arial]15:48:19.0158 6356 vga - ok[/FONT]
[FONT=Arial]15:48:19.0174 6356 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys[/FONT]
[FONT=Arial]15:48:19.0174 6356 VgaSave - ok[/FONT]
[FONT=Arial]15:48:19.0221 6356 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys[/FONT]
[FONT=Arial]15:48:19.0221 6356 vhdmp - ok[/FONT]
[FONT=Arial]15:48:19.0236 6356 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys[/FONT]
[FONT=Arial]15:48:19.0252 6356 viaide - ok[/FONT]
[FONT=Arial]15:48:19.0268 6356 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys[/FONT]
[FONT=Arial]15:48:19.0268 6356 volmgr - ok[/FONT]
[FONT=Arial]15:48:19.0314 6356 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys[/FONT]
[FONT=Arial]15:48:19.0330 6356 volmgrx - ok[/FONT]
[FONT=Arial]15:48:19.0346 6356 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys[/FONT]
[FONT=Arial]15:48:19.0361 6356 volsnap - ok[/FONT]
[FONT=Arial]15:48:19.0361 6356 vpnva - ok[/FONT]
[FONT=Arial]15:48:19.0392 6356 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys[/FONT]
[FONT=Arial]15:48:19.0408 6356 vsmraid - ok[/FONT]
[FONT=Arial]15:48:19.0486 6356 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe[/FONT]
[FONT=Arial]15:48:19.0502 6356 VSS - ok[/FONT]
[FONT=Arial]15:48:19.0564 6356 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys[/FONT]
[FONT=Arial]15:48:19.0564 6356 vwifibus - ok[/FONT]
[FONT=Arial]15:48:19.0611 6356 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys[/FONT]
[FONT=Arial]15:48:19.0611 6356 vwififlt - ok[/FONT]
[FONT=Arial]15:48:19.0626 6356 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys[/FONT]
[FONT=Arial]15:48:19.0626 6356 vwifimp - ok[/FONT]
[FONT=Arial]15:48:19.0673 6356 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll[/FONT]
[FONT=Arial]15:48:19.0673 6356 W32Time - ok[/FONT]
[FONT=Arial]15:48:19.0751 6356 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\windows\system32\DRIVERS\wacmoumonitor.sys[/FONT]
[FONT=Arial]15:48:19.0751 6356 wacmoumonitor - ok[/FONT]
[FONT=Arial]15:48:19.0829 6356 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys[/FONT]
[FONT=Arial]15:48:19.0845 6356 wacommousefilter - ok[/FONT]
[FONT=Arial]15:48:19.0876 6356 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys[/FONT]
[FONT=Arial]15:48:19.0876 6356 WacomPen - ok[/FONT]
[FONT=Arial]15:48:19.0907 6356 wacomvhid - ok[/FONT]
[FONT=Arial]15:48:19.0970 6356 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys[/FONT]
[FONT=Arial]15:48:19.0985 6356 WANARP - ok[/FONT]
[FONT=Arial]15:48:19.0985 6356 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys[/FONT]
[FONT=Arial]15:48:19.0985 6356 Wanarpv6 - ok[/FONT]
[FONT=Arial]15:48:20.0063 6356 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe[/FONT]
[FONT=Arial]15:48:20.0328 6356 WatAdminSvc - ok[/FONT]
[FONT=Arial]15:48:20.0406 6356 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe[/FONT]
[FONT=Arial]15:48:20.0422 6356 wbengine - ok[/FONT]
[FONT=Arial]15:48:20.0438 6356 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll[/FONT]
[FONT=Arial]15:48:20.0453 6356 WbioSrvc - ok[/FONT]
[FONT=Arial]15:48:20.0500 6356 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll[/FONT]
[FONT=Arial]15:48:20.0500 6356 wcncsvc - ok[/FONT]
[FONT=Arial]15:48:20.0516 6356 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll[/FONT]
[FONT=Arial]15:48:20.0516 6356 WcsPlugInService - ok[/FONT]
[FONT=Arial]15:48:20.0547 6356 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys[/FONT]
[FONT=Arial]15:48:20.0547 6356 Wd - ok[/FONT]
[FONT=Arial]15:48:20.0609 6356 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys[/FONT]
[FONT=Arial]15:48:20.0609 6356 WDC_SAM - ok[/FONT]
[FONT=Arial]15:48:20.0640 6356 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys[/FONT]
[FONT=Arial]15:48:20.0656 6356 Wdf01000 - ok[/FONT]
[FONT=Arial]15:48:20.0687 6356 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll[/FONT]
[FONT=Arial]15:48:20.0687 6356 WdiServiceHost - ok[/FONT]
[FONT=Arial]15:48:20.0703 6356 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll[/FONT]
[FONT=Arial]15:48:20.0703 6356 WdiSystemHost - ok[/FONT]
[FONT=Arial]15:48:20.0750 6356 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys[/FONT]
[FONT=Arial]15:48:20.0750 6356 wdmirror - ok[/FONT]
[FONT=Arial]15:48:20.0812 6356 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll[/FONT]
[FONT=Arial]15:48:20.0812 6356 WebClient - ok[/FONT]
[FONT=Arial]15:48:20.0859 6356 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll[/FONT]
[FONT=Arial]15:48:20.0874 6356 Wecsvc - ok[/FONT]
[FONT=Arial]15:48:20.0906 6356 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll[/FONT]
[FONT=Arial]15:48:20.0906 6356 wercplsupport - ok[/FONT]
[FONT=Arial]15:48:20.0968 6356 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll[/FONT]
[FONT=Arial]15:48:20.0968 6356 WerSvc - ok[/FONT]
[FONT=Arial]15:48:21.0015 6356 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys[/FONT]
[FONT=Arial]15:48:21.0015 6356 WfpLwf - ok[/FONT]
[FONT=Arial]15:48:21.0046 6356 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys[/FONT]
[FONT=Arial]15:48:21.0062 6356 WimFltr - ok[/FONT]
[FONT=Arial]15:48:21.0062 6356 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys[/FONT]
[FONT=Arial]15:48:21.0077 6356 WIMMount - ok[/FONT]
[FONT=Arial]15:48:21.0093 6356 WinHttpAutoProxySvc - ok[/FONT]
[FONT=Arial]15:48:21.0155 6356 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll[/FONT]
[FONT=Arial]15:48:21.0171 6356 Winmgmt - ok[/FONT]
[FONT=Arial]15:48:21.0264 6356 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll[/FONT]
[FONT=Arial]15:48:21.0280 6356 WinRM - ok[/FONT]
[FONT=Arial]15:48:21.0436 6356 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys[/FONT]
[FONT=Arial]15:48:21.0436 6356 WinUsb - ok[/FONT]
[FONT=Arial]15:48:21.0483 6356 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll[/FONT]
[FONT=Arial]15:48:21.0498 6356 Wlansvc - ok[/FONT]
[FONT=Arial]15:48:21.0608 6356 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[/FONT]
[FONT=Arial]15:48:21.0686 6356 wlidsvc - ok[/FONT]
[FONT=Arial]15:48:21.0732 6356 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys[/FONT]
[FONT=Arial]15:48:21.0732 6356 WmiAcpi - ok[/FONT]
[FONT=Arial]15:48:21.0795 6356 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe[/FONT]
[FONT=Arial]15:48:21.0795 6356 wmiApSrv - ok[/FONT]
[FONT=Arial]15:48:21.0826 6356 WMPNetworkSvc - ok[/FONT]
[FONT=Arial]15:48:21.0842 6356 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll[/FONT]
[FONT=Arial]15:48:21.0842 6356 WPCSvc - ok[/FONT]
[FONT=Arial]15:48:21.0904 6356 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll[/FONT]
[FONT=Arial]15:48:21.0920 6356 WPDBusEnum - ok[/FONT]
[FONT=Arial]15:48:21.0951 6356 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys[/FONT]
[FONT=Arial]15:48:21.0951 6356 ws2ifsl - ok[/FONT]
[FONT=Arial]15:48:22.0013 6356 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys[/FONT]
[FONT=Arial]15:48:22.0013 6356 WSDPrintDevice - ok[/FONT]
[FONT=Arial]15:48:22.0013 6356 WSearch - ok[/FONT]
[FONT=Arial]15:48:22.0076 6356 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys[/FONT]
[FONT=Arial]15:48:22.0091 6356 wsvd - ok[/FONT]
[FONT=Arial]15:48:22.0107 6356 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys[/FONT]
[FONT=Arial]15:48:22.0107 6356 WudfPf - ok[/FONT]
[FONT=Arial]15:48:22.0169 6356 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys[/FONT]
[FONT=Arial]15:48:22.0169 6356 WUDFRd - ok[/FONT]
[FONT=Arial]15:48:22.0232 6356 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll[/FONT]
[FONT=Arial]15:48:22.0232 6356 wudfsvc - ok[/FONT]
[FONT=Arial]15:48:22.0263 6356 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll[/FONT]
[FONT=Arial]15:48:22.0263 6356 WwanSvc - ok[/FONT]
[FONT=Arial]15:48:22.0341 6356 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys[/FONT]
[FONT=Arial]15:48:22.0341 6356 xusb21 - ok[/FONT]
[FONT=Arial]15:48:22.0403 6356 ================ Scan global ===============================[/FONT]
[FONT=Arial]15:48:22.0434 6356 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll[/FONT]
[FONT=Arial]15:48:22.0481 6356 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll[/FONT]
[FONT=Arial]15:48:22.0512 6356 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll[/FONT]
[FONT=Arial]15:48:22.0528 6356 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll[/FONT]
[FONT=Arial]15:48:22.0590 6356 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe[/FONT]
[FONT=Arial]15:48:22.0590 6356 [Global] - ok[/FONT]
[FONT=Arial]15:48:22.0590 6356 ================ Scan MBR ==================================[/FONT]
[FONT=Arial]15:48:22.0606 6356 [ FF1761EF7140665743A6D636F95DFD81 ] \Device\Harddisk0\DR0[/FONT]
[FONT=Arial]15:48:22.0637 6356 \Device\Harddisk0\DR0 - ok[/FONT]
[FONT=Arial]15:48:22.0637 6356 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1[/FONT]
[FONT=Arial]15:48:33.0510 6356 \Device\Harddisk1\DR1 - ok[/FONT]
[FONT=Arial]15:48:33.0510 6356 ================ Scan VBR ==================================[/FONT]
[FONT=Arial]15:48:33.0542 6356 [ 3384610CAF42FD514A87B6B32845DCE9 ] \Device\Harddisk0\DR0\Partition1[/FONT]
[FONT=Arial]15:48:33.0542 6356 \Device\Harddisk0\DR0\Partition1 - ok[/FONT]
[FONT=Arial]15:48:33.0557 6356 [ 037F10F67D64DA6F5B02CA06737C3F06 ] \Device\Harddisk0\DR0\Partition2[/FONT]
[FONT=Arial]15:48:33.0573 6356 \Device\Harddisk0\DR0\Partition2 - ok[/FONT]
[FONT=Arial]15:48:33.0604 6356 [ DAB9817966483A10B7ED13D86E269570 ] \Device\Harddisk0\DR0\Partition3[/FONT]
[FONT=Arial]15:48:33.0604 6356 \Device\Harddisk0\DR0\Partition3 - ok[/FONT]
[FONT=Arial]15:48:33.0604 6356 [ CEF03AD135D8F67E1B707B7F9ED27C21 ] \Device\Harddisk1\DR1\Partition1[/FONT]
[FONT=Arial]15:48:33.0604 6356 \Device\Harddisk1\DR1\Partition1 - ok[/FONT]
[FONT=Arial]15:48:33.0604 6356 ============================================================[/FONT]
[FONT=Arial]15:48:33.0604 6356 Scan finished[/FONT]
[FONT=Arial]15:48:33.0604 6356 ============================================================[/FONT]
[FONT=Arial]15:48:33.0620 3008 Detected object count: 1[/FONT]
[FONT=Arial]15:48:33.0620 3008 Actual detected object count: 1[/FONT]
[FONT=Arial]15:49:03.0899 3008 c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll - copied to quarantine[/FONT]
[FONT=Arial]15:49:03.0899 3008 Akamai ( HiddenFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=Arial]15:49:57.0875 5964 ============================================================[/FONT]
[FONT=Arial]15:49:57.0875 5964 Scan started[/FONT]
[FONT=Arial]15:49:57.0875 5964 Mode: Manual; [/FONT]
[FONT=Arial]15:49:57.0875 5964 ============================================================[/FONT]
[FONT=Arial]15:49:58.0437 5964 ================ Scan system memory ========================[/FONT]
[FONT=Arial]15:49:58.0437 5964 System memory - ok[/FONT]
[FONT=Arial]15:49:58.0437 5964 ================ Scan services =============================[/FONT]
