Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer has severely slowed (mouse is now jerky) - possible MBR infection?


  • This topic is locked This topic is locked
72 replies to this topic

#1 RALehrer

RALehrer

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 28 April 2015 - 05:35 PM

Hi, thanks in advance for your help.
 
My computer has slowed down to the point where it is nearly impractical to use.
 
I have installed/running McAfee Internet Security, as well as Spy Hunter whose registration I allowed to lapse some time ago.  (I have kept it running though as it alerts me before processes run / DNS changes etc.)  A scan on Spy Hunter revealed two significant issues: an "MBR infection/rootkit" and "PUP.crossrider".
 
I thought it might be helpful to post here in lieu (or in addition to?) renewing the subscription.
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2015 01
Ran by Raphael (administrator) on RAPHAEL-GENEKEY on 28-04-2015 15:21:22
Running from C:\Users\Raphael\Downloads
Loaded Profiles: Raphael (Available profiles: UpdatusUser & Raphael)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mstart.exe
(VSee Lab, Inc.) C:\Users\Raphael\AppData\Roaming\VSeeInstall\vsee.exe
(Flux Software LLC) C:\Users\Raphael\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcchhost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mcomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mlauncher.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Labtiva Inc.) C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\SMTrayNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [384296 2013-08-21] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295720 2013-10-15] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2015-02-25] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-16] (Lenovo)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [GoToMeeting] => C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mstart.exe [44400 2015-04-18] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [VSee] => C:\Users\Raphael\AppData\Roaming\VSeeInstall\vsee.exe [21836856 2015-03-20] (VSee Lab, Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [f.lux] => C:\Users\Raphael\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [Google Update] => C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-13] (Google Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [ReadCube] => C:\Users\Raphael\AppData\Local\com.readcube.Desktop\application\ReadCube.exe [150800 2013-11-17] ()
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [GoogleChromeAutoLaunch_CC511909F5F6494383B29BB5A3D17377] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866120 2015-04-13] (Google Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\MountPoints2: {c7ae1dd9-0323-42e7-8e9a-e2ae160f41f1} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2015-02-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2015-02-25] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2013-11-12]
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> DefaultScope {1F831B7B-8433-41BB-8238-3F0D7E05CE81} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US667D20150307&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> {1F831B7B-8433-41BB-8238-3F0D7E05CE81} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US667D20150307&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-10] (Symantec Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-10] (Symantec Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Raphael\AppData\Roaming\Mozilla\Firefox\Profiles\8xmjsvr9.default
FF DefaultSearchEngine: Secure Search
FF DefaultSearchEngine.US: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Keyword.URL: https://search.yahoo.com/search?fr=mcafee&type=B111US667D20150307&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-05] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-05] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Raphael\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Raphael\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @talk.google.com/O1DPlugin -> C:\Users\Raphael\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Raphael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Raphael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: vsee.com/VSeeDetection -> C:\Users\Raphael\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2014-02-27] (VSee Lab)
FF Plugin ProgramFiles/Appdata: C:\Users\Raphael\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Raphael\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-28]
FF Extension: Goko Dominion Salvager BETA - C:\Users\Raphael\AppData\Roaming\Mozilla\Firefox\Profiles\8xmjsvr9.default\Extensions\jid1-R9otFQC4GvKlUQ@jetpack [2014-09-15]
FF Extension: Greasemonkey - C:\Users\Raphael\AppData\Roaming\Mozilla\Firefox\Profiles\8xmjsvr9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2013-11-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-03-07]
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-03-07]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchKeyword: Default -> google_
CHR DefaultSearchURL: Default -> http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DeepDyve Plugin) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfpecihdjjdaocoeacnmdlcfnahpilc [2015-01-09]
CHR Extension: (SiteAdvisor) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-08]
CHR Extension: (Bookmark Manager) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Goko Dominion Salvager) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaignighoceeemhinbbophdeogpnedjn [2015-01-04]
CHR Extension: (Hangouts) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2014-11-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Webcam Toy) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-11-05]
CHR Extension: (Google Wallet) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-22]
CHR Extension: (SpeakIt!) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-08-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-04-08] (CrashPlan) [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8447848 2011-11-09] (DisplayLink Corp.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-16] (Lenovo)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-08-12] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197928 2013-10-15] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-10] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-02] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-10-18] (Enigma Software Group USA, LLC.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-10] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-14] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R1 ElRawDisk; C:\windows\system32\drivers\ElRawDsk.sys [30752 2013-09-15] (EldoS Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-16] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-02-25] (NVIDIA Corporation)
R1 RawDisk3; C:\windows\system32\drivers\rawdsk3.sys [32912 2014-07-13] (EldoS Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-09-26] (Synaptics Incorporated)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 SPUVCbv; System32\Drivers\SPUVCbv_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-28 15:21 - 2015-04-28 15:22 - 00034035 _____ () C:\Users\Raphael\Downloads\FRST.txt
2015-04-28 15:20 - 2015-04-28 15:21 - 00000000 ____D () C:\FRST
2015-04-28 15:18 - 2015-04-28 15:19 - 02100736 _____ (Farbar) C:\Users\Raphael\Downloads\FRST64.exe
2015-04-25 13:36 - 2015-04-25 13:36 - 00000000 ____D () C:\windows\SysWOW64\NV
2015-04-25 13:36 - 2015-04-25 13:36 - 00000000 ____D () C:\windows\system32\NV
2015-04-25 12:38 - 2015-04-25 12:38 - 00000000 ____D () C:\Users\Raphael\AppData\Local\NVIDIA
