Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm afraid I got infected with something


  • Please log in to reply
20 replies to this topic

#1 yhelfman

yhelfman

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 04 December 2012 - 11:19 AM

I think my PC infected with something. Recently after OS is loaded doing standard stuff (opening a file, browsing to a page), the hard disk keeps cranking the cursor turns into a spinning icon and the OS is not usable anymore. Only hard reset gets me out of there. I've also noticed that even clicking on www.bleeping.com and trying to sign in to my accout rerouted me to some junk address associated with ymail. I hope you can help me in diagnosys and removal. I went through DSKCHK and nothing seems physically wrong with the hard drive. Thanks, Yuval

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 04 December 2012 - 11:42 AM

Hello yhelfman,I moved this down one to the Am I Infected forum. Run these and see how it is after.

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

>>>>

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

>>>>

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>>>

ESET ONLINE

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 04 December 2012 - 05:07 PM

Hi boopme,

Here are the logs you've requested:

MiniToolBox by Farbar Version: 25-11-2012
Ran by yhelfman (administrator) on 04-12-2012 at 09:40:36
Running from "C:\Users\yhelfman\Desktop\bleepingcomputer"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

1x1 11b/g/n Wireless LAN PCI Express Half Mini Card Adapter = Wireless Network Connection (Connected)
VirtualBox Host-Only Ethernet Adapter = VirtualBox Host-Only Network (Connected)
Sierra Wireless HSPA Network Adapter = Local Area Connection 2 (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)
TAP-Win32 Adapter V9 = vpn (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?( subinterface=ethernet_6 mtu=1477
add address name="VirtualBox Host-Only Network" address=192.168.56.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : yhelfman-Lenovo
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Sierra Wireless HSPA Network Adapter
Physical Address. . . . . . . . . : 00-A0-D5-FF-FF-AE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d948:a125:77d3:276d%24(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Lease Obtained. . . . . . . . . . : Tuesday, December 04, 2012 8:08:45 AM
Lease Expires . . . . . . . . . . : Friday, December 07, 2012 8:08:45 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.2.253
DHCPv6 IAID . . . . . . . . . . . : 771793109
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D3-AA-7F-F0-DE-F1-CB-EB-3C
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter vpn:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-34-27-4D-0D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 1x1 11b/g/n Wireless LAN PCI Express Half Mini Card Adapter
Physical Address. . . . . . . . . : 60-D8-19-C9-3C-EE
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7806:4fc1:c62d:f2f3%15(Preferred)
IPv4 Address. . . . . . . . . . . : 10.160.77.42(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Tuesday, December 04, 2012 8:08:47 AM
Lease Expires . . . . . . . . . . : Tuesday, December 04, 2012 10:08:51 PM
Default Gateway . . . . . . . . . : 10.160.79.230
DHCP Server . . . . . . . . . . . : 1.1.1.1
DHCPv6 IAID . . . . . . . . . . . : 375445529
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D3-AA-7F-F0-DE-F1-CB-EB-3C
DNS Servers . . . . . . . . . . . : 198.204.134.66
198.204.142.66
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-CB-EB-3C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VirtualBox Host-Only Network:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VirtualBox Host-Only Ethernet Adapter
Physical Address. . . . . . . . . : 08-00-27-00-D4-3F
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::549f:4752:f70f:c5ba%30(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.56.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 721944615
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-D3-AA-7F-F0-DE-F1-CB-EB-3C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{86F151DD-55D0-4130-8938-8E7A7BA10C69}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{34274D0D-13BD-4392-B2FA-ED208DD5CFC5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{81B60DF0-A90A-4097-A895-FFBDB08C2F41}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3056FD2B-98A7-4C72-8C4A-7565CBC16E12}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{554439AD-C933-4C4C-8694-72D2E7B146A2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: att.elevate
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:802::1001
173.194.43.1
173.194.43.8
173.194.43.7
173.194.43.14
173.194.43.3
173.194.43.5
173.194.43.2
173.194.43.4
173.194.43.9
173.194.43.0
173.194.43.6


Pinging google.com [173.194.43.3] with 32 bytes of data:
Reply from 173.194.43.3: bytes=32 time=294ms TTL=52
Reply from 173.194.43.3: bytes=32 time=323ms TTL=52

Ping statistics for 173.194.43.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 294ms, Maximum = 323ms, Average = 308ms
Server: att.elevate
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=114ms TTL=49
Reply from 98.138.253.109: bytes=32 time=194ms TTL=48

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 114ms, Maximum = 194ms, Average = 154ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
24...00 a0 d5 ff ff ae ......Sierra Wireless HSPA Network Adapter
17...00 ff 34 27 4d 0d ......TAP-Win32 Adapter V9
15...60 d8 19 c9 3c ee ......1x1 11b/g/n Wireless LAN PCI Express Half Mini Card Adapter
13...f0 de f1 cb eb 3c ......Intel® 82579LM Gigabit Network Connection
30...08 00 27 00 d4 3f ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.2.2 25
0.0.0.0 0.0.0.0 10.160.79.230 10.160.77.42 25
10.160.76.0 255.255.252.0 On-link 10.160.77.42 281
10.160.77.42 255.255.255.255 On-link 10.160.77.42 281
10.160.79.255 255.255.255.255 On-link 10.160.77.42 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.2 255.255.255.255 On-link 192.168.2.2 281
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.2.2 281
224.0.0.0 240.0.0.0 On-link 10.160.77.42 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.2.2 281
255.255.255.255 255.255.255.255 On-link 10.160.77.42 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
30 276 fe80::/64 On-link
24 281 fe80::/64 On-link
15 281 fe80::/64 On-link
30 276 fe80::549f:4752:f70f:c5ba/128
On-link
15 281 fe80::7806:4fc1:c62d:f2f3/128
On-link
24 281 fe80::d948:a125:77d3:276d/128
On-link
1 306 ff00::/8 On-link
30 276 ff00::/8 On-link
24 281 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/04/2012 08:09:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 07:59:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 07:48:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 07:18:05 AM) (Source: SescLU) (User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (12/04/2012 07:07:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 00:32:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/03/2012 08:28:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2012 00:32:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/02/2012 11:50:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2012 09:21:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/04/2012 08:09:15 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Symantec Settings Manager service to connect.

Error: (12/04/2012 08:08:39 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 8:06:27 AM on ?12/?4/?2012 was unexpected.

Error: (12/04/2012 07:59:22 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Symantec Settings Manager service to connect.

Error: (12/04/2012 07:58:45 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:55:59 AM on ?12/?4/?2012 was unexpected.

Error: (12/04/2012 07:48:50 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Symantec Settings Manager service to connect.

Error: (12/04/2012 07:48:14 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:44:53 AM on ?12/?4/?2012 was unexpected.

Error: (11/30/2012 06:21:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Symantec Settings Manager service to connect.

Error: (11/30/2012 00:01:28 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/30/2012 00:01:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (11/30/2012 00:01:27 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (12/04/2012 08:09:20 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 07:59:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 07:48:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 07:18:05 AM) (Source: SescLU)(User: )
Description: LiveUpdate returned a non-critical error. Available content updates may have failed to install.