[FONT=Arial]15:49:59.0389 5964 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys[/FONT]
[FONT=Arial]15:49:59.0404 5964 1394ohci - ok[/FONT]
[FONT=Arial]15:49:59.0482 5964 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys[/FONT]
[FONT=Arial]15:49:59.0482 5964 ACPI - ok[/FONT]
[FONT=Arial]15:49:59.0529 5964 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys[/FONT]
[FONT=Arial]15:49:59.0529 5964 AcpiPmi - ok[/FONT]
[FONT=Arial]15:49:59.0591 5964 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys[/FONT]
[FONT=Arial]15:49:59.0591 5964 ACPIVPC - ok[/FONT]
[FONT=Arial]15:50:01.0214 5964 [ F3CD7B20B27D1772C946DF993FF3635C ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe[/FONT]
[FONT=Arial]15:50:01.0214 5964 AdobeFlashPlayerUpdateSvc - ok[/FONT]
[FONT=Arial]15:50:01.0307 5964 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys[/FONT]
[FONT=Arial]15:50:01.0307 5964 adp94xx - ok[/FONT]
[FONT=Arial]15:50:01.0385 5964 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys[/FONT]
[FONT=Arial]15:50:01.0401 5964 adpahci - ok[/FONT]
[FONT=Arial]15:50:01.0417 5964 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys[/FONT]
[FONT=Arial]15:50:01.0417 5964 adpu320 - ok[/FONT]
[FONT=Arial]15:50:01.0495 5964 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll[/FONT]
[FONT=Arial]15:50:01.0495 5964 AeLookupSvc - ok[/FONT]
[FONT=Arial]15:50:01.0588 5964 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys[/FONT]
[FONT=Arial]15:50:01.0604 5964 AFD - ok[/FONT]
[FONT=Arial]15:50:01.0682 5964 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys[/FONT]
[FONT=Arial]15:50:01.0682 5964 agp440 - ok[/FONT]
[FONT=Arial]15:50:02.0259 5964 [ E1B1F152C4E82C85E846D25C9E6E6CC8 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll[/FONT]
[FONT=Arial]15:50:02.0259 5964 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_b5e8a4c.dll. md5: E1B1F152C4E82C85E846D25C9E6E6CC8[/FONT]
[FONT=Arial]15:50:02.0275 5964 Akamai ( HiddenFile.Multi.Generic ) - warning[/FONT]
[FONT=Arial]15:50:02.0275 5964 Akamai - detected HiddenFile.Multi.Generic (1)[/FONT]
[FONT=Arial]15:50:02.0321 5964 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe[/FONT]
[FONT=Arial]15:50:02.0321 5964 ALG - ok[/FONT]
[FONT=Arial]15:50:02.0368 5964 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys[/FONT]
[FONT=Arial]15:50:02.0368 5964 aliide - ok[/FONT]
[FONT=Arial]15:50:02.0462 5964 [ 52BC611119BDA4FBAD24DC1F577E68F4 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe[/FONT]
[FONT=Arial]15:50:02.0462 5964 AMD External Events Utility - ok[/FONT]
[FONT=Arial]15:50:02.0509 5964 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys[/FONT]
[FONT=Arial]15:50:02.0509 5964 amdide - ok[/FONT]
[FONT=Arial]15:50:02.0540 5964 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys[/FONT]
[FONT=Arial]15:50:02.0540 5964 AmdK8 - ok[/FONT]
[FONT=Arial]15:50:03.0460 5964 [ F34CF764E8BC26E7BBEF0C82A8CE45DB ] amdkmdag C:\windows\system32\DRIVERS\atipmdag.sys[/FONT]
[FONT=Arial]15:50:03.0491 5964 amdkmdag - ok[/FONT]
[FONT=Arial]15:50:03.0538 5964 [ 0330B63509526D1074E119FFC1741EC3 ] amdkmdap [/FONT]
[FONT=Arial]C:\windows\system32\DRIVERS\atikmpag.sys[/FONT]
[FONT=Arial]15:50:03.0538 5964 amdkmdap - ok[/FONT]
[FONT=Arial]15:50:03.0585 5964 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys[/FONT]
[FONT=Arial]15:50:03.0585 5964 AmdPPM - ok[/FONT]
[FONT=Arial]15:50:03.0679 5964 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys[/FONT]
[FONT=Arial]15:50:03.0679 5964 amdsata - ok[/FONT]
[FONT=Arial]15:50:03.0710 5964 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys[/FONT]
[FONT=Arial]15:50:03.0725 5964 amdsbs - ok[/FONT]
[FONT=Arial]15:50:03.0772 5964 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys[/FONT]
[FONT=Arial]15:50:03.0772 5964 amdxata - ok[/FONT]
[FONT=Arial]15:50:03.0835 5964 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys[/FONT]
[FONT=Arial]15:50:03.0835 5964 AppID - ok[/FONT]
[FONT=Arial]15:50:03.0897 5964 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll[/FONT]
[FONT=Arial]15:50:03.0897 5964 AppIDSvc - ok[/FONT]
[FONT=Arial]15:50:03.0944 5964 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll[/FONT]
[FONT=Arial]15:50:03.0944 5964 Appinfo - ok[/FONT]
[FONT=Arial]15:50:04.0100 5964 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[/FONT]
[FONT=Arial]15:50:04.0115 5964 Apple Mobile Device - ok[/FONT]
[FONT=Arial]15:50:04.0131 5964 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys[/FONT]
[FONT=Arial]15:50:04.0131 5964 arc - ok[/FONT]
[FONT=Arial]15:50:04.0178 5964 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys[/FONT]
[FONT=Arial]15:50:04.0178 5964 arcsas - ok[/FONT]
[FONT=Arial]15:50:04.0552 5964 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe[/FONT]
[FONT=Arial]15:50:04.0552 5964 aspnet_state - ok[/FONT]
[FONT=Arial]15:50:04.0615 5964 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys[/FONT]
[FONT=Arial]15:50:04.0615 5964 AsyncMac - ok[/FONT]
[FONT=Arial]15:50:04.0693 5964 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys[/FONT]
[FONT=Arial]15:50:04.0693 5964 atapi - ok[/FONT]
[FONT=Arial]15:50:04.0817 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll[/FONT]
[FONT=Arial]15:50:04.0817 5964 AudioEndpointBuilder - ok[/FONT]
[FONT=Arial]15:50:04.0849 5964 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll[/FONT]
[FONT=Arial]15:50:04.0849 5964 AudioSrv - ok[/FONT]
[FONT=Arial]15:50:05.0457 5964 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe[/FONT]
[FONT=Arial]15:50:05.0488 5964 AVGIDSAgent - ok[/FONT]
[FONT=Arial]15:50:05.0660 5964 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys[/FONT]
[FONT=Arial]15:50:05.0660 5964 AVGIDSDriver - ok[/FONT]
[FONT=Arial]15:50:05.0707 5964 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\windows\system32\DRIVERS\avgidsfiltera.sys[/FONT]
[FONT=Arial]15:50:05.0707 5964 AVGIDSFilter - ok[/FONT]
[FONT=Arial]15:50:05.0753 5964 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys[/FONT]
[FONT=Arial]15:50:05.0753 5964 AVGIDSHA - ok[/FONT]
[FONT=Arial]15:50:05.0925 5964 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys[/FONT]
[FONT=Arial]15:50:05.0925 5964 Avgldx64 - ok[/FONT]
[FONT=Arial]15:50:05.0987 5964 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys[/FONT]
[FONT=Arial]15:50:05.0987 5964 Avgmfx64 - ok[/FONT]
[FONT=Arial]15:50:06.0050 5964 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys[/FONT]
[FONT=Arial]15:50:06.0050 5964 Avgrkx64 - ok[/FONT]
[FONT=Arial]15:50:06.0128 5964 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys[/FONT]
[FONT=Arial]15:50:06.0128 5964 Avgtdia - ok[/FONT]
[FONT=Arial]15:50:06.0221 5964 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe[/FONT]
[FONT=Arial]15:50:06.0221 5964 avgwd - ok[/FONT]
[FONT=Arial]15:50:06.0268 5964 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll[/FONT]
[FONT=Arial]15:50:06.0268 5964 AxInstSV - ok[/FONT]
[FONT=Arial]15:50:06.0455 5964 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys[/FONT]
[FONT=Arial]15:50:06.0455 5964 b06bdrv - ok[/FONT]
[FONT=Arial]15:50:06.0518 5964 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys[/FONT]
[FONT=Arial]15:50:06.0518 5964 b57nd60a - ok[/FONT]
[FONT=Arial]15:50:06.0736 5964 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe[/FONT]
[FONT=Arial]15:50:06.0736 5964 BcmSqlStartupSvc - ok[/FONT]
[FONT=Arial]15:50:06.0799 5964 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll[/FONT]
[FONT=Arial]15:50:06.0799 5964 BDESVC - ok[/FONT]
[FONT=Arial]15:50:06.0830 5964 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys[/FONT]
[FONT=Arial]15:50:06.0830 5964 Beep - ok[/FONT]
[FONT=Arial]15:50:06.0861 5964 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys[/FONT]
[FONT=Arial]15:50:06.0861 5964 blbdrive - ok[/FONT]
[FONT=Arial]15:50:07.0064 5964 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe[/FONT]
[FONT=Arial]15:50:07.0064 5964 Bonjour Service - ok[/FONT]
[FONT=Arial]15:50:07.0126 5964 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys[/FONT]
[FONT=Arial]15:50:07.0126 5964 bowser - ok[/FONT]
[FONT=Arial]15:50:07.0189 5964 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys[/FONT]
[FONT=Arial]15:50:07.0189 5964 BrFiltLo - ok[/FONT]
[FONT=Arial]15:50:07.0235 5964 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys[/FONT]
[FONT=Arial]15:50:07.0235 5964 BrFiltUp - ok[/FONT]
[FONT=Arial]15:50:07.0298 5964 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys[/FONT]
[FONT=Arial]15:50:07.0298 5964 Bridge0 - ok[/FONT]
[FONT=Arial]15:50:07.0345 5964 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll[/FONT]
[FONT=Arial]15:50:07.0345 5964 Browser - ok[/FONT]
[FONT=Arial]15:50:07.0376 5964 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys[/FONT]
[FONT=Arial]15:50:07.0376 5964 Brserid - ok[/FONT]
[FONT=Arial]15:50:07.0391 5964 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys[/FONT]
[FONT=Arial]15:50:07.0391 5964 BrSerWdm - ok[/FONT]
[FONT=Arial]15:50:07.0407 5964 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys[/FONT]
[FONT=Arial]15:50:07.0407 5964 BrUsbMdm - ok[/FONT]
[FONT=Arial]15:50:07.0423 5964 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys[/FONT]
[FONT=Arial]15:50:07.0423 5964 BrUsbSer - ok[/FONT]
[FONT=Arial]15:50:07.0501 5964 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys[/FONT]
[FONT=Arial]15:50:07.0501 5964 BthEnum - ok[/FONT]
[FONT=Arial]15:50:07.0547 5964 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys[/FONT]
[FONT=Arial]15:50:07.0547 5964 BTHMODEM - ok[/FONT]
[FONT=Arial]15:50:07.0594 5964 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys[/FONT]
[FONT=Arial]15:50:07.0594 5964 BthPan - ok[/FONT]
[FONT=Arial]15:50:07.0766 5964 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys[/FONT]
[FONT=Arial]15:50:07.0781 5964 BTHPORT - ok[/FONT]
[FONT=Arial]15:50:07.0813 5964 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll[/FONT]
[FONT=Arial]15:50:07.0813 5964 bthserv - ok[/FONT]
[FONT=Arial]15:50:07.0859 5964 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys[/FONT]
[FONT=Arial]15:50:07.0859 5964 BTHUSB - ok[/FONT]
[FONT=Arial]15:50:07.0922 5964 [ D3466F77C2C49C6E393BA5FBA963A33E ] btusbflt C:\windows\system32\drivers\btusbflt.sys[/FONT]
[FONT=Arial]15:50:07.0922 5964 btusbflt - ok[/FONT]
[FONT=Arial]15:50:07.0969 5964 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\windows\system32\drivers\btwaudio.sys[/FONT]
[FONT=Arial]15:50:07.0969 5964 btwaudio - ok[/FONT]
[FONT=Arial]15:50:08.0015 5964 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\windows\system32\drivers\btwavdt.sys[/FONT]
[FONT=Arial]15:50:08.0031 5964 btwavdt - ok[/FONT]
[FONT=Arial]15:50:08.0374 5964 [ A8C22ACBE494D2F92FDB4C7EDD09528C ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe[/FONT]
[FONT=Arial]15:50:08.0390 5964 btwdins - ok[/FONT]
[FONT=Arial]15:50:08.0405 5964 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys[/FONT]