2015-04-25 12:33 - 2015-02-04 11:48 - 00617288 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00313256 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-04-23 15:44 - 2015-04-23 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-23 15:41 - 2015-04-23 15:43 - 30818216 _____ (Oracle Corporation) C:\Users\Raphael\Downloads\jre-7u55-windows-x64 (2).exe
2015-04-23 13:51 - 2015-04-23 13:54 - 43159464 _____ (Oracle Corporation) C:\Users\Raphael\Downloads\jre-8u45-windows-x64.exe
2015-04-21 20:23 - 2015-04-21 20:23 - 00000000 ____D () C:\Users\Raphael\AppData\Local\{50E1B8BB-5819-46E7-8AB5-E0D9867385AB}
2015-04-21 17:18 - 2015-04-21 17:18 - 04088365 _____ () C:\Users\Raphael\Downloads\p53_Handbook_2.0.pdf.zip
2015-04-21 17:16 - 2015-04-21 17:16 - 02413040 _____ () C:\Users\Raphael\Downloads\Edlund_et_al.zip
2015-04-21 17:11 - 2015-04-21 17:11 - 00071082 _____ () C:\Users\Raphael\Downloads\cleaned TT-101 nonsynonymous coding variations.xlsx
2015-04-21 16:49 - 2015-04-21 16:49 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (43).jnlp
2015-04-21 11:00 - 2015-04-21 11:00 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (42).jnlp
2015-04-19 15:43 - 2015-04-19 15:43 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (41).jnlp
2015-04-19 10:47 - 2015-04-19 10:47 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (40).jnlp
2015-04-18 18:33 - 2015-04-18 18:33 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (39).jnlp
2015-04-18 18:13 - 2015-04-18 18:14 - 12483827 _____ () C:\Users\Raphael\Downloads\UMDTP53_curated_2012_R1_US.xlsx.zip
2015-04-18 18:03 - 2015-04-18 18:03 - 00539294 _____ () C:\Users\Raphael\Downloads\TT-101 VEF export - nonsynonymous coding variants (1).vcf
2015-04-18 18:01 - 2015-04-18 18:01 - 00539294 _____ () C:\Users\Raphael\Downloads\TT-101 VEF export - nonsynonymous coding variants.vcf
2015-04-18 17:55 - 2015-04-18 17:56 - 04088365 _____ () C:\Users\Raphael\Downloads\p53_Hanbook_2.0.pdf.zip
2015-04-17 20:30 - 2015-04-23 15:14 - 01918535 _____ () C:\Users\Raphael\Downloads\TT-101v2 validation tool.xlsx
2015-04-17 16:30 - 2015-04-17 16:30 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (38).jnlp
2015-04-17 12:46 - 2015-04-17 12:46 - 00000000 ____D () C:\Users\Raphael\Tracing
2015-04-16 23:20 - 2015-04-16 23:20 - 01265141 _____ () C:\Users\Raphael\Documents\croco.pptx
2015-04-16 23:09 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2015-04-15 16:43 - 2015-04-15 16:43 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (37).jnlp
2015-04-14 12:15 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-14 12:15 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-14 12:15 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-14 12:15 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-14 12:15 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-14 12:15 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-14 12:15 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-14 12:15 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-14 12:15 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-14 12:15 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-14 12:15 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-14 12:15 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-14 12:15 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-14 12:15 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-14 12:15 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-14 12:15 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-14 12:15 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-14 12:15 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-14 12:15 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-14 12:15 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-14 12:15 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-14 12:15 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-14 12:15 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-14 12:15 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-14 12:15 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-14 12:15 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-14 12:15 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-14 12:15 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-14 12:15 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-14 12:15 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-14 12:15 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 12:15 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-14 12:15 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-14 12:15 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-14 12:15 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-14 12:15 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-14 12:15 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-14 12:15 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-14 12:15 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-14 12:15 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-14 12:15 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-14 12:15 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-14 12:15 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-14 12:15 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-14 12:15 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-14 12:15 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-14 12:15 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-14 12:15 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-14 12:15 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-14 12:15 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-14 12:15 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-14 12:15 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 12:15 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-14 12:15 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-14 12:15 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-14 12:15 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-14 12:15 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-14 12:15 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-14 12:15 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-14 12:15 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-14 12:15 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-14 12:15 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-14 12:15 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-14 12:15 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-14 12:15 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-14 12:15 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-14 12:15 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-14 12:15 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-14 12:15 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-14 12:15 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-14 12:15 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-14 12:15 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 12:15 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-14 12:15 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-14 12:15 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-14 12:15 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-14 12:15 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-14 12:15 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-14 12:15 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-14 12:15 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-14 12:15 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-14 12:15 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-14 12:15 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-14 12:15 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-14 12:15 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-14 12:15 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-14 12:15 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-14 12:15 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-14 12:15 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-14 12:15 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-14 12:15 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-14 12:15 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-14 12:15 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-14 12:15 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-14 12:12 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-14 12:12 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-14 12:12 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-13 21:24 - 2015-04-26 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-13 15:03 - 2015-04-13 15:04 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (36).jnlp