Error: (12/04/2012 07:07:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2012 00:32:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/03/2012 08:28:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2012 00:32:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/02/2012 11:50:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/02/2012 09:21:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
Date: 2012-10-14 14:34:40.338
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 14:34:40.324
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.110)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Any Video Converter 3.5.0
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
AT&T Connect Participant Application v8.9.35 (Version: 8.9.35)
Broadcom InConcert Maestro (Version: 1.0.1.1500)
Burn.Now 4.5 (Version: 4.5.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cisco WebEx Meetings
Conexant 20672 SmartAudio HD (Version: 8.32.23.2)
Conformiq Designer (Version: 4.4.4)
Corel Burn.Now Lenovo Edition (Version: 4.5.0)
Corel DVD MovieFactory 7 (Version: 7.0.0)
Corel DVD MovieFactory Lenovo Edition (Version: 7.0.0)
Corel WinDVD (Version: 10.0.5.828)
Create Recovery Media (Version: 1.20.0.00)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Direct DiscRecorder (Version: 1.00.0000)
DVD Decrypter (Remove Only)
E-GOV.IL Sign&Verify Software - AGForm toolbar (Version: 13.1.0.5)
ESET Online Scanner v3
Evernote v. 4.2.3 (Version: 4.2.3.15)
Fabasoft Folio Cloud Plug-in (Version: 13.0.6047)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Genie Backup Assistant (Version: 8.0.364.534)
Genie Backup Manager (Version: 9.0)
Google Apps Migration For Microsoft Outlook® 2.3.12.34 (Version: 2.3.12.34)
Google Apps Sync™ for Microsoft Outlook® 3.2.353.947 (Version: 3.2.353.947)
Google Chrome (Version: 23.0.1271.95)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.3.0.1009 (Version: 5.3.0.1009)
ImgBurn (Version: 2.5.7.0)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (Version: 1.1.0.1147)
Integrated Camera TWAIN (Version: 1.0.11.1223)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Identity Protection Technology 1.1.2.0 (Version: 1.1.2.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2321)
Jasc Paint Shop Pro 9 (Version: 9.00.0000)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Java™ SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)
JavaFX 2.1.0 (64-bit) (Version: 2.1.0)
JavaFX 2.1.0 SDK (64-bit) (Version: 2.1.0)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Auto Scroll Utility (Version: 1.10)
Lenovo Patch Utility (Version: 1.0.1.1)
Lenovo Patch Utility (Version: 1.3.0.9)
Lenovo Patch Utility 64 bit (Version: 1.2.0.1)
Lenovo Patch Utility 64 bit (Version: 1.3.0.9)
Lenovo Registration (Version: 1.0.4)
Lenovo SimpleTap (Version: 2.1.0003.00)
Lenovo System Interface Driver (Version: 1.05)
Lenovo ThinkVantage Toolbox (Version: 6.0.5849.23)
Lenovo User Guide (Version: 1.0.0008.00)
Lenovo Warranty Information (Version: 1.0.0005.00)
Lenovo Welcome (Version: 3.00.006.0)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.92)
Mesh Runtime (Version: 15.4.5722.2)
Message Center Plus (Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Expression Encoder 3 (Version: 3.0.1332.0)
Microsoft Lync Web App Plug-in (Version: 4.0.7577.190)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MP4-Converter 4.3.8 (Version: 4.3.8)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Norton Safe Web Lite (Version: 2.0.0.16)
Notepad++ (Version: 5.9.8)
NVIDIA 3D Vision Controller Driver 296.16 (Version: 296.16)
NVIDIA Display Control Panel (Version: 6.14.12.6871)
NVIDIA Graphics Driver 296.70 (Version: 296.70)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA nView 136.27 (Version: 136.27)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA Update Components (Version: 1.0.21)
On Screen Display (Version: 6.50.00)
OpenVPN 2.2.2 (Version: 2.2.2)
Oracle VM VirtualBox 4.2.4 (Version: 4.2.4)
Oracle Web Conferencing Console
PMB (Version: 5.8.02.10270)
Power Manager (Version: 6.36)
Python 2.7.3 (Version: 2.7.3150)
RapidBoot (Version: 1.11)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
RICOH_Media_Driver_v2.14.18.01 (Version: 2.14.18.01)
Skype™ 6.0 (Version: 6.0.126)
Spotify (Version: 0.8.5.1333.g822e0de8)
Symantec Endpoint Protection Small Business Edition (Version: 12.0.1001.95)
System Update (Version: 4.03.0012)
TeamViewer 7 (Version: 7.0.15723)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.1500)
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Power Management Driver (Version: 1.61.00.11)
ThinkPad UltraNav Driver (Version: 15.3.8.0)
ThinkPad UltraNav Utility (Version: 2.13.0)
ThinkPad Wireless LAN Adapter Software (Version: 1.00.0029.8)
ThinkVantage Active Protection System (Version: 1.73)
ThinkVantage AutoLock (Version: 1.03)
ThinkVantage Communications Utility (Version: 2.07)
ThinkVantage Fingerprint Software (Version: 5.9.4.6882)
TortoiseSVN 1.7.5.22551 (64 bit) (Version: 1.7.22551)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VIP Access (Version: 2.0.5.13)
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (Version: 12/21/2010 11.8.84.0)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (Version: 09/10/2010 9.2.0.1011)
Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (Version: 11/20/2010 9.2.0.1016)
Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (Version: 12/21/2010 9.2.0.1021)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (Version: 11/11/2010 1.61.00.11)
Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (Version: 05/19/2011 15.3.8.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger
yEd Graph Editor 3.9.2 (Version: 3.9.2)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 12241.23 MB
Available physical RAM: 9146.86 MB
Total Pagefile: 24480.66 MB
Available Pagefile: 21561.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.25 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:448.67 GB) (Free:155.14 GB) NTFS
4 Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.21 GB) NTFS