[FONT=Arial]15:50:08.0421 5964 btwl2cap - ok[/FONT]
[FONT=Arial]15:50:08.0452 5964 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys[/FONT]
[FONT=Arial]15:50:08.0452 5964 btwrchid - ok[/FONT]
[FONT=Arial]15:50:08.0515 5964 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys[/FONT]
[FONT=Arial]15:50:08.0515 5964 cdfs - ok[/FONT]
[FONT=Arial]15:50:08.0577 5964 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys[/FONT]
[FONT=Arial]15:50:08.0577 5964 cdrom - ok[/FONT]
[FONT=Arial]15:50:08.0624 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll[/FONT]
[FONT=Arial]15:50:08.0624 5964 CertPropSvc - ok[/FONT]
[FONT=Arial]15:50:08.0686 5964 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys[/FONT]
[FONT=Arial]15:50:08.0686 5964 circlass - ok[/FONT]
[FONT=Arial]15:50:08.0811 5964 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys[/FONT]
[FONT=Arial]15:50:08.0811 5964 CLFS - ok[/FONT]
[FONT=Arial]15:50:09.0014 5964 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe[/FONT]
[FONT=Arial]15:50:09.0014 5964 clr_optimization_v2.0.50727_32 - ok[/FONT]
[FONT=Arial]15:50:09.0154 5964 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe[/FONT]
[FONT=Arial]15:50:09.0154 5964 clr_optimization_v2.0.50727_64 - ok[/FONT]
[FONT=Arial]15:50:09.0653 5964 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe[/FONT]
[FONT=Arial]15:50:09.0653 5964 clr_optimization_v4.0.30319_32 - ok[/FONT]
[FONT=Arial]15:50:09.0685 5964 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe[/FONT]
[FONT=Arial]15:50:09.0685 5964 clr_optimization_v4.0.30319_64 - ok[/FONT]
[FONT=Arial]15:50:09.0716 5964 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys[/FONT]
[FONT=Arial]15:50:09.0716 5964 CmBatt - ok[/FONT]
[FONT=Arial]15:50:09.0809 5964 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys[/FONT]
[FONT=Arial]15:50:09.0809 5964 cmdide - ok[/FONT]
[FONT=Arial]15:50:09.0950 5964 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys[/FONT]
[FONT=Arial]15:50:09.0950 5964 CNG - ok[/FONT]
[FONT=Arial]15:50:09.0997 5964 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys[/FONT]
[FONT=Arial]15:50:09.0997 5964 Compbatt - ok[/FONT]
[FONT=Arial]15:50:10.0028 5964 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys[/FONT]
[FONT=Arial]15:50:10.0043 5964 CompositeBus - ok[/FONT]
[FONT=Arial]15:50:10.0043 5964 COMSysApp - ok[/FONT]
[FONT=Arial]15:50:10.0075 5964 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys[/FONT]
[FONT=Arial]15:50:10.0075 5964 crcdisk - ok[/FONT]
[FONT=Arial]15:50:10.0153 5964 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll[/FONT]
[FONT=Arial]15:50:10.0153 5964 CryptSvc - ok[/FONT]
[/FONT]
 
[FONT=Times New Roman][FONT=Arial]15:50:10.0433 5964 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[/FONT]
[FONT=Arial]15:50:10.0433 5964 cvhsvc - ok[/FONT]
[FONT=Arial]15:50:10.0574 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll[/FONT]
[FONT=Arial]15:50:10.0574 5964 DcomLaunch - ok[/FONT]
[FONT=Arial]15:50:10.0636 5964 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll[/FONT]
[FONT=Arial]15:50:10.0636 5964 defragsvc - ok[/FONT]
[FONT=Arial]15:50:10.0683 5964 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys[/FONT]
[FONT=Arial]15:50:10.0683 5964 DfsC - ok[/FONT]
[FONT=Arial]15:50:10.0777 5964 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll[/FONT]
[FONT=Arial]15:50:10.0777 5964 Dhcp - ok[/FONT]
[FONT=Arial]15:50:10.0808 5964 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys[/FONT]
[FONT=Arial]15:50:10.0808 5964 discache - ok[/FONT]
[FONT=Arial]15:50:10.0855 5964 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys[/FONT]
[FONT=Arial]15:50:10.0855 5964 Disk - ok[/FONT]
[FONT=Arial]15:50:11.0104 5964 [ 6774B807CE89A5EC8F61551C15CCA964 ] dleeCATSCustConnectService C:\windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe[/FONT]
[FONT=Arial]15:50:11.0120 5964 dleeCATSCustConnectService - ok[/FONT]
[FONT=Arial]15:50:11.0120 5964 dlee_device - ok[/FONT]
[FONT=Arial]15:50:11.0167 5964 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll[/FONT]
[FONT=Arial]15:50:11.0167 5964 Dnscache - ok[/FONT]
[FONT=Arial]15:50:11.0229 5964 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll[/FONT]
[FONT=Arial]15:50:11.0245 5964 dot3svc - ok[/FONT]
[FONT=Arial]15:50:11.0291 5964 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys[/FONT]
[FONT=Arial]15:50:11.0291 5964 dot4 - ok[/FONT]
[FONT=Arial]15:50:11.0354 5964 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys[/FONT]
[FONT=Arial]15:50:11.0354 5964 Dot4Print - ok[/FONT]
[FONT=Arial]15:50:11.0401 5964 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys[/FONT]
[FONT=Arial]15:50:11.0401 5964 dot4usb - ok[/FONT]
[FONT=Arial]15:50:11.0447 5964 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll[/FONT]
[FONT=Arial]15:50:11.0463 5964 DPS - ok[/FONT]
[FONT=Arial]15:50:11.0541 5964 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys[/FONT]
[FONT=Arial]15:50:11.0541 5964 drmkaud - ok[/FONT]
[FONT=Arial]15:50:11.0603 5964 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys[/FONT]
[FONT=Arial]15:50:11.0603 5964 dtsoftbus01 - ok[/FONT]
[FONT=Arial]15:50:11.0822 5964 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys[/FONT]
[FONT=Arial]15:50:11.0822 5964 DXGKrnl - ok[/FONT]
[FONT=Arial]15:50:11.0869 5964 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll[/FONT]
[FONT=Arial]15:50:11.0869 5964 EapHost - ok[/FONT]
[FONT=Arial]15:50:12.0493 5964 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys[/FONT]
[FONT=Arial]15:50:12.0508 5964 ebdrv - ok[/FONT]
[FONT=Arial]15:50:12.0586 5964 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe[/FONT]
[FONT=Arial]15:50:12.0586 5964 EFS - ok[/FONT]
[FONT=Arial]15:50:12.0976 5964 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe[/FONT]
[FONT=Arial]15:50:12.0976 5964 ehRecvr - ok[/FONT]
[FONT=Arial]15:50:13.0054 5964 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe[/FONT]
[FONT=Arial]15:50:13.0054 5964 ehSched - ok[/FONT]
[FONT=Arial]15:50:13.0179 5964 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys[/FONT]
[FONT=Arial]15:50:13.0179 5964 elxstor - ok[/FONT]
[FONT=Arial]15:50:13.0210 5964 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys[/FONT]
[FONT=Arial]15:50:13.0210 5964 ErrDev - ok[/FONT]
[FONT=Arial]15:50:13.0335 5964 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll[/FONT]
[FONT=Arial]15:50:13.0335 5964 EventSystem - ok[/FONT]
[FONT=Arial]15:50:13.0366 5964 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys[/FONT]
[FONT=Arial]15:50:13.0382 5964 exfat - ok[/FONT]
[FONT=Arial]15:50:13.0397 5964 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys[/FONT]
[FONT=Arial]15:50:13.0397 5964 fastfat - ok[/FONT]
[FONT=Arial]15:50:13.0538 5964 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe[/FONT]
[FONT=Arial]15:50:13.0553 5964 Fax - ok[/FONT]
[FONT=Arial]15:50:13.0585 5964 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys[/FONT]
[FONT=Arial]15:50:13.0585 5964 fdc - ok[/FONT]
[FONT=Arial]15:50:13.0647 5964 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll[/FONT]
[FONT=Arial]15:50:13.0647 5964 fdPHost - ok[/FONT]
[FONT=Arial]15:50:13.0694 5964 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll[/FONT]
[FONT=Arial]15:50:13.0694 5964 FDResPub - ok[/FONT]
[FONT=Arial]15:50:13.0756 5964 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys[/FONT]
[FONT=Arial]15:50:13.0756 5964 FileInfo - ok[/FONT]
[FONT=Arial]15:50:13.0803 5964 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys[/FONT]
[FONT=Arial]15:50:13.0803 5964 Filetrace - ok[/FONT]
[FONT=Arial]15:50:14.0115 5964 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe[/FONT]
[FONT=Arial]15:50:14.0131 5964 FLEXnet Licensing Service 64 - ok[/FONT]
[FONT=Arial]15:50:14.0162 5964 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys[/FONT]
[FONT=Arial]15:50:14.0162 5964 flpydisk - ok[/FONT]
[FONT=Arial]15:50:14.0209 5964 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys[/FONT]
[FONT=Arial]15:50:14.0209 5964 FltMgr - ok[/FONT]
[FONT=Arial]15:50:14.0396 5964 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll[/FONT]
[FONT=Arial]15:50:14.0411 5964 FontCache - ok[/FONT]
[FONT=Arial]15:50:14.0489 5964 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe[/FONT]
[FONT=Arial]15:50:14.0489 5964 FontCache3.0.0.0 - ok[/FONT]
[FONT=Arial]15:50:14.0567 5964 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys[/FONT]
[FONT=Arial]15:50:14.0567 5964 FsDepends - ok[/FONT]
[FONT=Arial]15:50:14.0614 5964 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys[/FONT]
[FONT=Arial]15:50:14.0614 5964 Fs_Rec - ok[/FONT]
[FONT=Arial]15:50:14.0677 5964 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys[/FONT]
[FONT=Arial]15:50:14.0677 5964 fvevol - ok[/FONT]
[FONT=Arial]15:50:14.0692 5964 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys[/FONT]
[FONT=Arial]15:50:14.0692 5964 gagp30kx - ok[/FONT]
[FONT=Arial]15:50:14.0770 5964 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys[/FONT]
[FONT=Arial]15:50:14.0770 5964 GEARAspiWDM - ok[/FONT]
[FONT=Arial]15:50:14.0864 5964 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll[/FONT]
[FONT=Arial]15:50:14.0864 5964 getPlusHelper - ok[/FONT]
[FONT=Arial]15:50:14.0942 5964 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll[/FONT]
[FONT=Arial]15:50:14.0942 5964 gpsvc - ok[/FONT]
[FONT=Arial]15:50:15.0051 5964 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[/FONT]
[FONT=Arial]15:50:15.0051 5964 gupdate - ok[/FONT]
[FONT=Arial]15:50:15.0051 5964 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[/FONT]
[FONT=Arial]15:50:15.0051 5964 gupdatem - ok[/FONT]
[FONT=Arial]15:50:15.0129 5964 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys[/FONT]
[FONT=Arial]15:50:15.0129 5964 hcw85cir - ok[/FONT]
[FONT=Arial]15:50:15.0254 5964 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys[/FONT]
[FONT=Arial]15:50:15.0254 5964 HdAudAddService - ok[/FONT]
[FONT=Arial]15:50:15.0301 5964 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys[/FONT]
[FONT=Arial]15:50:15.0301 5964 HDAudBus - ok[/FONT]
[FONT=Arial]15:50:15.0363 5964 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys[/FONT]
[FONT=Arial]15:50:15.0363 5964 HECIx64 - ok[/FONT]
[FONT=Arial]15:50:15.0379 5964 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys[/FONT]
[FONT=Arial]15:50:15.0379 5964 HidBatt - ok[/FONT]
[FONT=Arial]15:50:15.0410 5964 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys[/FONT]
[FONT=Arial]15:50:15.0410 5964 HidBth - ok[/FONT]
[FONT=Arial]15:50:15.0441 5964 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys[/FONT]
[FONT=Arial]15:50:15.0441 5964 HidIr - ok[/FONT]
[FONT=Arial]15:50:15.0566 5964 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll[/FONT]
[FONT=Arial]15:50:15.0566 5964 hidserv - ok[/FONT]
[FONT=Arial]15:50:15.0613 5964 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys[/FONT]