2015-04-08 14:40 - 2015-04-08 14:40 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (35).jnlp
2015-04-08 12:43 - 2015-04-08 12:43 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (34).jnlp
2015-04-08 12:39 - 2015-04-08 12:39 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (33).jnlp
2015-04-07 18:34 - 2015-04-07 18:34 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (32).jnlp
2015-04-07 15:28 - 2015-04-07 15:28 - 00003345 _____ () C:\Users\Raphael\Downloads\Flight_616_0530PM_11Apr2015.ics
2015-04-07 15:12 - 2015-04-07 15:12 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (31).jnlp
2015-04-07 10:51 - 2015-04-07 10:51 - 00002002 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-04-06 21:28 - 2015-04-06 21:28 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (30).jnlp
2015-04-06 16:00 - 2015-04-06 16:00 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (29).jnlp
2015-04-06 13:58 - 2015-04-06 13:58 - 07983616 _____ () C:\Users\Raphael\Downloads\10.1016-j.cell.2011.03.035Figure.ppt
2015-04-06 13:25 - 2015-04-06 13:26 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (28).jnlp
2015-04-06 13:22 - 2015-04-06 13:22 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (27).jnlp
2015-04-05 00:00 - 2015-04-05 00:01 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-05 00:00 - 2015-04-05 00:00 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-03 06:45 - 2015-04-03 06:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Sync
2015-03-29 21:12 - 2015-03-29 21:12 - 00008837 _____ () C:\Users\Raphael\Downloads\4954278067.html
2015-03-29 21:11 - 2015-03-29 21:11 - 00009730 _____ () C:\Users\Raphael\Downloads\4955114594.html
2015-03-29 21:07 - 2015-03-29 21:07 - 00009016 _____ () C:\Users\Raphael\Downloads\4955349837 (1).html
2015-03-29 21:06 - 2015-03-29 21:06 - 00009016 _____ () C:\Users\Raphael\Downloads\4955349837.html
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-28 15:21 - 2013-11-12 03:39 - 00000000 ____D () C:\Users\Raphael\Documents\Outlook Files
2015-04-28 15:19 - 2013-11-12 00:29 - 01123106 _____ () C:\windows\WindowsUpdate.log
2015-04-28 14:56 - 2014-05-13 15:28 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002UA.job
2015-04-28 14:55 - 2013-11-17 11:12 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-28 14:53 - 2014-01-27 17:54 - 00000574 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2449499492-303717644-1581424519-1002.job
2015-04-28 13:48 - 2013-11-12 12:06 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-04-28 13:42 - 2013-11-26 06:24 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\vlc
2015-04-28 03:50 - 2009-07-13 21:51 - 00187986 _____ () C:\windows\setupact.log
2015-04-28 03:47 - 2009-07-13 21:45 - 00034432 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-28 03:47 - 2009-07-13 21:45 - 00034432 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-28 03:40 - 2013-11-13 16:50 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-28 03:40 - 2009-07-13 22:13 - 00786622 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-28 03:35 - 2013-11-12 00:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-28 03:35 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-27 21:56 - 2014-05-13 15:28 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002Core.job
2015-04-26 15:13 - 2013-11-12 03:53 - 00000000 ____D () C:\Program Files\CrashPlan
2015-04-26 15:13 - 2010-11-20 20:47 - 03424336 _____ () C:\windows\PFRO.log
2015-04-25 12:37 - 2013-11-12 00:36 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-25 12:37 - 2013-11-12 00:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-25 12:37 - 2013-11-12 00:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-25 12:37 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\Help
2015-04-25 12:21 - 2014-09-18 10:25 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\LSC
2015-04-25 11:19 - 2013-11-28 17:23 - 00000000 ____D () C:\Users\Raphael\AppData\Local\CrashDumps
2015-04-24 21:51 - 2013-11-12 01:32 - 00000000 ____D () C:\Users\Raphael
2015-04-24 09:12 - 2013-12-26 17:21 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\Skype
2015-04-23 15:44 - 2014-11-17 13:57 - 00000000 ____D () C:\Program Files\Java
2015-04-23 15:07 - 2014-11-17 14:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-21 18:41 - 2014-06-02 15:20 - 00000000 ____D () C:\Users\Raphael\Documents\ReadCube Media
2015-04-21 17:58 - 2013-11-17 11:07 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\Mozilla
2015-04-21 15:01 - 2015-03-07 04:54 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-20 22:01 - 2009-07-13 20:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-04-20 21:07 - 2013-12-21 10:15 - 00000000 ____D () C:\Users\Raphael\AppData\Local\pyGraboid
2015-04-20 14:17 - 2009-07-13 22:08 - 00032546 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-04-19 03:53 - 2013-11-26 06:22 - 00001077 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-18 10:37 - 2014-01-27 17:54 - 00003618 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2449499492-303717644-1581424519-1002
2015-04-18 10:37 - 2013-11-14 14:56 - 00001426 _____ () C:\Users\Raphael\Desktop\GoToMeeting.lnk
2015-04-18 10:22 - 2014-02-27 18:01 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\VSee
2015-04-18 06:51 - 2013-11-12 00:16 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-17 12:46 - 2014-10-31 07:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-17 12:46 - 2013-12-26 17:21 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 23:22 - 2013-11-17 11:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-16 23:08 - 2015-03-07 04:44 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-16 11:18 - 2015-03-24 13:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-04-16 04:58 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2015-04-15 06:04 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 04:54 - 2014-12-10 04:57 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 04:54 - 2014-05-01 03:01 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 03:44 - 2013-11-12 01:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 03:41 - 2013-11-12 00:29 - 00763344 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-15 03:32 - 2013-11-14 12:17 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 03:15 - 2013-11-14 12:17 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 03:14 - 2009-07-13 19:34 - 00000478 _____ () C:\windows\win.ini
2015-04-15 00:20 - 2014-03-13 03:23 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 14:56 - 2013-11-17 11:12 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 14:56 - 2013-11-17 11:12 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 14:56 - 2013-11-17 11:12 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-07 10:51 - 2013-11-12 00:40 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2015-04-07 10:49 - 2013-11-12 00:40 - 00000000 ____D () C:\windows\Downloaded Installations
2015-04-07 10:46 - 2011-12-08 13:42 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-31 21:21 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-29 05:59 - 2009-07-13 22:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
 