========================= Users: ========================================

User accounts for \\YHELFMAN-LENOVO

Administrator Guest UpdatusUser
yhelfman


**** End of log ****

09:42:04.0534 4296 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:42:06.0536 4296 ============================================================
09:42:06.0536 4296 Current date / time: 2012/12/04 09:42:06.0536
09:42:06.0536 4296 SystemInfo:
09:42:06.0536 4296
09:42:06.0536 4296 OS Version: 6.1.7601 ServicePack: 1.0
09:42:06.0536 4296 Product type: Workstation
09:42:06.0536 4296 ComputerName: YHELFMAN-LENOVO
09:42:06.0537 4296 UserName: yhelfman
09:42:06.0537 4296 Windows directory: C:\Windows
09:42:06.0537 4296 System windows directory: C:\Windows
09:42:06.0537 4296 Running under WOW64
09:42:06.0537 4296 Processor architecture: Intel x64
09:42:06.0537 4296 Number of processors: 8
09:42:06.0537 4296 Page size: 0x1000
09:42:06.0537 4296 Boot type: Normal boot
09:42:06.0537 4296 ============================================================
09:42:07.0282 4296 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:42:07.0303 4296 ============================================================
09:42:07.0303 4296 \Device\Harddisk0\DR0:
09:42:07.0303 4296 MBR partitions:
09:42:07.0303 4296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
09:42:07.0303 4296 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38157000
09:42:07.0303 4296 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38445800, BlocksNum 0x1F40000
09:42:07.0303 4296 ============================================================
09:42:07.0347 4296 C: <-> \Device\Harddisk0\DR0\Partition2
09:42:07.0386 4296 Q: <-> \Device\Harddisk0\DR0\Partition3
09:42:07.0386 4296 ============================================================
09:42:07.0386 4296 Initialize success
09:42:07.0386 4296 ============================================================
09:42:42.0769 6828 ============================================================
09:42:42.0769 6828 Scan started
09:42:42.0769 6828 Mode: Manual; TDLFS;
09:42:42.0769 6828 ============================================================
09:42:43.0593 6828 ================ Scan system memory ========================
09:42:43.0593 6828 System memory - ok
09:42:43.0593 6828 ================ Scan services =============================
09:42:43.0738 6828 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:42:43.0739 6828 1394ohci - ok
09:42:43.0781 6828 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
09:42:43.0782 6828 5U877 - ok
09:42:43.0805 6828 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:42:43.0807 6828 ACPI - ok
09:42:43.0818 6828 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:42:43.0826 6828 AcpiPmi - ok
09:42:43.0947 6828 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:42:43.0947 6828 AdobeARMservice - ok
09:42:44.0088 6828 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:42:44.0092 6828 AdobeFlashPlayerUpdateSvc - ok
09:42:44.0115 6828 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:42:44.0133 6828 adp94xx - ok
09:42:44.0186 6828 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:42:44.0201 6828 adpahci - ok
09:42:44.0231 6828 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:42:44.0243 6828 adpu320 - ok
09:42:44.0266 6828 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:42:44.0267 6828 AeLookupSvc - ok
09:42:44.0332 6828 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:42:44.0336 6828 AFD - ok
09:42:44.0350 6828 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:42:44.0357 6828 agp440 - ok
09:42:44.0373 6828 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:42:44.0381 6828 ALG - ok
09:42:44.0392 6828 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:42:44.0400 6828 aliide - ok
09:42:44.0405 6828 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:42:44.0413 6828 amdide - ok
09:42:44.0422 6828 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:42:44.0429 6828 AmdK8 - ok
09:42:44.0441 6828 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:42:44.0448 6828 AmdPPM - ok
09:42:44.0472 6828 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:42:44.0480 6828 amdsata - ok
09:42:44.0495 6828 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:42:44.0507 6828 amdsbs - ok
09:42:44.0517 6828 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:42:44.0517 6828 amdxata - ok
09:42:44.0541 6828 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:42:44.0548 6828 AppID - ok
09:42:44.0556 6828 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:42:44.0564 6828 AppIDSvc - ok
09:42:44.0571 6828 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:42:44.0572 6828 Appinfo - ok
09:42:44.0609 6828 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:42:44.0620 6828 AppMgmt - ok
09:42:44.0631 6828 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:42:44.0639 6828 arc - ok
09:42:44.0645 6828 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:42:44.0653 6828 arcsas - ok
09:42:44.0744 6828 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:42:44.0767 6828 aspnet_state - ok
09:42:44.0791 6828 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:42:44.0791 6828 AsyncMac - ok
09:42:44.0816 6828 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:42:44.0823 6828 atapi - ok
09:42:44.0842 6828 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:42:44.0847 6828 AudioEndpointBuilder - ok
09:42:44.0856 6828 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:42:44.0858 6828 AudioSrv - ok
09:42:44.0881 6828 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:42:44.0889 6828 AxInstSV - ok
09:42:44.0915 6828 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:42:44.0930 6828 b06bdrv - ok
09:42:44.0944 6828 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:42:44.0956 6828 b57nd60a - ok
09:42:44.0985 6828 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:42:44.0992 6828 BDESVC - ok
09:42:45.0002 6828 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:42:45.0003 6828 Beep - ok
09:42:45.0037 6828 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:42:45.0042 6828 BFE - ok
09:42:45.0083 6828 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:42:45.0101 6828 BITS - ok
09:42:45.0110 6828 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:42:45.0110 6828 blbdrive - ok
09:42:45.0148 6828 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:42:45.0149 6828 bowser - ok
09:42:45.0163 6828 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:42:45.0169 6828 BrFiltLo - ok
09:42:45.0178 6828 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:42:45.0183 6828 BrFiltUp - ok
09:42:45.0232 6828 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:42:45.0240 6828 BridgeMP - ok
09:42:45.0276 6828 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:42:45.0277 6828 Browser - ok
09:42:45.0294 6828 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:42:45.0307 6828 Brserid - ok
09:42:45.0340 6828 [ 80E52EF092F3DAD03E0EE15E64F97245 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
09:42:45.0348 6828 BrSerIf - ok
09:42:45.0357 6828 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:42:45.0365 6828 BrSerWdm - ok
09:42:45.0378 6828 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:42:45.0385 6828 BrUsbMdm - ok
09:42:45.0420 6828 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
09:42:45.0427 6828 BrUsbSer - ok
09:42:45.0476 6828 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:42:45.0483 6828 BthEnum - ok
09:42:45.0498 6828 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:42:45.0506 6828 BTHMODEM - ok
09:42:45.0528 6828 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:42:45.0536 6828 BthPan - ok
09:42:45.0587 6828 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:42:45.0609 6828 BTHPORT - ok
09:42:45.0669 6828 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:42:45.0676 6828 bthserv - ok
09:42:45.0695 6828 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:42:45.0703 6828 BTHUSB - ok
09:42:45.0744 6828 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
09:42:45.0762 6828 BTWAMPFL - ok
09:42:45.0774 6828 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:42:45.0784 6828 btwaudio - ok
09:42:45.0799 6828 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:42:45.0820 6828 btwavdt - ok
09:42:45.0873 6828 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
09:42:45.0877 6828 btwdins - ok
09:42:45.0887 6828 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:42:45.0894 6828 btwl2cap - ok
09:42:45.0901 6828 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:42:45.0908 6828 btwrchid - ok
09:42:45.0910 6828 catchme - ok
09:42:45.0962 6828 [ 27D036FB3D22CA8A6662FE960D1A937D ] ccEvtMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
09:42:45.0963 6828 ccEvtMgr - ok
09:42:45.0969 6828 [ 27D036FB3D22CA8A6662FE960D1A937D ] ccSetMgr C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
09:42:45.0970 6828 ccSetMgr - ok
09:42:46.0034 6828 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NST C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys
09:42:46.0035 6828 ccSet_NST - ok
09:42:46.0059 6828 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:42:46.0067 6828 cdfs - ok
09:42:46.0114 6828 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:42:46.0115 6828 cdrom - ok
09:42:46.0148 6828 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:42:46.0155 6828 CertPropSvc - ok
09:42:46.0170 6828 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:42:46.0177 6828 circlass - ok
09:42:46.0203 6828 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:42:46.0206 6828 CLFS - ok
09:42:46.0274 6828 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:42:46.0293 6828 clr_optimization_v2.0.50727_32 - ok
09:42:46.0328 6828 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:42:46.0336 6828 clr_optimization_v2.0.50727_64 - ok
09:42:46.0381 6828 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:42:46.0412 6828 clr_optimization_v4.0.30319_32 - ok
09:42:46.0443 6828 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:42:46.0445 6828 clr_optimization_v4.0.30319_64 - ok
09:42:46.0470 6828 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:42:46.0470 6828 CmBatt - ok
09:42:46.0483 6828 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:42:46.0490 6828 cmdide - ok
09:42:46.0541 6828 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:42:46.0545 6828 CNG - ok
09:42:46.0612 6828 [ 8DE541B4CFA281A204BAA3EA2109809E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
09:42:46.0618 6828 CnxtHdAudService - ok
09:42:46.0649 6828 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:42:46.0649 6828 Compbatt - ok
09:42:46.0667 6828 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:42:46.0668 6828 CompositeBus - ok
09:42:46.0670 6828 COMSysApp - ok
09:42:46.0682 6828 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:42:46.0690 6828 crcdisk - ok
09:42:46.0731 6828 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:42:46.0732 6828 CryptSvc - ok
09:42:46.0750 6828 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
09:42:46.0754 6828 CSC - ok
09:42:46.0784 6828 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
09:42:46.0799 6828 CscService - ok
09:42:46.0824 6828 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
09:42:46.0825 6828 CxAudMsg - ok