[FONT=Arial]15:50:15.0628 5964 HidUsb - ok[/FONT]
[FONT=Arial]15:50:15.0706 5964 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll[/FONT]
[FONT=Arial]15:50:15.0722 5964 hkmsvc - ok[/FONT]
[FONT=Arial]15:50:15.0800 5964 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll[/FONT]
[FONT=Arial]15:50:15.0800 5964 HomeGroupListener - ok[/FONT]
[FONT=Arial]15:50:15.0847 5964 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll[/FONT]
[FONT=Arial]15:50:15.0862 5964 HomeGroupProvider - ok[/FONT]
[FONT=Arial]15:50:16.0283 5964 [ 5694549D12843046DC4D23DE86CB8447 ] HoudiniLicenseServer C:\windows\system32\sesinetd.exe[/FONT]
[FONT=Arial]15:50:16.0315 5964 HoudiniLicenseServer - ok[/FONT]
[FONT=Arial]15:50:16.0705 5964 [ B9B7C912D381F35E9CE66A58AA57A455 ] HoudiniServer C:\windows\system32\hserver.exe[/FONT]
[FONT=Arial]15:50:16.0736 5964 HoudiniServer - ok[/FONT]
[FONT=Arial]15:50:16.0798 5964 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys[/FONT]
[FONT=Arial]15:50:16.0798 5964 HpSAMD - ok[/FONT]
[FONT=Arial]15:50:17.0126 5964 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL[/FONT]
[FONT=Arial]15:50:17.0126 5964 HPSLPSVC - ok[/FONT]
[FONT=Arial]15:50:17.0282 5964 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys[/FONT]
[FONT=Arial]15:50:17.0297 5964 HTTP - ok[/FONT]
[FONT=Arial]15:50:17.0360 5964 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys[/FONT]
[FONT=Arial]15:50:17.0360 5964 hwpolicy - ok[/FONT]
[FONT=Arial]15:50:17.0422 5964 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys[/FONT]
[FONT=Arial]15:50:17.0422 5964 i8042prt - ok[/FONT]
[FONT=Arial]15:50:17.0453 5964 [ 073A606333B6F7BBF20AA856DF7F0997 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys[/FONT]
[FONT=Arial]15:50:17.0453 5964 iaStor - ok[/FONT]
[FONT=Arial]15:50:17.0563 5964 [ CC800D2D9FD467542BAC7C186C4774AD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[/FONT]
[FONT=Arial]15:50:17.0563 5964 IAStorDataMgrSvc - ok[/FONT]
[FONT=Arial]15:50:17.0672 5964 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys[/FONT]
[FONT=Arial]15:50:17.0672 5964 iaStorV - ok[/FONT]
[FONT=Arial]15:50:17.0875 5964 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe[/FONT]
[FONT=Arial]15:50:17.0875 5964 idsvc - ok[/FONT]
[FONT=Arial]15:50:18.0998 5964 [ 90AFAB2B5962B1CD5BB23320675D6174 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys[/FONT]
[FONT=Arial]15:50:19.0045 5964 igfx - ok[/FONT]
[FONT=Arial]15:50:19.0185 5964 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe[/FONT]
[FONT=Arial]15:50:19.0185 5964 IGRS - ok[/FONT]
[FONT=Arial]15:50:19.0247 5964 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys[/FONT]
[FONT=Arial]15:50:19.0247 5964 iirsp - ok[/FONT]
[FONT=Arial]15:50:19.0403 5964 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll[/FONT]
[FONT=Arial]15:50:19.0403 5964 IKEEXT - ok[/FONT]
[FONT=Arial]15:50:19.0435 5964 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys[/FONT]
[FONT=Arial]15:50:19.0435 5964 Impcd - ok[/FONT]
[FONT=Arial]15:50:19.0825 5964 [ A3BCBD0F710580A07D1B929D787D36CE ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys[/FONT]
[FONT=Arial]15:50:19.0840 5964 IntcAzAudAddService - ok[/FONT]
[FONT=Arial]15:50:19.0871 5964 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys[/FONT]
[FONT=Arial]15:50:19.0871 5964 intelide - ok[/FONT]
[FONT=Arial]15:50:20.0277 5964 [ 90AFAB2B5962B1CD5BB23320675D6174 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys[/FONT]
[FONT=Arial]15:50:20.0308 5964 intelkmd - ok[/FONT]
[FONT=Arial]15:50:20.0371 5964 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys[/FONT]
[FONT=Arial]15:50:20.0371 5964 intelppm - ok[/FONT]
[FONT=Arial]15:50:20.0464 5964 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll[/FONT]
[FONT=Arial]15:50:20.0464 5964 IPBusEnum - ok[/FONT]
[FONT=Arial]15:50:20.0558 5964 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys[/FONT]
[FONT=Arial]15:50:20.0558 5964 IpFilterDriver - ok[/FONT]
[FONT=Arial]15:50:20.0620 5964 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys[/FONT]
[FONT=Arial]15:50:20.0620 5964 IPMIDRV - ok[/FONT]
[FONT=Arial]15:50:20.0651 5964 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys[/FONT]
[FONT=Arial]15:50:20.0667 5964 IPNAT - ok[/FONT]
[FONT=Arial]15:50:20.0870 5964 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe[/FONT]
[FONT=Arial]15:50:20.0885 5964 iPod Service - ok[/FONT]
[FONT=Arial]15:50:20.0901 5964 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys[/FONT]
[FONT=Arial]15:50:20.0901 5964 IRENUM - ok[/FONT]
[FONT=Arial]15:50:20.0963 5964 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys[/FONT]
[FONT=Arial]15:50:20.0963 5964 isapnp - ok[/FONT]
[FONT=Arial]15:50:21.0041 5964 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys[/FONT]
[FONT=Arial]15:50:21.0057 5964 iScsiPrt - ok[/FONT]
[FONT=Arial]15:50:21.0073 5964 [ D95D5FF8793393B35500B08DCA5E4B72 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys[/FONT]
[FONT=Arial]15:50:21.0088 5964 JMCR - ok[/FONT]
[FONT=Arial]15:50:21.0104 5964 [ CEE38AB6627CB2F8A97DD7D5A8449944 ] JmUsbCcgp C:\windows\system32\DRIVERS\jmccgp.sys[/FONT]
[FONT=Arial]15:50:21.0104 5964 JmUsbCcgp - ok[/FONT]
[FONT=Arial]15:50:21.0119 5964 [ 6BA6296905D46C003838D1DD05F38DDD ] JmUsbVideo C:\windows\system32\Drivers\jmcam.sys[/FONT]
[FONT=Arial]15:50:21.0119 5964 JmUsbVideo - ok[/FONT]
[FONT=Arial]15:50:21.0151 5964 [ 4DCA10EF74CB49D6460F23A34C3593FB ] JmUsbVideo2 C:\windows\system32\Drivers\jmcam_lo.sys[/FONT]
[FONT=Arial]15:50:21.0151 5964 JmUsbVideo2 - ok[/FONT]
[FONT=Arial]15:50:21.0197 5964 [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys[/FONT]
[FONT=Arial]15:50:21.0197 5964 k57nd60a - ok[/FONT]
[FONT=Arial]15:50:21.0229 5964 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys[/FONT]
[FONT=Arial]15:50:21.0229 5964 kbdclass - ok[/FONT]
[FONT=Arial]15:50:21.0260 5964 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys[/FONT]
[FONT=Arial]15:50:21.0260 5964 kbdhid - ok[/FONT]
[FONT=Arial]15:50:21.0291 5964 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:50:21.0291 5964 KeyIso - ok[/FONT]
[FONT=Arial]15:50:21.0369 5964 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys[/FONT]
[FONT=Arial]15:50:21.0369 5964 KSecDD - ok[/FONT]
[FONT=Arial]15:50:21.0431 5964 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys[/FONT]
[FONT=Arial]15:50:21.0431 5964 KSecPkg - ok[/FONT]
[FONT=Arial]15:50:21.0447 5964 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys[/FONT]
[FONT=Arial]15:50:21.0463 5964 ksthunk - ok[/FONT]
[FONT=Arial]15:50:21.0541 5964 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll[/FONT]
[FONT=Arial]15:50:21.0541 5964 KtmRm - ok[/FONT]
[FONT=Arial]15:50:21.0603 5964 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll[/FONT]
[FONT=Arial]15:50:21.0603 5964 LanmanServer - ok[/FONT]
[FONT=Arial]15:50:21.0899 5964 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll[/FONT]
[FONT=Arial]15:50:21.0899 5964 LanmanWorkstation - ok[/FONT]
[FONT=Arial]15:50:22.0133 5964 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe[/FONT]
[FONT=Arial]15:50:22.0149 5964 Lenovo ReadyComm AppSvc - ok[/FONT]
[FONT=Arial]15:50:22.0274 5964 [ 04D9897EAAAE535C4B7DD61574F1A021 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe[/FONT]
[FONT=Arial]15:50:22.0274 5964 Lenovo ReadyComm ConnSvc - ok[/FONT]
[FONT=Arial]15:50:22.0289 5964 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys[/FONT]
[FONT=Arial]15:50:22.0289 5964 LHDmgr - ok[/FONT]
[FONT=Arial]15:50:22.0305 5964 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys[/FONT]
[FONT=Arial]15:50:22.0321 5964 lltdio - ok[/FONT]
[FONT=Arial]15:50:22.0367 5964 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll[/FONT]
[FONT=Arial]15:50:22.0367 5964 lltdsvc - ok[/FONT]
[FONT=Arial]15:50:22.0399 5964 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll[/FONT]
[FONT=Arial]15:50:22.0399 5964 lmhosts - ok[/FONT]
[FONT=Arial]15:50:22.0492 5964 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[/FONT]
[FONT=Arial]15:50:22.0492 5964 LMS - ok[/FONT]
[FONT=Arial]15:50:22.0523 5964 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys[/FONT]
[FONT=Arial]15:50:22.0523 5964 LSI_FC - ok[/FONT]
[FONT=Arial]15:50:22.0539 5964 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys[/FONT]
[FONT=Arial]15:50:22.0539 5964 LSI_SAS - ok[/FONT]
[FONT=Arial]15:50:22.0570 5964 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys[/FONT]
[FONT=Arial]15:50:22.0570 5964 LSI_SAS2 - ok[/FONT]
[FONT=Arial]15:50:22.0586 5964 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys[/FONT]
[FONT=Arial]15:50:22.0601 5964 LSI_SCSI - ok[/FONT]
[FONT=Arial]15:50:22.0617 5964 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys[/FONT]
[FONT=Arial]15:50:22.0617 5964 luafv - ok[/FONT]
[FONT=Arial]15:50:22.0711 5964 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll[/FONT]
[FONT=Arial]15:50:22.0711 5964 Mcx2Svc - ok[/FONT]
[FONT=Arial]15:50:22.0742 5964 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys[/FONT]
[FONT=Arial]15:50:22.0742 5964 megasas - ok[/FONT]
[FONT=Arial]15:50:22.0773 5964 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys[/FONT]
[FONT=Arial]15:50:22.0789 5964 MegaSR - ok[/FONT]
[FONT=Arial]15:50:22.0820 5964 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll[/FONT]
[FONT=Arial]15:50:22.0820 5964 MMCSS - ok[/FONT]
[FONT=Arial]15:50:22.0851 5964 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys[/FONT]
[FONT=Arial]15:50:22.0851 5964 Modem - ok[/FONT]
[FONT=Arial]15:50:22.0945 5964 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys[/FONT]
[FONT=Arial]15:50:22.0945 5964 monitor - ok[/FONT]
[FONT=Arial]15:50:22.0991 5964 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys[/FONT]
[FONT=Arial]15:50:22.0991 5964 mouclass - ok[/FONT]
[FONT=Arial]15:50:23.0007 5964 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys[/FONT]
[FONT=Arial]15:50:23.0007 5964 mouhid - ok[/FONT]
[FONT=Arial]15:50:23.0116 5964 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys[/FONT]
[FONT=Arial]15:50:23.0132 5964 mountmgr - ok[/FONT]
[FONT=Arial]15:50:23.0225 5964 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe[/FONT]
[FONT=Arial]15:50:23.0225 5964 MozillaMaintenance - ok[/FONT]
[FONT=Arial]15:50:23.0303 5964 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys[/FONT]
[FONT=Arial]15:50:23.0303 5964 mpio - ok[/FONT]
[FONT=Arial]15:50:23.0350 5964 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys[/FONT]
[FONT=Arial]15:50:23.0350 5964 mpsdrv - ok[/FONT]
[FONT=Arial]15:50:23.0397 5964 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys[/FONT]
[FONT=Arial]15:50:23.0413 5964 MRxDAV - ok[/FONT]
[FONT=Arial]15:50:23.0459 5964 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys[/FONT]
[FONT=Arial]15:50:23.0459 5964 mrxsmb - ok[/FONT]
[FONT=Arial]15:50:23.0537 5964 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys[/FONT]
[FONT=Arial]15:50:23.0553 5964 mrxsmb10 - ok[/FONT]