==================== Files in the root of some directories =======
 
2014-02-05 16:38 - 2014-02-06 01:41 - 0000000 _____ () C:\Users\Raphael\AppData\Roaming\bibstats
2014-02-05 09:37 - 2014-09-12 10:19 - 0000260 _____ () C:\Users\Raphael\AppData\Roaming\rftg
2014-09-09 15:13 - 2014-09-09 15:13 - 0007596 _____ () C:\Users\Raphael\AppData\Local\Resmon.ResmonCfg
2013-11-14 12:28 - 2013-11-14 12:28 - 0035678 _____ () C:\Users\Raphael\AppData\Local\WiDiSetupLog.20131114.112851.wdl
2013-11-14 12:42 - 2013-11-14 12:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe
 
 
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-24 21:15
 
==================== End Of Log ============================
'Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
Ran by Raphael at 2015-04-28 15:22:49
Running from C:\Users\Raphael\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2449499492-303717644-1581424519-500 - Administrator - Disabled)
Guest (S-1-5-21-2449499492-303717644-1581424519-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2449499492-303717644-1581424519-1003 - Limited - Enabled)
Raphael (S-1-5-21-2449499492-303717644-1581424519-1002 - Administrator - Enabled) => C:\Users\Raphael
UpdatusUser (S-1-5-21-2449499492-303717644-1581424519-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat X Standard (HKLM-x32\...\{AC76BA86-1033-0000-BA7E-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
Business-in-a-Box (HKLM-x32\...\Business-in-a-Box) (Version: 5.1.0 - Biztree Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - )
Canon MX880 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series) (Version: - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.2 - Canon Inc.)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.385 - Corel Inc.)
CrashPlan (HKLM\...\{FCE35118-DD2F-4DB8-A5B6-D857F95669E0}) (Version: 3.5.3 - CrashPlan)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
DisplayLink Core Software (HKLM\...\{C3BC4C2C-39C1-44E1-B4B7-6AAA22D469EE}) (Version: 6.1.35392.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
f.lux (HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Flux) (Version: - )
Google Apps Migration For Microsoft Outlook® 3.3.25.50 (HKLM-x32\...\{3EA2D629-5AEA-4503-9681-1A3520E564FA}) (Version: 3.3.25.50 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.395.1040 (HKLM-x32\...\{6394F7C6-207E-466B-AFE3-672C81269D97}) (Version: 3.7.395.1040 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
Graboid Video (HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Graboid Video 5.0.0.0) (Version: 5.0.0.0 - Graboid Inc.)
Graboid Video (x32 Version: 5.0.0.0 - Graboid Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{828af006-cb5e-4d60-957a-523098a1b0f8}) (Version: 16.1.3 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.0.1 - iolo technologies, LLC)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Graphics Software (HKLM\...\{BC7CE075-0A45-4DC0-A973-67626CF41144}) (Version: 6.1.35401.0 - Lenovo)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (HKLM\...\{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}) (Version: 3.1.0005.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0012.00 - Lenovo Group Limited)
Mail Attachment Downloader Free v2.4 (HKLM-x32\...\{3E6D04EA-7A23-475C-85AD-E175D0A6EB74}) (Version: 2.40.0800 - GearMage)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM\...\{AD130AB4-E88C-48F4-8353-B7395A4A82D1}) (Version: 3.2.0003.00 - Lenovo Group Limited)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 345.20 - NVIDIA Corporation)
NVIDIA Graphics Driver 345.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.20 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA nView 141.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.33 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.51.01 - )
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.63.1 - Lenovo Group Limited)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Race for the Galaxy version 0.8.1 (HKLM-x32\...\{C067C316-4036-4E97-B013-21DCBE649F81}_is1) (Version: 0.8.1 - Keldon Jones)
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.20 - Lenovo)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo)
ReadCube (HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\ReadCube) (Version: - Labtiva, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6914 - Realtek Semiconductor Corp.)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
ResScan (HKLM-x32\...\{77FFBDB9-B919-4738-923A-E7B63794E71A}) (Version: 4.3 - ResMed Ltd)
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.206 - McAfee, Inc.)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SpyHunter (HKLM\...\{E34DC109-5AEB-4605-8763-BE0F29743631}) (Version: 4.16.5.4290 - Enigma Software Group USA, LLC)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.51.86909 - SugarSync, Inc.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2330 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.13 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.10 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.09 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.6.0 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.11 - VeriSign)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSee (HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\VSee) (Version: 15.0.0.313 - VSee Lab Inc)
Windows Driver Package - Intel (e1cexpress) Net (01/11/2012 11.15.16.0) (HKLM\...\EC2A0F2B229770EC589265FCF2B4839A0C221993) (Version: 01/11/2012 11.15.16.0 - Intel)
Windows Driver Package - Intel System (01/11/2012 9.3.0.1020) (HKLM\...\09839A9B5EDA69DA2DCC34637B5140AAF8A53B44) (Version: 01/11/2012 9.3.0.1020 - Intel)
Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\9D7CD466F7FC8B18FF1B84943B7BB8648D17FCE8) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows Driver Package - Intel System (08/26/2011 9.3.0.1011) (HKLM\...\D8EF6CACF49BD33CC1FACD124C8CC2B1A8E8AE35) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows Driver Package - Intel USB (08/26/2011 9.3.0.1011) (HKLM\...\97EE1802A0385A37DE6323FA39EC76BEB2D73E41) (Version: 08/26/2011 9.3.0.1011 - Intel)
Windows Driver Package - Lenovo 1.65.04.00 (01/11/2012 1.65.04.00) (HKLM\...\789DF697FC48238DE07F6917CCE1C7DBEBAD3096) (Version: 01/11/2012 1.65.04.00 - Lenovo)
Windows Driver Package - Synaptics (SynTP) Mouse (02/09/2012 15.3.45.0) (HKLM\...\8926A51887C9CEEAB7E0720A1C9BEC5B3A8A2F05) (Version: 02/09/2012 15.3.45.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2449499492-303717644-1581424519-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2449499492-303717644-1581424519-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Raphael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2449499492-303717644-1581424519-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Raphael\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