09:42:46.0890 6828 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
09:42:46.0897 6828 dc3d - ok
09:42:46.0932 6828 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:42:46.0938 6828 DcomLaunch - ok
09:42:46.0950 6828 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:42:46.0951 6828 defragsvc - ok
09:42:46.0972 6828 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:42:46.0973 6828 DfsC - ok
09:42:47.0002 6828 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:42:47.0004 6828 Dhcp - ok
09:42:47.0031 6828 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:42:47.0031 6828 discache - ok
09:42:47.0054 6828 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:42:47.0054 6828 Disk - ok
09:42:47.0082 6828 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:42:47.0088 6828 dmvsc - ok
09:42:47.0114 6828 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:42:47.0115 6828 Dnscache - ok
09:42:47.0129 6828 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:42:47.0140 6828 dot3svc - ok
09:42:47.0233 6828 [ 9597BCB69286FF017DB1A0FB8144408D ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
09:42:47.0250 6828 DozeSvc - ok
09:42:47.0266 6828 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:42:47.0267 6828 DPS - ok
09:42:47.0306 6828 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:42:47.0312 6828 drmkaud - ok
09:42:47.0340 6828 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:42:47.0343 6828 DXGKrnl - ok
09:42:47.0382 6828 [ 3CE83D7EE95D9C9F03323810A2E747DF ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
09:42:47.0383 6828 DzHDD64 - ok
09:42:47.0443 6828 [ DC1776D086AA9733B1929A3D979D9FDD ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
09:42:47.0445 6828 e1cexpress - ok
09:42:47.0462 6828 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:42:47.0463 6828 EapHost - ok
09:42:47.0519 6828 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:42:47.0627 6828 ebdrv - ok
09:42:47.0663 6828 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:42:47.0664 6828 eeCtrl - ok
09:42:47.0703 6828 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:42:47.0703 6828 EFS - ok
09:42:47.0763 6828 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:42:47.0821 6828 ehRecvr - ok
09:42:47.0849 6828 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:42:47.0858 6828 ehSched - ok
09:42:47.0889 6828 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:42:47.0908 6828 elxstor - ok
09:42:47.0975 6828 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:42:47.0976 6828 EraserUtilRebootDrv - ok
09:42:47.0990 6828 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:42:47.0996 6828 ErrDev - ok
09:42:48.0030 6828 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:42:48.0033 6828 EventSystem - ok
09:42:48.0059 6828 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:42:48.0070 6828 exfat - ok
09:42:48.0087 6828 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:42:48.0101 6828 fastfat - ok
09:42:48.0125 6828 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:42:48.0132 6828 Fax - ok
09:42:48.0146 6828 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:42:48.0155 6828 fdc - ok
09:42:48.0176 6828 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:42:48.0177 6828 fdPHost - ok
09:42:48.0187 6828 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:42:48.0194 6828 FDResPub - ok
09:42:48.0209 6828 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:42:48.0209 6828 FileInfo - ok
09:42:48.0219 6828 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:42:48.0227 6828 Filetrace - ok
09:42:48.0235 6828 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:42:48.0242 6828 flpydisk - ok
09:42:48.0255 6828 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:42:48.0256 6828 FltMgr - ok
09:42:48.0284 6828 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:42:48.0299 6828 FontCache - ok
09:42:48.0352 6828 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:42:48.0352 6828 FontCache3.0.0.0 - ok
09:42:48.0367 6828 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:42:48.0374 6828 FsDepends - ok
09:42:48.0406 6828 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:42:48.0406 6828 Fs_Rec - ok
09:42:48.0418 6828 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:42:48.0420 6828 fvevol - ok
09:42:48.0431 6828 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:42:48.0438 6828 gagp30kx - ok
09:42:48.0462 6828 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:42:48.0468 6828 gpsvc - ok
09:42:48.0590 6828 [ A423E4E2187B5E8DEA8A6B31950ACC18 ] GSService C:\Windows\SysWOW64\GSService.exe
09:42:48.0608 6828 GSService - ok
09:42:48.0652 6828 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:42:48.0652 6828 gupdate - ok
09:42:48.0668 6828 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:42:48.0669 6828 gupdatem - ok
09:42:48.0724 6828 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:42:48.0740 6828 gusvc - ok
09:42:48.0753 6828 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:42:48.0759 6828 hcw85cir - ok
09:42:48.0788 6828 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:42:48.0801 6828 HdAudAddService - ok
09:42:48.0827 6828 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:42:48.0828 6828 HDAudBus - ok
09:42:48.0830 6828 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:42:48.0836 6828 HidBatt - ok
09:42:48.0850 6828 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:42:48.0858 6828 HidBth - ok
09:42:48.0871 6828 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:42:48.0877 6828 HidIr - ok
09:42:48.0900 6828 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
09:42:48.0907 6828 hidserv - ok
09:42:48.0920 6828 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:42:48.0921 6828 HidUsb - ok
09:42:48.0945 6828 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:42:48.0952 6828 hkmsvc - ok
09:42:48.0980 6828 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:42:48.0994 6828 HomeGroupListener - ok
09:42:49.0022 6828 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:42:49.0024 6828 HomeGroupProvider - ok
09:42:49.0041 6828 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:42:49.0049 6828 HpSAMD - ok
09:42:49.0074 6828 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:42:49.0080 6828 HTTP - ok
09:42:49.0094 6828 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:42:49.0094 6828 hwpolicy - ok
09:42:49.0182 6828 [ E935C8099F9196BF19224D9EE4808612 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
09:42:49.0183 6828 HyperW7Svc - ok
09:42:49.0207 6828 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:42:49.0207 6828 i8042prt - ok
09:42:49.0255 6828 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:42:49.0258 6828 iaStor - ok
09:42:49.0302 6828 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:42:49.0319 6828 iaStorV - ok
09:42:49.0349 6828 [ 29ED470689B7C597A9701D6A4C57A578 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:42:49.0349 6828 IBMPMDRV - ok
09:42:49.0357 6828 [ BC7AF43EEC24E995D770EC92A441D5D8 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
09:42:49.0358 6828 IBMPMSVC - ok
09:42:49.0409 6828 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:42:49.0464 6828 idsvc - ok
09:42:49.0671 6828 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:42:49.0903 6828 igfx - ok
09:42:49.0938 6828 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:42:49.0946 6828 iirsp - ok
09:42:49.0974 6828 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:42:49.0981 6828 IKEEXT - ok
09:42:49.0991 6828 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:42:49.0997 6828 intelide - ok
09:42:50.0021 6828 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:42:50.0022 6828 intelppm - ok
09:42:50.0049 6828 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:42:50.0050 6828 IPBusEnum - ok
09:42:50.0072 6828 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:42:50.0079 6828 IpFilterDriver - ok
09:42:50.0129 6828 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:42:50.0135 6828 iphlpsvc - ok
09:42:50.0149 6828 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:42:50.0156 6828 IPMIDRV - ok
09:42:50.0166 6828 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:42:50.0173 6828 IPNAT - ok
09:42:50.0185 6828 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:42:50.0192 6828 IRENUM - ok
09:42:50.0194 6828 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:42:50.0200 6828 isapnp - ok
09:42:50.0236 6828 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:42:50.0248 6828 iScsiPrt - ok
09:42:50.0319 6828 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
09:42:50.0320 6828 jhi_service - ok
09:42:50.0334 6828 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:42:50.0335 6828 kbdclass - ok
09:42:50.0346 6828 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:42:50.0352 6828 kbdhid - ok
09:42:50.0368 6828 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:42:50.0368 6828 KeyIso - ok
09:42:50.0404 6828 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:42:50.0404 6828 KSecDD - ok
09:42:50.0420 6828 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:42:50.0421 6828 KSecPkg - ok
09:42:50.0432 6828 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:42:50.0432 6828 ksthunk - ok
09:42:50.0462 6828 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:42:50.0478 6828 KtmRm - ok
09:42:50.0501 6828 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
09:42:50.0503 6828 LanmanServer - ok
09:42:50.0528 6828 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:42:50.0530 6828 LanmanWorkstation - ok
09:42:50.0558 6828 [ 56B74943929BC575914631EDC0E72220 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
09:42:50.0559 6828 LENOVO.CAMMUTE - ok
09:42:50.0610 6828 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:42:50.0611 6828 LENOVO.MICMUTE - ok
09:42:50.0624 6828 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
09:42:50.0625 6828 lenovo.smi - ok
09:42:50.0630 6828 [ F9B51B2A5DA1222A910021C71E9EA559 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
09:42:50.0630 6828 LENOVO.TPKNRSVC - ok
09:42:50.0645 6828 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
09:42:50.0646 6828 Lenovo.VIRTSCRLSVC - ok
09:42:50.0761 6828 [ E34152D03CAAAAA81DD66D803F392522 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
09:42:50.0773 6828 LiveUpdate - ok
09:42:50.0797 6828 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:42:50.0798 6828 lltdio - ok
09:42:50.0810 6828 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:42:50.0823 6828 lltdsvc - ok
09:42:50.0855 6828 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:42:50.0855 6828 lmhosts - ok
09:42:50.0885 6828 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:42:50.0886 6828 LMS - ok
09:42:50.0902 6828 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:42:50.0910 6828 LSI_FC - ok
09:42:50.0946 6828 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:42:50.0954 6828 LSI_SAS - ok
09:42:50.0967 6828 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:42:50.0975 6828 LSI_SAS2 - ok
09:42:50.0996 6828 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:42:51.0004 6828 LSI_SCSI - ok
09:42:51.0019 6828 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:42:51.0019 6828 luafv - ok
09:42:51.0036 6828 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:42:51.0043 6828 Mcx2Svc - ok
