Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lots of malware, a few questions


  • Please log in to reply
22 replies to this topic

#1 ellentk

ellentk

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 01 January 2015 - 01:52 AM

A few days ago, I clicked the wrong link and soon realized I was infected. I ran Malwarebytes and AVG, which are installed on my Win7 system, and downloaded and ran recovery kits from Hitman Pro and Emsisoft.  They found FSAVXGen, IDP.Virus.F83213A8, dllhost.exe, and some pup's and adware and removed all of them.  I thought I was done but the next day, a virus tried to get into my brokerage account, at a time when my computer was turned off. 
 
I downloaded about 7 more antimalware tools and a few more problems turned up including FakeDS.ML. I removed all identified malware, re-scanned with a few of the programs and hope I am done.  Although I will probably rescan with all of them to be kind of sure my system is clean.
 
I have a few questions.
 
The brokerage company didn't identify the virus, but I'm curious. Which could it be? And how does it work? Are these key loggers and/or do they read txt, doc or email files to get log iin and password info?
 
Only one of the anti-malware tools identified these registry keys as problems:
HKLM\SOFTWARE\Microsoft\Tracing\Autoruns_RASAPI32 and
HKLM\SOFTWARE\Microsoft\Tracing\Autoruns_RASMANCS
 
I have eight instances of rasap132.dll and .dll.mui, all tested clean on virustotal and/or avg and malwarebytes.  File tracing on the registry key is set to 0.
 
I could not find any files containing the string RASMANCS but I did find files named RASMANS,
RASMANSERVICE, and RASMAN.  Does the presence of the C in the reg key indicate a virus? Should I delete or correct it? And RASMANCS appears in every Tracing reg key.
 
Oddly, tdsskiller found nothing, and it was the first tool I ran.
 
Thanks very much in advance for answering my questions.
 
Ellen

Edit: Topic moved from General Security to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


m

#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 01 January 2015 - 01:00 PM

Hi
Lets get some initial information firstly:
We will be helping you with your problems. Please be patient while we assist you.
Some points for you to keep in mind while we are helping you to make things go easier and faster for both of us
  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.
----------------------------------------------
Please do the following:
:step1:
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. Reboot now to finish the cleaning process.Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.
:step2:
Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
:step3:
Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.
:step4:
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 01 January 2015 - 11:22 PM

Hi, 

 

Thanks so much for your help. Here are two of the scan logs.  Two others are so large (one is about 30 and the other about 50 pages) that I could not paste all logs into one reply.  What's the max amount for a post so I know how to break them up.  

 

Ellen

 

ADWCLEANER

 

# AdwCleaner v4.106 - Report created 01/01/2015 at 22:18:56

# Updated 21/12/2014 by Xplode

# Database : 2015-01-01.1 [Live]

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Ellen - W520

# Running from : C:\Users\Ellen\Downloads\AdwCleaner Download\AdwCleaner.exe

# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

File Found : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage

File Found : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage

File Found : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

File Found : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\78ntpn0e.default\invalidprefs.js

File Found : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\78ntpn0e.default\user.js

Folder Found : C:\Program Files (x86)\AVG Secure Search

Folder Found : C:\Program Files (x86)\AVG Security Toolbar

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\Program Files (x86)\NCH Software

Folder Found : C:\ProgramData\8864249047948690505

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\ProgramData\NCH Software

Folder Found : C:\ProgramData\Partner

Folder Found : C:\Users\Ellen\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Ellen\AppData\Local\CrashRpt

Folder Found : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Folder Found : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Found : C:\Users\Ellen\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Ellen\AppData\LocalLow\Conduit

Folder Found : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\78ntpn0e.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

Folder Found : C:\Users\Ellen\AppData\Roaming\NCH Software

Folder Found : C:\Users\Ellen\AppData\Roaming\pdfforge

***** [ Scheduled Tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Key Found : HKCU\Software\AVG Secure Search

Key Found : HKCU\Software\Classes\pokki

Key Found : HKCU\Software\IGearSettings

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22848257-6A2D-4D2A-8D56-C886D25B8B58}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

Key Found : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper

Key Found : HKCU\Software\Pokki

Key Found : [x64] HKCU\Software\AVG Secure Search

Key Found : [x64] HKCU\Software\IGearSettings

Key Found : [x64] HKCU\Software\Pokki

Key Found : HKLM\SOFTWARE\AVG Secure Search

Key Found : HKLM\SOFTWARE\AVG Security Toolbar

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\S

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

 

-\\ Mozilla Firefox v23.0 (en-US)

[78ntpn0e.default] - Line Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-button\",\"history-pa[...]

[78ntpn0e.default] - Line Found : 01/01/15 19:21:04 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: SOFTWARE\AVG Secure Search

[78ntpn0e.default] - Line Found : 01/01/15 19:21:04 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: SOFTWARE\AVG Secure Search

[78ntpn0e.default] - Line Found : 01/01/15 19:21:04 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: Software\AVG Secure Search\CH

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\FirefoxBrowser.cpp:2569 [vProt] CFirefoxBrowser::IsAVGToolbarEnabled, conf file: C:\Program Files (x86)\AVG Secure Search\configuration.xml

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\SystemCommands.cpp:726 [vProt] CSystemCommands::GetConfigurationValue sConfigurationFilename: C:\Program Files (x86)\AVG Secure Search\configuration.xml

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: SOFTWARE\AVG Secure Search

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: SOFTWARE\AVG Secure Search\Initialize\General

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: SOFTWARE\AVG Secure Search\Initialize\DSP

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\SystemCommands.cpp:726 [vProt] CSystemCommands::GetConfigurationValue sConfigurationFilename: C:\Program Files (x86)\AVG Secure Search\configuration.xml

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\Registry.cpp:57 [vProt] CRegistry::Init - created path: SOFTWARE\AVG Secure Search

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\FirefoxBrowser.cpp:2588 [vProt] CFirefoxBrowser::IsAVGToolbarEnabled, FF toolbar ID: AVG Secure Search

[78ntpn0e.default] - Line Found : 01/01/15 19:21:05 [3140_6884] DEBUG .\FirefoxBrowser.cpp:2138 [vProt] CFirefoxBrowser IsToolbarEnabled, ff toolbar folder name: AVG Secure Search

-\\ Google Chrome v39.0.2171.95

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://isearch.avg.com/search?cid={31298804-5DB8-449A-81A3-F11A4B3C492A}&mid=49758ab14f3947d197182197b749a1ba-040bb4a4e883369cae0e03e852637d52f6ee5b54&lang=en&ds=AVG&pr=fr&d=2012-11-21 18:00:26&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : ippkomaaonokjnfjoikaemidanojkfmm

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : pacgpkgadgmibnhpdidcnfafllnmeomc

*************************

AdwCleaner[R0].txt - [10869 octets] - [01/01/2015 22:18:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10930 octets] ##########

 

FARBAR SERVICE SCANNER

 

Farbar Service Scanner Version: 21-07-2014

Ran by Ellen (administrator) on 01-01-2015 at 22:33:23

Running from "C:\Users\Ellen\Downloads\Farber Service Scanner Download"

Microsoft Windows 7 Professional Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo.com is accessible.

 

Windows Firewall:

=============

Firewall Disabled Policy:

==================

 

System Restore:

============

System Restore Disabled Policy:

========================

 

Action Center:

============

 

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

 

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

 

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

 

Other Services:

==============

 

File Check:

========

C:\Windows\System32\nsisvc.dll => File is digitally signed

C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed

C:\Windows\System32\dhcpcore.dll => File is digitally signed

C:\Windows\System32\drivers\afd.sys => File is digitally signed

C:\Windows\System32\drivers\tdx.sys => File is digitally signed

C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed

C:\Windows\System32\dnsrslvr.dll => File is digitally signed

C:\Windows\System32\mpssvc.dll => File is digitally signed

C:\Windows\System32\bfe.dll => File is digitally signed

C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed

C:\Windows\System32\SDRSVC.dll => File is digitally signed

C:\Windows\System32\vssvc.exe => File is digitally signed

C:\Windows\System32\wscsvc.dll => File is digitally signed

C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed

C:\Windows\System32\wuaueng.dll => File is digitally signed

C:\Windows\System32\qmgr.dll => File is digitally signed

C:\Windows\System32\es.dll => File is digitally signed

C:\Windows\System32\cryptsvc.dll => File is digitally signed

C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed

C:\Windows\System32\ipnathlp.dll => File is digitally signed

C:\Windows\System32\iphlpsvc.dll => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

 

**** End of log ****



#4 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 01 January 2015 - 11:25 PM

MINITOOLBOX

 

MiniToolBox by Farbar Version: 30-11-2014

Ran by Ellen (administrator) on 01-01-2015 at 22:38:37

Running from "C:\Users\Ellen\Downloads\MiniToolBox Download"

Microsoft Windows 7 Professional Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.

No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

 

 

0.0.0.0 0.0.0.0 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com

0.0.0.0 media.opencandy.com

0.0.0.0 cdn.opencandy.com

0.0.0.0 tracking.opencandy.com

0.0.0.0 api.opencandy.com

0.0.0.0 installer.betterinstaller.com

0.0.0.0 installer.filebulldog.com

0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net

0.0.0.0 inno.bisrv.com

0.0.0.0 nsis.bisrv.com

0.0.0.0 cdn.file2desktop.com

0.0.0.0 cdn.goateastcach.us

0.0.0.0 cdn.guttastatdk.us

0.0.0.0 cdn.inskinmedia.com

0.0.0.0 cdn.insta.oibundles2.com

0.0.0.0 cdn.insta.playbryte.com

0.0.0.0 cdn.llogetfastcach.us

0.0.0.0 cdn.montiera.com

0.0.0.0 cdn.msdwnld.com

0.0.0.0 cdn.mypcbackup.com

0.0.0.0 cdn.ppdownload.com

0.0.0.0 cdn.riceateastcach.us

0.0.0.0 cdn.shyapotato.us

0.0.0.0 cdn.solimba.com

0.0.0.0 cdn.tuto4pc.com

0.0.0.0 cdn.appround.biz

0.0.0.0 cdn.bigspeedpro.com

0.0.0.0 cdn.bispd.com

0.0.0.0 cdn.bisrv.com

0.0.0.0 cdn.cdndp.com

0.0.0.0 cdn.download.sweetpacks.com

0.0.0.0 cdn.dpdownload.com

0.0.0.0 cdn.visualbee.net

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

There are 15261 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = ETKNetwork (Connected)

Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)

TAP-Windows Adapter V9 = Local Area Connection 2 (Media disconnected)

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection (Media disconnected)

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

reset

set global icmpredirects=enabled

set subinterface interface=? subinterface=ethernet_6 mtu=1477

set subinterface interface=? subinterface=ethernet_17 mtu=1477

 

popd

# End of IPv4 configuration

 

 

Windows IP Configuration

Host Name . . . . . . . . . . . . : W520

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : nyc.rr.com

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : TAP-Windows Adapter V9

Physical Address. . . . . . . . . : 00-FF-BB-50-8C-8C

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2

Physical Address. . . . . . . . . : 60-D8-19-BE-33-52

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter

Physical Address. . . . . . . . . : 08-11-96-CD-4F-15

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter ETKNetwork:

Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205

Physical Address. . . . . . . . . : 08-11-96-CD-4F-14

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::40ce:7db9:9196:140b%15(Preferred)

IPv4 Address. . . . . . . . . . . : 10.0.1.2(Preferred)

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Lease Obtained. . . . . . . . . . : Thursday, January 01, 2015 8:31:36 PM

Lease Expires . . . . . . . . . . : Friday, January 02, 2015 8:31:36 PM

Default Gateway . . . . . . . . . : 10.0.1.1

DHCP Server . . . . . . . . . . . : 10.0.1.1

DHCPv6 IAID . . . . . . . . . . . : 369627542

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-60-56-2D-F0-DE-F1-AD-48-49

DNS Servers . . . . . . . . . . . : 4.2.2.1

4.2.2.2

NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection

Physical Address. . . . . . . . . : F0-DE-F1-AD-48-49

DHCP Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2253D08A-4A85-4E52-B810-555F8729C3C4}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {106F46F7-53C0-4AAC-BD84-6BFAD08B0A2E}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . : nyc.rr.com

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {6D4B85D2-1897-432A-8EDC-4ADCA366A370}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:10db:2be0:f5ff:fefd(Preferred)

Link-local IPv6 Address . . . . . : fe80::10db:2be0:f5ff:fefd%31(Preferred)

Default Gateway . . . . . . . . . : ::

NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{BB508C8C-E5D9-4629-B121-F3D27824B145}:

Media State . . . . . . . . . . . : Media disconnected

Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8

Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Server: a.resolvers.level3.net

Address: 4.2.2.1

Name: google.com

Addresses: 2607:f8b0:4006:80c::1008

173.194.123.71

173.194.123.72

173.194.123.73

173.194.123.78

173.194.123.64

173.194.123.68

173.194.123.67

173.194.123.69

173.194.123.70

173.194.123.65

173.194.123.66

 

Pinging google.com [173.194.123.71] with 32 bytes of data:

Reply from 173.194.123.71: bytes=32 time=28ms TTL=53

Reply from 173.194.123.71: bytes=32 time=28ms TTL=53

Ping statistics for 173.194.123.71:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 28ms, Maximum = 28ms, Average = 28ms

Server: a.resolvers.level3.net

Address: 4.2.2.1

Name: yahoo.com

Addresses: 98.138.253.109

206.190.36.45

98.139.183.24

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=56ms TTL=49

Reply from 98.138.253.109: bytes=32 time=57ms TTL=49

Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 56ms, Maximum = 57ms, Average = 56ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

28...00 ff bb 50 8c 8c ......TAP-Windows Adapter V9

22...60 d8 19 be 33 52 ......Bluetooth Device (Personal Area Network) #2

21...08 11 96 cd 4f 15 ......Microsoft Virtual WiFi Miniport Adapter

15...08 11 96 cd 4f 14 ......Intel® Centrino® Advanced-N 6205

13...f0 de f1 ad 48 49 ......Intel® 82579LM Gigabit Network Connection

1...........................Software Loopback Interface 1

26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6

32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7

31...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

49...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8

===========================================================================

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination Netmask Gateway Interface Metric

0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.2 20

10.0.1.0 255.255.255.0 On-link 10.0.1.2 276

10.0.1.2 255.255.255.255 On-link 10.0.1.2 276

10.0.1.255 255.255.255.255 On-link 10.0.1.2 276

127.0.0.0 255.0.0.0 On-link 127.0.0.1 306

127.0.0.1 255.255.255.255 On-link 127.0.0.1 306

127.255.255.255 255.255.255.255 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 127.0.0.1 306

224.0.0.0 240.0.0.0 On-link 10.0.1.2 276

255.255.255.255 255.255.255.255 On-link 127.0.0.1 306

255.255.255.255 255.255.255.255 On-link 10.0.1.2 276

===========================================================================

Persistent Routes:

None

IPv6 Route Table

===========================================================================

Active Routes:

If Metric Network Destination Gateway

31 58 ::/0 On-link

1 306 ::1/128 On-link

31 58 2001::/32 On-link

31 306 2001:0:9d38:6abd:10db:2be0:f5ff:fefd/128

On-link

15 276 fe80::/64 On-link

31 306 fe80::/64 On-link

31 306 fe80::10db:2be0:f5ff:fefd/128

On-link

15 276 fe80::40ce:7db9:9196:140b/128

On-link

1 306 ff00::/8 On-link

31 306 ff00::/8 On-link

15 276 ff00::/8 On-link

===========================================================================

Persistent Routes:

None

========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)

Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)

Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)

x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)

x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:

==================

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 08:51:43 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 08:51:43 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/01/2015 08:31:14 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 08:30:50 PM) (Source: BstHdAndroidSvc) (User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.

at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

System errors:

=============

Error: (01/01/2015 08:33:21 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (01/01/2015 08:33:21 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/01/2015 08:31:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error Code: 258

Error: (01/01/2015 08:30:50 PM) (Source: Service Control Manager) (User: )

Description: The BlueStacks Android Service service terminated with the following error:

%%1064

Error: (01/01/2015 08:30:48 PM) (Source: Service Control Manager) (User: )

Description: The risdxc service failed to start due to the following error:

%%1058

Error: (01/01/2015 07:21:32 PM) (Source: Service Control Manager) (User: )

Description: The NVIDIA Update Service Daemon service failed to start due to the following error:

%%1069

Error: (01/01/2015 07:21:32 PM) (Source: Service Control Manager) (User: )

Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:

%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/01/2015 07:19:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)

Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error Code: 258

Error: (01/01/2015 07:19:07 PM) (Source: Service Control Manager) (User: )

Description: The BlueStacks Android Service service terminated with the following error:

%%1064

Error: (01/01/2015 07:19:05 PM) (Source: Service Control Manager) (User: )

Description: The risdxc service failed to start due to the following error:

%%1058

 

Microsoft Office Sessions:

=========================

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 09:21:28 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 08:51:43 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 08:51:43 PM) (Source: SideBySide)(User: )

Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Ellen\AppData\Local\Pokki\Engine\HostAppService.exe

Error: (01/01/2015 08:31:14 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/01/2015 08:30:50 PM) (Source: BstHdAndroidSvc)(User: )

Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.

at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)

at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

 

 

=========================== Installed Programs ============================

3M™ Cloud Library PC App 1.40 (HKLM-x32\...\3M™ Cloud Library PC App) (Version: 1.40 - 3M)

7+ Taskbar Tweaker v4.0.10 (HKCU\...\7 Taskbar Tweaker) (Version: 4.0.10 - RaMMicHaeL)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )

ABBYY FineReader 11 Corporate Edition (HKLM-x32\...\{F1100000-0010-0000-0000-074957833700}) (Version: 11.0.460 - ABBYY)

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.2 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden

Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )

Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader 9.5.4 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.4 - Adobe Systems Incorporated)

Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)

Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden

AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.20.1139 Beta 2, 28.09.2012 - AIMP DevTeam)

AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)

Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)

Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.240 - Amazon)

AnalogX MaxMem (HKLM-x32\...\AnalogX MaxMem) (Version: - AnalogX)

AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)

Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)

Audials (HKLM-x32\...\{000F7147-9745-48AF-8F60-AC7C107FE161}) (Version: 10.2.33407.700 - Audials AG)

Audials (HKLM-x32\...\{62414010-9C2B-47B6-8C12-DC2305009CBB}) (Version: 11.0.53300.0 - Audials AG)

Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)

Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 2.4 - Auslogics Software Pty Ltd)

AVG 2012 (HKLM\...\AVG) (Version: 2012.1.2242 - AVG Technologies)

AVG 2012 (Version: 12.0.4253 - AVG Technologies) Hidden

AVG 2012 (Version: 12.1.2242 - AVG Technologies) Hidden

AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)

Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5 (64-bit)) (Version: 2.5.6.7716 - )

Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )

AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )

AVStoDVD 2.4.2 (HKLM-x32\...\AVStoDVD) (Version: 2.4.2 - MrC)

BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )

BatteryCare 0.9.13.0 (HKLM-x32\...\{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1) (Version: 0.9.13.0 - Filipe Lourenço)

Beyond Compare 3.3.8 (HKCU\...\BeyondCompare3_is1) (Version: 3.3.8.16340 - Scooter Software)

Binreader (HKLM-x32\...\{3D47B2C0-8748-4450-99AE-0746A5A74C8E}) (Version: 1.0.0 - Binreader)

BlueStacks (HKLM-x32\...\{4E1E1394-F813-420E-A4D0-63D6FE26ACBE}) (Version: 0.7.5.2700 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BPM Counter 1.6.0.0 (HKLM-x32\...\BPM Counter_is1) (Version: 1.6.0.0 - AbyssMedia.com)

Brother MFL-Pro Suite MFC-L2740DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 0.0.20.0 - Brother Industries, Ltd.)

Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)

Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden

BurnAware Free 4.6 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware Technologies)

calibre (HKLM-x32\...\{18681CFA-4FAF-47F7-B1AA-E7B5D02CA274}) (Version: 2.4.0 - Kovid Goyal)

CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)

CoffeeCup Direct FTP (HKLM-x32\...\{88741A14-4C9D-469F-BA36-8FDF6037BB68}) (Version: 3.9.2008 - CoffeeCup Software Inc.)

CoffeeCup HTML Editor (HKCU\...\CoffeeCup HTML Editor) (Version: - )

CoffeeCup StyleSheet Maker (HKLM-x32\...\CoffeeCup StyleSheet Maker) (Version: - )

Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.2 - Conexant)

ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)

Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)

Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden

Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)

Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)

Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB2910899) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{C8358E8D-6C89-41B3-8439-FEFBC0353D81}) (Version: - Microsoft)

Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden

Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )

Dragon NaturallySpeaking 11 (HKLM-x32\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)

Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)

DVD Architect Studio 5.0 (HKLM-x32\...\{79E06DF1-24FE-11E1-913F-F04DA23A5C58}) (Version: 5.0.157 - Sony)

DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)

Epubor PDF Merge&Split version 0.9 (HKLM-x32\...\{412EE583-795C-47B0-AF83-CE2386ABE78D}_is1) (Version: 0.9 - Epubor, Inc.)

Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)

FileZilla Client 3.9.0.6 (HKCU\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)

foobar2000 v1.1.11 (HKLM-x32\...\foobar2000) (Version: 1.1.11 - Peter Pawlowski)

Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)

Free M4a to MP3 Converter 7.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)

Free Video Cutter (HKLM-x32\...\{94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1) (Version: - FreeVideoCutter.com)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Gpg4win (2.1.0) (HKLM-x32\...\GPG4Win) (Version: 2.1.0 - The Gpg4win Project)

Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )

iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)

InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl)

inSSIDer (HKLM-x32\...\{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}) (Version: 2.1.5 - MetaGeek)

Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)

Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)

Intel PROSet Wireless (Version: - ) Hidden

Intel PROSet Wireless (x32 Version: - ) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.4 - Intel)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2538 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)

ISO Image Burner 1.1 (HKLM-x32\...\{B2B123D3-E780-4EB0-B540-18F5FCC6EFE9}_is1) (Version: - ISOImageBurner.com)

IsoBuster 3.0 (HKLM-x32\...\IsoBuster_is1) (Version: 3.0 - Smart Projects)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version: - Rene-Gilles Deberdt)

Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - )

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)

Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )

Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited)

Lenovo Patch Utility 64 bit (HKLM\...\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}) (Version: 1.3.1.1 - Lenovo Group Limited)

Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.03.13 - )

Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)

Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.10 - Lenovo)

Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )

Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.03.0005 - Lenovo)

Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)

Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)

Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)

Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo)

Macrium Reflect Professional Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)

Macrium Reflect Professional Edition (Version: 5.2.6307 - Paramount Software (UK) Ltd.) Hidden

Magnifixer 3.1 (HKLM-x32\...\Magnifixer_is1) (Version: 3.1 - Blacksun Software)

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)

Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

MiniTool Partition Recovery 5.0 (HKLM-x32\...\{BDCEB6A6-5966-4291-861A-058F49A2195A}_is1) (Version: - MiniTool Solution Ltd.)

MiniTool Partition Wizard Home Edition 7.8 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)

MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)

MKVtoolnix 4.9.1 (HKLM-x32\...\MKVtoolnix) (Version: 4.9.1 - Moritz Bunkus)

Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{52B2AD5F-C0E9-11E1-94AC-F04DA23A5C58}) (Version: 12.0.334 - Sony)

Movie Studio Platinum 12.0 (HKLM-x32\...\{DBF51C81-1CD2-11E2-8E6C-F04DA23A5C58}) (Version: 12.0.575 - Sony)

MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)

Mozilla Firefox 23.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0 (x86 en-US)) (Version: 23.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0 - Mozilla)

Mozilla Thunderbird 24.2.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 en-US)) (Version: 24.2.0 - Mozilla)

Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)

MPC-HC 1.6.5.6366 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.5.6366 - MPC-HC Team)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

NewBlue VideoFX for Sony Vegas MSPPS (HKLM-x32\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)

Nitro Reader 2 (HKLM\...\{C30BB9AD-F9E4-4506-B416-57C03702998D}) (Version: 2.5.0.45 - Nitro PDF Software)

Nuance OmniPage 18 (HKLM-x32\...\{560C6F9C-8D5E-4EAF-B408-98850E5DF49C}) (Version: 18.1.0000 - Nuance Communications, Inc.)

Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM-x32\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc.)

Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)

NVIDIA 3D Vision Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)

NVIDIA Control Panel 312.69 (Version: 312.69 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1269 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden

Octoshape add-in for Adobe Flash Player (HKCU\...\Octoshape add-in for Adobe Flash Player) (Version: - )

Office Tab FreeEdition 9.10 (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version: - Detong Technology Ltd.)

Omron Health Management Software (HKLM-x32\...\{F6BA8EF2-A9F8-45B7-BD59-0A15DA9F7D68}) (Version: 1.31.0007 - Omron Healthcare)

On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )

OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)

OpenVPN 2.3.2-I004 (HKLM\...\OpenVPN) (Version: 2.3.2-I004 - )

OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)

PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)

Path Scanner 1.1.0.20 (HKLM-x32\...\{52291FC0-33D3-4A18-9587-5115225545D8}_is1) (Version: - )

PDF Form Filler 2 (HKLM-x32\...\{DF02A1B9-B4FB-4873-98A4-0793AF76557F}) (Version: 2.0.480 - Blueberry Consultants)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)

PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.207.0 - Tracker Software Products Ltd)

Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)

Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)

Pixsta (HKCU\...\Pokki_83453a3d886e527a470b5bb8291dd338de4b1e44) (Version: 2.5.3.2 - Pokki)

Pokki (HKCU\...\Pokki) (Version: 0.269.5.367 - Pokki)

Pokki Download Helper (HKCU\...\PokkiDownloadHelper) (Version: 1.3.0.6 - Pokki)

Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.38 - )

PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)

qBittorrent 2.9.7 (HKLM-x32\...\qbittorrent) (Version: - )

Quicken 2009 (HKLM-x32\...\{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}) (Version: 18.1.1.29 - Intuit)

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)

Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)

Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden

Revo Uninstaller 1.93 (HKLM-x32\...\Revo Uninstaller) (Version: 1.93 - VS Revo Group)

RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)

Scansoft PDF Professional (x32 Version: - ) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)

Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)

Sound Forge Audio Studio 10.0 (HKLM-x32\...\{443B23A1-42F6-11E1-8AA5-F04DA23A5C58}) (Version: 10.0.177 - Sony)

SPG Video Splitter 1.0 (HKLM-x32\...\SPG Video Splitter_is1) (Version: - spgsoft.com)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)

SSA Benefit Calculator (HKLM-x32\...\{340D61BB-350A-40F4-8CFD-4F860E12066E}) (Version: 1.14.0002 - Social Security Administration)

Super Blank 3.01 (HKLM-x32\...\Super Blank_is1) (Version: - )

SuperTintin 1.2.0.16 (HKLM-x32\...\SuperTintin Skype Video Call Recorder_is1) (Version: 1.2.0.16 - Imtiger Software Inc.)

Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)

System Restore Explorer (HKLM-x32\...\{6788AB8A-4D71-42E0-8125-B95A9C47D51D}) (Version: 0.0.05.76 - Nic Bedford)

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2900 - Broadcom Corporation)

ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )

ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)

ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )

ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)

ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.21 - Lenovo)

ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.75 - Lenovo)

ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.10.0.0 - Lenovo)

ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)

Tixati (HKLM-x32\...\tixati) (Version: - )

TreeSize Personal V6.1.1 (HKLM-x32\...\TreeSize Personal_is1) (Version: 6.1.1 - JAM Software)

UltraFileSearch (HKLM-x32\...\UltraFileSearch) (Version: - Stegisoft)

UltraFileSearch (x32 Version: 2.7.0.12213 - Stegisoft) Hidden

Unchecky v0.3.5 (HKLM-x32\...\Unchecky) (Version: 0.3.5 - RaMMicHaeL)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)

Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version: - Microsoft)

Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version: - Microsoft)

Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{A7C2902F-C60B-428F-BDD7-ECE4DC0A2CA1}) (Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8BEEA2FC-D416-428A-B52A-A3ED45921151}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A4F91D60-654C-4892-BFD3-0D41ADA649B6}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{A12F43A5-CF0B-44E3-942F-2441CD442F0D}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{0B7744D2-1FDD-4843-9987-7CE11B79F370}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8158D96B-083A-4FE4-8587-B5D0F49FE4B8}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D1C4AD0B-CC79-41D2-8D6A-571E7B30658C}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2889818) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CFB80344-FCBA-4C03-AD77-D49E82F14C3E}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{C1954E2B-1672-4E5C-B564-F8CB2D08345B}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{E762A933-274B-4860-B066-A39FAB0838FD}) (Version: - Microsoft)

Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{A7AA9E77-A9F4-4596-8AFD-4910FF258C3D}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{A87EDEA3-4861-4D99-9B36-F442740F1287}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A87EDEA3-4861-4D99-9B36-F442740F1287}) (Version: - Microsoft)

Update for Microsoft OneNote 2010 (KB2597088) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{26A0F874-417C-4B0A-8088-3FA53638FB49}) (Version: - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DF548669-AAED-467B-A074-AE2B72A4A871}) (Version: - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{6C727BC2-B2B9-4B03-BD7E-682EA6FA1C04}) (Version: - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)

Verbatim Hard Drive Formatter (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)

Videora iPad Converter 6 (HKLM-x32\...\Videora iPad Converter) (Version: 6 - Red Kawa)

Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)

Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden

VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)

VLC Streamer 4.96 (HKLM-x32\...\VLC Streamer_is1) (Version: - )

WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: - NCH Software)

WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.1 - WebM Project)

Winamp (HKLM-x32\...\Winamp) (Version: 5.64 - Nullsoft, Inc)

Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)

Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)

Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)

Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)

Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)

Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)

Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)

Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)

Windows Firewall Control (HKLM\...\Windows Firewall Control) (Version: 4.2.1.0 - BiniSoft.org)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinHTTrack Website Copier 3.47-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.19 - HTTrack)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

Wireshark 1.8.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.2 - The Wireshark developer community, http://www.wireshark.org)

WMP Tag Plus 1.2 (HKLM-x32\...\{80C3019B-3BA4-4674-AC90-A0B402593BA5}_is1) (Version: 1.2 - BM-productions)

Wondershare Application Center 1.0.0.58 (HKLM-x32\...\{769CC8AC-50C3-4776-95F5-A1ABF15A38F4}_is1) (Version: 1.0.0.58 - Wondershare)

Wondershare PDF to Word (Build 3.6.0) (HKLM-x32\...\{DE718DF0-3874-4873-9BC3-3A94944C916E}_is1) (Version: 3.6.0 - Wondershare Software)

Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)

WordAddinTabs (HKCU\...\BBD99AA5AA79387AC88CFD8BFC7FFD7D697B1F90) (Version: 1.2.0.23 - DT)

Wordpadfix (HKLM-x32\...\{F9642360-1F1C-4C66-A8BD-D51A6719C6A9}) (Version: 1.0.0 - Holdkey)

WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

========================= Devices: ================================

Name: Base System Device

Description: Base System Device

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

 

========================= Memory info: ===================================

Percentage of memory in use: 34%

Total physical RAM: 16267.23 MB

Available physical RAM: 10576.93 MB

Total Pagefile: 17065.41 MB

Available Pagefile: 10665.41 MB

Total Virtual: 4095.88 MB

Available Virtual: 3966.66 MB

========================= Partitions: =====================================

1 Drive c: (Windows7_OS) (Fixed) (Total:122.58 GB) (Free:39.61 GB) NTFS

2 Drive d: (Data) (Fixed) (Total:326.09 GB) (Free:144.21 GB) NTFS

6 Drive h: (Lexar) (Removable) (Total:14.91 GB) (Free:12.5 GB) FAT32

8 Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.8 GB) NTFS

========================= Users: ========================================

User accounts for \\W520

Administrator ASPNET Ellen

EllenXP Guest UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

31-12-2014 05:48:46 Malwarebytes Anti-Rootkit Restore Point

31-12-2014 08:00:55 Removed Sophos Virus Removal Tool.