15-04-2015 03:04:06 Windows Update
16-04-2015 03:00:12 Windows Update
23-04-2015 15:36:07 Removed Java 8 Update 45 (64-bit)
23-04-2015 15:39:50 Removed Java 8 Update 45 (64-bit)
23-04-2015 15:43:54 Installed Java 7 Update 55 (64-bit)
25-04-2015 12:28:16 iolo Designated Drivers Pre-Update Restore Point (21A424)
25-04-2015 12:28:59 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {009726F4-BC89-43CF-A14A-6DDC86ACC0B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0BD2C821-ABAB-44D9-8D2E-AFB14AB1D1F3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {12F66E0A-686A-421D-881B-2E6744F027CD} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2013-09-03] (Lenovo Group Limited)
Task: {1A03CB24-6C9A-4CAA-AF8D-E7C76B8931EF} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {2BA2F8C7-AB3B-4977-B273-84A3F4BA9801} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {2C1E47BF-D571-49D3-9876-BDD7D2C2AC8C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {33D4C3B1-06C3-4A13-98DE-11E7262165C1} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {3EA00045-B4DE-4686-B353-F0E49266E710} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {42ABBF79-D558-4294-A7AA-FCF7BDC37ED7} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe [2013-10-18] (Enigma Software Group USA, LLC.)
Task: {589C2F01-29EA-480D-9256-910C6518381F} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-26] (Synaptics Incorporated)
Task: {5F5F39CB-6006-4BB8-ACB8-E356F37228C0} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {6505A20F-31DB-47ED-B1FC-D3BC387B3E2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {6547F847-3977-4DC7-AD32-DE7CEB8E95FC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002UA => C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
Task: {682800EA-2324-4C5F-AA6F-F2D9F2C21B5E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2449499492-303717644-1581424519-1002 => C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {6C355C26-652D-4070-826C-7F8169D52568} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-25] (Lenovo)
Task: {7C6F1B8E-9369-4E81-B408-8C4A618EFA67} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {7C8C2419-F6C6-4640-88B3-151C3DB77708} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {8564BE37-1D8D-4AC0-8F43-07FAFDB9758F} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {87DFB8BE-AC6D-42CA-8688-E14EFE1224EC} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2014-08-13] (iolo technologies, LLC)
Task: {891785D0-5244-4F0B-9D7C-4661C2F52D5E} - System32\Tasks\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-03-09] ()
Task: {895DF03D-01B4-4CE4-9EC1-1AD7B4C48F27} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002Core => C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-13] (Google Inc.)
Task: {93282E57-3302-4375-841E-D40F57C3C2FF} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-03-09] (Lenovo)
Task: {A25A3DB3-512C-4BC3-8805-5ECB8D6B7055} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-13] (Google Inc.)
Task: {A319CE72-D063-4B4A-8E68-2EA7B44AD3C3} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2015-03-09] (Lenovo)
Task: {BA46DC74-B8E5-4E1B-9137-E23E311D3D52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-13] (Google Inc.)
Task: {C45CD4BD-6590-401D-BF1F-A6460290BE8E} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {CFD16DDB-5E75-4714-93F4-BE0ADD87772D} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for RAPHAEL-GENEKEY.Raphael => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-03-23] (Lenovo)
Task: {DFADAA28-19A6-4055-9B46-39C2B75EEFF2} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()
Task: {ED8A65F8-54C1-4D7B-8F18-C107D1D85D28} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-03-09] (Lenovo)
Task: {F24BB9EA-EF9C-4CE3-9CE7-262707DF0F93} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\WiFi\bin\CCDashServer.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2449499492-303717644-1581424519-1002.job => C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002Core.job => C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002UA.job => C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-11-12 00:36 - 2015-02-25 11:32 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2010-01-22 12:02 - 2010-01-22 12:02 - 00027648 _____ () C:\windows\System32\sdf2ml6.dll
2010-01-20 08:49 - 2010-01-20 08:49 - 00027648 _____ () C:\windows\System32\sdo2ml6.dll
2013-01-16 10:13 - 2013-01-16 10:13 - 01286144 _____ () C:\windows\system32\spool\DRIVERS\x64\3\sdf2mdu.dll
2013-04-08 16:35 - 2013-04-08 16:35 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll
2015-01-13 14:47 - 2015-01-13 14:47 - 00230400 _____ () C:\Program Files\CrashPlan\cpnative64.dll
2013-11-12 00:36 - 2015-02-04 13:29 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-12 00:39 - 2013-09-03 07:03 - 00104448 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2013-11-12 00:35 - 2012-01-31 19:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-04-15 00:20 - 2015-04-13 14:48 - 01633608 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 00:20 - 2015-04-13 14:48 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-15 00:20 - 2015-04-13 14:48 - 26783560 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll
2013-11-12 00:44 - 2012-01-16 23:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2013-11-12 00:40 - 2011-08-02 21:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-11-12 00:40 - 2011-08-02 21:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-08-20 18:02 - 2013-08-20 18:02 - 00092456 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll
2015-02-25 11:32 - 2015-02-25 11:32 - 00010952 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-11-04 00:59 - 2015-03-20 08:06 - 00769024 _____ () C:\Users\Raphael\AppData\Roaming\VSeeInstall\libGLESv2.dll
2014-02-27 18:01 - 2015-03-20 08:06 - 00278528 _____ () C:\Users\Raphael\AppData\Roaming\VSeeInstall\vseeCryptoppEnc.DLL
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-12-03 11:06 - 2014-12-03 11:06 - 02897304 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-12-03 11:07 - 2014-12-03 11:07 - 00305544 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2449499492-303717644-1581424519-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Raphael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8053C96B-9C80-49E8-A647-436EC9166341}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{4880AB60-A25A-4E3B-BAE1-A713C724378F}] => (Allow) C:\Program Files\Intel\WiFi\bin\CCDash.exe
FirewallRules: [{561BF81A-8717-452F-A375-7037938779D8}] => (Allow) C:\Program Files\Intel\WiFi\bin\CCDash.exe
FirewallRules: [{828558C8-2AAB-4AE8-AEAE-DC76FE120B41}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{CBD2A0B3-A18D-46B9-93AC-934B02E90410}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{671FAA7D-E90F-4F04-B61C-71B732C6B03F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F18916F3-0F81-45F5-B3EE-D737ED80B60A}] => (Allow) LPort=2869
FirewallRules: [{FE24F00D-EF3E-4B99-8F17-DEDAFE5CC467}] => (Allow) LPort=1900
FirewallRules: [{D11B6B3F-B2E5-4E74-881A-EBCD167ED273}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{51D2C14A-2CC3-4C5F-8B0D-1F9A8567BFFB}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{E8EAA8FF-5089-4185-9A57-EE3DB72D5545}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{04CC2E21-C335-43E7-8FAD-04EA4F3B89FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{EA9625E2-E17B-4F74-88CD-3C8278BE22FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
FirewallRules: [{272E5354-0B47-40CE-952F-DF6C83FEDEB1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office14\outlook.exe
FirewallRules: [{02F98168-F5D9-4149-8AF9-F53334D3BCCC}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe
FirewallRules: [{7D56A8AC-F660-4DA4-BCCF-98A3E61B1A80}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe
FirewallRules: [{5C7C6E81-5761-4FB6-A8EF-3574CBC8F878}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A168AAA2-2FE0-4249-A710-6C03BDEEF5B0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{142902BE-61C6-468B-9409-ACA165A3675E}C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe] => (Block) C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{F9A402A1-337D-4D6E-88B0-1DC47979309C}C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe] => (Block) C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [{BBB44F05-447D-4590-98C9-237600195C3F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{EEEE0040-86B4-4CBB-A652-61BA19250561}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F33B608F-CF9F-476C-BDE0-777779A58615}] => (Allow) C:\Users\Raphael\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{770B821D-ABC0-449C-8A9A-7975176AA09E}] => (Allow) C:\Users\Raphael\AppData\Roaming\McAfee\Supportability\MVTLogs\ProductDetection64.exe
FirewallRules: [{F69918D7-2394-4B06-AD03-C4B47EEE1230}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{2DAA2A55-5709-4B95-A619-899691F5A0E3}C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [UDP Query User{24BA999B-33D8-4B0E-984F-0376B50BC49C}C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe] => (Allow) C:\users\raphael\appdata\roaming\vseeinstall\vsee.exe
FirewallRules: [{BCED84C1-EB6A-48C9-B615-EEBE3CB2D550}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3303BEC7-131B-4D3A-A167-E06B222535BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BD4477F-84DE-4B45-9460-099E4198F544}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F29B7CD2-4DD7-40EB-9C91-9F2E2E9B738E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2015 03:43:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: javaw.exe, version: 7.0.550.13, time stamp: 0x5327b4de
Faulting module name: deploy.dll, version: 10.55.2.13, time stamp: 0x5327be42
Exception code: 0xc0000409
Fault offset: 0x00000000000337f6
Faulting process id: 0x4e28
Faulting application start time: 0xjavaw.exe0
Faulting application path: javaw.exe1
Faulting module path: javaw.exe2
Report Id: javaw.exe3