09:42:51.0052 6828 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:42:51.0059 6828 megasas - ok
09:42:51.0079 6828 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:42:51.0091 6828 MegaSR - ok
09:42:51.0101 6828 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:42:51.0102 6828 MEIx64 - ok
09:42:51.0110 6828 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:42:51.0111 6828 MMCSS - ok
09:42:51.0114 6828 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:42:51.0120 6828 Modem - ok
09:42:51.0141 6828 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:42:51.0141 6828 monitor - ok
09:42:51.0150 6828 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:42:51.0151 6828 mouclass - ok
09:42:51.0170 6828 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:42:51.0170 6828 mouhid - ok
09:42:51.0190 6828 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:42:51.0190 6828 mountmgr - ok
09:42:51.0242 6828 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:42:51.0262 6828 MozillaMaintenance - ok
09:42:51.0306 6828 [ E40C07B8546454A33CB746A374192FCD ] MP4ConverterAudio C:\Windows\system32\drivers\MP4ConverterAudio.sys
09:42:51.0306 6828 MP4ConverterAudio - ok
09:42:51.0327 6828 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:42:51.0338 6828 mpio - ok
09:42:51.0347 6828 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:42:51.0348 6828 mpsdrv - ok
09:42:51.0372 6828 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:42:51.0386 6828 MpsSvc - ok
09:42:51.0390 6828 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:42:51.0399 6828 MRxDAV - ok
09:42:51.0424 6828 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:42:51.0425 6828 mrxsmb - ok
09:42:51.0441 6828 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:42:51.0444 6828 mrxsmb10 - ok
09:42:51.0457 6828 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:42:51.0458 6828 mrxsmb20 - ok
09:42:51.0474 6828 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:42:51.0480 6828 msahci - ok
09:42:51.0495 6828 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:42:51.0526 6828 msdsm - ok
09:42:51.0538 6828 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:42:51.0547 6828 MSDTC - ok
09:42:51.0567 6828 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:42:51.0567 6828 Msfs - ok
09:42:51.0580 6828 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:42:51.0586 6828 mshidkmdf - ok
09:42:51.0598 6828 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:42:51.0598 6828 msisadrv - ok
09:42:51.0630 6828 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:42:51.0641 6828 MSiSCSI - ok
09:42:51.0643 6828 msiserver - ok
09:42:51.0666 6828 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:42:51.0672 6828 MSKSSRV - ok
09:42:51.0681 6828 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:42:51.0687 6828 MSPCLOCK - ok
09:42:51.0696 6828 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:42:51.0702 6828 MSPQM - ok
09:42:51.0714 6828 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:42:51.0717 6828 MsRPC - ok
09:42:51.0727 6828 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:42:51.0727 6828 mssmbios - ok
09:42:51.0740 6828 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:42:51.0746 6828 MSTEE - ok
09:42:51.0756 6828 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:42:51.0762 6828 MTConfig - ok
09:42:51.0775 6828 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:42:51.0775 6828 Mup - ok
09:42:51.0810 6828 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:42:51.0814 6828 napagent - ok
09:42:51.0836 6828 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:42:51.0837 6828 NativeWifiP - ok
09:42:51.0967 6828 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20121204.003\ENG64.SYS
09:42:51.0967 6828 NAVENG - ok
09:42:52.0012 6828 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20121204.003\EX64.SYS
09:42:52.0021 6828 NAVEX15 - ok
09:42:52.0057 6828 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:42:52.0072 6828 NDIS - ok
09:42:52.0093 6828 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:42:52.0103 6828 NdisCap - ok
09:42:52.0113 6828 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:42:52.0114 6828 NdisTapi - ok
09:42:52.0133 6828 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:42:52.0133 6828 Ndisuio - ok
09:42:52.0147 6828 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:42:52.0148 6828 NdisWan - ok
09:42:52.0164 6828 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:42:52.0164 6828 NDProxy - ok
09:42:52.0176 6828 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:42:52.0176 6828 NetBIOS - ok
09:42:52.0192 6828 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:42:52.0194 6828 NetBT - ok
09:42:52.0216 6828 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:42:52.0216 6828 Netlogon - ok
09:42:52.0243 6828 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:42:52.0245 6828 Netman - ok
09:42:52.0322 6828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:42:52.0330 6828 NetMsmqActivator - ok
09:42:52.0346 6828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:42:52.0347 6828 NetPipeActivator - ok
09:42:52.0364 6828 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:42:52.0378 6828 netprofm - ok
09:42:52.0384 6828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:42:52.0385 6828 NetTcpActivator - ok
09:42:52.0388 6828 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:42:52.0389 6828 NetTcpPortSharing - ok
09:42:52.0409 6828 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:42:52.0417 6828 nfrd960 - ok
09:42:52.0462 6828 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:42:52.0464 6828 NlaSvc - ok
09:42:52.0471 6828 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:42:52.0471 6828 Npfs - ok
09:42:52.0484 6828 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:42:52.0485 6828 nsi - ok
09:42:52.0491 6828 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:42:52.0491 6828 nsiproxy - ok
09:42:52.0567 6828 [ E127420B7FEB65C7F279EAAC183BBC0E ] NSL C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
09:42:52.0567 6828 NSL - ok
09:42:52.0619 6828 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:42:52.0644 6828 Ntfs - ok
09:42:52.0647 6828 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:42:52.0648 6828 Null - ok
09:42:52.0679 6828 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
09:42:52.0679 6828 nusb3hub - ok
09:42:52.0705 6828 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:42:52.0706 6828 nusb3xhc - ok
09:42:52.0743 6828 [ 8D4AAC74B571FC356560E5B308955E93 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:42:52.0744 6828 NVHDA - ok
09:42:52.0976 6828 [ 142E69816EC9C4ED274E1AD3E801F09E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:42:53.0026 6828 nvlddmkm - ok
09:42:53.0051 6828 [ 2E6C975AE61742DC8A31B9E260D8AF1D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
09:42:53.0051 6828 nvpciflt - ok
09:42:53.0088 6828 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:42:53.0098 6828 nvraid - ok
09:42:53.0114 6828 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:42:53.0126 6828 nvstor - ok
09:42:53.0173 6828 [ E9200F89EA2885B9B8151AA9D7B480EB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:42:53.0181 6828 nvUpdatusService - ok
09:42:53.0203 6828 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:42:53.0211 6828 nv_agp - ok
09:42:53.0235 6828 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:42:53.0242 6828 ohci1394 - ok
09:42:53.0326 6828 [ EC322186D8FCE3D632F3F597D67747DD ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
09:42:53.0335 6828 OpenVPNService - ok
09:42:53.0379 6828 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:42:53.0403 6828 ose - ok
09:42:53.0499 6828 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:42:53.0518 6828 osppsvc - ok
09:42:53.0563 6828 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:42:53.0567 6828 p2pimsvc - ok
09:42:53.0595 6828 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:42:53.0610 6828 p2psvc - ok
09:42:53.0635 6828 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:42:53.0642 6828 Parport - ok
09:42:53.0674 6828 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:42:53.0675 6828 partmgr - ok
09:42:53.0687 6828 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:42:53.0688 6828 PcaSvc - ok
09:42:53.0705 6828 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:42:53.0706 6828 pci - ok
09:42:53.0730 6828 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:42:53.0738 6828 pciide - ok
09:42:53.0750 6828 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:42:53.0762 6828 pcmcia - ok
09:42:53.0770 6828 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:42:53.0770 6828 pcw - ok
09:42:53.0788 6828 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:42:53.0795 6828 PEAUTH - ok
09:42:53.0824 6828 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:42:53.0849 6828 PeerDistSvc - ok
09:42:53.0913 6828 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:42:53.0923 6828 PerfHost - ok
09:42:53.0942 6828 [ 52C9F4359AF4A25969B882AECC6F3BDA ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
09:42:53.0942 6828 PHCORE - ok
09:42:53.0971 6828 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:42:54.0028 6828 pla - ok
09:42:54.0063 6828 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:42:54.0067 6828 PlugPlay - ok
09:42:54.0138 6828 [ AE6C778717DE2F6B0C0B5335036D3363 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:42:54.0160 6828 PMBDeviceInfoProvider - ok
09:42:54.0176 6828 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:42:54.0183 6828 PNRPAutoReg - ok
09:42:54.0198 6828 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:42:54.0200 6828 PNRPsvc - ok
09:42:54.0225 6828 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:42:54.0230 6828 PolicyAgent - ok
09:42:54.0246 6828 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
09:42:54.0247 6828 Power - ok
09:42:54.0334 6828 [ D2FCBA55D4ED03E1FF9A290D5CF1CCA5 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
09:42:54.0443 6828 Power Manager DBC Service - ok
09:42:54.0481 6828 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:42:54.0482 6828 PptpMiniport - ok
09:42:54.0494 6828 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:42:54.0501 6828 Processor - ok
09:42:54.0536 6828 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:42:54.0538 6828 ProfSvc - ok
09:42:54.0551 6828 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:42:54.0551 6828 ProtectedStorage - ok
09:42:54.0575 6828 [ 05A4779E4994B21473EDBE85AABE8030 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
09:42:54.0576 6828 psadd - ok
09:42:54.0599 6828 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:42:54.0600 6828 Psched - ok
09:42:54.0626 6828 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:42:54.0627 6828 PSI_SVC_2 - ok
09:42:54.0678 6828 [ 462059CB2914AEE993751851CDF145C9 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
09:42:54.0751 6828 PwmEWSvc - ok
09:42:54.0796 6828 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:42:54.0837 6828 ql2300 - ok
09:42:54.0846 6828 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:42:54.0853 6828 ql40xx - ok
09:42:54.0879 6828 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:42:54.0892 6828 QWAVE - ok