[FONT=Arial]15:50:23.0615 5964 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys[/FONT]
[FONT=Arial]15:50:23.0615 5964 mrxsmb20 - ok[/FONT]
[FONT=Arial]15:50:23.0678 5964 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys[/FONT]
[FONT=Arial]15:50:23.0678 5964 msahci - ok[/FONT]
[FONT=Arial]15:50:23.0725 5964 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys[/FONT]
[FONT=Arial]15:50:23.0725 5964 msdsm - ok[/FONT]
[FONT=Arial]15:50:23.0756 5964 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe[/FONT]
[FONT=Arial]15:50:23.0756 5964 MSDTC - ok[/FONT]
[FONT=Arial]15:50:23.0818 5964 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys[/FONT]
[FONT=Arial]15:50:23.0818 5964 Msfs - ok[/FONT]
[FONT=Arial]15:50:23.0834 5964 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys[/FONT]
[FONT=Arial]15:50:23.0834 5964 mshidkmdf - ok[/FONT]
[FONT=Arial]15:50:23.0927 5964 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys[/FONT]
[FONT=Arial]15:50:23.0927 5964 msisadrv - ok[/FONT]
[FONT=Arial]15:50:23.0943 5964 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll[/FONT]
[FONT=Arial]15:50:23.0943 5964 MSiSCSI - ok[/FONT]
[FONT=Arial]15:50:23.0959 5964 msiserver - ok[/FONT]
[FONT=Arial]15:50:23.0990 5964 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys[/FONT]
[FONT=Arial]15:50:23.0990 5964 MSKSSRV - ok[/FONT]
[FONT=Arial]15:50:24.0005 5964 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys[/FONT]
[FONT=Arial]15:50:24.0005 5964 MSPCLOCK - ok[/FONT]
[FONT=Arial]15:50:24.0021 5964 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys[/FONT]
[FONT=Arial]15:50:24.0021 5964 MSPQM - ok[/FONT]
[FONT=Arial]15:50:24.0099 5964 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys[/FONT]
[FONT=Arial]15:50:24.0099 5964 MsRPC - ok[/FONT]
[FONT=Arial]15:50:24.0161 5964 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys[/FONT]
[FONT=Arial]15:50:24.0177 5964 mssmbios - ok[/FONT]
[FONT=Arial]15:50:24.0255 5964 MSSQL$MSSMLBIZ - ok[/FONT]
[FONT=Arial]15:50:24.0380 5964 MSSQL$SQLEXPRESS - ok[/FONT]
[FONT=Arial]15:50:24.0473 5964 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe[/FONT]
[FONT=Arial]15:50:24.0473 5964 MSSQLServerADHelper - ok[/FONT]
[FONT=Arial]15:50:24.0629 5964 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE[/FONT]
[FONT=Arial]15:50:24.0629 5964 MSSQLServerADHelper100 - ok[/FONT]
[FONT=Arial]15:50:24.0676 5964 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys[/FONT]
[FONT=Arial]15:50:24.0676 5964 MSTEE - ok[/FONT]
[FONT=Arial]15:50:24.0692 5964 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys[/FONT]
[FONT=Arial]15:50:24.0692 5964 MTConfig - ok[/FONT]
[FONT=Arial]15:50:24.0723 5964 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys[/FONT]
[FONT=Arial]15:50:24.0723 5964 Mup - ok[/FONT]
[FONT=Arial]15:50:24.0801 5964 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll[/FONT]
[FONT=Arial]15:50:24.0801 5964 napagent - ok[/FONT]
[FONT=Arial]15:50:24.0863 5964 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys[/FONT]
[FONT=Arial]15:50:24.0863 5964 NativeWifiP - ok[/FONT]
[FONT=Arial]15:50:25.0004 5964 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys[/FONT]
[FONT=Arial]15:50:25.0019 5964 NDIS - ok[/FONT]
[FONT=Arial]15:50:25.0035 5964 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys[/FONT]
[FONT=Arial]15:50:25.0035 5964 NdisCap - ok[/FONT]
[FONT=Arial]15:50:25.0051 5964 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys[/FONT]
[FONT=Arial]15:50:25.0051 5964 NdisTapi - ok[/FONT]
[FONT=Arial]15:50:25.0113 5964 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys[/FONT]
[FONT=Arial]15:50:25.0129 5964 Ndisuio - ok[/FONT]
[FONT=Arial]15:50:25.0191 5964 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys[/FONT]
[FONT=Arial]15:50:25.0191 5964 NdisWan - ok[/FONT]
[FONT=Arial]15:50:25.0238 5964 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys[/FONT]
[FONT=Arial]15:50:25.0238 5964 NDProxy - ok[/FONT]
[FONT=Arial]15:50:25.0285 5964 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll[/FONT]
[FONT=Arial]15:50:25.0285 5964 Net Driver HPZ12 - ok[/FONT]
[FONT=Arial]15:50:25.0331 5964 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys[/FONT]
[FONT=Arial]15:50:25.0331 5964 NetBIOS - ok[/FONT]
[FONT=Arial]15:50:25.0378 5964 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys[/FONT]
[FONT=Arial]15:50:25.0378 5964 NetBT - ok[/FONT]
[FONT=Arial]15:50:25.0394 5964 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:50:25.0394 5964 Netlogon - ok[/FONT]
[FONT=Arial]15:50:25.0425 5964 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll[/FONT]
[FONT=Arial]15:50:25.0425 5964 Netman - ok[/FONT]
[FONT=Arial]15:50:25.0690 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:50:25.0690 5964 NetMsmqActivator - ok[/FONT]
[FONT=Arial]15:50:25.0706 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:50:25.0706 5964 NetPipeActivator - ok[/FONT]
[FONT=Arial]15:50:25.0815 5964 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll[/FONT]
[FONT=Arial]15:50:25.0815 5964 netprofm - ok[/FONT]
[FONT=Arial]15:50:25.0815 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:50:25.0831 5964 NetTcpActivator - ok[/FONT]
[FONT=Arial]15:50:25.0831 5964 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe[/FONT]
[FONT=Arial]15:50:25.0831 5964 NetTcpPortSharing - ok[/FONT]
[FONT=Arial]15:50:26.0657 5964 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys[/FONT]
[FONT=Arial]15:50:26.0689 5964 NETw5s64 - ok[/FONT]
[FONT=Arial]15:50:27.0328 5964 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys[/FONT]
[FONT=Arial]15:50:27.0359 5964 netw5v64 - ok[/FONT]
[FONT=Arial]15:50:27.0391 5964 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys[/FONT]
[FONT=Arial]15:50:27.0391 5964 nfrd960 - ok[/FONT]
[FONT=Arial]15:50:27.0484 5964 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll[/FONT]
[FONT=Arial]15:50:27.0484 5964 NlaSvc - ok[/FONT]
[FONT=Arial]15:50:27.0547 5964 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll[/FONT]
[FONT=Arial]15:50:27.0547 5964 nosGetPlusHelper - ok[/FONT]
[FONT=Arial]15:50:27.0578 5964 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys[/FONT]
[FONT=Arial]15:50:27.0578 5964 Npfs - ok[/FONT]
[FONT=Arial]15:50:27.0656 5964 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll[/FONT]
[FONT=Arial]15:50:27.0656 5964 nsi - ok[/FONT]
[FONT=Arial]15:50:27.0718 5964 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys[/FONT]
[FONT=Arial]15:50:27.0718 5964 nsiproxy - ok[/FONT]
[FONT=Arial]15:50:27.0890 5964 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys[/FONT]
[FONT=Arial]15:50:27.0890 5964 Ntfs - ok[/FONT]
[FONT=Arial]15:50:27.0937 5964 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys[/FONT]
[FONT=Arial]15:50:27.0937 5964 Null - ok[/FONT]
[FONT=Arial]15:50:28.0015 5964 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys[/FONT]
[FONT=Arial]15:50:28.0015 5964 nvraid - ok[/FONT]
[FONT=Arial]15:50:28.0077 5964 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys[/FONT]
[FONT=Arial]15:50:28.0077 5964 nvstor - ok[/FONT]
[FONT=Arial]15:50:28.0139 5964 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys[/FONT]
[FONT=Arial]15:50:28.0139 5964 nv_agp - ok[/FONT]
[FONT=Arial]15:50:28.0202 5964 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys[/FONT]
[FONT=Arial]15:50:28.0202 5964 ohci1394 - ok[/FONT]
[FONT=Arial]15:50:28.0389 5964 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE[/FONT]
[FONT=Arial]15:50:28.0389 5964 ose - ok[/FONT]
[FONT=Arial]15:50:28.0966 5964 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE[/FONT]
[FONT=Arial]15:50:28.0997 5964 osppsvc - ok[/FONT]
[FONT=Arial]15:50:29.0107 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll[/FONT]
[FONT=Arial]15:50:29.0107 5964 p2pimsvc - ok[/FONT]
[FONT=Arial]15:50:29.0185 5964 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll[/FONT]
[FONT=Arial]15:50:29.0185 5964 p2psvc - ok[/FONT]
[FONT=Arial]15:50:29.0231 5964 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys[/FONT]
[FONT=Arial]15:50:29.0231 5964 Parport - ok[/FONT]
[FONT=Arial]15:50:29.0294 5964 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys[/FONT]
[FONT=Arial]15:50:29.0294 5964 partmgr - ok[/FONT]
[/FONT]
 
[FONT=Times New Roman][FONT=Arial]15:50:29.0341 5964 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll[/FONT]
[FONT=Arial]15:50:29.0341 5964 PcaSvc - ok[/FONT]
[FONT=Arial]15:50:29.0403 5964 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys[/FONT]
[FONT=Arial]15:50:29.0403 5964 pci - ok[/FONT]
[FONT=Arial]15:50:29.0419 5964 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys[/FONT]
[FONT=Arial]15:50:29.0419 5964 pciide - ok[/FONT]
[FONT=Arial]15:50:29.0450 5964 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys[/FONT]
[FONT=Arial]15:50:29.0450 5964 pcmcia - ok[/FONT]
[FONT=Arial]15:50:29.0481 5964 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys[/FONT]
[FONT=Arial]15:50:29.0481 5964 pcw - ok[/FONT]
[FONT=Arial]15:50:29.0731 5964 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys[/FONT]
[FONT=Arial]15:50:29.0746 5964 PEAUTH - ok[/FONT]
[FONT=Arial]15:50:30.0152 5964 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe[/FONT]
[FONT=Arial]15:50:30.0152 5964 PerfHost - ok[/FONT]
[FONT=Arial]15:50:30.0339 5964 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll[/FONT]
[FONT=Arial]15:50:30.0355 5964 pla - ok[/FONT]
[FONT=Arial]15:50:30.0433 5964 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll[/FONT]
[FONT=Arial]15:50:30.0448 5964 PlugPlay - ok[/FONT]
[FONT=Arial]15:50:30.0495 5964 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll[/FONT]
[FONT=Arial]15:50:30.0495 5964 Pml Driver HPZ12 - ok[/FONT]
[FONT=Arial]15:50:30.0542 5964 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll[/FONT]
[FONT=Arial]15:50:30.0542 5964 PNRPAutoReg - ok[/FONT]
[FONT=Arial]15:50:30.0573 5964 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll[/FONT]
[FONT=Arial]15:50:30.0573 5964 PNRPsvc - ok[/FONT]
[FONT=Arial]15:50:30.0620 5964 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\windows\system32\DRIVERS\point64.sys[/FONT]
[FONT=Arial]15:50:30.0620 5964 Point64 - ok[/FONT]
[FONT=Arial]15:50:30.0667 5964 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll[/FONT]
[FONT=Arial]15:50:30.0667 5964 PolicyAgent - ok[/FONT]
[FONT=Arial]15:50:30.0713 5964 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll[/FONT]
[FONT=Arial]15:50:30.0713 5964 Power - ok[/FONT]
[FONT=Arial]15:50:30.0854 5964 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys[/FONT]
[FONT=Arial]15:50:30.0854 5964 PptpMiniport - ok[/FONT]
[FONT=Arial]15:50:30.0947 5964 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys[/FONT]
[FONT=Arial]15:50:30.0947 5964 Processor - ok[/FONT]
[FONT=Arial]15:50:31.0025 5964 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll[/FONT]
[FONT=Arial]15:50:31.0025 5964 ProfSvc - ok[/FONT]