Error: (04/24/2015 09:11:40 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000002E2980).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (04/16/2015 07:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPONSCR.EXE, version: 8.0.7.0, time stamp: 0x54af46a5
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc000000d
Fault offset: 0x00098781
Faulting process id: 0x172c
Faulting application start time: 0xTPONSCR.EXE0
Faulting application path: TPONSCR.EXE1
Faulting module path: TPONSCR.EXE2
Report Id: TPONSCR.EXE3

Error: (04/16/2015 04:51:10 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000039C3E0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (04/16/2015 04:51:00 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{3f8a05da-3f28-4030-b742-ca6c1a8ea74f} - 0000000000000124,0x0053c008,00000000003FC7C0,0,00000000003FD7D0,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (04/10/2015 09:55:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvvsvc.exe, version: 8.17.13.1269, time stamp: 0x526f0399
Faulting module name: NVSVC64.DLL, version: 8.17.13.1269, time stamp: 0x526f0024
Exception code: 0xc0000005
Fault offset: 0x00000000000a5f5c
Faulting process id: 0x9b4
Faulting application start time: 0xnvvsvc.exe0
Faulting application path: nvvsvc.exe1
Faulting module path: nvvsvc.exe2
Report Id: nvvsvc.exe3

Error: (04/10/2015 04:56:49 AM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook failed to start correctly last time. Starting Outlook in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Outlook in safe mode?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (04/09/2015 03:25:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SpyHunter4.exe version 4.16.5.4290 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 153c

Start Time: 01d072c53b0e41ad

Termination Time: 983

Application Path: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe

Report Id: 497ca555-df07-11e4-9159-3c970e28e105

Error: (04/07/2015 10:49:43 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003EACB0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (04/07/2015 10:49:43 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003EACB0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


System errors:
=============
Error: (04/28/2015 05:01:13 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:11 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:10 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:08 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:07 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:06 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:05 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:03 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:02 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.

Error: (04/28/2015 05:01:01 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume Windows7_OS.