09:42:54.0903 6828 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:42:54.0911 6828 QWAVEdrv - ok
09:42:54.0923 6828 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:42:54.0931 6828 RasAcd - ok
09:42:54.0960 6828 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:42:54.0961 6828 RasAgileVpn - ok
09:42:54.0979 6828 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:42:54.0986 6828 RasAuto - ok
09:42:54.0996 6828 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:42:54.0997 6828 Rasl2tp - ok
09:42:55.0026 6828 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:42:55.0031 6828 RasMan - ok
09:42:55.0037 6828 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:42:55.0037 6828 RasPppoe - ok
09:42:55.0043 6828 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:42:55.0044 6828 RasSstp - ok
09:42:55.0058 6828 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:42:55.0060 6828 rdbss - ok
09:42:55.0073 6828 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:42:55.0074 6828 rdpbus - ok
09:42:55.0083 6828 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:42:55.0083 6828 RDPCDD - ok
09:42:55.0099 6828 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:42:55.0109 6828 RDPDR - ok
09:42:55.0131 6828 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:42:55.0131 6828 RDPENCDD - ok
09:42:55.0151 6828 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:42:55.0152 6828 RDPREFMP - ok
09:42:55.0185 6828 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:42:55.0195 6828 RDPWD - ok
09:42:55.0217 6828 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:42:55.0218 6828 rdyboost - ok
09:42:55.0246 6828 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:42:55.0253 6828 RemoteAccess - ok
09:42:55.0263 6828 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:42:55.0274 6828 RemoteRegistry - ok
09:42:55.0307 6828 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:42:55.0317 6828 RFCOMM - ok
09:42:55.0349 6828 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
09:42:55.0349 6828 risdxc - ok
09:42:55.0361 6828 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:42:55.0362 6828 RpcEptMapper - ok
09:42:55.0371 6828 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:42:55.0377 6828 RpcLocator - ok
09:42:55.0405 6828 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:42:55.0408 6828 RpcSs - ok
09:42:55.0416 6828 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:42:55.0416 6828 rspndr - ok
09:42:55.0456 6828 [ 513338976B722822B555D739D78F9E9F ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
09:42:55.0460 6828 RTL8192Ce - ok
09:42:55.0470 6828 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:42:55.0477 6828 s3cap - ok
09:42:55.0491 6828 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:42:55.0492 6828 SamSs - ok
09:42:55.0494 6828 SAService - ok
09:42:55.0503 6828 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:42:55.0511 6828 sbp2port - ok
09:42:55.0522 6828 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:42:55.0534 6828 SCardSvr - ok
09:42:55.0542 6828 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:42:55.0549 6828 scfilter - ok
09:42:55.0577 6828 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:42:55.0594 6828 Schedule - ok
09:42:55.0620 6828 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:42:55.0620 6828 SCPolicySvc - ok
09:42:55.0633 6828 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:42:55.0644 6828 SDRSVC - ok
09:42:55.0664 6828 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:42:55.0664 6828 secdrv - ok
09:42:55.0676 6828 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:42:55.0677 6828 seclogon - ok
09:42:55.0698 6828 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
09:42:55.0699 6828 SENS - ok
09:42:55.0708 6828 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:42:55.0715 6828 SensrSvc - ok
09:42:55.0733 6828 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:42:55.0740 6828 Serenum - ok
09:42:55.0760 6828 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:42:55.0767 6828 Serial - ok
09:42:55.0795 6828 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:42:55.0801 6828 sermouse - ok
09:42:55.0813 6828 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:42:55.0821 6828 SessionEnv - ok
09:42:55.0830 6828 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:42:55.0838 6828 sffdisk - ok
09:42:55.0842 6828 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:42:55.0848 6828 sffp_mmc - ok
09:42:55.0861 6828 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:42:55.0868 6828 sffp_sd - ok
09:42:55.0879 6828 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:42:55.0886 6828 sfloppy - ok
09:42:55.0919 6828 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:42:55.0922 6828 SharedAccess - ok
09:42:55.0937 6828 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:42:55.0939 6828 ShellHWDetection - ok
09:42:55.0962 6828 [ E2FC046D4EDABFE3B5EF7DA06406277D ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
09:42:55.0963 6828 Shockprf - ok
09:42:55.0967 6828 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:42:55.0974 6828 SiSRaid2 - ok
09:42:55.0984 6828 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:42:55.0993 6828 SiSRaid4 - ok
09:42:56.0035 6828 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:42:56.0036 6828 SkypeUpdate - ok
09:42:56.0056 6828 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:42:56.0064 6828 Smb - ok
09:42:56.0171 6828 [ 4B1DAFE4100555239354950AC537C98C ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
09:42:56.0183 6828 SmcService - ok
09:42:56.0227 6828 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
09:42:56.0228 6828 smihlp - ok
09:42:56.0278 6828 [ 6A06C60C6CAE39A87603B03EA7DD404C ] SMServer C:\Windows\SysWOW64\snmvtsvc.exe
09:42:56.0295 6828 SMServer - ok
09:42:56.0329 6828 [ F2544BF1302EBFEFD006E32AC55703F4 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
09:42:56.0348 6828 SNAC - ok
09:42:56.0383 6828 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:42:56.0384 6828 SNMPTRAP - ok
09:42:56.0396 6828 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:42:56.0396 6828 spldr - ok
09:42:56.0440 6828 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:42:56.0443 6828 Spooler - ok
09:42:56.0499 6828 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:42:56.0513 6828 sppsvc - ok
09:42:56.0541 6828 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:42:56.0549 6828 sppuinotify - ok
09:42:56.0567 6828 [ 32900AC9CFDC578531279886CA16A4DF ] SRTSP C:\Windows\system32\Drivers\SRTSP64.SYS
09:42:56.0569 6828 SRTSP - ok
09:42:56.0590 6828 [ 8929566D1F14685FD78EAF25BEE3ECC7 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL64.SYS
09:42:56.0611 6828 SRTSPL - ok
09:42:56.0641 6828 [ CB2FDF47EE67F8CCA5362ED9B94FE955 ] SRTSPX C:\Windows\system32\Drivers\SRTSPX64.SYS
09:42:56.0641 6828 SRTSPX - ok
09:42:56.0683 6828 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:42:56.0686 6828 srv - ok
09:42:56.0718 6828 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:42:56.0720 6828 srv2 - ok
09:42:56.0737 6828 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:42:56.0737 6828 srvnet - ok
09:42:56.0756 6828 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:42:56.0760 6828 SSDPSRV - ok
09:42:56.0770 6828 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:42:56.0771 6828 SstpSvc - ok
09:42:56.0791 6828 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:42:56.0799 6828 stexstor - ok
09:42:56.0817 6828 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:42:56.0823 6828 stisvc - ok
09:42:56.0844 6828 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:42:56.0844 6828 storflt - ok
09:42:56.0859 6828 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
09:42:56.0866 6828 StorSvc - ok
09:42:56.0888 6828 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:42:56.0895 6828 storvsc - ok
09:42:56.0964 6828 [ 59B5A060A31BD4BAB030C4FCD1048292 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
09:42:56.0964 6828 SUService - ok
09:42:56.0985 6828 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:42:56.0985 6828 swenum - ok
09:42:57.0027 6828 [ 9F0A0C3EE91FD7CB709F7D0D97207F7E ] swg3kser00 C:\Windows\system32\DRIVERS\swg3kser00.sys
09:42:57.0030 6828 swg3kser00 - ok
09:42:57.0072 6828 [ C6A7E54A31803E6F95E23D1B5D967D57 ] swiwdmbx C:\Windows\system32\DRIVERS\swiwdmbx64.sys
09:42:57.0073 6828 swiwdmbx - ok
09:42:57.0090 6828 [ 8DB7EF3FBE3ECA6D90938E77AEC1A440 ] SWNC8UA3 C:\Windows\system32\DRIVERS\swnc8ua3.sys
09:42:57.0091 6828 SWNC8UA3 - ok
09:42:57.0115 6828 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:42:57.0122 6828 swprv - ok
09:42:57.0167 6828 [ B9B3B38A852F13D6F61ACB3994872EDA ] Symantec AntiVirus C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
09:42:57.0173 6828 Symantec AntiVirus - ok
09:42:57.0213 6828 [ 7E4D281982E19ABD06728C7EE9AC40A8 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:42:57.0220 6828 SymEvent - ok
09:42:57.0274 6828 [ FFDD13B42D4B106AC9FAFBB0E1F7FAA5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:42:57.0279 6828 SynTP - ok
09:42:57.0325 6828 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:42:57.0350 6828 SysMain - ok
09:42:57.0360 6828 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:42:57.0367 6828 TabletInputService - ok
09:42:57.0393 6828 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
09:42:57.0394 6828 tap0901 - ok
09:42:57.0405 6828 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:42:57.0409 6828 TapiSrv - ok
09:42:57.0417 6828 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:42:57.0418 6828 TBS - ok
09:42:57.0478 6828 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:42:57.0511 6828 Tcpip - ok
09:42:57.0552 6828 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:42:57.0559 6828 TCPIP6 - ok
09:42:57.0603 6828 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:42:57.0604 6828 tcpipreg - ok
09:42:57.0626 6828 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:42:57.0633 6828 TDPIPE - ok
09:42:57.0667 6828 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:42:57.0673 6828 TDTCP - ok
09:42:57.0687 6828 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:42:57.0687 6828 tdx - ok
09:42:57.0810 6828 [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
09:42:57.0822 6828 TeamViewer7 - ok
09:42:57.0869 6828 [ 13657DC475DE564247745BF4DA23207C ] Teefer2 C:\Windows\system32\DRIVERS\teefer2.sys
09:42:57.0869 6828 Teefer2 - ok
09:42:57.0890 6828 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:42:57.0891 6828 TermDD - ok
09:42:57.0922 6828 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:42:57.0977 6828 TermService - ok
09:42:58.0002 6828 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:42:58.0003 6828 Themes - ok
09:42:58.0025 6828 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:42:58.0026 6828 THREADORDER - ok
09:42:58.0036 6828 [ 55B7FE3E1D3B616BDC4E9EA48D92D6E6 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
09:42:58.0037 6828 TPDIGIMN - ok
09:42:58.0051 6828 [ F0684C62ED8FD3061CD488ECFC851022 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
09:42:58.0059 6828 TPHDEXLGSVC - ok
09:42:58.0093 6828 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:42:58.0093 6828 TPHKLOAD - ok