31-12-2014 08:04:33 Removed Sophos Virus Removal Tool.

31-12-2014 08:06:15 Installed Sophos Virus Removal Tool.

**** End of log ****



#5 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 01 January 2015 - 11:27 PM

TTSSKILLER

 

18:33:08.0224 0x04dc TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20

18:33:16.0726 0x04dc ============================================================

18:33:16.0726 0x04dc Current date / time: 2015/01/01 18:33:16.0726

18:33:16.0726 0x04dc SystemInfo:

18:33:16.0726 0x04dc

18:33:16.0726 0x04dc OS Version: 6.1.7601 ServicePack: 1.0

18:33:16.0726 0x04dc Product type: Workstation

18:33:16.0726 0x04dc ComputerName: W520

18:33:16.0726 0x04dc UserName: Ellen

18:33:16.0726 0x04dc Windows directory: C:\Windows

18:33:16.0726 0x04dc System windows directory: C:\Windows

18:33:16.0726 0x04dc Running under WOW64

18:33:16.0726 0x04dc Processor architecture: Intel x64

18:33:16.0726 0x04dc Number of processors: 8

18:33:16.0726 0x04dc Page size: 0x1000

18:33:16.0726 0x04dc Boot type: Safe boot

18:33:16.0726 0x04dc ============================================================

18:33:17.0397 0x04dc KLMD registered as C:\Windows\system32\drivers\87077670.sys

18:33:17.0818 0x04dc System UUID: {CBA05571-5D79-6182-A302-B9E61D913755}

18:33:18.0380 0x04dc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

18:33:18.0380 0x04dc Drive \Device\Harddisk1\DR1 - Size: 0x1C6FF2000 ( 7.11 Gb ), SectorSize: 0x200, Cylinders: 0x3A0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

18:33:18.0380 0x04dc ============================================================

18:33:18.0380 0x04dc \Device\Harddisk0\DR0:

18:33:18.0380 0x04dc MBR partitions:

18:33:18.0380 0x04dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000

18:33:18.0380 0x04dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xF529800

18:33:18.0395 0x04dc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF818800, BlocksNum 0x28C2D000

18:33:18.0395 0x04dc \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x38445800, BlocksNum 0x1F40000

18:33:18.0395 0x04dc \Device\Harddisk1\DR1:

18:33:18.0395 0x04dc MBR partitions:

18:33:18.0395 0x04dc \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE36010

18:33:18.0395 0x04dc ============================================================

18:33:18.0427 0x04dc C: <-> \Device\Harddisk0\DR0\Partition2

18:33:18.0473 0x04dc Q: <-> \Device\Harddisk0\DR0\Partition4

18:33:18.0505 0x04dc D: <-> \Device\Harddisk0\DR0\Partition3

18:33:18.0505 0x04dc ============================================================

18:33:18.0505 0x04dc Initialize success

18:33:18.0505 0x04dc ============================================================

18:33:21.0796 0x0504 ============================================================

18:33:21.0796 0x0504 Scan started

18:33:21.0796 0x0504 Mode: Manual;

18:33:21.0796 0x0504 ============================================================

18:33:21.0796 0x0504 KSN ping started

18:33:21.0890 0x0504 KSN ping finished: false

18:33:22.0467 0x0504 ================ Scan system memory ========================

18:33:22.0467 0x0504 System memory - ok

18:33:22.0467 0x0504 ================ Scan services =============================

18:33:22.0670 0x0504 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys

18:33:22.0685 0x0504 1394ohci - ok

18:33:22.0795 0x0504 [ F4AF97702BAD85BFEF64B9A557F11B6F, 8255B2FBE64C60562A7DAAAD575EED49EE0D23DD42E5C76C988B8A3673843EA6 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys

18:33:22.0795 0x0504 5U877 - ok

18:33:22.0904 0x0504 [ 8912B38E7906BDE9999E4BBDC4E65BDC, 1027E3DA4EEC9DA2914EEECC13F3FBFEC1071A423F7802F64823B8142B5C2F70 ] ABBYY.Licensing.FineReader.Corporate.11.0 C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe

18:33:22.0919 0x0504 ABBYY.Licensing.FineReader.Corporate.11.0 - ok

18:33:22.0951 0x0504 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys

18:33:22.0966 0x0504 ACPI - ok

18:33:22.0982 0x0504 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

18:33:22.0982 0x0504 AcpiPmi - ok

18:33:23.0122 0x0504 [ 81FDE4250DA1720657A42C2020B1AA28, 0E35C692347A576B41ADC45D922AF6B9F0A7F857E94A50842873A55D21F4C9D0 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

18:33:23.0122 0x0504 AcPrfMgrSvc - ok

18:33:23.0153 0x0504 [ 01A8EAA10F8B827F59CF506A97EC37C0, 44351082300A5B3A90F742F5C39AFF219D5FCF2F94CA7785DB2762AEB854212E ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

18:33:23.0169 0x0504 AcSvc - ok

18:33:23.0200 0x0504 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

18:33:23.0216 0x0504 adp94xx - ok

18:33:23.0263 0x0504 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys

18:33:23.0263 0x0504 adpahci - ok

18:33:23.0278 0x0504 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

18:33:23.0294 0x0504 adpu320 - ok

18:33:23.0325 0x0504 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

18:33:23.0325 0x0504 AeLookupSvc - ok

18:33:23.0372 0x0504 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys

18:33:23.0387 0x0504 AFD - ok

18:33:23.0434 0x0504 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys

18:33:23.0434 0x0504 agp440 - ok

18:33:23.0450 0x0504 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe

18:33:23.0450 0x0504 ALG - ok

18:33:23.0497 0x0504 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys

18:33:23.0497 0x0504 aliide - ok

18:33:23.0528 0x0504 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys

18:33:23.0528 0x0504 amdide - ok

18:33:23.0575 0x0504 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

18:33:23.0590 0x0504 AmdK8 - ok

18:33:23.0590 0x0504 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

18:33:23.0606 0x0504 AmdPPM - ok

18:33:23.0653 0x0504 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys

18:33:23.0653 0x0504 amdsata - ok

18:33:23.0699 0x0504 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

18:33:23.0715 0x0504 amdsbs - ok

18:33:23.0762 0x0504 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys

18:33:23.0762 0x0504 amdxata - ok

18:33:23.0793 0x0504 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys

18:33:23.0809 0x0504 AppID - ok

18:33:23.0840 0x0504 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll

18:33:23.0855 0x0504 AppIDSvc - ok

18:33:23.0902 0x0504 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll

18:33:23.0902 0x0504 Appinfo - ok

18:33:24.0011 0x0504 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:33:24.0011 0x0504 Apple Mobile Device - ok

18:33:24.0058 0x0504 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll

18:33:24.0074 0x0504 AppMgmt - ok

18:33:24.0105 0x0504 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys

18:33:24.0105 0x0504 arc - ok

18:33:24.0136 0x0504 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys

18:33:24.0152 0x0504 arcsas - ok

18:33:24.0339 0x0504 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

18:33:24.0464 0x0504 aspnet_state - ok

18:33:24.0495 0x0504 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

18:33:24.0495 0x0504 AsyncMac - ok

18:33:24.0542 0x0504 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys

18:33:24.0542 0x0504 atapi - ok

18:33:24.0620 0x0504 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:33:24.0635 0x0504 AudioEndpointBuilder - ok

18:33:24.0667 0x0504 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll

18:33:24.0682 0x0504 AudioSrv - ok

18:33:25.0072 0x0504 [ 231B6AD3DB2866BC3FDB9979E6B2B61E, 98A8F22C65ABE27BB25FD1DEAC77921166E57A9E0824B5D639797D48AA6573EB ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe

18:33:25.0213 0x0504 AVGIDSAgent - ok

18:33:25.0259 0x0504 [ 633360E94804E7BAFE642017817C9413, 95408683E311E7B24B16F0F8BC8E96D52844E739A9A8EC0BF97BBB73B9DA3932 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

18:33:25.0259 0x0504 AVGIDSDriver - ok

18:33:25.0337 0x0504 [ 0F293406F64B48D5D2F0D3A1117F3A83, 5399AF098CA95231797EB1A37594919D1271E37FC363D3641EC07627E4711CA5 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys

18:33:25.0337 0x0504 AVGIDSFilter - ok

18:33:25.0369 0x0504 [ CFFC3A4A638F462E0561CB368B9A7A3A, A9258122D54D6B2DF71E9682A30FA9F74035CE1C60C350FB9012F4AAB2D89C63 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

18:33:25.0369 0x0504 AVGIDSHA - ok

18:33:25.0415 0x0504 [ BE8BC5D10ABA05D7F6E79D8296906C86, 2A39CD0887F50DF223D36FDD9C202277D84DF998E7D9AEE31A374507C510A687 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

18:33:25.0431 0x0504 Avgldx64 - ok

18:33:25.0447 0x0504 [ A6AEC362AAE5E2DDA7445E7690CB0F33, 64FCE35E71AC1105720B845D2C87FF8FC94353A69AD43DAF7F81A543DDA6462C ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

18:33:25.0447 0x0504 Avgmfx64 - ok

18:33:25.0509 0x0504 [ 645C7F0A0E39758A0024A9B1748273C0, 9EDC8D2C40EF49BA2C2A6BEED0D1EDE348D58EF57F27894D6E2021BCA864D940 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

18:33:25.0509 0x0504 Avgrkx64 - ok

18:33:25.0540 0x0504 [ A441A655D6D9DDDDBA11994530F84981, FFB13E88E90520F53DF19898CBA9617EF7AA76890CB59690B63753938B992453 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

18:33:25.0556 0x0504 Avgtdia - ok

18:33:25.0587 0x0504 [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

18:33:25.0587 0x0504 avgtp - ok

18:33:25.0618 0x0504 [ EA1145DEBCD508FD25BD1E95C4346929, E6D9C84C61DBD69726E4B5BB081B53330E9F7662374D539CF25D8EE3539B9885 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

18:33:25.0634 0x0504 avgwd - ok

18:33:25.0665 0x0504 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll

18:33:25.0665 0x0504 AxInstSV - ok

18:33:25.0712 0x0504 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

18:33:25.0727 0x0504 b06bdrv - ok

18:33:25.0759 0x0504 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

18:33:25.0759 0x0504 b57nd60a - ok

18:33:25.0821 0x0504 [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys

18:33:25.0837 0x0504 bcbtums - ok

18:33:25.0946 0x0504 [ ACB44407FF63C3A5A22AB5782F209604, 86BE221F07EB49D2149710CCCE4F0C24677560FEFD41F093C6D2BA0C962CF5C3 ] BcmBtRSupport C:\Windows\system32\BtwRSupportService.exe

18:33:25.0993 0x0504 BcmBtRSupport - ok

18:33:26.0039 0x0504 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll

18:33:26.0039 0x0504 BDESVC - ok

18:33:26.0071 0x0504 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys

18:33:26.0071 0x0504 Beep - ok

18:33:26.0086 0x0504 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll

18:33:26.0117 0x0504 BFE - ok

18:33:26.0149 0x0504 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll

18:33:26.0180 0x0504 BITS - ok

18:33:26.0195 0x0504 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

18:33:26.0195 0x0504 blbdrive - ok

18:33:26.0305 0x0504 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:33:26.0305 0x0504 Bonjour Service - ok

18:33:26.0336 0x0504 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

18:33:26.0336 0x0504 bowser - ok

18:33:26.0351 0x0504 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

18:33:26.0351 0x0504 BrFiltLo - ok

18:33:26.0367 0x0504 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

18:33:26.0367 0x0504 BrFiltUp - ok

18:33:26.0398 0x0504 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll

18:33:26.0398 0x0504 Browser - ok

18:33:26.0414 0x0504 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys

18:33:26.0429 0x0504 Brserid - ok

18:33:26.0445 0x0504 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

18:33:26.0445 0x0504 BrSerWdm - ok

18:33:26.0445 0x0504 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

18:33:26.0445 0x0504 BrUsbMdm - ok

18:33:26.0461 0x0504 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

18:33:26.0461 0x0504 BrUsbSer - ok

18:33:26.0523 0x0504 [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe

18:33:26.0523 0x0504 BrYNSvc - ok

18:33:26.0617 0x0504 [ A792736DB1A49A47F0A2C45D63683F0C, A12CFD897ED4090CF5F3AFEF030779D3047C8C3D71A821857593279C6D82A5C6 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe

18:33:26.0617 0x0504 BstHdAndroidSvc - ok

18:33:26.0663 0x0504 [ DE6D8FC8F1534AEA59ECA1EADCBBAEB0, 1F0883F83BE7CAE60A7F3815576206086ABD03E678F135880F45E1DA8A8574FC ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys

18:33:26.0663 0x0504 BstHdDrv - ok

18:33:26.0679 0x0504 [ 599243FC4D8BD5CF06FF5E3294B98D13, B2AD203BF25A75A3FDD8D33D814AC0A27287F7E99F40C8B328AB7BE3A76E50F1 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

18:33:26.0695 0x0504 BstHdLogRotatorSvc - ok

18:33:26.0726 0x0504 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys

18:33:26.0726 0x0504 BthEnum - ok

18:33:26.0757 0x0504 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

18:33:26.0757 0x0504 BTHMODEM - ok

18:33:26.0773 0x0504 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

18:33:26.0773 0x0504 BthPan - ok

18:33:26.0819 0x0504 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys

18:33:26.0819 0x0504 BTHPORT - ok

18:33:26.0866 0x0504 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll

18:33:26.0866 0x0504 bthserv - ok

18:33:26.0882 0x0504 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys

18:33:26.0882 0x0504 BTHUSB - ok

18:33:26.0913 0x0504 [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys

18:33:26.0929 0x0504 BTWAMPFL - ok

18:33:26.0960 0x0504 [ 24BFF9D75310F3059EE44F38BF0DE0B2, 67D62F319E26505442B2DBC9CF01E411B0334600824C4815D6434EC63A149B74 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

18:33:26.0960 0x0504 btwaudio - ok

18:33:26.0991 0x0504 [ 858B305ADE425732CFF9DED182F94FB8, 1D2996BCB98BCAA6E76DE9C9E06939DB700B16D0BE97B37E63463A5932820696 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys

18:33:26.0991 0x0504 btwavdt - ok

18:33:27.0069 0x0504 [ 6EF8CC2F2FDA2098089A33F43F4E019D, 7AFD72DF15EB2EABBF3FCA24847471A94FB31EC73B1C6A8AAF86196BC5005D06 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

18:33:27.0100 0x0504 btwdins - ok

18:33:27.0116 0x0504 [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

18:33:27.0116 0x0504 btwl2cap - ok

18:33:27.0131 0x0504 [ 3BD876387D6C538690300F9EC198856B, 7BF57ACEF64907706A13AE42A66DB0A08AE0B7770F1D11AFBDC83EAEF1A0F7F7 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

18:33:27.0131 0x0504 btwrchid - ok

18:33:27.0241 0x0504 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

18:33:27.0272 0x0504 c2cautoupdatesvc - ok

18:33:27.0365 0x0504 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

18:33:27.0397 0x0504 c2cpnrsvc - ok

18:33:27.0443 0x0504 [ 48360B88C4BF45850653BB7C86888ED4, 454C2DD81BFCC7FF4819CDFE3C5506E31A3FE86B06FB18009783CD2FEA74B0BF ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys

18:33:27.0443 0x0504 CAXHWAZL - ok

18:33:27.0459 0x0504 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

18:33:27.0459 0x0504 cdfs - ok

18:33:27.0521 0x0504 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

18:33:27.0521 0x0504 cdrom - ok

18:33:27.0568 0x0504 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll

18:33:27.0568 0x0504 CertPropSvc - ok

18:33:27.0568 0x0504 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys

18:33:27.0568 0x0504 circlass - ok

18:33:27.0662 0x0504 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp C:\EEK\bin\cleanhlp64.sys

18:33:27.0662 0x0504 cleanhlp - ok

18:33:27.0693 0x0504 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys

18:33:27.0693 0x0504 CLFS - ok

18:33:27.0755 0x0504 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:33:27.0755 0x0504 clr_optimization_v2.0.50727_32 - ok

18:33:27.0818 0x0504 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

18:33:27.0818 0x0504 clr_optimization_v2.0.50727_64 - ok

18:33:27.0865 0x0504 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:33:28.0067 0x0504 clr_optimization_v4.0.30319_32 - ok

18:33:28.0083 0x0504 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

18:33:28.0177 0x0504 clr_optimization_v4.0.30319_64 - ok

18:33:28.0223 0x0504 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

18:33:28.0223 0x0504 CmBatt - ok

18:33:28.0270 0x0504 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys

18:33:28.0270 0x0504 cmdide - ok

18:33:28.0333 0x0504 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys

18:33:28.0348 0x0504 CNG - ok

18:33:28.0426 0x0504 [ 8DE541B4CFA281A204BAA3EA2109809E, FD3F9F0C7FD88D04CCC8A249D94EFEB3FBAD7192ABCAFAF5A3F23B830925DE68 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys

18:33:28.0473 0x0504 CnxtHdAudService - ok

18:33:28.0504 0x0504 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

18:33:28.0504 0x0504 Compbatt - ok

18:33:28.0520 0x0504 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

18:33:28.0520 0x0504 CompositeBus - ok

18:33:28.0520 0x0504 COMSysApp - ok

18:33:28.0551 0x0504 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

18:33:28.0551 0x0504 crcdisk - ok

18:33:28.0598 0x0504 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll

18:33:28.0598 0x0504 CryptSvc - ok

18:33:28.0629 0x0504 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys

18:33:28.0645 0x0504 CSC - ok

18:33:28.0691 0x0504 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll

18:33:28.0707 0x0504 CscService - ok

18:33:28.0738 0x0504 [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe

18:33:28.0754 0x0504 CxAudMsg - ok

18:33:28.0785 0x0504 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll

18:33:28.0801 0x0504 DcomLaunch - ok

18:33:28.0816 0x0504 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll

18:33:28.0816 0x0504 defragsvc - ok

18:33:28.0847 0x0504 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys

18:33:28.0847 0x0504 DfsC - ok

18:33:28.0879 0x0504 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll

18:33:28.0879 0x0504 Dhcp - ok

18:33:28.0957 0x0504 [ 4F26BB00747D41E7C0FE8EBB2900F862, 246F0CF901664FAE9FB97D7C50B5D98D39A33994E13D1EBDBAC656BD0A32DCEA ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe

18:33:28.0957 0x0504 DirMngr - ok

18:33:28.0972 0x0504 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys

18:33:28.0972 0x0504 discache - ok

18:33:29.0019 0x0504 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys

18:33:29.0019 0x0504 Disk - ok

18:33:29.0035 0x0504 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys

18:33:29.0035 0x0504 dmvsc - ok

18:33:29.0066 0x0504 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll

18:33:29.0066 0x0504 Dnscache - ok

18:33:29.0097 0x0504 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll

18:33:29.0097 0x0504 dot3svc - ok

18:33:29.0175 0x0504 [ 9597BCB69286FF017DB1A0FB8144408D, B477E4E7C3B49A77075B3165079E29FF1908C81E2BCCB930B47DCCF7DA5C417C ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE

18:33:29.0175 0x0504 DozeSvc - ok

18:33:29.0222 0x0504 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll

18:33:29.0222 0x0504 DPS - ok

18:33:29.0253 0x0504 [ F7BDA38AFBDA04F0A89DEBA767EEDA79, 06C14DFA8DFC004B18D0E1A82C7B4CCFC3E6B1F034123F815CB6C30AB464DB62 ] DragonSvc C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

18:33:29.0253 0x0504 DragonSvc - ok

18:33:29.0284 0x0504 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

18:33:29.0284 0x0504 drmkaud - ok

18:33:29.0347 0x0504 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

18:33:29.0362 0x0504 DXGKrnl - ok

18:33:29.0409 0x0504 [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys

18:33:29.0409 0x0504 DzHDD64 - ok

18:33:29.0440 0x0504 [ 992F625B74C675087B5629FC79ABA55B, 486707672E48D2C54835CAC1477270F5D81FC8A61B998E2FAA5669166716BD99 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys

18:33:29.0456 0x0504 e1cexpress - ok

18:33:29.0471 0x0504 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll

18:33:29.0471 0x0504 EapHost - ok

18:33:29.0581 0x0504 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys

18:33:29.0659 0x0504 ebdrv - ok

18:33:29.0674 0x0504 efavdrv - ok

18:33:29.0705 0x0504 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe

18:33:29.0705 0x0504 EFS - ok

18:33:29.0783 0x0504 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

18:33:29.0799 0x0504 ehRecvr - ok

18:33:29.0815 0x0504 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe

18:33:29.0815 0x0504 ehSched - ok

18:33:29.0846 0x0504 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys

18:33:29.0861 0x0504 elxstor - ok

18:33:29.0877 0x0504 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys

18:33:29.0877 0x0504 ErrDev - ok

18:33:29.0908 0x0504 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll

18:33:29.0924 0x0504 EventSystem - ok

18:33:29.0986 0x0504 [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

18:33:30.0033 0x0504 EvtEng - ok

18:33:30.0049 0x0504 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys

18:33:30.0064 0x0504 exfat - ok

18:33:30.0080 0x0504 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys

18:33:30.0080 0x0504 fastfat - ok

18:33:30.0127 0x0504 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe

18:33:30.0142 0x0504 Fax - ok

18:33:30.0173 0x0504 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys

18:33:30.0173 0x0504 fdc - ok

18:33:30.0189 0x0504 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll

18:33:30.0189 0x0504 fdPHost - ok

18:33:30.0205 0x0504 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll

18:33:30.0205 0x0504 FDResPub - ok

18:33:30.0220 0x0504 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

18:33:30.0220 0x0504 FileInfo - ok

18:33:30.0236 0x0504 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

18:33:30.0236 0x0504 Filetrace - ok

18:33:30.0236 0x0504 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

18:33:30.0236 0x0504 flpydisk - ok

18:33:30.0251 0x0504 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

18:33:30.0267 0x0504 FltMgr - ok

18:33:30.0329 0x0504 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll

18:33:30.0361 0x0504 FontCache - ok

18:33:30.0392 0x0504 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

18:33:30.0392 0x0504 FontCache3.0.0.0 - ok

18:33:30.0423 0x0504 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

18:33:30.0423 0x0504 FsDepends - ok

18:33:30.0439 0x0504 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

18:33:30.0439 0x0504 Fs_Rec - ok

18:33:30.0485 0x0504 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

18:33:30.0485 0x0504 fvevol - ok

18:33:30.0501 0x0504 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

18:33:30.0517 0x0504 gagp30kx - ok

18:33:30.0532 0x0504 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:33:30.0532 0x0504 GEARAspiWDM - ok

18:33:30.0579 0x0504 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll

18:33:30.0595 0x0504 gpsvc - ok

18:33:30.0641 0x0504 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:33:30.0657 0x0504 gupdate - ok

18:33:30.0673 0x0504 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

18:33:30.0673 0x0504 gupdatem - ok

18:33:30.0719 0x0504 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

18:33:30.0719 0x0504 gusvc - ok

18:33:30.0751 0x0504 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

18:33:30.0751 0x0504 hcw85cir - ok

18:33:30.0766 0x0504 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:33:30.0766 0x0504 HdAudAddService - ok

18:33:30.0797 0x0504 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

18:33:30.0797 0x0504 HDAudBus - ok

18:33:30.0797 0x0504 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

18:33:30.0813 0x0504 HidBatt - ok

18:33:30.0813 0x0504 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys

18:33:30.0813 0x0504 HidBth - ok

18:33:30.0829 0x0504 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys

18:33:30.0829 0x0504 HidIr - ok

18:33:30.0844 0x0504 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll

18:33:30.0844 0x0504 hidserv - ok

18:33:30.0891 0x0504 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

18:33:30.0891 0x0504 HidUsb - ok

18:33:30.0907 0x0504 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll

18:33:30.0907 0x0504 hkmsvc - ok

18:33:30.0922 0x0504 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

18:33:30.0922 0x0504 HomeGroupListener - ok

18:33:30.0953 0x0504 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

18:33:30.0953 0x0504 HomeGroupProvider - ok

18:33:30.0969 0x0504 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

18:33:30.0985 0x0504 HpSAMD - ok

18:33:31.0047 0x0504 [ 447256D1C026654C5CD3CC17E7B20631, F89589AC17BC50483E6687963370937E6CD19D6030F30D70577A7DA266116919 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll

18:33:31.0094 0x0504 HsfXAudioService - ok

18:33:31.0156 0x0504 [ F6AC1087A131FBB385400667BEA64FBE, 131661287953708893FE564602E8ED6832B96CCA523C205EDE0C9E82DD930178 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys

18:33:31.0203 0x0504 HSF_DPV - ok

18:33:31.0250 0x0504 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys

18:33:31.0265 0x0504 HTTP - ok

18:33:31.0281 0x0504 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

18:33:31.0281 0x0504 hwpolicy - ok

18:33:31.0343 0x0504 [ E935C8099F9196BF19224D9EE4808612, 7F39ACF763E042EFB9B41C7D805CF7C9E1261B14FC6E5C09BCA11623312E2C7B ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe

18:33:31.0343 0x0504 HyperW7Svc - ok

18:33:31.0375 0x0504 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys

18:33:31.0375 0x0504 i8042prt - ok

18:33:31.0421 0x0504 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys

18:33:31.0421 0x0504 iaStor - ok

18:33:31.0468 0x0504 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

18:33:31.0468 0x0504 iaStorV - ok

18:33:31.0531 0x0504 [ A410235155EAC4D43262532B53F229E3, A4C40F513CB56BC11DCD40F8B5EDC0D575FD7503A04A72803AD324ECDB2282DD ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys

18:33:31.0531 0x0504 IBMPMDRV - ok

18:33:31.0562 0x0504 [ A0680FF223F055DE508E72B185A41484, 7FFB4F9B7F4395CFDF059D5744BDEACF91C70C08B6C399A17BDDA5610D879B15 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe

18:33:31.0577 0x0504 IBMPMSVC - ok

18:33:31.0624 0x0504 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

18:33:31.0624 0x0504 IDriverT - ok

18:33:31.0687 0x0504 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

18:33:31.0718 0x0504 idsvc - ok

18:33:31.0718 0x0504 IEEtwCollectorService - ok

18:33:32.0108 0x0504 [ 978D876A581D57E0DE6437674EB0014D, CDE6F41D75177F9A1F3AF6B576320B93906E33133FF8568FCB1148568FE78BF3 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

18:33:32.0467 0x0504 igfx - ok

18:33:32.0498 0x0504 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys

18:33:32.0498 0x0504 iirsp - ok

18:33:32.0545 0x0504 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll

18:33:32.0576 0x0504 IKEEXT - ok

18:33:32.0607 0x0504 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys

18:33:32.0607 0x0504 intelide - ok

18:33:32.0607 0x0504 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

18:33:32.0607 0x0504 intelppm - ok

18:33:32.0638 0x0504 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

18:33:32.0638 0x0504 IPBusEnum - ok

18:33:32.0654 0x0504 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:33:32.0654 0x0504 IpFilterDriver - ok

18:33:32.0701 0x0504 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

18:33:32.0716 0x0504 iphlpsvc - ok

18:33:32.0732 0x0504 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

18:33:32.0732 0x0504 IPMIDRV - ok

18:33:32.0747 0x0504 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

18:33:32.0747 0x0504 IPNAT - ok

18:33:32.0810 0x0504 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:33:32.0825 0x0504 iPod Service - ok

18:33:32.0857 0x0504 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

18:33:32.0857 0x0504 IRENUM - ok

18:33:32.0872 0x0504 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys

18:33:32.0872 0x0504 isapnp - ok

18:33:32.0903 0x0504 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

18:33:32.0919 0x0504 iScsiPrt - ok

18:33:32.0981 0x0504 [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

18:33:32.0997 0x0504 jhi_service - ok

18:33:33.0013 0x0504 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

18:33:33.0013 0x0504 kbdclass - ok

18:33:33.0044 0x0504 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

18:33:33.0044 0x0504 kbdhid - ok

18:33:33.0044 0x0504 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe

18:33:33.0044 0x0504 KeyIso - ok

18:33:33.0075 0x0504 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

18:33:33.0075 0x0504 KSecDD - ok

18:33:33.0106 0x0504 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

18:33:33.0106 0x0504 KSecPkg - ok

18:33:33.0122 0x0504 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

18:33:33.0122 0x0504 ksthunk - ok

18:33:33.0153 0x0504 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

18:33:33.0169 0x0504 KtmRm - ok

18:33:33.0200 0x0504 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll

18:33:33.0200 0x0504 LanmanServer - ok

18:33:33.0231 0x0504 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:33:33.0231 0x0504 LanmanWorkstation - ok

18:33:33.0262 0x0504 [ 4FA5CC9894985D5FBDE54274A845658C, D82FA539BBBA71E52F6341E658EED75D89AEAFA01825173A3E983FD81F65533B ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

18:33:33.0278 0x0504 LENOVO.CAMMUTE - ok

18:33:33.0340 0x0504 [ A062A18F4F792534F898AEB3BD723D01, 4B620E9BBADAC69F4F116F19BA00B07E49F01DE0516A6091772E8515A8636B72 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

18:33:33.0340 0x0504 LENOVO.MICMUTE - ok

18:33:33.0387 0x0504 [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys

18:33:33.0387 0x0504 lenovo.smi - ok

18:33:33.0434 0x0504 [ 4CBD2A666168C4A9A4EB0797A2E29BFD, A3DA3383AF87FBC5E088FB6EA9B76C3A7ABF451FE963F14DF64132FDB90D3D12 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

18:33:33.0434 0x0504 LENOVO.TPKNRSVC - ok

18:33:33.0465 0x0504 [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

18:33:33.0481 0x0504 Lenovo.VIRTSCRLSVC - ok

18:33:33.0496 0x0504 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

18:33:33.0496 0x0504 lltdio - ok

18:33:33.0512 0x0504 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

18:33:33.0512 0x0504 lltdsvc - ok

18:33:33.0527 0x0504 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

18:33:33.0527 0x0504 lmhosts - ok

18:33:33.0543 0x0504 lmimirr - ok

18:33:33.0574 0x0504 [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

18:33:33.0590 0x0504 LMS - ok

18:33:33.0621 0x0504 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

18:33:33.0621 0x0504 LSI_FC - ok

18:33:33.0652 0x0504 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

18:33:33.0652 0x0504 LSI_SAS - ok

18:33:33.0668 0x0504 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

18:33:33.0668 0x0504 LSI_SAS2 - ok

18:33:33.0683 0x0504 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

18:33:33.0683 0x0504 LSI_SCSI - ok

18:33:33.0699 0x0504 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

18:33:33.0699 0x0504 luafv - ok

18:33:33.0746 0x0504 [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys

18:33:33.0746 0x0504 MarvinBus - ok

18:33:33.0793 0x0504 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

18:33:33.0793 0x0504 MBAMProtector - ok

18:33:33.0917 0x0504 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

18:33:33.0964 0x0504 MBAMScheduler - ok

18:33:33.0995 0x0504 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

18:33:34.0027 0x0504 MBAMService - ok

18:33:34.0042 0x0504 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys

18:33:34.0058 0x0504 MBAMSwissArmy - ok

18:33:34.0105 0x0504 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

18:33:34.0105 0x0504 MBAMWebAccessControl - ok

18:33:34.0136 0x0504 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

18:33:34.0136 0x0504 Mcx2Svc - ok

18:33:34.0167 0x0504 [ E4F44EC214B3E381E1FC844A02926666, 6EE8C87EFCEFFBEA08B9B9DA036B37564542EE4D31942115CDBF895295DD5FE2 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys

18:33:34.0167 0x0504 mdmxsdk - ok

18:33:34.0183 0x0504 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys

18:33:34.0183 0x0504 megasas - ok

18:33:34.0198 0x0504 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

18:33:34.0198 0x0504 MegaSR - ok

18:33:34.0229 0x0504 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

18:33:34.0229 0x0504 MEIx64 - ok

18:33:34.0307 0x0504 MFE_RR - ok

18:33:34.0323 0x0504 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

18:33:34.0323 0x0504 MMCSS - ok

18:33:34.0323 0x0504 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

18:33:34.0339 0x0504 Modem - ok

18:33:34.0370 0x0504 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

18:33:34.0370 0x0504 monitor - ok

18:33:34.0385 0x0504 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

18:33:34.0385 0x0504 mouclass - ok

18:33:34.0401 0x0504 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

18:33:34.0401 0x0504 mouhid - ok

18:33:34.0417 0x0504 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

18:33:34.0432 0x0504 mountmgr - ok

18:33:34.0448 0x0504 [ 43A02A9E2F8A84D4C65020960CFB8C37, FA0D47309C371A4E2C35339A9392C45B59942C79103AE362E391FCC924C19295 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

18:33:34.0463 0x0504 MozillaMaintenance - ok

18:33:34.0479 0x0504 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys

18:33:34.0479 0x0504 mpio - ok

18:33:34.0495 0x0504 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

18:33:34.0495 0x0504 mpsdrv - ok

18:33:34.0541 0x0504 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll

18:33:34.0557 0x0504 MpsSvc - ok

18:33:34.0604 0x0504 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

18:33:34.0604 0x0504 MRxDAV - ok

18:33:34.0619 0x0504 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

18:33:34.0619 0x0504 mrxsmb - ok

18:33:34.0635 0x0504 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:33:34.0651 0x0504 mrxsmb10 - ok

18:33:34.0666 0x0504 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:33:34.0666 0x0504 mrxsmb20 - ok

18:33:34.0697 0x0504 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys

18:33:34.0697 0x0504 msahci - ok

18:33:34.0713 0x0504 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys

18:33:34.0713 0x0504 msdsm - ok

18:33:34.0729 0x0504 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

18:33:34.0744 0x0504 MSDTC - ok

18:33:34.0760 0x0504 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

18:33:34.0760 0x0504 Msfs - ok

18:33:34.0791 0x0504 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

18:33:34.0791 0x0504 mshidkmdf - ok

18:33:34.0791 0x0504 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

18:33:34.0791 0x0504 msisadrv - ok

18:33:34.0822 0x0504 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

18:33:34.0822 0x0504 MSiSCSI - ok

18:33:34.0838 0x0504 msiserver - ok

18:33:34.0853 0x0504 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

18:33:34.0853 0x0504 MSKSSRV - ok

18:33:34.0869 0x0504 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

18:33:34.0869 0x0504 MSPCLOCK - ok

18:33:34.0869 0x0504 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

18:33:34.0869 0x0504 MSPQM - ok

18:33:34.0900 0x0504 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

18:33:34.0900 0x0504 MsRPC - ok

18:33:34.0916 0x0504 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

18:33:34.0916 0x0504 mssmbios - ok

18:33:34.0916 0x0504 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

18:33:34.0916 0x0504 MSTEE - ok

18:33:34.0931 0x0504 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

18:33:34.0931 0x0504 MTConfig - ok

18:33:34.0947 0x0504 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

18:33:34.0947 0x0504 Mup - ok

18:33:34.0978 0x0504 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll

18:33:34.0994 0x0504 napagent - ok

18:33:35.0025 0x0504 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

18:33:35.0041 0x0504 NativeWifiP - ok

18:33:35.0103 0x0504 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys

18:33:35.0119 0x0504 NDIS - ok

18:33:35.0134 0x0504 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

18:33:35.0150 0x0504 NdisCap - ok

18:33:35.0165 0x0504 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

18:33:35.0165 0x0504 NdisTapi - ok

18:33:35.0197 0x0504 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

18:33:35.0197 0x0504 Ndisuio - ok

18:33:35.0212 0x0504 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

18:33:35.0212 0x0504 NdisWan - ok

18:33:35.0228 0x0504 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

18:33:35.0228 0x0504 NDProxy - ok

18:33:35.0243 0x0504 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

18:33:35.0243 0x0504 NetBIOS - ok

18:33:35.0259 0x0504 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

18:33:35.0259 0x0504 NetBT - ok

18:33:35.0275 0x0504 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe

18:33:35.0275 0x0504 Netlogon - ok

18:33:35.0306 0x0504 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

18:33:35.0321 0x0504 Netman - ok

18:33:35.0384 0x0504 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:33:35.0399 0x0504 NetMsmqActivator - ok

18:33:35.0399 0x0504 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:33:35.0415 0x0504 NetPipeActivator - ok

18:33:35.0415 0x0504 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

18:33:35.0431 0x0504 netprofm - ok

18:33:35.0446 0x0504 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:33:35.0446 0x0504 NetTcpActivator - ok

18:33:35.0446 0x0504 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

18:33:35.0446 0x0504 NetTcpPortSharing - ok

18:33:35.0727 0x0504 [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys

18:33:35.0930 0x0504 NETwNs64 - ok

18:33:35.0992 0x0504 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

18:33:35.0992 0x0504 nfrd960 - ok

18:33:36.0070 0x0504 [ 3FF685CB7185D613D8317A7F17C97BA8, 9B030A38FF6383941085FCC47B97AD2D09057DCD86ADD864A9B5DFC971F05C67 ] NitroReaderDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe

18:33:36.0086 0x0504 NitroReaderDriverReadSpool2 - ok

18:33:36.0117 0x0504 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll

18:33:36.0133 0x0504 NlaSvc - ok

18:33:36.0179 0x0504 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] NPF C:\Windows\system32\drivers\npf.sys

18:33:36.0179 0x0504 NPF - ok

18:33:36.0179 0x0504 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

18:33:36.0179 0x0504 Npfs - ok

18:33:36.0211 0x0504 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

18:33:36.0211 0x0504 nsi - ok

18:33:36.0226 0x0504 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

18:33:36.0226 0x0504 nsiproxy - ok

18:33:36.0304 0x0504 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

18:33:36.0351 0x0504 Ntfs - ok

18:33:36.0351 0x0504 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

18:33:36.0351 0x0504 Null - ok

18:33:36.0382 0x0504 [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys

18:33:36.0382 0x0504 nusb3hub - ok

18:33:36.0398 0x0504 [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys

18:33:36.0413 0x0504 nusb3xhc - ok

18:33:36.0476 0x0504 [ DC933C28D5A1595B042863F6A61ED86E, F71D9C24F9FF617ECC861419C077353D9464F17B3524582F4FA989951F51747F ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys

18:33:36.0476 0x0504 nvkflt - ok

18:33:36.0835 0x0504 [ A51F78816F7F4B5862D9F6E0E0E588C4, 7634A83B60E7496651299690D766EA7AFF185437D3173D10D093ED71D2C13270 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys

18:33:37.0084 0x0504 nvlddmkm - ok

18:33:37.0115 0x0504 [ 88EE7DDE10562A71D995C37F88220281, 4C53B770C153AAD6C1BB27F5D738E94DCB6E1D3CB81615BECE30401B44BAD9E8 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys

18:33:37.0115 0x0504 nvpciflt - ok

18:33:37.0147 0x0504 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys

18:33:37.0162 0x0504 nvraid - ok

18:33:37.0178 0x0504 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys

18:33:37.0178 0x0504 nvstor - ok

18:33:37.0240 0x0504 [ 5DCB3AE42B3430EDAC80A42BB9BADEB6, FA57B03D10B6BB50D878F4720E30D3753622A711A6DF990FFA8875E409C4678A ] nvsvc C:\Windows\system32\nvvsvc.exe

18:33:37.0271 0x0504 nvsvc - ok

18:33:37.0365 0x0504 [ 05E0B6C24F94EBEB17958385B8C2F316, CCED36F94A6EB74A8FF0BA3A8E47D16530072000ECEE33FB0A5927B8ACEA464C ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:33:37.0381 0x0504 nvUpdatusService - ok

18:33:37.0412 0x0504 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

18:33:37.0412 0x0504 nv_agp - ok

18:33:37.0443 0x0504 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

18:33:37.0459 0x0504 ohci1394 - ok

18:33:37.0552 0x0504 [ 5229427F167DB95F8103F28CEC395D77, 74CEED9CFD2FE607DE89C7676826C2E322442ED7B98718BBAA06BE0F116A71B0 ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe

18:33:37.0552 0x0504 OpenVPNService - ok

18:33:37.0630 0x0504 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:33:37.0630 0x0504 ose - ok

18:33:37.0802 0x0504 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

18:33:37.0927 0x0504 osppsvc - ok

18:33:37.0958 0x0504 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

18:33:37.0973 0x0504 p2pimsvc - ok

18:33:37.0989 0x0504 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

18:33:38.0005 0x0504 p2psvc - ok

18:33:38.0020 0x0504 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys

18:33:38.0020 0x0504 Parport - ok

18:33:38.0051 0x0504 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys

18:33:38.0051 0x0504 partmgr - ok

18:33:38.0067 0x0504 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

18:33:38.0083 0x0504 PcaSvc - ok

18:33:38.0098 0x0504 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

18:33:38.0098 0x0504 pci - ok

18:33:38.0145 0x0504 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys

18:33:38.0145 0x0504 pciide - ok

18:33:38.0161 0x0504 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

18:33:38.0161 0x0504 pcmcia - ok

18:33:38.0176 0x0504 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

18:33:38.0192 0x0504 pcw - ok

18:33:38.0270 0x0504 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

18:33:38.0270 0x0504 PDFProFiltSrvPP - ok

18:33:38.0301 0x0504 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

18:33:38.0317 0x0504 PEAUTH - ok

18:33:38.0379 0x0504 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

18:33:38.0410 0x0504 PeerDistSvc - ok

18:33:38.0457 0x0504 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

18:33:38.0457 0x0504 PerfHost - ok

18:33:38.0504 0x0504 [ 52C9F4359AF4A25969B882AECC6F3BDA, 4776FD60E71FA96F67E79A8ECAE48A224790234308DC8DEBC7D389227C0728BE ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS

18:33:38.0504 0x0504 PHCORE - ok

18:33:38.0566 0x0504 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll

18:33:38.0597 0x0504 pla - ok

18:33:38.0629 0x0504 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

18:33:38.0644 0x0504 PlugPlay - ok

18:33:38.0660 0x0504 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

18:33:38.0675 0x0504 PNRPAutoReg - ok

18:33:38.0675 0x0504 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

18:33:38.0691 0x0504 PNRPsvc - ok

18:33:38.0722 0x0504 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

18:33:38.0738 0x0504 PolicyAgent - ok

18:33:38.0753 0x0504 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll

18:33:38.0769 0x0504 Power - ok

18:33:38.0894 0x0504 [ F73492847FE59E69AF6FB0B83AA3A216, C7BE4112409EAE6C10C1645ECCE0F678E1ADA708B67EF561C86C92313D3B8762 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE

18:33:38.0925 0x0504 Power Manager DBC Service - ok

18:33:38.0956 0x0504 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

18:33:38.0972 0x0504 PptpMiniport - ok

18:33:39.0003 0x0504 [ 62208A070E60AA8FB2EED517586DBC8F, 474176270392C53D85901CA4E6F326A4C40500324543D00AD58561540374E123 ] prl_virtual_sound C:\Windows\system32\DRIVERS\prl_virtual_sound.sys

18:33:39.0003 0x0504 prl_virtual_sound - ok

18:33:39.0019 0x0504 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys

18:33:39.0019 0x0504 Processor - ok

18:33:39.0065 0x0504 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll

18:33:39.0065 0x0504 ProfSvc - ok

18:33:39.0097 0x0504 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

18:33:39.0112 0x0504 ProtectedStorage - ok

18:33:39.0128 0x0504 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys

18:33:39.0128 0x0504 psadd - ok

18:33:39.0143 0x0504 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

18:33:39.0143 0x0504 Psched - ok

18:33:39.0159 0x0504 [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

18:33:39.0175 0x0504 PSI_SVC_2 - ok

18:33:39.0237 0x0504 [ B0DF05E7F0C8F115933493578D886BCB, E9C7FA14B2D18C0E99FD4222695E740DF92E0CDD43A83D5636039CA3D90ABCDD ] PSMounterEx C:\Windows\system32\drivers\psmounterex.sys

18:33:39.0237 0x0504 PSMounterEx - ok

18:33:39.0253 0x0504 [ 302A3DBFAEBA3AC474AC4768B84FFB55, C85A3406640B925DDA7140E18C1AFD48DFAA7CC2C32F278AAF30F8D4665ACB1E ] PSVolAcc C:\Windows\system32\drivers\PSVolAcc.sys

18:33:39.0253 0x0504 PSVolAcc - ok

18:33:39.0284 0x0504 [ B39371544C22DEDDE79490FDCF5F3B96, CC64A2E294ED9A1754FEA350EF6DAB201A91944EE0206B2A36E07E3DA640098F ] pwdrvio C:\Windows\system32\pwdrvio.sys

18:33:39.0284 0x0504 pwdrvio - ok

18:33:39.0315 0x0504 [ EC2A33B9F1A21500FADA5E599C381090, B207AF6A030C067E7CB4A47B16349404624B11D503BB1924F4FB0B2AB9FE7058 ] pwdspio C:\Windows\system32\pwdspio.sys

18:33:39.0331 0x0504 pwdspio - ok

18:33:39.0409 0x0504 [ 9F6DF83239B227E94732D9176C974D7E, 9172F0865D710F1655F837A49E968685F8DFDADC14135F8F012889D4577FC02F ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE

18:33:39.0455 0x0504 PwmEWSvc - ok

18:33:39.0518 0x0504 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

18:33:39.0565 0x0504 ql2300 - ok

18:33:39.0580 0x0504 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

18:33:39.0580 0x0504 ql40xx - ok

18:33:39.0611 0x0504 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

18:33:39.0627 0x0504 QWAVE - ok

18:33:39.0627 0x0504 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

18:33:39.0627 0x0504 QWAVEdrv - ok

18:33:39.0658 0x0504 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

18:33:39.0658 0x0504 RasAcd - ok

18:33:39.0689 0x0504 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

18:33:39.0689 0x0504 RasAgileVpn - ok

18:33:39.0689 0x0504 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

18:33:39.0705 0x0504 RasAuto - ok

18:33:39.0721 0x0504 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

18:33:39.0721 0x0504 Rasl2tp - ok

18:33:39.0736 0x0504 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll

18:33:39.0752 0x0504 RasMan - ok

18:33:39.0767 0x0504 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

18:33:39.0767 0x0504 RasPppoe - ok

18:33:39.0783 0x0504 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

18:33:39.0799 0x0504 RasSstp - ok

18:33:39.0814 0x0504 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

18:33:39.0814 0x0504 rdbss - ok

18:33:39.0845 0x0504 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

18:33:39.0845 0x0504 rdpbus - ok

18:33:39.0861 0x0504 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

18:33:39.0861 0x0504 RDPCDD - ok

18:33:39.0877 0x0504 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

18:33:39.0877 0x0504 RDPDR - ok

18:33:39.0908 0x0504 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

18:33:39.0908 0x0504 RDPENCDD - ok

18:33:39.0908 0x0504 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

18:33:39.0908 0x0504 RDPREFMP - ok

18:33:39.0970 0x0504 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

18:33:39.0970 0x0504 RdpVideoMiniport - ok

18:33:40.0001 0x0504 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

18:33:40.0017 0x0504 RDPWD - ok

18:33:40.0033 0x0504 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

18:33:40.0048 0x0504 rdyboost - ok

18:33:40.0126 0x0504 [ ADCE9EEE363ED9C6B4D365870DFEAE6E, F49CDC973CE843377C504151CC2F0806C331C4AD0A3EB0E1B486321F3870628F ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe

18:33:40.0142 0x0504 ReflectService.exe - ok

18:33:40.0189 0x0504 [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

18:33:40.0220 0x0504 RegSrvc - ok

18:33:40.0235 0x0504 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

18:33:40.0235 0x0504 RemoteAccess - ok

18:33:40.0251 0x0504 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

18:33:40.0267 0x0504 RemoteRegistry - ok

18:33:40.0298 0x0504 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

18:33:40.0298 0x0504 RFCOMM - ok

18:33:40.0329 0x0504 [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys

18:33:40.0329 0x0504 risdxc - ok

18:33:40.0376 0x0504 [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe

18:33:40.0376 0x0504 rpcapd - ok

18:33:40.0407 0x0504 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

18:33:40.0407 0x0504 RpcEptMapper - ok

18:33:40.0423 0x0504 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

18:33:40.0423 0x0504 RpcLocator - ok

18:33:40.0438 0x0504 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll

18:33:40.0454 0x0504 RpcSs - ok

18:33:40.0485 0x0504 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys

18:33:40.0485 0x0504 RRNetCap - ok

18:33:40.0532 0x0504 [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys

18:33:40.0532 0x0504 RrNetCapFilterDriver - ok

18:33:40.0547 0x0504 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys

18:33:40.0547 0x0504 RRNetCapMP - ok

18:33:40.0579 0x0504 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

18:33:40.0579 0x0504 rspndr - ok

18:33:40.0610 0x0504 [ 9CD929A2F91A4D5399537D021AE43947, 200FB10872B9617BEF57E3B8D20FC900324CE90DAF85216C068B7A86CBFF7377 ] rsvcdwdr C:\Windows\system32\DRIVERS\rsvcdwdr.sys

18:33:40.0610 0x0504 rsvcdwdr - ok

18:33:40.0641 0x0504 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys

18:33:40.0641 0x0504 s3cap - ok

18:33:40.0657 0x0504 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe

18:33:40.0657 0x0504 SamSs - ok

18:33:40.0657 0x0504 SAService - ok

18:33:40.0672 0x0504 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

18:33:40.0672 0x0504 sbp2port - ok

18:33:40.0703 0x0504 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

18:33:40.0703 0x0504 SCardSvr - ok

18:33:40.0750 0x0504 [ 6CE6F98EA3D07A9C2CE3CD0A5A86352D, 64A07303E538A1EE439D4AAD0DEBBD6037219D37B884026701A06E59A729E9C9 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys

18:33:40.0750 0x0504 SCDEmu - ok

18:33:40.0766 0x0504 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

18:33:40.0766 0x0504 scfilter - ok

18:33:40.0797 0x0504 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll

18:33:40.0828 0x0504 Schedule - ok

18:33:40.0859 0x0504 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll

18:33:40.0859 0x0504 SCPolicySvc - ok

18:33:40.0875 0x0504 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

18:33:40.0875 0x0504 SDRSVC - ok

18:33:40.0906 0x0504 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

18:33:40.0906 0x0504 secdrv - ok

18:33:40.0922 0x0504 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll

18:33:40.0922 0x0504 seclogon - ok

18:33:40.0937 0x0504 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll

18:33:40.0937 0x0504 SENS - ok

18:33:40.0953 0x0504 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

18:33:40.0969 0x0504 SensrSvc - ok

18:33:40.0984 0x0504 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

18:33:40.0984 0x0504 Serenum - ok

18:33:41.0000 0x0504 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys

18:33:41.0000 0x0504 Serial - ok

18:33:41.0015 0x0504 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys

18:33:41.0015 0x0504 sermouse - ok

18:33:41.0031 0x0504 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll

18:33:41.0031 0x0504 SessionEnv - ok

18:33:41.0047 0x0504 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

18:33:41.0047 0x0504 sffdisk - ok

18:33:41.0047 0x0504 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

18:33:41.0047 0x0504 sffp_mmc - ok

18:33:41.0062 0x0504 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

18:33:41.0062 0x0504 sffp_sd - ok

18:33:41.0078 0x0504 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

18:33:41.0078 0x0504 sfloppy - ok

18:33:41.0109 0x0504 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

18:33:41.0125 0x0504 SharedAccess - ok

18:33:41.0140 0x0504 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:33:41.0156 0x0504 ShellHWDetection - ok

18:33:41.0187 0x0504 [ C3F190562FE82EFDA7CCEF305EBAD3E3, BE809035A9B11945B3BB630F73A7651BBD4D1EA2091060378BCF7AD20003BBE4 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys

18:33:41.0187 0x0504 Shockprf - ok

18:33:41.0218 0x0504 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

18:33:41.0218 0x0504 SiSRaid2 - ok

18:33:41.0234 0x0504 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

18:33:41.0234 0x0504 SiSRaid4 - ok

18:33:41.0327 0x0504 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

18:33:41.0327 0x0504 SkypeUpdate - ok

18:33:41.0359 0x0504 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

18:33:41.0359 0x0504 Smb - ok

18:33:41.0421 0x0504 [ 3BC2844AF786CA422CC31D505ACFA9F2, 38936490E2F404FC1235D8C6C7E87809E2935057041CBE884D887B0A69A47279 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys

18:33:41.0421 0x0504 smihlp - ok

18:33:41.0437 0x0504 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

18:33:41.0437 0x0504 SNMPTRAP - ok

18:33:41.0452 0x0504 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

18:33:41.0452 0x0504 spldr - ok

18:33:41.0483 0x0504 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe

18:33:41.0499 0x0504 Spooler - ok

18:33:41.0624 0x0504 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe

18:33:41.0702 0x0504 sppsvc - ok

18:33:41.0733 0x0504 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

18:33:41.0733 0x0504 sppuinotify - ok

18:33:41.0780 0x0504 [ D2AEEB5C15B4B256DC4EC2CE8219B090, A32297E29A632D21CA912C8E16F222058754E94FD568EF5B416F0EF0655ABEF4 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe

18:33:41.0780 0x0504 SROSVC - ok

18:33:41.0811 0x0504 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys

18:33:41.0827 0x0504 srv - ok

18:33:41.0858 0x0504 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

18:33:41.0873 0x0504 srv2 - ok

18:33:41.0905 0x0504 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS

18:33:41.0905 0x0504 SrvHsfHDA - ok

18:33:41.0951 0x0504 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS

18:33:41.0998 0x0504 SrvHsfV92 - ok

18:33:42.0029 0x0504 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

18:33:42.0045 0x0504 SrvHsfWinac - ok

18:33:42.0061 0x0504 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

18:33:42.0061 0x0504 srvnet - ok

18:33:42.0092 0x0504 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

18:33:42.0092 0x0504 SSDPSRV - ok

18:33:42.0107 0x0504 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

18:33:42.0107 0x0504 SstpSvc - ok

18:33:42.0217 0x0504 [ 845305743E0F7DB9B3A9AC1F49C635F1, 042B1667DF7A09F0845024C878D60272078BC4F1781D98A3C9E01653FE06BB03 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

18:33:42.0217 0x0504 Stereo Service - ok

18:33:42.0232 0x0504 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys

18:33:42.0248 0x0504 stexstor - ok

18:33:42.0295 0x0504 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys

18:33:42.0295 0x0504 StillCam - ok

18:33:42.0341 0x0504 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll

18:33:42.0357 0x0504 stisvc - ok

18:33:42.0373 0x0504 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys

18:33:42.0388 0x0504 storflt - ok

18:33:42.0419 0x0504 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll

18:33:42.0419 0x0504 StorSvc - ok

18:33:42.0435 0x0504 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys

18:33:42.0435 0x0504 storvsc - ok

18:33:42.0482 0x0504 [ 4C3BE5F72AF195EF3B1A1FD619F1C744, 7D96F65AC47649E39DAFAFBE317864FDC1EB582D861A991FB90120D2032569AE ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe

18:33:42.0497 0x0504 SUService - ok

18:33:42.0513 0x0504 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

18:33:42.0513 0x0504 swenum - ok

18:33:42.0607 0x0504 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

18:33:42.0607 0x0504 SwitchBoard - ok

18:33:42.0638 0x0504 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

18:33:42.0653 0x0504 swprv - ok

18:33:42.0700 0x0504 [ AEAE48AF681BAF5904608FF5D84E3C9C, 39B362E9E64A43B9AF5CCE2E704CCAE5E10B5BA0B45E535098BC0E40A4F772A8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys

18:33:42.0716 0x0504 SynTP - ok

18:33:42.0794 0x0504 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll

18:33:42.0825 0x0504 SysMain - ok

18:33:42.0841 0x0504 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:33:42.0841 0x0504 TabletInputService - ok

18:33:42.0887 0x0504 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys

18:33:42.0887 0x0504 tap0901 - ok

18:33:42.0919 0x0504 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll

18:33:42.0919 0x0504 TapiSrv - ok

18:33:42.0950 0x0504 [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys

18:33:42.0950 0x0504 tbhsd - ok

18:33:42.0965 0x0504 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

18:33:42.0965 0x0504 TBS - ok

18:33:43.0059 0x0504 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

18:33:43.0106 0x0504 Tcpip - ok

18:33:43.0168 0x0504 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

18:33:43.0199 0x0504 TCPIP6 - ok

18:33:43.0231 0x0504 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

18:33:43.0231 0x0504 tcpipreg - ok

18:33:43.0262 0x0504 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

18:33:43.0262 0x0504 TDPIPE - ok

18:33:43.0293 0x0504 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

18:33:43.0293 0x0504 TDTCP - ok

18:33:43.0340 0x0504 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys

18:33:43.0340 0x0504 tdx - ok

18:33:43.0355 0x0504 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

18:33:43.0355 0x0504 TermDD - ok

18:33:43.0387 0x0504 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll

18:33:43.0402 0x0504 TermService - ok

18:33:43.0433 0x0504 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

18:33:43.0433 0x0504 Themes - ok

18:33:43.0449 0x0504 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

18:33:43.0449 0x0504 THREADORDER - ok

18:33:43.0465 0x0504 [ 1BB77ECCBFA3675B1EE8D6D6D37A1E1E, 6C22ED2FC9FF1EDFAFFA9C5F89A65D348B45F0087885401D056D6448F56F97AF ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys

18:33:43.0465 0x0504 TPDIGIMN - ok

18:33:43.0480 0x0504 [ 88F81D810FF16AC65B02643DAF308D4F, FDD4AFD1836D2CB528F92A788CEEC0D7800CC18B861E7D7601DA69543F0AD315 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe

18:33:43.0480 0x0504 TPHDEXLGSVC - ok

18:33:43.0543 0x0504 [ 6FE3085AB39EA391FCABE7275C8A380C, A3BBD17237D29BE9C11E1CA15C89028218ECAEB5E1151047D12957CEB7F434E2 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

18:33:43.0543 0x0504 TPHKLOAD - ok

18:33:43.0589 0x0504 [ F7B2314456B1676777AA9FFEF6776B45, FC6B4909BB698BC9EC151EC68357F1C27725E8F0AF8074338FD9502B1DEBCD0B ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

18:33:43.0589 0x0504 TPHKSVC - ok

18:33:43.0605 0x0504 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys

18:33:43.0621 0x0504 TPM - ok

18:33:43.0652 0x0504 [ 6EE437A872E0184D6D09F65C5EA0AABA, BA3351A37B072FE687A8637C517BCA001023ED6CEB9D91E949609F4FD15A62BF ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys

18:33:43.0652 0x0504 TPPWRIF - ok

18:33:43.0667 0x0504 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

18:33:43.0683 0x0504 TrkWks - ok

18:33:43.0714 0x0504 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys

18:33:43.0730 0x0504 TrueSight - ok

18:33:43.0777 0x0504 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:33:43.0792 0x0504 TrustedInstaller - ok

18:33:43.0839 0x0504 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

18:33:43.0839 0x0504 tssecsrv - ok

18:33:43.0870 0x0504 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

18:33:43.0870 0x0504 TsUsbFlt - ok

18:33:43.0901 0x0504 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

18:33:43.0901 0x0504 TsUsbGD - ok

18:33:43.0917 0x0504 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

18:33:43.0917 0x0504 tunnel - ok

18:33:43.0948 0x0504 [ 4DAAE0413CD4E816258838E2FAFB3147, 7D45621A0148C2EEA4302A5852D9407DCEF1947936E9E840788F01625E869CDD ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys

18:33:43.0948 0x0504 TVTI2C - ok

18:33:43.0964 0x0504 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

18:33:43.0964 0x0504 uagp35 - ok

18:33:43.0979 0x0504 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

18:33:43.0995 0x0504 udfs - ok

18:33:44.0011 0x0504 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

18:33:44.0011 0x0504 UI0Detect - ok

18:33:44.0057 0x0504 [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

18:33:44.0057 0x0504 UleadBurningHelper - ok

18:33:44.0089 0x0504 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

18:33:44.0104 0x0504 uliagpkx - ok

18:33:44.0104 0x0504 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys

18:33:44.0104 0x0504 umbus - ok

18:33:44.0120 0x0504 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys

18:33:44.0120 0x0504 UmPass - ok

18:33:44.0135 0x0504 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll

18:33:44.0151 0x0504 UmRdpService - ok

18:33:44.0213 0x0504 [ 79E4991779D10F9475CA390473723554, 6DAC3543C4FB599CF8893FF59D99A8FC50757ED17CCF6CB3D25AC194A5F95625 ] Unchecky C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe

18:33:44.0213 0x0504 Unchecky - ok

18:33:44.0354 0x0504 [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

18:33:44.0416 0x0504 UNS - ok

18:33:44.0463 0x0504 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

18:33:44.0463 0x0504 upnphost - ok

18:33:44.0510 0x0504 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

18:33:44.0510 0x0504 USBAAPL64 - ok

18:33:44.0572 0x0504 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

18:33:44.0572 0x0504 usbaudio - ok

18:33:44.0603 0x0504 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

18:33:44.0603 0x0504 usbccgp - ok

18:33:44.0650 0x0504 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys

18:33:44.0650 0x0504 usbcir - ok

18:33:44.0666 0x0504 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys

18:33:44.0666 0x0504 usbehci - ok

18:33:44.0681 0x0504 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

18:33:44.0697 0x0504 usbhub - ok

18:33:44.0713 0x0504 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys

18:33:44.0713 0x0504 usbohci - ok

18:33:44.0728 0x0504 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys

18:33:44.0728 0x0504 usbprint - ok

18:33:44.0759 0x0504 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:33:44.0759 0x0504 USBSTOR - ok