[FONT=Arial]15:50:31.0057 5964 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:50:31.0057 5964 ProtectedStorage - ok[/FONT]
[FONT=Arial]15:50:31.0213 5964 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys[/FONT]
[FONT=Arial]15:50:31.0213 5964 Psched - ok[/FONT]
[FONT=Arial]15:50:31.0213 5964 PS_MDP - ok[/FONT]
[FONT=Arial]15:50:31.0291 5964 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys[/FONT]
[FONT=Arial]15:50:31.0291 5964 PxHlpa64 - ok[/FONT]
[FONT=Arial]15:50:31.0400 5964 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys[/FONT]
[FONT=Arial]15:50:31.0415 5964 ql2300 - ok[/FONT]
[FONT=Arial]15:50:31.0447 5964 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys[/FONT]
[FONT=Arial]15:50:31.0447 5964 ql40xx - ok[/FONT]
[FONT=Arial]15:50:31.0493 5964 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll[/FONT]
[FONT=Arial]15:50:31.0493 5964 QWAVE - ok[/FONT]
[FONT=Arial]15:50:31.0525 5964 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys[/FONT]
[FONT=Arial]15:50:31.0525 5964 QWAVEdrv - ok[/FONT]
[FONT=Arial]15:50:31.0556 5964 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys[/FONT]
[FONT=Arial]15:50:31.0556 5964 RasAcd - ok[/FONT]
[FONT=Arial]15:50:31.0587 5964 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys[/FONT]
[FONT=Arial]15:50:31.0587 5964 RasAgileVpn - ok[/FONT]
[FONT=Arial]15:50:31.0634 5964 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll[/FONT]
[FONT=Arial]15:50:31.0634 5964 RasAuto - ok[/FONT]
[FONT=Arial]15:50:31.0712 5964 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys[/FONT]
[FONT=Arial]15:50:31.0712 5964 Rasl2tp - ok[/FONT]
[FONT=Arial]15:50:31.0759 5964 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll[/FONT]
[FONT=Arial]15:50:31.0774 5964 RasMan - ok[/FONT]
[FONT=Arial]15:50:31.0805 5964 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys[/FONT]
[FONT=Arial]15:50:31.0805 5964 RasPppoe - ok[/FONT]
[FONT=Arial]15:50:31.0821 5964 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys[/FONT]
[FONT=Arial]15:50:31.0821 5964 RasSstp - ok[/FONT]
[FONT=Arial]15:50:31.0883 5964 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys[/FONT]
[FONT=Arial]15:50:31.0883 5964 rdbss - ok[/FONT]
[FONT=Arial]15:50:31.0899 5964 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys[/FONT]
[FONT=Arial]15:50:31.0899 5964 rdpbus - ok[/FONT]
[FONT=Arial]15:50:31.0946 5964 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys[/FONT]
[FONT=Arial]15:50:31.0946 5964 RDPCDD - ok[/FONT]
[FONT=Arial]15:50:31.0946 5964 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys[/FONT]
[FONT=Arial]15:50:31.0946 5964 RDPENCDD - ok[/FONT]
[FONT=Arial]15:50:31.0977 5964 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys[/FONT]
[FONT=Arial]15:50:31.0993 5964 RDPREFMP - ok[/FONT]
[FONT=Arial]15:50:32.0039 5964 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys[/FONT]
[FONT=Arial]15:50:32.0055 5964 RDPWD - ok[/FONT]
[FONT=Arial]15:50:32.0149 5964 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys[/FONT]
[FONT=Arial]15:50:32.0149 5964 rdyboost - ok[/FONT]
[FONT=Arial]15:50:32.0164 5964 ReadyComm.DirectRouter - ok[/FONT]
[FONT=Arial]15:50:32.0195 5964 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll[/FONT]
[FONT=Arial]15:50:32.0195 5964 RemoteAccess - ok[/FONT]
[FONT=Arial]15:50:32.0227 5964 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll[/FONT]
[FONT=Arial]15:50:32.0242 5964 RemoteRegistry - ok[/FONT]
[FONT=Arial]15:50:32.0289 5964 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys[/FONT]
[FONT=Arial]15:50:32.0305 5964 RFCOMM - ok[/FONT]
[FONT=Arial]15:50:32.0351 5964 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll[/FONT]
[FONT=Arial]15:50:32.0351 5964 RpcEptMapper - ok[/FONT]
[FONT=Arial]15:50:32.0383 5964 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe[/FONT]
[FONT=Arial]15:50:32.0383 5964 RpcLocator - ok[/FONT]
[FONT=Arial]15:50:32.0476 5964 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll[/FONT]
[FONT=Arial]15:50:32.0476 5964 RpcSs - ok[/FONT]
[FONT=Arial]15:50:32.0554 5964 [ C9FE05A63C500ABE3AFA5786504C4D36 ] RsFx0105 C:\windows\system32\DRIVERS\RsFx0105.sys[/FONT]
[FONT=Arial]15:50:32.0554 5964 RsFx0105 - ok[/FONT]
[FONT=Arial]15:50:32.0601 5964 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys[/FONT]
[FONT=Arial]15:50:32.0601 5964 rspndr - ok[/FONT]
[FONT=Arial]15:50:32.0632 5964 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIVX.sys[/FONT]
[FONT=Arial]15:50:32.0632 5964 RTHDMIAzAudService - ok[/FONT]
[FONT=Arial]15:50:32.0663 5964 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:50:32.0663 5964 SamSs - ok[/FONT]
[FONT=Arial]15:50:32.0726 5964 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys[/FONT]
[FONT=Arial]15:50:32.0726 5964 sbp2port - ok[/FONT]
[FONT=Arial]15:50:32.0773 5964 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll[/FONT]
[FONT=Arial]15:50:32.0773 5964 SCardSvr - ok[/FONT]
[FONT=Arial]15:50:32.0819 5964 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys[/FONT]
[FONT=Arial]15:50:32.0819 5964 scfilter - ok[/FONT]
[FONT=Arial]15:50:32.0944 5964 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll[/FONT]
[FONT=Arial]15:50:32.0960 5964 Schedule - ok[/FONT]
[FONT=Arial]15:50:33.0007 5964 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll[/FONT]
[FONT=Arial]15:50:33.0022 5964 SCPolicySvc - ok[/FONT]
[FONT=Arial]15:50:33.0053 5964 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys[/FONT]
[FONT=Arial]15:50:33.0053 5964 sdbus - ok[/FONT]
[FONT=Arial]15:50:33.0131 5964 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll[/FONT]
[FONT=Arial]15:50:33.0147 5964 SDRSVC - ok[/FONT]
[FONT=Arial]15:50:33.0272 5964 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe[/FONT]
[FONT=Arial]15:50:33.0272 5964 SeaPort - ok[/FONT]
[FONT=Arial]15:50:33.0365 5964 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys[/FONT]
[FONT=Arial]15:50:33.0365 5964 secdrv - ok[/FONT]
[FONT=Arial]15:50:33.0412 5964 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll[/FONT]
[FONT=Arial]15:50:33.0412 5964 seclogon - ok[/FONT]
[FONT=Arial]15:50:33.0459 5964 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll[/FONT]
[FONT=Arial]15:50:33.0459 5964 SENS - ok[/FONT]
[FONT=Arial]15:50:33.0537 5964 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll[/FONT]
[FONT=Arial]15:50:33.0537 5964 SensrSvc - ok[/FONT]
[FONT=Arial]15:50:33.0553 5964 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys[/FONT]
[FONT=Arial]15:50:33.0553 5964 Serenum - ok[/FONT]
[FONT=Arial]15:50:33.0568 5964 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys[/FONT]
[FONT=Arial]15:50:33.0584 5964 Serial - ok[/FONT]
[FONT=Arial]15:50:33.0662 5964 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys[/FONT]
[FONT=Arial]15:50:33.0662 5964 sermouse - ok[/FONT]
[FONT=Arial]15:50:33.0740 5964 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll[/FONT]
[FONT=Arial]15:50:33.0740 5964 SessionEnv - ok[/FONT]
[FONT=Arial]15:50:33.0755 5964 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys[/FONT]
[FONT=Arial]15:50:33.0755 5964 sffdisk - ok[/FONT]
[FONT=Arial]15:50:33.0771 5964 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys[/FONT]
[FONT=Arial]15:50:33.0771 5964 sffp_mmc - ok[/FONT]
[FONT=Arial]15:50:33.0802 5964 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys[/FONT]
[FONT=Arial]15:50:33.0802 5964 sffp_sd - ok[/FONT]
[FONT=Arial]15:50:33.0865 5964 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys[/FONT]
[FONT=Arial]15:50:33.0865 5964 sfloppy - ok[/FONT]
[FONT=Arial]15:50:33.0989 5964 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys[/FONT]
[FONT=Arial]15:50:34.0005 5964 Sftfs - ok[/FONT]
[FONT=Arial]15:50:34.0099 5964 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe[/FONT]
[FONT=Arial]15:50:34.0099 5964 sftlist - ok[/FONT]
[FONT=Arial]15:50:34.0177 5964 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys[/FONT]
[FONT=Arial]15:50:34.0177 5964 Sftplay - ok[/FONT]
[FONT=Arial]15:50:34.0192 5964 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys[/FONT]
[FONT=Arial]15:50:34.0192 5964 Sftredir - ok[/FONT]
[FONT=Arial]15:50:34.0255 5964 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys[/FONT]
[FONT=Arial]15:50:34.0255 5964 Sftvol - ok[/FONT]
[FONT=Arial]15:50:34.0286 5964 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe[/FONT]
[FONT=Arial]15:50:34.0286 5964 sftvsa - ok[/FONT]
[FONT=Arial]15:50:34.0364 5964 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll[/FONT]
[FONT=Arial]15:50:34.0364 5964 ShellHWDetection - ok[/FONT]
[FONT=Arial]15:50:34.0395 5964 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys[/FONT]
[FONT=Arial]15:50:34.0395 5964 SiSRaid2 - ok[/FONT]
[FONT=Arial]15:50:34.0411 5964 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys[/FONT]
[FONT=Arial]15:50:34.0411 5964 SiSRaid4 - ok[/FONT]
[FONT=Arial]15:50:34.0489 5964 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe[/FONT]
[FONT=Arial]15:50:34.0489 5964 SkypeUpdate - ok[/FONT]
[FONT=Arial]15:50:34.0629 5964 [ AD2FA5CB9E9EBF668786CCDAE5CFE458 ] Slidebar Notifier Service C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe[/FONT]
[FONT=Arial]15:50:34.0629 5964 Slidebar Notifier Service - ok[/FONT]
[FONT=Arial]15:50:34.0660 5964 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys[/FONT]
[FONT=Arial]15:50:34.0660 5964 Smb - ok[/FONT]
[FONT=Arial]15:50:34.0723 5964 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe[/FONT]
[FONT=Arial]15:50:34.0723 5964 SNMPTRAP - ok[/FONT]
[FONT=Arial]15:50:34.0738 5964 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys[/FONT]
[FONT=Arial]15:50:34.0738 5964 spldr - ok[/FONT]
[FONT=Arial]15:50:34.0847 5964 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe[/FONT]
[FONT=Arial]15:50:34.0863 5964 Spooler - ok[/FONT]
[FONT=Arial]15:50:35.0113 5964 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe[/FONT]
[FONT=Arial]15:50:35.0144 5964 sppsvc - ok[/FONT]
[FONT=Arial]15:50:35.0175 5964 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll[/FONT]
[FONT=Arial]15:50:35.0175 5964 sppuinotify - ok[/FONT]
[FONT=Arial]15:50:35.0362 5964 [ 45E65FB17A4CD5FACBD3CA16C8334C82 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE[/FONT]
[FONT=Arial]15:50:35.0362 5964 SQLAgent$SQLEXPRESS - ok[/FONT]
[FONT=Arial]15:50:35.0471 5964 [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[/FONT]
[FONT=Arial]15:50:35.0471 5964 SQLBrowser - ok[/FONT]
[FONT=Arial]15:50:35.0549 5964 [ F92E5F93BE572B512DA3C016B675EDE0 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe[/FONT]
[FONT=Arial]15:50:35.0549 5964 SQLWriter - ok[/FONT]
[FONT=Arial]15:50:35.0690 5964 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys[/FONT]
[FONT=Arial]15:50:35.0690 5964 srv - ok[/FONT]
[FONT=Arial]15:50:35.0799 5964 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys[/FONT]
[FONT=Arial]15:50:35.0799 5964 srv2 - ok[/FONT]
[FONT=Arial]15:50:35.0830 5964 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys[/FONT]