09:42:58.0103 6828 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:42:58.0103 6828 TPHKSVC - ok
09:42:58.0123 6828 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
09:42:58.0123 6828 TPM - ok
09:42:58.0168 6828 [ 6EE437A872E0184D6D09F65C5EA0AABA ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
09:42:58.0168 6828 TPPWRIF - ok
09:42:58.0180 6828 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:42:58.0182 6828 TrkWks - ok
09:42:58.0223 6828 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:42:58.0224 6828 TrustedInstaller - ok
09:42:58.0236 6828 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:42:58.0245 6828 tssecsrv - ok
09:42:58.0252 6828 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:42:58.0260 6828 TsUsbFlt - ok
09:42:58.0263 6828 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:42:58.0269 6828 TsUsbGD - ok
09:42:58.0291 6828 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:42:58.0292 6828 tunnel - ok
09:42:58.0323 6828 [ 4DAAE0413CD4E816258838E2FAFB3147 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
09:42:58.0323 6828 TVTI2C - ok
09:42:58.0339 6828 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:42:58.0346 6828 uagp35 - ok
09:42:58.0359 6828 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:42:58.0373 6828 udfs - ok
09:42:58.0388 6828 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:42:58.0395 6828 UI0Detect - ok
09:42:58.0441 6828 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
09:42:58.0442 6828 UleadBurningHelper - ok
09:42:58.0462 6828 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:42:58.0469 6828 uliagpkx - ok
09:42:58.0481 6828 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:42:58.0482 6828 umbus - ok
09:42:58.0503 6828 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:42:58.0509 6828 UmPass - ok
09:42:58.0526 6828 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
09:42:58.0538 6828 UmRdpService - ok
09:42:58.0607 6828 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:42:58.0617 6828 UNS - ok
09:42:58.0653 6828 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:42:58.0667 6828 upnphost - ok
09:42:58.0688 6828 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:42:58.0689 6828 usbccgp - ok
09:42:58.0706 6828 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:42:58.0714 6828 usbcir - ok
09:42:58.0725 6828 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:42:58.0725 6828 usbehci - ok
09:42:58.0744 6828 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:42:58.0747 6828 usbhub - ok
09:42:58.0767 6828 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:42:58.0774 6828 usbohci - ok
09:42:58.0797 6828 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:42:58.0804 6828 usbprint - ok
09:42:58.0838 6828 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:42:58.0845 6828 usbscan - ok
09:42:58.0868 6828 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:42:58.0869 6828 USBSTOR - ok
09:42:58.0871 6828 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:42:58.0877 6828 usbuhci - ok
09:42:58.0904 6828 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:42:58.0916 6828 usbvideo - ok
09:42:58.0929 6828 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:42:58.0930 6828 UxSms - ok
09:42:58.0941 6828 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:42:58.0942 6828 VaultSvc - ok
09:42:58.0994 6828 [ 72EC34F9999A5A48CFD43F5E6BD779E4 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
09:42:58.0995 6828 VBoxDrv - ok
09:42:59.0033 6828 [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
09:42:59.0033 6828 VBoxNetAdp - ok
09:42:59.0071 6828 [ CD37A9264C404E48BCE162D37B117B45 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
09:42:59.0072 6828 VBoxNetFlt - ok
09:42:59.0102 6828 [ F649B3D30C6F40B04BDCCD0D11A43481 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
09:42:59.0103 6828 VBoxUSBMon - ok
09:42:59.0108 6828 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:42:59.0109 6828 vdrvroot - ok
09:42:59.0129 6828 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:42:59.0147 6828 vds - ok
09:42:59.0149 6828 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:42:59.0159 6828 vga - ok
09:42:59.0184 6828 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:42:59.0184 6828 VgaSave - ok
09:42:59.0198 6828 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:42:59.0209 6828 vhdmp - ok
09:42:59.0218 6828 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:42:59.0225 6828 viaide - ok
09:42:59.0282 6828 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
09:42:59.0283 6828 VIPAppService - ok
09:42:59.0295 6828 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:42:59.0307 6828 vmbus - ok
09:42:59.0309 6828 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:42:59.0314 6828 VMBusHID - ok
09:42:59.0336 6828 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:42:59.0337 6828 volmgr - ok
09:42:59.0348 6828 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:42:59.0352 6828 volmgrx - ok
09:42:59.0368 6828 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:42:59.0369 6828 volsnap - ok
09:42:59.0396 6828 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:42:59.0407 6828 vsmraid - ok
09:42:59.0437 6828 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:42:59.0464 6828 VSS - ok
09:42:59.0474 6828 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:42:59.0474 6828 vwifibus - ok
09:42:59.0478 6828 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:42:59.0478 6828 vwififlt - ok
09:42:59.0493 6828 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:42:59.0497 6828 W32Time - ok
09:42:59.0500 6828 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:42:59.0507 6828 WacomPen - ok
09:42:59.0516 6828 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:42:59.0517 6828 WANARP - ok
09:42:59.0520 6828 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:42:59.0521 6828 Wanarpv6 - ok
09:42:59.0578 6828 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:42:59.0628 6828 WatAdminSvc - ok
09:42:59.0659 6828 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:42:59.0708 6828 wbengine - ok
09:42:59.0726 6828 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:42:59.0728 6828 WbioSrvc - ok
09:42:59.0745 6828 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:42:59.0751 6828 wcncsvc - ok
09:42:59.0762 6828 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:42:59.0772 6828 WcsPlugInService - ok
09:42:59.0786 6828 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:42:59.0793 6828 Wd - ok
09:42:59.0842 6828 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:42:59.0850 6828 Wdf01000 - ok
09:42:59.0861 6828 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:42:59.0862 6828 WdiServiceHost - ok
09:42:59.0866 6828 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:42:59.0867 6828 WdiSystemHost - ok
09:42:59.0888 6828 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:42:59.0904 6828 WebClient - ok
09:42:59.0913 6828 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:42:59.0925 6828 Wecsvc - ok
09:42:59.0939 6828 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:42:59.0940 6828 wercplsupport - ok
09:42:59.0962 6828 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:42:59.0964 6828 WerSvc - ok
09:42:59.0977 6828 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:42:59.0977 6828 WfpLwf - ok
09:43:00.0045 6828 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:43:00.0055 6828 WimFltr - ok
09:43:00.0074 6828 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:43:00.0081 6828 WIMMount - ok
09:43:00.0090 6828 WinDefend - ok
09:43:00.0099 6828 WinHttpAutoProxySvc - ok
09:43:00.0145 6828 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:43:00.0146 6828 Winmgmt - ok
09:43:00.0187 6828 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:43:00.0261 6828 WinRM - ok
09:43:00.0305 6828 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
09:43:00.0305 6828 WinUsb - ok
09:43:00.0331 6828 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:43:00.0339 6828 Wlansvc - ok
09:43:00.0370 6828 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:43:00.0378 6828 wlcrasvc - ok
09:43:00.0467 6828 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:43:00.0475 6828 wlidsvc - ok
09:43:00.0512 6828 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:43:00.0512 6828 WmiAcpi - ok
09:43:00.0538 6828 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:43:00.0551 6828 wmiApSrv - ok
09:43:00.0560 6828 WMPNetworkSvc - ok
09:43:00.0568 6828 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:43:00.0575 6828 WPCSvc - ok
09:43:00.0583 6828 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:43:00.0585 6828 WPDBusEnum - ok
09:43:00.0601 6828 [ C69B8FBD21A386446CB795FB295E95D7 ] WPS C:\Windows\system32\drivers\wpsdrvnt.sys
09:43:00.0601 6828 WPS - ok
09:43:00.0631 6828 [ 49B9FA407586503D27D17DBDEAEAC970 ] WpsHelper C:\Windows\system32\drivers\WpsHelper.sys
09:43:00.0632 6828 WpsHelper - ok
09:43:00.0643 6828 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:43:00.0644 6828 ws2ifsl - ok
09:43:00.0657 6828 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
09:43:00.0659 6828 wscsvc - ok
09:43:00.0698 6828 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:43:00.0705 6828 WSDPrintDevice - ok
09:43:00.0707 6828 WSearch - ok
09:43:00.0776 6828 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:43:00.0833 6828 wuauserv - ok
09:43:00.0872 6828 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:43:00.0873 6828 WudfPf - ok
09:43:00.0898 6828 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:43:00.0899 6828 WUDFRd - ok
09:43:00.0935 6828 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:43:00.0936 6828 wudfsvc - ok
09:43:00.0948 6828 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:43:00.0960 6828 WwanSvc - ok
09:43:00.0992 6828 ================ Scan global ===============================
09:43:01.0011 6828 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:43:01.0048 6828 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
09:43:01.0054 6828 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
09:43:01.0077 6828 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:43:01.0094 6828 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:43:01.0096 6828 [Global] - ok
09:43:01.0096 6828 ================ Scan MBR ==================================
09:43:01.0108 6828 [ FD82D7C97201CDABD4D83C02AE42FBD5 ] \Device\Harddisk0\DR0
09:43:01.0644 6828 \Device\Harddisk0\DR0 - ok
09:43:01.0645 6828 ================ Scan VBR ==================================
09:43:01.0677 6828 [ 3378E4576D64F6033E3BD0484748C3A2 ] \Device\Harddisk0\DR0\Partition1
09:43:01.0680 6828 \Device\Harddisk0\DR0\Partition1 - ok
09:43:01.0690 6828 [ 8690DE9F4546C5C6208EEABF01CB073A ] \Device\Harddisk0\DR0\Partition2
09:43:01.0692 6828 \Device\Harddisk0\DR0\Partition2 - ok
09:43:01.0724 6828 [ DC53054E644C99C3DA26B6C11958D627 ] \Device\Harddisk0\DR0\Partition3
09:43:01.0726 6828 \Device\Harddisk0\DR0\Partition3 - ok
09:43:01.0727 6828 ============================================================
09:43:01.0727 6828 Scan finished
09:43:01.0727 6828 ============================================================
09:43:01.0733 6688 Detected object count: 0
09:43:01.0733 6688 Actual detected object count: 0
09:43:13.0177 7600 Deinitialize success