Microsoft Office Sessions:
=========================
Error: (04/24/2015 03:43:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: javaw.exe7.0.550.135327b4dedeploy.dll10.55.2.135327be42c000040900000000000337f64e2801d07ee018696f6eC:\Program Files\Java\jre7\bin\javaw.exeC:\Program Files\Java\jre7\bin\deploy.dll575397ad-ead3-11e4-b69d-3c970e28e105

Error: (04/24/2015 09:11:40 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000002E2980)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (04/16/2015 07:48:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TPONSCR.EXE8.0.7.054af46a5ntdll.dll6.1.7601.187985507b3e0c000000d00098781172c01d078628fda5decC:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXEC:\windows\SysWOW64\ntdll.dll2b2aca74-e4ac-11e4-a315-3c970e28e105

Error: (04/16/2015 04:51:10 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000000039C3E0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (04/16/2015 04:51:00 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{3f8a05da-3f28-4030-b742-ca6c1a8ea74f} - 0000000000000124,0x0053c008,00000000003FC7C0,0,00000000003FD7D0,4096,[0])0x80070079, The semaphore timeout period has expired.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (04/10/2015 09:55:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvvsvc.exe8.17.13.1269526f0399NVSVC64.DLL8.17.13.1269526f0024c000000500000000000a5f5c9b401d073145e762a16C:\windows\system32\nvvsvc.exeC:\windows\system32\NVSVC64.DLL735fb1dd-dfa2-11e4-866d-3c970e28e105

Error: (04/10/2015 04:56:49 AM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook failed to start correctly last time. Starting Outlook in safe mode will help you correct or isolate a startup problem in order to successfully start the program. Some functionality may be disabled in this mode.

Do you want to start Outlook in safe mode?

Error: (04/09/2015 03:25:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SpyHunter4.exe4.16.5.4290153c01d072c53b0e41ad983C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe497ca555-df07-11e4-9159-3c970e28e105

Error: (04/07/2015 10:49:43 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003EACB0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (04/07/2015 10:49:43 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003EACB0)

Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


CodeIntegrity Errors:
===================================
Date: 2015-04-24 09:05:28.280
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-17 12:47:20.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-15 21:20:30.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-15 21:00:49.168
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-15 21:00:38.903
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-15 18:12:14.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-07 19:00:50.911
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-07 19:00:49.706
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-07 19:00:48.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-04-07 19:00:46.931
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 8010.86 MB
Available physical RAM: 1905.02 MB
Total Pagefile: 16019.92 MB
Available Pagefile: 8206.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:917.62 GB) (Free:478.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:13.67 GB) (Free:1.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 8C8287AC)
Partition 1: (Not Active) - (Size=6.9 GB) - (Type=73)
Partition 2: (Not Active) - (Size=8 GB) - (Type=84)

==================== End Of Log ============================

Attached Files


Edited by Oh My!, 06 May 2015 - 10:19 AM.


BC AdBot (Login to Remove)

 


#2 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 03 May 2015 - 02:45 PM

Hi,

 

I just wanted to check in to see if my post was somehow missed or overlooked - it looks like most people through 4/29 have been receiving help.  I'm not writing to whine, but rather, if this is something that you can't help with, it would be great to know so I can try a different path forward.

 

Thanks very much!

 

Raphael



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:00 PM

Posted 03 May 2015 - 08:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/574689 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 04 May 2015 - 12:52 PM