18:33:44.0775 0x0504 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

18:33:44.0775 0x0504 usbuhci - ok

18:33:44.0806 0x0504 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

18:33:44.0806 0x0504 usbvideo - ok

18:33:44.0822 0x0504 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

18:33:44.0837 0x0504 UxSms - ok

18:33:44.0837 0x0504 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe

18:33:44.0837 0x0504 VaultSvc - ok

18:33:44.0853 0x0504 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

18:33:44.0853 0x0504 vdrvroot - ok

18:33:44.0884 0x0504 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe

18:33:44.0900 0x0504 vds - ok

18:33:44.0915 0x0504 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

18:33:44.0915 0x0504 vga - ok

18:33:44.0931 0x0504 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

18:33:44.0931 0x0504 VgaSave - ok

18:33:44.0947 0x0504 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

18:33:44.0947 0x0504 vhdmp - ok

18:33:44.0978 0x0504 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys

18:33:44.0978 0x0504 viaide - ok

18:33:45.0071 0x0504 [ C83F1D1D58BF216E5B03A38D810A8F7A, 2874151BB6B931BC7D7AA49E5CC319A8355AA0D127015FC4755FF71F98288B0C ] Virtual CDAudio Service C:\Program Files (x86)\Audials\Audials 10\VCDWriter\64\VCDAudioService.exe

18:33:45.0071 0x0504 Virtual CDAudio Service - ok

18:33:45.0103 0x0504 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys

18:33:45.0118 0x0504 vmbus - ok

18:33:45.0118 0x0504 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

18:33:45.0134 0x0504 VMBusHID - ok

18:33:45.0149 0x0504 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys

18:33:45.0149 0x0504 volmgr - ok

18:33:45.0165 0x0504 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

18:33:45.0181 0x0504 volmgrx - ok

18:33:45.0196 0x0504 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys

18:33:45.0196 0x0504 volsnap - ok

18:33:45.0212 0x0504 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

18:33:45.0212 0x0504 vsmraid - ok

18:33:45.0274 0x0504 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe

18:33:45.0321 0x0504 VSS - ok

18:33:45.0508 0x0504 [ 42E5B5428401F7CB56A5D585DCE46982, 1A2A24D32E1B1408071408BA9ADCE9A84A4E92C7B81469FCF9DC65EB8F0AFF89 ] vToolbarUpdater18.1.9 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe

18:33:45.0539 0x0504 vToolbarUpdater18.1.9 - ok

18:33:45.0555 0x0504 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

18:33:45.0555 0x0504 vwifibus - ok

18:33:45.0571 0x0504 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

18:33:45.0586 0x0504 vwififlt - ok

18:33:45.0602 0x0504 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

18:33:45.0602 0x0504 vwifimp - ok

18:33:45.0633 0x0504 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

18:33:45.0649 0x0504 W32Time - ok

18:33:45.0664 0x0504 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

18:33:45.0664 0x0504 WacomPen - ok

18:33:45.0742 0x0504 [ FB78C5AAD079B5322B58EAEF8E76A127, CB07034EF718D4EF993A22A2DD2ED161003243DACEE521A2B818E5FCB0AC9D09 ] WACService C:\Program Files (x86)\Wondershare\Wondershare Application Center\WACService.exe

18:33:45.0758 0x0504 WACService - ok

18:33:45.0773 0x0504 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

18:33:45.0773 0x0504 WANARP - ok

18:33:45.0773 0x0504 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

18:33:45.0773 0x0504 Wanarpv6 - ok

18:33:45.0851 0x0504 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

18:33:45.0883 0x0504 WatAdminSvc - ok

18:33:45.0945 0x0504 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe

18:33:45.0976 0x0504 wbengine - ok

18:33:45.0992 0x0504 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

18:33:45.0992 0x0504 WbioSrvc - ok

18:33:46.0023 0x0504 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll

18:33:46.0039 0x0504 wcncsvc - ok

18:33:46.0054 0x0504 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:33:46.0054 0x0504 WcsPlugInService - ok

18:33:46.0070 0x0504 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys

18:33:46.0070 0x0504 Wd - ok

18:33:46.0132 0x0504 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

18:33:46.0148 0x0504 Wdf01000 - ok

18:33:46.0179 0x0504 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

18:33:46.0179 0x0504 WdiServiceHost - ok

18:33:46.0179 0x0504 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

18:33:46.0179 0x0504 WdiSystemHost - ok

18:33:46.0241 0x0504 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll

18:33:46.0241 0x0504 WebClient - ok

18:33:46.0257 0x0504 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

18:33:46.0273 0x0504 Wecsvc - ok

18:33:46.0273 0x0504 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

18:33:46.0288 0x0504 wercplsupport - ok

18:33:46.0304 0x0504 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

18:33:46.0304 0x0504 WerSvc - ok

18:33:46.0335 0x0504 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

18:33:46.0335 0x0504 WfpLwf - ok

18:33:46.0351 0x0504 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

18:33:46.0351 0x0504 WIMMount - ok

18:33:46.0413 0x0504 [ 1EDBBF412A382550AF6EB35F5E46928E, 23FC32929913CF784A78C334D0B0E9D812EA6BDF70BB5C993DDE492CBEE8265E ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys

18:33:46.0429 0x0504 winachsf - ok

18:33:46.0444 0x0504 WinDefend - ok

18:33:46.0460 0x0504 WinHttpAutoProxySvc - ok

18:33:46.0507 0x0504 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

18:33:46.0507 0x0504 Winmgmt - ok

18:33:46.0538 0x0504 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\BatteryCare\WinRing0x64.sys

18:33:46.0538 0x0504 WinRing0_1_2_0 - ok

18:33:46.0631 0x0504 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll

18:33:46.0678 0x0504 WinRM - ok

18:33:46.0725 0x0504 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys

18:33:46.0725 0x0504 WinUsb - ok

18:33:46.0756 0x0504 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

18:33:46.0787 0x0504 Wlansvc - ok

18:33:46.0819 0x0504 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

18:33:46.0819 0x0504 wlcrasvc - ok

18:33:46.0943 0x0504 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:33:46.0990 0x0504 wlidsvc - ok

18:33:47.0021 0x0504 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

18:33:47.0021 0x0504 WmiAcpi - ok

18:33:47.0053 0x0504 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

18:33:47.0053 0x0504 wmiApSrv - ok

18:33:47.0084 0x0504 WMPNetworkSvc - ok

18:33:47.0099 0x0504 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

18:33:47.0099 0x0504 WPCSvc - ok

18:33:47.0115 0x0504 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

18:33:47.0115 0x0504 WPDBusEnum - ok

18:33:47.0131 0x0504 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

18:33:47.0131 0x0504 ws2ifsl - ok

18:33:47.0146 0x0504 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll

18:33:47.0146 0x0504 wscsvc - ok

18:33:47.0146 0x0504 WSearch - ok

18:33:47.0240 0x0504 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll

18:33:47.0302 0x0504 wuauserv - ok

18:33:47.0333 0x0504 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

18:33:47.0349 0x0504 WudfPf - ok

18:33:47.0365 0x0504 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

18:33:47.0365 0x0504 WUDFRd - ok

18:33:47.0396 0x0504 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

18:33:47.0396 0x0504 wudfsvc - ok

18:33:47.0427 0x0504 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll

18:33:47.0427 0x0504 WwanSvc - ok

18:33:47.0443 0x0504 [ E8F3FA126A06F8E7088F63757112A186, FC742ECA6DD823C5B17A514EC4473F65EE290FA6501370675B3628FD881A1C4B ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys

18:33:47.0443 0x0504 XAudio - ok

18:33:47.0489 0x0504 [ 9B367B2F35F85B4B60F797E523076C56, 90379D032862A08207CF3D410B6333D322ADF61836EBDCA998E21B1D7A2A2011 ] _wfcs C:\Program Files\Windows Firewall Control\wfcs.exe

18:33:47.0489 0x0504 _wfcs - ok

18:33:47.0521 0x0504 ================ Scan global ===============================

18:33:47.0552 0x0504 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

18:33:47.0583 0x0504 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

18:33:47.0599 0x0504 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

18:33:47.0614 0x0504 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

18:33:47.0645 0x0504 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

18:33:47.0661 0x0504 [ Global ] - ok

18:33:47.0661 0x0504 ================ Scan MBR ==================================

18:33:47.0677 0x0504 [ 5E7AD3EE7E16FBD055DBBE3FA3364F04 ] \Device\Harddisk0\DR0

18:33:47.0895 0x0504 \Device\Harddisk0\DR0 - ok

18:33:47.0895 0x0504 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1

18:33:47.0911 0x0504 \Device\Harddisk1\DR1 - ok

18:33:47.0911 0x0504 ================ Scan VBR ==================================

18:33:47.0911 0x0504 [ 8D3E1F4E8DCE63D51AB831A5530C20AC ] \Device\Harddisk0\DR0\Partition1

18:33:47.0911 0x0504 \Device\Harddisk0\DR0\Partition1 - ok

18:33:47.0911 0x0504 [ C0A77373FE84162B69174BF1B29ABC0C ] \Device\Harddisk0\DR0\Partition2

18:33:47.0911 0x0504 \Device\Harddisk0\DR0\Partition2 - ok

18:33:47.0911 0x0504 [ 4066C754637544CB6B69A9EBFB06DA28 ] \Device\Harddisk0\DR0\Partition3

18:33:47.0926 0x0504 \Device\Harddisk0\DR0\Partition3 - ok

18:33:47.0926 0x0504 [ 06AB0ADB549AE40981B2146593F9C6CB ] \Device\Harddisk0\DR0\Partition4

18:33:47.0926 0x0504 \Device\Harddisk0\DR0\Partition4 - ok

18:33:47.0926 0x0504 [ 19205081D1E46E2C45C6CAA912CF4930 ] \Device\Harddisk1\DR1\Partition1

18:33:47.0926 0x0504 \Device\Harddisk1\DR1\Partition1 - ok

18:33:47.0926 0x0504 ================ Scan generic autorun ======================

18:33:47.0942 0x0504 [ 2508FA41A1B58C97D94FFF044111492F, 656AC5EC110C5F8CE68CE1962D6B2CBD47EE6CE20A181C88BB1E5481793F0578 ] C:\Windows\system32\TpShocks.exe

18:33:47.0957 0x0504 TpShocks - ok

18:33:47.0989 0x0504 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe

18:33:47.0989 0x0504 ForteConfig - ok

18:33:48.0020 0x0504 [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe

18:33:48.0035 0x0504 SmartAudio - ok

18:33:48.0082 0x0504 [ BC207C1E1044F7B5DABF371457125513, 0D8C7895C03DFB7DCE31ECF9134D7F837D5D928AE9A5601F140C1D6579FB0287 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe

18:33:48.0082 0x0504 LENOVO.TPKNRRES - ok

18:33:48.0160 0x0504 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

18:33:48.0176 0x0504 AdobeAAMUpdater-1.0 - ok

18:33:48.0223 0x0504 [ 609617A22E765492C54D8BB438D61B23, 3C28D4B2929D88CB4D3595049F4F740A33E1A92215AC8DF0E481CCB558F0617F ] C:\Windows\system32\igfxtray.exe

18:33:48.0223 0x0504 IgfxTray - ok

18:33:48.0238 0x0504 [ 23177B5ED7BA205D2DACD7709E606BBB, CE35E9E348F8018B1153A287C298F9C79E8893E53EFF4E394D322991B5232685 ] C:\Windows\system32\hkcmd.exe

18:33:48.0254 0x0504 HotKeysCmds - ok

18:33:48.0269 0x0504 [ D16EADD5B8072DF424A23C12D41A3433, 714D45563A051317A21016E5C85B4BAA536C594D83E008C4CADD4F2EE8F50C83 ] C:\Windows\system32\igfxpers.exe

18:33:48.0285 0x0504 Persistence - ok

18:33:48.0332 0x0504 [ B0C52A038B318257412437F99406D39F, 6ABCEB2AC7883CE97C24394A4F113DE13F717ED80B94FAEBCE8BE1A5FE3BD7D2 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe

18:33:48.0347 0x0504 AcWin7Hlpr - ok

18:33:48.0363 0x0504 [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

18:33:48.0363 0x0504 NUSB3MON - ok

18:33:48.0394 0x0504 [ 49FBD026C73B6EFBFD3F58E641E39411, A2B80515D5107AD9817036B118D141F7A7306C372D54211A0B9687DB12D715FA ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe

18:33:48.0394 0x0504 IMSS - ok

18:33:48.0550 0x0504 [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe

18:33:48.0644 0x0504 Lenovo Registration - ok

18:33:48.0706 0x0504 [ 32E0D290A7709D494A45CC25CCCBD5FC, B30774B9BF05A8FA904459B3E2376A184A59AD20AAED280158CFDBCB4A96DB6B ] C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe

18:33:48.0722 0x0504 DNS7reminder - ok

18:33:48.0784 0x0504 [ 71CE443AFC916B957D3B74A3B152A836, F45FA568A0566CF70DF94FE85ACDB47A0EE9B1A01978F0CFCAD48252366BB8C9 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe

18:33:48.0784 0x0504 BlueStacks Agent - ok

18:33:48.0909 0x0504 [ 371BA71B566260932DCCCF843BF6C7E7, 3F34769DD1EA9C6CBAA3DC099B2512E4D5B888A6B76A568BB79ED08452C7EA17 ] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

18:33:48.0971 0x0504 AVG_TRAY - ok

18:33:49.0065 0x0504 [ E0A06707C91A18859AEBDD4FCEA734F7, BB0CF2847C8BCF696830BF5157A4AE7AB9AC4CC0978E64955F674BD10B556879 ] C:\Program Files (x86)\AVG Secure Search\vprot.exe

18:33:49.0127 0x0504 vProt - ok

18:33:49.0159 0x0504 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

18:33:49.0174 0x0504 SwitchBoard - ok

18:33:49.0174 0x0504 PWMTRV - ok

18:33:49.0221 0x0504 [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

18:33:49.0221 0x0504 RotateImage - ok

18:33:49.0268 0x0504 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

18:33:49.0268 0x0504 APSDaemon - ok

18:33:49.0299 0x0504 LastApp - ok

18:33:49.0361 0x0504 [ 1C86D0C84FF3870A3E13808B853C040A, 129B757C9ED918EAA821F77D70C8DDAABC33E7E2929CF48ECD6AEB370D1F43CF ] C:\Program Files (x86)\AirPort\APAgent.exe

18:33:49.0377 0x0504 AirPort Base Station Agent - ok

18:33:49.0439 0x0504 [ 9ACCBC5891BA51B5B29C1A88F80D4CE3, 4EA3D9CB239874232AE0D7F824AF8CC7AD9BB4657CB9978B41067B4447FBE71B ] C:\Program Files (x86)\QuickTime\QTTask.exe

18:33:49.0439 0x0504 QuickTime Task - ok

18:33:49.0517 0x0504 [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

18:33:49.0564 0x0504 AdobeCS6ServiceManager - ok

18:33:49.0595 0x0504 [ AA16204FD1F75637E8EAEB593A8FA597, 4C429E19591ED62BED4AE123383C3FFF96F9CE13950B5AB084D787B5C0DBD40F ] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE

18:33:49.0611 0x0504 PWRISOVM.EXE - ok

18:33:49.0705 0x0504 [ 16AEDBEBD92D1ECBA79BCEB09ED90F32, EE63C6D772FFE1F6428EA49268B07D0DA1CE0733C2B20C141E4BA7BFD6AB56CC ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe

18:33:49.0736 0x0504 Acrobat Assistant 8.0 - ok

18:33:49.0751 0x0504 [ 675768F27997468394AEF7A785ACD28C, A8549CAD3BA56D95612BA1087AB1A7E3805E774B3CF8EB605884CDC71195CA82 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe

18:33:49.0751 0x0504 Adobe Acrobat Speed Launcher - ok

18:33:49.0798 0x0504 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe

18:33:49.0798 0x0504 IndexSearch - ok

18:33:49.0814 0x0504 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe

18:33:49.0814 0x0504 PaperPort PTD - ok

18:33:49.0892 0x0504 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe

18:33:49.0907 0x0504 PDFHook - ok

18:33:49.0923 0x0504 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe

18:33:49.0923 0x0504 PDF5 Registry Controller - ok

18:33:49.0970 0x0504 [ 053E2A1DAA1AE4171A863BDE73872DB3, 644E70AE998E7115F7452949BB5FAFD3939FD54C89E9E742FF535AE9131AAF49 ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe

18:33:49.0970 0x0504 ControlCenter4 - ok

18:33:50.0157 0x0504 [ FBE2F33BBFF0F9592F552FD3BA41F8AC, 7126FBEEB4CD5A1B6F084503598E616905957FD364E4576BDFF4DB75FE660B17 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

18:33:50.0266 0x0504 BrStsMon00 - ok

18:33:50.0344 0x0504 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

18:33:50.0375 0x0504 Sidebar - ok

18:33:50.0391 0x0504 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

18:33:50.0407 0x0504 mctadmin - ok

18:33:50.0438 0x0504 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

18:33:50.0453 0x0504 Sidebar - ok

18:33:50.0453 0x0504 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

18:33:50.0469 0x0504 mctadmin - ok

18:33:50.0500 0x0504 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

18:33:50.0516 0x0504 Sidebar - ok

18:33:50.0516 0x0504 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

18:33:50.0531 0x0504 mctadmin - ok

18:33:50.0578 0x0504 [ ACEFD6542E57287953773134FA050788, 999CE93AD27B1D86396BD1F74895FEF4D9BC9C657D587BFD7D242075B4353B0D ] C:\Program Files\PC-Doctor\EnableToolbarW32.exe

18:33:50.0578 0x0504 LTT - ok

18:33:50.0609 0x0504 [ 6D9E1356A9C1B5F36698FAFF9205E34A, A7E37C2C0F1F35F5434144D5F1D282858D6B3CE995BE6612BA22FB7E83793F77 ] C:\Program Files (x86)\Xvid\CheckUpdate.exe

18:33:50.0609 0x0504 Xvid - ok

18:33:50.0687 0x0504 [ D3F0452392C45081D8866A92C86D1C7C, A746ED0D69FC51D974B445AB387C7315B70D7555B7499945A1D64F3E8A865340 ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

18:33:50.0687 0x0504 ISUSPM - ok

18:33:50.0797 0x0504 [ 390679F7A217A5E73D756276C40AE887, 3EDFB645B2F58864E653C66516D6D48C4F9D691CFD51D91D4D88E316EE7B7177 ] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

18:33:50.0843 0x0504 SpybotSD TeaTimer - ok

18:33:50.0906 0x0504 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

18:33:50.0921 0x0504 Sidebar - ok

18:33:50.0953 0x0504 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

18:33:50.0953 0x0504 mctadmin - ok

18:33:51.0031 0x0504 AV detected via SS2: AVG Internet Security 2012, C:\Program Files (x86)\AVG\AVG2012\avgwsc.exe ( 12.0.0.2222 ), 0x41000 ( enabled : updated )

18:33:51.0062 0x0504 Win FW state via NFP2: enabled

18:33:51.0062 0x0504 ============================================================

18:33:51.0062 0x0504 Scan finished

18:33:51.0062 0x0504 ============================================================

18:33:51.0062 0x04fc Detected object count: 0

18:33:51.0062 0x04fc Actual detected object count: 0

18:33:56.0444 0x04d8 Deinitialize success



#6 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 01 January 2015 - 11:29 PM

I ran the scans in the order advised, but did not post them in that order due to the problems I was having with posting the larger logs.

Thought I'd try the shorter ones first, as I had no idea what the character count limit is.

 

Ellen



#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 03 January 2015 - 07:20 AM

Hi

Please do the following next:

:step1:

We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    spybotmode.png
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    spybottools.png
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active"
  • Close/Exit Spybot Search and Destroy
:step2:


# Running from : C:\Users\Ellen\Downloads\AdwCleaner Download\AdwCleaner.exe

Please make sure you are following my instructions

Please download it to your Desktop, run it from there, then press the clean button. You can find the logfile at C:\AdwCleaner[S1].txt as well. Post the contents of AdwCleaner[S1].txt in your next reply.

:step3:
  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.
Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

:step4:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 04 January 2015 - 10:55 PM

Hi,  Here are the logs. 

 

# AdwCleaner v4.106 - Report created 03/01/2015 at 22:14:14

# Updated 21/12/2014 by Xplode

# Database : 2015-01-03.1 [Live]

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Ellen - W520

# Running from : C:\Users\Ellen\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\NCH Software

Folder Deleted : C:\ProgramData\Partner

Folder Deleted : C:\ProgramData\8864249047948690505

Folder Deleted : C:\Program Files (x86)\AVG Secure Search

Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar

Folder Deleted : C:\Program Files (x86)\NCH Software

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\Users\Ellen\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Ellen\AppData\Local\CrashRpt

Folder Deleted : C:\Users\Ellen\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Ellen\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Ellen\AppData\Roaming\NCH Software

Folder Deleted : C:\Users\Ellen\AppData\Roaming\pdfforge

[!] Folder Deleted : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\78ntpn0e.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

Folder Deleted : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Deleted : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

File Deleted : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\78ntpn0e.default\invalidprefs.js

File Deleted : C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\78ntpn0e.default\user.js

File Deleted : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage

File Deleted : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage

File Deleted : C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

 

***** [ Shortcuts ] *****

 

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Key Deleted : HKCU\Software\Classes\pokki

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

Key Deleted : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\S

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{22848257-6A2D-4D2A-8D56-C886D25B8B58}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\IGearSettings

Key Deleted : HKCU\Software\Pokki

Key Deleted : HKLM\SOFTWARE\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

 

-\\ Mozilla Firefox v23.0 (en-US)

 

-\\ Google Chrome v39.0.2171.95

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={31298804-5DB8-449A-81A3-F11A4B3C492A}&mid=49758ab14f3947d197182197b749a1ba-040bb4a4e883369cae0e03e852637d52f6ee5b54&lang=en&ds=AVG&pr=fr&d=2012-11-21 18:00:26&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ippkomaaonokjnfjoikaemidanojkfmm

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl

[C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : pacgpkgadgmibnhpdidcnfafllnmeomc

*************************

AdwCleaner[R0].txt - [11059 octets] - [01/01/2015 22:18:56]

AdwCleaner[R1].txt - [8704 octets] - [03/01/2015 21:38:49]

AdwCleaner[S0].txt - [8628 octets] - [03/01/2015 22:14:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8688 octets] ##########

 

MALWAREBYTES LOG

When I ran the scan, the program advised that it found no threats.

 

I'm running Malwarebytes Premium version 2.0.4.1028.  The choices for a scan are Threat (our most capable....), Custom, and Hyper (quick).  I ran the Threat scan. I don't remember the exact time I ran the scan and the program logs automatic scans and events, so I hope that I've pasted in the logs for the most recent "threat" scan I ran.

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Update, 1/4/2015 12:29:38 AM, SYSTEM, W520, Scheduler, Malware Database, 2015.1.4.3, 2015.1.4.5,

Protection, 1/4/2015 12:29:55 AM, SYSTEM, W520, Protection, Refresh, Starting,

Protection, 1/4/2015 12:29:55 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopping,

Protection, 1/4/2015 12:29:55 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopped,

Protection, 1/4/2015 12:30:09 AM, SYSTEM, W520, Protection, Refresh, Success,

Protection, 1/4/2015 12:30:10 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 12:30:24 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Update, 1/4/2015 1:40:48 AM, SYSTEM, W520, Scheduler, Malware Database, 2015.1.4.5, 2015.1.4.6,

Protection, 1/4/2015 1:40:48 AM, SYSTEM, W520, Protection, Refresh, Starting,

Protection, 1/4/2015 1:40:48 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopping,

Protection, 1/4/2015 1:40:49 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopped,

Protection, 1/4/2015 1:41:02 AM, SYSTEM, W520, Protection, Refresh, Success,

Protection, 1/4/2015 1:41:03 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 1:41:04 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Scan, 1/4/2015 3:09:01 AM, SYSTEM, W520, Manual, Start:1/4/2015 2:35:23 AM, Duration:33 min 4 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,

Update, 1/4/2015 8:15:23 AM, SYSTEM, W520, Scheduler, Malware Database, 2015.1.4.6, 2015.1.4.7,

Protection, 1/4/2015 8:15:24 AM, SYSTEM, W520, Protection, Refresh, Starting,

Protection, 1/4/2015 8:15:24 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopping,

Protection, 1/4/2015 8:15:24 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopped,

Protection, 1/4/2015 8:15:38 AM, SYSTEM, W520, Protection, Refresh, Success,

Protection, 1/4/2015 8:15:38 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 8:15:39 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Protection, 1/4/2015 9:14:36 AM, SYSTEM, W520, Protection, Malware Protection, Starting,

Protection, 1/4/2015 9:14:37 AM, SYSTEM, W520, Protection, Malware Protection, Started,

Protection, 1/4/2015 9:14:37 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 9:16:26 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Update, 1/4/2015 9:19:20 AM, SYSTEM, W520, Scheduler, Malware Database, 2015.1.4.7, 2015.1.4.8,

Protection, 1/4/2015 9:19:20 AM, SYSTEM, W520, Protection, Refresh, Starting,

Protection, 1/4/2015 9:19:20 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopping,

Protection, 1/4/2015 9:19:21 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopped,

Protection, 1/4/2015 9:19:35 AM, SYSTEM, W520, Protection, Refresh, Success,

Protection, 1/4/2015 9:19:35 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 9:19:48 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Update, 1/4/2015 10:42:12 AM, SYSTEM, W520, Scheduler, Malware Database, 2015.1.4.8, 2015.1.4.9,

Protection, 1/4/2015 10:42:12 AM, SYSTEM, W520, Protection, Refresh, Starting,

Protection, 1/4/2015 10:42:12 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopping,

Protection, 1/4/2015 10:42:12 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopped,

Protection, 1/4/2015 10:42:27 AM, SYSTEM, W520, Protection, Refresh, Success,

Protection, 1/4/2015 10:42:27 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 10:42:28 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Update, 1/4/2015 11:30:41 AM, SYSTEM, W520, Scheduler, Malware Database, 2015.1.4.9, 2015.1.4.10,

Protection, 1/4/2015 11:30:41 AM, SYSTEM, W520, Protection, Refresh, Starting,

Protection, 1/4/2015 11:30:41 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopping,

Protection, 1/4/2015 11:30:41 AM, SYSTEM, W520, Protection, Malicious Website Protection, Stopped,

Protection, 1/4/2015 11:30:55 AM, SYSTEM, W520, Protection, Refresh, Success,

Protection, 1/4/2015 11:30:55 AM, SYSTEM, W520, Protection, Malicious Website Protection, Starting,

Protection, 1/4/2015 11:30:56 AM, SYSTEM, W520, Protection, Malicious Website Protection, Started,

Scan, 1/4/2015 12:00:27 PM, SYSTEM, W520, Manual, Start:1/4/2015 11:58:52 AM, Duration:0 min 58 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections

 

<?xml version="1.0" encoding="UTF-16" ?>

<mbam-log>

<header>

<date>2015/01/04 02:35:23 -0500</date>

<logfile>mbam-log-2015-01-04 (02-35-22).xml</logfile>

<isadmin>yes</isadmin>

</header>

<engine>

<version>2.00.4.1028</version>

<malware-database>v2015.01.04.06</malware-database>

<rootkit-database>v2014.12.30.01</rootkit-database>

<license>premium</license>

<file-protection>enabled</file-protection>

<web-protection>enabled</web-protection>

<self-protection>disabled</self-protection>

</engine>

<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x64</arch>

<username>Ellen</username>

<filesys>NTFS</filesys>

</system>

<summary>

<type>threat</type>

<result>completed</result>

<objects>422769</objects>

<time>1984</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>0</folders>

<files>0</files>

<sectors>0</sectors>

</summary>

<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>warn</pup>

<pum>warn</pum>

</options>

<items>

</items>

</mbam-log>

 

 

ESET LOG:

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switch.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Switch\switchsetup_v4.35.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\WavePad\wavepad.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\WavePad\wavepadsetup_v5.31.exe.vir a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined

C:\Program Files (x86)\AVStoDVD\ImgBurn\SetupImgBurn_2.5.5.0.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

D:\Downloaded Programs\auslogics-registry-cleaner-setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

D:\Downloaded Programs\AVStoDVD_242_Install.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

D:\Downloaded Programs\burnaware_free.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

D:\Downloaded Programs\cbsidlm-cbsi3_2_5_53-Wondershare_PDF_to_Word-10920472.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined

D:\Downloaded Programs\disk-defrag-setup.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

D:\Downloaded Programs\m4a-to-mp3-converter.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

D:\Downloaded Programs\SetupImgBurn_2.5.6.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined

D:\Downloaded Programs\SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined

D:\Downloaded Programs\Any Video Converter 3.1.6 Free Download\avc-free.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\Downloaded Programs\Any Video Converter 5.0.9 Download\avc-free.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\Downloaded Programs\BatteryCare Download\SetupBatteryCare.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\Downloaded Programs\BatteryCare Download\SetupBatteryCare.zip Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\Downloaded Programs\Lead Manager Database Download\oi_leadmanager_setupexe.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\Downloaded Programs\mIRC Download\mirc729exe.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\Downloaded Programs\PDF Creator 1.4.3. Download\PDFCreator-1_4_3_setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

D:\Downloaded Programs\PDF-Exchange Viewer Download\PDFXVwer.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined

D:\Downloaded Programs\Simply Contacts Database Download\oi_SCDSTD28exe.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\Downloaded Programs\SSuite Database Download\oi_SSuiteMonoBase2zip.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined

D:\Downloaded Programs\Switch Audio File Converter Download\switchsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined

D:\Downloaded Programs\SynciOS Download\syncios.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

 

Thanks again for your help.



#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 05 January 2015 - 01:46 PM

Hi How is the computer running now?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 05 January 2015 - 08:29 PM

Fine now.  Thank you so much for your help.  

 

Some of the programs seemed to have changed browser settings. I put back the ones I wanted and figure that's to be expected?

 

I do have a question about toolbars.  Do you recommend avoiding all software that adds an unwanted toolbar or do you feel it's okay to install them and then disable and/or remove the toolbar if you miss declining their install during a custom install?



#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 06 January 2015 - 07:19 PM

Hi

 

You're welcome.
 

 

Some of the programs seemed to have changed browser settings. I put back the ones I wanted and figure that's to be expected?

Malware can easily change these settings so it can happen that settings need to be reset.

 

I do have a question about toolbars.  Do you recommend avoiding all software that adds an unwanted toolbar or do you feel it's okay to install them and then disable and/or remove the toolbar if you miss declining their install during a custom install?

One should always check what you are giving permission to be installed - eg both visible text, checkboxes, and small print (licence agreement) for the software. Prevention is better than cure. I you do install something by mistake, you can try uninstalling it. If it doesn't uninstall fully then I'ld advise seeking guidance from trained helpers.

 

Edit: We haven't finished yet. I'll post some further instructions soon.


Edited by dev00790, 06 January 2015 - 07:20 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 06 January 2015 - 07:21 PM

I've edited my previous post.


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 10 January 2015 - 01:07 PM

Hi It's been 3 days since my last post. Do you still need help?


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 ellentk

ellentk
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 10 January 2015 - 08:06 PM

You said you'd post further instructions? My system is running well and I haven't seen any unwanted and suspicious programs running in task manager or listed in startup. 



#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:44 AM

Posted 12 January 2015 - 08:01 PM

Hi Sorry for the delay. I'll post instructions soon.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users