# AdwCleaner v2.011 - Logfile created 12/04/2012 at 09:47:59
# Updated 02/12/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : yhelfman - YHELFMAN-LENOVO
# Boot Mode : Normal
# Running from : C:\Users\yhelfman\Desktop\bleepingcomputer\AdwCleaner\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\yhelfman\AppData\Roaming\Mozilla\Firefox\Profiles\ycfbu1br.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Users\yhelfman\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [993 octets] - [04/12/2012 09:47:59]

########## EOF - C:\AdwCleaner[S1].txt - [1052 octets] ##########

ESET did not find any infected files and therefore a logfile was not generated.

Do you see anything that looks suspicious or wrong in these logs?

Cheers,
Yuval

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 04 December 2012 - 08:09 PM

Hello Yuval.. Looks pretty good.

If you do not use these, remove then update them as they are outdated and exploitable.
Java SE Development Kit 7 Update 4 (64-bit) (Version: 1.7.0.40)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40) <<--this updated so just remove
Java™ SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)
JavaFX 2.1.0 (64-bit) (Version: 2.1.0)
JavaFX 2.1.0 SDK (64-bit) (Version: 2.1.0)
JavaFX 2.1.1 (Version: 2.1.1)


The only real isue I see is you ran Combfix and it may have removed something and produced an error.
Note the CodeIntegrity Errors: in minitoolbox.

To see what this is you will need to ask in a new topic. Because they will need to review your ComboFix log.
Post your new topic here... Virus, Trojan, Spyware, and Malware Removal Logs with that log.



Let me know if all went well.

Include this link back to here...

http://www.bleepingcomputer.com/forums/topic477353.html/page__pid__2913028#top

Edited by boopme, 04 December 2012 - 08:09 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 04 December 2012 - 09:11 PM

Hi,

I uninstalled the Java FX components as well as the Java™ 7 Update 4 (64-bit) (Version: 7.0.40). My company's product requires Java SE, so I kept the others installed.
As for ComboFix, this is not from the current post. I used your advise in the past (a few months back) and part of the process was to install and run ComboFix. Do you still want me to repost this on the other forum, or could you please do it for me?

Much appreciated !!!
Yuval

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 04 December 2012 - 09:58 PM

Ok, if CFix wasn't for this then it maybe hard or sofware conflicts.. as it looks clean.

Run the System File Checker
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 05 December 2012 - 11:18 AM

I first ran it with /verifyonly to see if it detects anything. I couldn't copy/paste the log cause when I tried to submit the post it says it was too long. Let me know how I can send it if it's needed. Then I ran it again with the /scannow switch and it fixed them.

What's next?

Thanks,
Yuval

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 05 December 2012 - 04:45 PM

How is it now??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 05 December 2012 - 06:12 PM

I still had the same problem when I was working with Eclipse. I uninstalled Eclipse, all the Java components, and my company's product (Conformiq, which is an Eclipse plug-in), then re-installed them back, so far so good. Can we do more checks on the file system integrity, clusters, etc?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 05 December 2012 - 07:14 PM

You can Run Disk Check in Windows 7 to check a selected hard disk for file system errors and bad sectors on it.

Edited by boopme, 05 December 2012 - 07:14 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 05 December 2012 - 11:15 PM

I checked both options, here's the log:

Log Name: Application
Source: Microsoft-Windows-Wininit
Date: 12/5/2012 7:59:46 PM
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: yhelfman-Lenovo
Description:


Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
388608 file records processed.

File verification completed.
604 large file records processed.

0 bad file records processed.

2 EA records processed.

59 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
489326 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
388608 file SDs/SIDs processed.

Cleaning up 167 unused index entries from index $SII of file 0x9.
Cleaning up 167 unused index entries from index $SDH of file 0x9.
Cleaning up 167 unused security descriptors.
Security descriptor verification completed.
50360 data files processed.

CHKDSK is verifying Usn Journal...
36310696 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
388592 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
40742449 free clusters processed.

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

470464511 KB total disk space.
306817616 KB in 323474 files.
170388 KB in 50361 indexes.
0 KB in bad sectors.
506711 KB in use by the system.
65536 KB occupied by the log file.
162969796 KB available on disk.

4096 bytes in each allocation unit.
117616127 total allocation units on disk.
40742449 allocation units available on disk.

Internal Info:
00 ee 05 00 56 b4 05 00 a4 24 0a 00 00 00 00 00 ....V....$......
3b 09 00 00 3b 00 00 00 00 00 00 00 00 00 00 00 ;...;...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2012-12-06T03:59:46.000000000Z" />
<EventRecordID>38509</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>yhelfman-Lenovo</Computer>
<Security />
</System>
<EventData>
<Data>

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
388608 file records processed.

File verification completed.
604 large file records processed.

0 bad file records processed.

2 EA records processed.

59 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
489326 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
388608 file SDs/SIDs processed.

Cleaning up 167 unused index entries from index $SII of file 0x9.
Cleaning up 167 unused index entries from index $SDH of file 0x9.
Cleaning up 167 unused security descriptors.
Security descriptor verification completed.
50360 data files processed.

CHKDSK is verifying Usn Journal...
36310696 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
388592 files processed.

File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
40742449 free clusters processed.

Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.

470464511 KB total disk space.
306817616 KB in 323474 files.
170388 KB in 50361 indexes.
0 KB in bad sectors.
506711 KB in use by the system.
65536 KB occupied by the log file.
162969796 KB available on disk.

4096 bytes in each allocation unit.
117616127 total allocation units on disk.
40742449 allocation units available on disk.

Internal Info:
00 ee 05 00 56 b4 05 00 a4 24 0a 00 00 00 00 00 ....V....$......
3b 09 00 00 3b 00 00 00 00 00 00 00 00 00 00 00 ;...;...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
</EventData>
</Event>

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 06 December 2012 - 10:53 AM

All looks good.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 06 December 2012 - 11:03 AM

Ok, thanks for your help. I hope whatever problem I had is now removed. Yuval

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:51 AM

Posted 06 December 2012 - 03:23 PM

You're welcome! If it happens again ask in the WIN 7 as it most likely now a software issue.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 yhelfman

yhelfman
  • Topic Starter

  • Members
  • 155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Mountain View, CA
  • Local time:09:51 PM

Posted 11 December 2012 - 09:17 AM

Hi,

A few days later, it turned out the problem was some software related issued between Java JDK, clipse, and our product, with regard to 32-bit and 4-bit mismatches, that caused javaw.exe to consume over 10GB of RAM and hosed my OS. Matching the 32-bit architecture solved this isue.

I wanted to ask a small favour, I have another PC that needs to be cleaned up, boost performances. Do you have any guidelines on step-by-step which utilities to use to clean up temp folders, unnecessary startup apps/processes, etc, or do I must submit it on your site and do it interactively via post? If I can get a link to an article of step-by-step and links of the downloads that would be great.

Thanks again!
Yuval




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users