[FONT=Arial]15:50:35.0846 5964 srvnet - ok[/FONT]
[FONT=Arial]15:50:35.0893 5964 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll[/FONT]
[FONT=Arial]15:50:35.0893 5964 SSDPSRV - ok[/FONT]
[FONT=Arial]15:50:35.0939 5964 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll[/FONT]
[FONT=Arial]15:50:35.0939 5964 SstpSvc - ok[/FONT]
[FONT=Arial]15:50:36.0017 5964 Steam Client Service - ok[/FONT]
[FONT=Arial]15:50:36.0111 5964 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys[/FONT]
[FONT=Arial]15:50:36.0111 5964 stexstor - ok[/FONT]
[FONT=Arial]15:50:36.0298 5964 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll[/FONT]
[FONT=Arial]15:50:36.0298 5964 stisvc - ok[/FONT]
[FONT=Arial]15:50:36.0361 5964 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys[/FONT]
[FONT=Arial]15:50:36.0361 5964 swenum - ok[/FONT]
[FONT=Arial]15:50:36.0548 5964 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe[/FONT]
[FONT=Arial]15:50:36.0548 5964 SwitchBoard - ok[/FONT]
[FONT=Arial]15:50:36.0595 5964 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll[/FONT]
[FONT=Arial]15:50:36.0595 5964 swprv - ok[/FONT]
[FONT=Arial]15:50:36.0673 5964 [ D0FDB0C4429209D7E2F073375EBD0074 ] SxSmemcd C:\windows\system32\DRIVERS\SxSmemcd.sys[/FONT]
[FONT=Arial]15:50:36.0673 5964 SxSmemcd - ok[/FONT]
[FONT=Arial]15:50:36.0922 5964 [ E5D73228176C9F69072D1F91CED83484 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys[/FONT]
[FONT=Arial]15:50:36.0922 5964 SynTP - ok[/FONT]
[FONT=Arial]15:50:37.0250 5964 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll[/FONT]
[FONT=Arial]15:50:37.0281 5964 SysMain - ok[/FONT]
[FONT=Arial]15:50:37.0328 5964 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll[/FONT]
[FONT=Arial]15:50:37.0328 5964 TabletInputService - ok[/FONT]
[FONT=Arial]15:50:37.0702 5964 [ 9C2BA01C621448018DA14AF27F7BD48B ] TabletServiceWacom C:\windows\system32\Wacom_Tablet.exe[/FONT]
[FONT=Arial]15:50:37.0733 5964 TabletServiceWacom - ok[/FONT]
[FONT=Arial]15:50:37.0811 5964 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll[/FONT]
[FONT=Arial]15:50:37.0811 5964 TapiSrv - ok[/FONT]
[FONT=Arial]15:50:37.0827 5964 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll[/FONT]
[FONT=Arial]15:50:37.0827 5964 TBS - ok[/FONT]
[FONT=Arial]15:50:38.0108 5964 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys[/FONT]
[FONT=Arial]15:50:38.0139 5964 Tcpip - ok[/FONT]
[FONT=Arial]15:50:38.0326 5964 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys[/FONT]
[FONT=Arial]15:50:38.0342 5964 TCPIP6 - ok[/FONT]
[FONT=Arial]15:50:38.0451 5964 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys[/FONT]
[FONT=Arial]15:50:38.0451 5964 tcpipreg - ok[/FONT]
[FONT=Arial]15:50:38.0482 5964 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys[/FONT]
[FONT=Arial]15:50:38.0482 5964 TDPIPE - ok[/FONT]
[FONT=Arial]15:50:38.0576 5964 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys[/FONT]
[FONT=Arial]15:50:38.0576 5964 TDTCP - ok[/FONT]
[FONT=Arial]15:50:38.0623 5964 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys[/FONT]
[FONT=Arial]15:50:38.0623 5964 tdx - ok[/FONT]
[FONT=Arial]15:50:38.0685 5964 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys[/FONT]
[FONT=Arial]15:50:38.0685 5964 TermDD - ok[/FONT]
[FONT=Arial]15:50:38.0779 5964 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll[/FONT]
[FONT=Arial]15:50:38.0794 5964 TermService - ok[/FONT]
[FONT=Arial]15:50:38.0810 5964 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll[/FONT]
[FONT=Arial]15:50:38.0810 5964 Themes - ok[/FONT]
[FONT=Arial]15:50:38.0888 5964 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll[/FONT]
[FONT=Arial]15:50:38.0888 5964 THREADORDER - ok[/FONT]
[FONT=Arial]15:50:38.0903 5964 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll[/FONT]
[FONT=Arial]15:50:38.0903 5964 TrkWks - ok[/FONT]
[FONT=Arial]15:50:39.0059 5964 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe[/FONT]
[FONT=Arial]15:50:39.0059 5964 TrustedInstaller - ok[/FONT]
[FONT=Arial]15:50:39.0200 5964 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys[/FONT]
[FONT=Arial]15:50:39.0200 5964 tssecsrv - ok[/FONT]
[FONT=Arial]15:50:39.0262 5964 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys[/FONT]
[FONT=Arial]15:50:39.0262 5964 TsUsbFlt - ok[/FONT]
[FONT=Arial]15:50:39.0325 5964 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys[/FONT]
[FONT=Arial]15:50:39.0325 5964 tunnel - ok[/FONT]
[FONT=Arial]15:50:39.0340 5964 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys[/FONT]
[FONT=Arial]15:50:39.0340 5964 uagp35 - ok[/FONT]
[FONT=Arial]15:50:39.0403 5964 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys[/FONT]
[FONT=Arial]15:50:39.0403 5964 udfs - ok[/FONT]
[FONT=Arial]15:50:39.0434 5964 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe[/FONT]
[FONT=Arial]15:50:39.0434 5964 UI0Detect - ok[/FONT]
[FONT=Arial]15:50:39.0512 5964 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys[/FONT]
[FONT=Arial]15:50:39.0512 5964 uliagpkx - ok[/FONT]
[FONT=Arial]15:50:39.0605 5964 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys[/FONT]
[FONT=Arial]15:50:39.0605 5964 umbus - ok[/FONT]
[FONT=Arial]15:50:39.0637 5964 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys[/FONT]
[FONT=Arial]15:50:39.0637 5964 UmPass - ok[/FONT]
[FONT=Arial]15:50:39.0933 5964 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[/FONT]
[FONT=Arial]15:50:39.0949 5964 UNS - ok[/FONT]
[FONT=Arial]15:50:40.0011 5964 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll[/FONT]
[FONT=Arial]15:50:40.0027 5964 upnphost - ok[/FONT]
[FONT=Arial]15:50:40.0073 5964 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys[/FONT]
[FONT=Arial]15:50:40.0073 5964 USBAAPL64 - ok[/FONT]
[FONT=Arial]15:50:40.0151 5964 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys[/FONT]
[FONT=Arial]15:50:40.0151 5964 usbccgp - ok[/FONT]
[FONT=Arial]15:50:40.0214 5964 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys[/FONT]
[FONT=Arial]15:50:40.0229 5964 usbcir - ok[/FONT]
[FONT=Arial]15:50:40.0245 5964 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys[/FONT]
[FONT=Arial]15:50:40.0245 5964 usbehci - ok[/FONT]
[FONT=Arial]15:50:40.0339 5964 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys[/FONT]
[FONT=Arial]15:50:40.0339 5964 usbhub - ok[/FONT]
[FONT=Arial]15:50:40.0354 5964 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys[/FONT]
[FONT=Arial]15:50:40.0370 5964 usbohci - ok[/FONT]
[FONT=Arial]15:50:40.0385 5964 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys[/FONT]
[FONT=Arial]15:50:40.0385 5964 usbprint - ok[/FONT]
[FONT=Arial]15:50:40.0432 5964 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys[/FONT]
[FONT=Arial]15:50:40.0432 5964 usbscan - ok[/FONT]
[FONT=Arial]15:50:40.0479 5964 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS[/FONT]
[FONT=Arial]15:50:40.0479 5964 USBSTOR - ok[/FONT]
[FONT=Arial]15:50:40.0557 5964 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys[/FONT]
[FONT=Arial]15:50:40.0557 5964 usbuhci - ok[/FONT]
[FONT=Arial]15:50:40.0588 5964 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys[/FONT]
[FONT=Arial]15:50:40.0588 5964 usbvideo - ok[/FONT]
[FONT=Arial]15:50:40.0604 5964 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll[/FONT]
[FONT=Arial]15:50:40.0604 5964 UxSms - ok[/FONT]
[FONT=Arial]15:50:40.0619 5964 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe[/FONT]
[FONT=Arial]15:50:40.0619 5964 VaultSvc - ok[/FONT]
[FONT=Arial]15:50:40.0635 5964 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys[/FONT]
[FONT=Arial]15:50:40.0635 5964 vdrvroot - ok[/FONT]
[FONT=Arial]15:50:40.0697 5964 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe[/FONT]
[FONT=Arial]15:50:40.0697 5964 vds - ok[/FONT]
[FONT=Arial]15:50:40.0729 5964 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys[/FONT]
[FONT=Arial]15:50:40.0729 5964 vga - ok[/FONT]
[FONT=Arial]15:50:40.0744 5964 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys[/FONT]
[FONT=Arial]15:50:40.0744 5964 VgaSave - ok[/FONT]
[FONT=Arial]15:50:40.0807 5964 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys[/FONT]
[FONT=Arial]15:50:40.0807 5964 vhdmp - ok[/FONT]
[FONT=Arial]15:50:40.0822 5964 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys[/FONT]
[FONT=Arial]15:50:40.0822 5964 viaide - ok[/FONT]
[FONT=Arial]15:50:40.0853 5964 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys[/FONT]
[FONT=Arial]15:50:40.0853 5964 volmgr - ok[/FONT]
[FONT=Arial]15:50:40.0900 5964 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys[/FONT]
[FONT=Arial]15:50:40.0900 5964 volmgrx - ok[/FONT]
[FONT=Arial]15:50:40.0931 5964 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys[/FONT]
[FONT=Arial]15:50:40.0931 5964 volsnap - ok[/FONT]
[FONT=Arial]15:50:40.0947 5964 vpnva - ok[/FONT]
[FONT=Arial]15:50:40.0978 5964 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys[/FONT]
[FONT=Arial]15:50:40.0978 5964 vsmraid - ok[/FONT]
[FONT=Arial]15:50:41.0056 5964 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe[/FONT]
[FONT=Arial]15:50:41.0087 5964 VSS - ok[/FONT]
[FONT=Arial]15:50:41.0119 5964 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys[/FONT]
[FONT=Arial]15:50:41.0119 5964 vwifibus - ok[/FONT]
[FONT=Arial]15:50:41.0134 5964 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys[/FONT]
[FONT=Arial]15:50:41.0134 5964 vwififlt - ok[/FONT]
[FONT=Arial]15:50:41.0165 5964 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys[/FONT]
[FONT=Arial]15:50:41.0165 5964 vwifimp - ok[/FONT]
[FONT=Arial]15:50:41.0197 5964 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll[/FONT]
[FONT=Arial]15:50:41.0197 5964 W32Time - ok[/FONT]
[FONT=Arial]15:50:41.0243 5964 [ 37E4600E2CDAD3C1A3613A25B97D457C ] wacmoumonitor C:\windows\system32\DRIVERS\wacmoumonitor.sys[/FONT]
[FONT=Arial]15:50:41.0243 5964 wacmoumonitor - ok[/FONT]
[FONT=Arial]15:50:41.0290 5964 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\windows\system32\DRIVERS\wacommousefilter.sys[/FONT]
[FONT=Arial]15:50:41.0290 5964 wacommousefilter - ok[/FONT]
[FONT=Arial]15:50:41.0321 5964 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys[/FONT]
[FONT=Arial]15:50:41.0321 5964 WacomPen - ok[/FONT]
[FONT=Arial]15:50:41.0321 5964 wacomvhid - ok[/FONT]
[FONT=Arial]15:50:41.0384 5964 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys[/FONT]
[FONT=Arial]15:50:41.0384 5964 WANARP - ok[/FONT]
[FONT=Arial]15:50:41.0384 5964 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys[/FONT]
[FONT=Arial]15:50:41.0384 5964 Wanarpv6 - ok[/FONT]
[FONT=Arial]15:50:41.0431 5964 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe[/FONT]
[FONT=Arial]15:50:41.0446 5964 WatAdminSvc - ok[/FONT]
[FONT=Arial]15:50:41.0524 5964 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe[/FONT]
[FONT=Arial]15:50:41.0524 5964 wbengine - ok[/FONT]
[FONT=Arial]15:50:41.0555 5964 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll[/FONT]
[FONT=Arial]15:50:41.0555 5964 WbioSrvc - ok[/FONT]
[FONT=Arial]15:50:41.0602 5964 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll[/FONT]
[FONT=Arial]15:50:41.0618 5964 wcncsvc - ok[/FONT]
[FONT=Arial]15:50:41.0633 5964 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll[/FONT]
[FONT=Arial]15:50:41.0633 5964 WcsPlugInService - ok[/FONT]
[FONT=Arial]15:50:41.0665 5964 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys[/FONT]
[FONT=Arial]15:50:41.0665 5964 Wd - ok[/FONT]
[FONT=Arial]15:50:41.0758 5964 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\windows\system32\DRIVERS\wdcsam64.sys[/FONT]
[FONT=Arial]15:50:41.0758 5964 WDC_SAM - ok[/FONT]
[FONT=Arial]15:50:41.0836 5964 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys[/FONT]
[FONT=Arial]15:50:41.0852 5964 Wdf01000 - ok[/FONT]
[FONT=Arial]15:50:41.0867 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll[/FONT]
[FONT=Arial]15:50:41.0883 5964 WdiServiceHost - ok[/FONT]
[FONT=Arial]15:50:41.0883 5964 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll[/FONT]
[FONT=Arial]15:50:41.0883 5964 WdiSystemHost - ok[/FONT]
[FONT=Arial]15:50:41.0914 5964 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys[/FONT]
[FONT=Arial]15:50:41.0914 5964 wdmirror - ok[/FONT]
[FONT=Arial]15:50:41.0977 5964 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll[/FONT]
[FONT=Arial]15:50:41.0992 5964 WebClient - ok[/FONT]
[FONT=Arial]15:50:42.0023 5964 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll[/FONT]
[FONT=Arial]15:50:42.0023 5964 Wecsvc - ok[/FONT]
[FONT=Arial]15:50:42.0055 5964 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll[/FONT]
[FONT=Arial]15:50:42.0055 5964 wercplsupport - ok[/FONT]
[FONT=Arial]15:50:42.0070 5964 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll[/FONT]
[FONT=Arial]15:50:42.0070 5964 WerSvc - ok[/FONT]
[FONT=Arial]15:50:42.0101 5964 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys[/FONT]
[FONT=Arial]15:50:42.0117 5964 WfpLwf - ok[/FONT]
[FONT=Arial]15:50:42.0148 5964 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys[/FONT]
[FONT=Arial]15:50:42.0148 5964 WimFltr - ok[/FONT]
[FONT=Arial]15:50:42.0164 5964 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys[/FONT]
[FONT=Arial]15:50:42.0164 5964 WIMMount - ok[/FONT]
[FONT=Arial]15:50:42.0179 5964 WinHttpAutoProxySvc - ok[/FONT]
[FONT=Arial]15:50:42.0289 5964 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll[/FONT]
[FONT=Arial]15:50:42.0289 5964 Winmgmt - ok[/FONT]
[FONT=Arial]15:50:42.0476 5964 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll[/FONT]
[FONT=Arial]15:50:42.0507 5964 WinRM - ok[/FONT]
[FONT=Arial]15:50:42.0554 5964 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys[/FONT]
[FONT=Arial]15:50:42.0554 5964 WinUsb - ok[/FONT]
[FONT=Arial]15:50:42.0647 5964 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll[/FONT]
[FONT=Arial]15:50:42.0663 5964 Wlansvc - ok[/FONT]
[FONT=Arial]15:50:42.0772 5964 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[/FONT]
[FONT=Arial]15:50:42.0803 5964 wlidsvc - ok[/FONT]
[FONT=Arial]15:50:42.0850 5964 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys[/FONT]
[FONT=Arial]15:50:42.0850 5964 WmiAcpi - ok[/FONT]
[FONT=Arial]15:50:42.0913 5964 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe[/FONT]
[FONT=Arial]15:50:42.0913 5964 wmiApSrv - ok[/FONT]
[FONT=Arial]15:50:42.0944 5964 WMPNetworkSvc - ok[/FONT]
[FONT=Arial]15:50:42.0975 5964 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll[/FONT]
[FONT=Arial]15:50:42.0975 5964 WPCSvc - ok[/FONT]
[FONT=Arial]15:50:43.0022 5964 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll[/FONT]
[FONT=Arial]15:50:43.0037 5964 WPDBusEnum - ok[/FONT]
[FONT=Arial]15:50:43.0053 5964 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys[/FONT]
[FONT=Arial]15:50:43.0053 5964 ws2ifsl - ok[/FONT]
[FONT=Arial]15:50:43.0069 5964 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys[/FONT]
[FONT=Arial]15:50:43.0084 5964 WSDPrintDevice - ok[/FONT]
[FONT=Arial]15:50:43.0084 5964 WSearch - ok[/FONT]
[FONT=Arial]15:50:43.0115 5964 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys[/FONT]
[FONT=Arial]15:50:43.0131 5964 wsvd - ok[/FONT]
[FONT=Arial]15:50:43.0147 5964 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys[/FONT]
[FONT=Arial]15:50:43.0147 5964 WudfPf - ok[/FONT]
[FONT=Arial]15:50:43.0225 5964 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys[/FONT]
[FONT=Arial]15:50:43.0225 5964 WUDFRd - ok[/FONT]
[FONT=Arial]15:50:43.0287 5964 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll[/FONT]
[FONT=Arial]15:50:43.0287 5964 wudfsvc - ok[/FONT]
[FONT=Arial]15:50:43.0334 5964 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll[/FONT]
[FONT=Arial]15:50:43.0334 5964 WwanSvc - ok[/FONT]
[FONT=Arial]15:50:43.0396 5964 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys[/FONT]
[FONT=Arial]15:50:43.0396 5964 xusb21 - ok[/FONT]
[FONT=Arial]15:50:43.0427 5964 ================ Scan global ===============================[/FONT]
[FONT=Arial]15:50:43.0443 5964 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll[/FONT]
[FONT=Arial]15:50:43.0490 5964 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll[/FONT]
[FONT=Arial]15:50:43.0521 5964 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll[/FONT]
[FONT=Arial]15:50:43.0552 5964 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll[/FONT]
[FONT=Arial]15:50:43.0615 5964 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe[/FONT]
[FONT=Arial]15:50:43.0630 5964 [Global] - ok[/FONT]
[FONT=Arial]15:50:43.0630 5964 ================ Scan MBR ==================================[/FONT]
[FONT=Arial]15:50:43.0646 5964 [ FF1761EF7140665743A6D636F95DFD81 ] \Device\Harddisk0\DR0[/FONT]
[FONT=Arial]15:50:43.0677 5964 \Device\Harddisk0\DR0 - ok[/FONT]
[FONT=Arial]15:50:43.0677 5964 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1[/FONT]
[FONT=Arial]15:50:54.0628 5964 \Device\Harddisk1\DR1 - ok[/FONT]
[FONT=Arial]15:50:54.0628 5964 ================ Scan VBR ==================================[/FONT]
[FONT=Arial]15:50:54.0644 5964 [ 3384610CAF42FD514A87B6B32845DCE9 ] \Device\Harddisk0\DR0\Partition1[/FONT]
[FONT=Arial]15:50:54.0660 5964 \Device\Harddisk0\DR0\Partition1 - ok[/FONT]
[FONT=Arial]15:50:54.0675 5964 [ 037F10F67D64DA6F5B02CA06737C3F06 ] \Device\Harddisk0\DR0\Partition2[/FONT]
[FONT=Arial]15:50:54.0691 5964 \Device\Harddisk0\DR0\Partition2 - ok[/FONT]
[FONT=Arial]15:50:54.0722 5964 [ DAB9817966483A10B7ED13D86E269570 ] \Device\Harddisk0\DR0\Partition3[/FONT]
[FONT=Arial]15:50:54.0738 5964 \Device\Harddisk0\DR0\Partition3 - ok[/FONT]
[FONT=Arial]15:50:54.0738 5964 [ CEF03AD135D8F67E1B707B7F9ED27C21 ] \Device\Harddisk1\DR1\Partition1[/FONT]
[FONT=Arial]15:50:54.0738 5964 \Device\Harddisk1\DR1\Partition1 - ok[/FONT]
[FONT=Arial]15:50:54.0738 5964 ============================================================[/FONT]
[FONT=Arial]15:50:54.0738 5964 Scan finished[/FONT]
[FONT=Arial]15:50:54.0738 5964 ============================================================[/FONT]
[FONT=Arial]15:50:54.0753 5924 Detected object count: 1[/FONT]
[FONT=Arial]15:50:54.0753 5924 Actual detected object count: 1[/FONT]
[FONT=Arial]15:51:01.0508 5924 Akamai ( HiddenFile.Multi.Generic ) - skipped by user[/FONT]
[FONT=Arial]15:51:01.0508 5924 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip [/FONT]

[FONT=Arial] [/FONT]
[/FONT]
 
Sorry for the bold, I didn't have it checked and when I try to edit the formatting it tells me I'm using too many characters.
 
RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Katelyn [Admin rights]
Mode : Remove -- Date : 11/01/2012 16:03:39

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[TASK][SUSP PATH] {B4FB43BF-A081-4F56-B8E9-2DFFE831A04C} : C:\windows\system32\pcalua.exe -a C:\Users\Katelyn\AppData\Local\Temp\DivXSetup.exe -d C:\windows\SysWOW64 -c /update all -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 hl2rcv.adobe.com


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 2f47bd8eb396a1e1e7bface63b09da24
[BSP] 357e812403a36c0ec3698a7dc58e0b9b : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 396279 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 811993086 | Size: 65350 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SMI USB DISK USB Device +++++
--- User ---
[MBR] 16c397d8283f7e139c8cfef808c7694d
[BSP] 6f510daf46d274284f9a608a06c7db11 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15479 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
 
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.11.01.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Katelyn :: WINSTON [administrator]
11/1/2012 4:06:36 PM
mbam-log-2012-11-01 (16-06-36).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236841
Time elapsed: 13 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
 
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-11-01 16:21:24
-----------------------------
16:21:24.495 OS Version: Windows x64 6.1.7601 Service Pack 1
16:21:24.511 Number of processors: 4 586 0x2502
16:21:24.511 ComputerName: WINSTON UserName: Katelyn
16:21:26.055 Initialize success
16:22:59.629 AVAST engine defs: 12110100
16:23:29.971 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:23:29.986 Disk 0 Vendor: ST950032 0010 Size: 476940MB BusType: 3
16:23:30.002 Disk 0 MBR read successfully
16:23:30.002 Disk 0 MBR scan
16:23:30.002 Disk 0 unknown MBR code
16:23:30.017 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
16:23:30.033 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 396279 MB offset 411648
16:23:30.049 Disk 0 Partition - 00 0F Extended LBA 65350 MB offset 811993086
16:23:30.095 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
16:23:30.220 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 31209 MB offset 881913856
16:23:30.236 Disk 0 Partition - 00 05 Extended 30249 MB offset 811993087
16:23:30.236 Disk 0 Partition 5 00 83 Linux 30249 MB offset 811993088
16:23:30.251 Disk 0 Partition - 00 05 Extended 3887 MB offset 873943041
16:23:30.283 Disk 0 Partition 6 00 82 Linux swap 3886 MB offset 873945088
16:23:30.345 Disk 0 scanning C:\windows\system32\drivers
16:23:49.081 Service scanning
16:24:33.594 Modules scanning
16:24:33.594 Disk 0 trace - called modules:
16:24:33.781 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:24:33.796 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80052bb060]
16:24:33.796 3 CLASSPNP.SYS[fffff880015b843f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004fb5050]
16:24:35.622 AVAST engine scan C:\windows
16:24:39.319 AVAST engine scan C:\windows\system32
16:32:49.897 AVAST engine scan C:\windows\system32\drivers
16:33:10.520 AVAST engine scan C:\Users\Katelyn
16:35:20.172 Disk 0 MBR has been saved successfully to "C:\Users\Katelyn\Desktop\MBR.dat"
16:35:20.187 The log file has been saved successfully to "C:\Users\Katelyn\Desktop\aswMBR.txt"
 
Back