Here is the updated log.  I can't seem to find an attachment button on this reply screen, so this is just the main log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Raphael (administrator) on RAPHAEL-GENEKEY on 04-05-2015 10:42:56
Running from C:\Users\Raphael\Downloads
Loaded Profiles: Raphael (Available profiles: UpdatusUser & Raphael)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(CrashPlan) C:\Program Files\CrashPlan\CrashPlanService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mstart.exe
(VSee Lab, Inc.) C:\Users\Raphael\AppData\Roaming\VSeeInstall\vsee.exe
(Flux Software LLC) C:\Users\Raphael\AppData\Local\FluxSoftware\Flux\flux.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mcomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mlauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Labtiva Inc.) C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe
(Labtiva Inc.) C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPUIManager.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcchhost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [TpShocks] => C:\windows\system32\TpShocks.exe [384296 2013-08-21] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295720 2013-10-15] (Lenovo Group Limited)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2015-02-25] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-28] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-16] (Lenovo)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [GoToMeeting] => C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mstart.exe [44400 2015-04-18] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [VSee] => C:\Users\Raphael\AppData\Roaming\VSeeInstall\vsee.exe [22031928 2015-04-29] (VSee Lab, Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [f.lux] => C:\Users\Raphael\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [Google Update] => C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-13] (Google Inc.)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [ReadCube] => C:\Users\Raphael\AppData\Local\com.readcube.Desktop\application\ReadCube.exe [150800 2013-11-17] ()
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\...\MountPoints2: {c7ae1dd9-0323-42e7-8e9a-e2ae160f41f1} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2015-02-25] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2015-02-25] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-12]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk [2013-11-12]
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-02-28] (SugarSync, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-2449499492-303717644-1581424519-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> DefaultScope {73259C70-5591-4736-A864-BAE4E8A61A12} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US667D20150307&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> {73259C70-5591-4736-A864-BAE4E8A61A12} URL = https://search.yahoo.com/search?fr=mcafee&type=B011US667D20150307&p={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-10] (Symantec Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-10] (Symantec Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-03-11] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Raphael\AppData\Roaming\Mozilla\Firefox\Profiles\8xmjsvr9.default
FF DefaultSearchEngine: Secure Search
FF DefaultSearchEngine.US: Secure Search
FF SearchEngineOrder.1: Secure Search
FF SelectedSearchEngine: Secure Search
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-05] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-05] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Raphael\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Raphael\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @talk.google.com/O1DPlugin -> C:\Users\Raphael\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Raphael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Raphael\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-2449499492-303717644-1581424519-1002: vsee.com/VSeeDetection -> C:\Users\Raphael\AppData\Roaming\VSeeInstall\npVSeeDetection.dll [2014-02-27] (VSee Lab)
FF Plugin ProgramFiles/Appdata: C:\Users\Raphael\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Raphael\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-28]
FF Extension: Greasemonkey - C:\Users\Raphael\AppData\Roaming\Mozilla\Firefox\Profiles\8xmjsvr9.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-28]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2013-11-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-03-07]
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-03-07]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfpecihdjjdaocoeacnmdlcfnahpilc [2015-04-30]
CHR Extension: (SiteAdvisor) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-03-08]
CHR Extension: (Bookmark Manager) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Goko Dominion Salvager) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaignighoceeemhinbbophdeogpnedjn [2015-01-04]
CHR Extension: (Hangouts) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2014-11-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Webcam Toy) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-11-05]
CHR Extension: (Google Wallet) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-22]
CHR Extension: (SpeakIt!) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-08-26]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-04-21]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [222720 2013-04-08] (CrashPlan) [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8447848 2011-11-09] (DisplayLink Corp.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-16] (Lenovo)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-08-12] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197928 2013-10-15] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (Lenovo)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-04-10] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-02] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2013-10-18] (Enigma Software Group USA, LLC.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [File not signed]
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-10] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-02] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2012-02-14] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R1 ElRawDisk; C:\windows\system32\drivers\ElRawDsk.sys [30752 2013-09-15] (EldoS Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-16] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-02] (Intel Corporation)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299664 2015-02-25] (NVIDIA Corporation)
R1 RawDisk3; C:\windows\system32\drivers\rawdsk3.sys [32912 2014-07-13] (EldoS Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-09-26] (Synaptics Incorporated)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 SPUVCbv; System32\Drivers\SPUVCbv_x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-04 10:40 - 2015-05-04 10:40 - 00000000 ____D () C:\Users\Raphael\Downloads\FRST-OlderVersion
2015-04-30 17:44 - 2015-05-04 05:56 - 00001248 _____ () C:\windows\setupact.log
2015-04-30 17:44 - 2015-04-30 17:44 - 00000000 _____ () C:\windows\setuperr.log
2015-04-30 17:43 - 2015-04-30 17:43 - 00000376 _____ () C:\windows\PFRO.log
2015-04-30 17:38 - 2015-04-30 17:38 - 02224640 _____ () C:\Users\Raphael\Downloads\adwcleaner_4.203 (1).exe
2015-04-30 17:28 - 2015-04-30 17:47 - 00000000 ____D () C:\AdwCleaner
2015-04-30 17:28 - 2015-04-30 17:28 - 02224640 _____ () C:\Users\Raphael\Downloads\adwcleaner_4.203.exe
2015-04-30 17:09 - 2015-04-30 17:09 - 00002808 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-04-30 17:09 - 2015-04-30 17:09 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-30 17:09 - 2015-04-30 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-04-30 17:09 - 2015-04-30 17:09 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-30 16:57 - 2015-04-30 16:57 - 06484352 _____ (Piriform Ltd) C:\Users\Raphael\Downloads\ccsetup505.exe
2015-04-30 15:32 - 2015-04-30 16:32 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-30 15:31 - 2015-04-30 15:31 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-30 15:31 - 2015-04-30 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-30 15:31 - 2015-04-30 15:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-30 15:31 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-30 15:31 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-30 15:31 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-30 15:29 - 2015-04-30 15:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Raphael\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-29 21:32 - 2015-04-29 21:32 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (47).jnlp
2015-04-29 17:46 - 2015-04-29 17:46 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (46).jnlp
2015-04-28 16:59 - 2015-04-28 16:59 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (45).jnlp
2015-04-28 16:21 - 2015-04-28 16:21 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (44).jnlp
2015-04-28 15:22 - 2015-04-28 15:32 - 00048346 _____ () C:\Users\Raphael\Downloads\Addition.txt
2015-04-28 15:21 - 2015-05-04 10:44 - 00034115 _____ () C:\Users\Raphael\Downloads\FRST.txt
2015-04-28 15:20 - 2015-05-04 10:43 - 00000000 ____D () C:\FRST
2015-04-28 15:18 - 2015-05-04 10:40 - 02101248 _____ (Farbar) C:\Users\Raphael\Downloads\FRST64.exe
2015-04-26 15:04 - 2015-04-26 15:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-25 13:36 - 2015-04-25 13:36 - 00000000 ____D () C:\windows\SysWOW64\NV
2015-04-25 13:36 - 2015-04-25 13:36 - 00000000 ____D () C:\windows\system32\NV
2015-04-25 12:38 - 2015-04-25 12:38 - 00000000 ____D () C:\Users\Raphael\AppData\Local\NVIDIA
2015-04-25 12:33 - 2015-02-04 11:48 - 00617288 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvStreaming.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00313256 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00189352 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00189352 _____ (Oracle Corporation) C:\windows\system32\java.exe
2015-04-23 15:44 - 2015-04-23 15:44 - 00108968 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
2015-04-23 15:44 - 2015-04-23 15:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-23 15:41 - 2015-04-23 15:43 - 30818216 _____ (Oracle Corporation) C:\Users\Raphael\Downloads\jre-7u55-windows-x64 (2).exe
2015-04-23 13:51 - 2015-04-23 13:54 - 43159464 _____ (Oracle Corporation) C:\Users\Raphael\Downloads\jre-8u45-windows-x64.exe
2015-04-21 20:23 - 2015-04-21 20:23 - 00000000 ____D () C:\Users\Raphael\AppData\Local\{50E1B8BB-5819-46E7-8AB5-E0D9867385AB}
2015-04-21 17:18 - 2015-04-21 17:18 - 04088365 _____ () C:\Users\Raphael\Downloads\p53_Handbook_2.0.pdf.zip
2015-04-21 17:16 - 2015-04-21 17:16 - 02413040 _____ () C:\Users\Raphael\Downloads\Edlund_et_al.zip
2015-04-21 17:11 - 2015-04-21 17:11 - 00071082 _____ () C:\Users\Raphael\Downloads\cleaned TT-101 nonsynonymous coding variations.xlsx
2015-04-21 16:49 - 2015-04-21 16:49 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (43).jnlp
2015-04-21 11:00 - 2015-04-21 11:00 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (42).jnlp
2015-04-19 15:43 - 2015-04-19 15:43 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (41).jnlp
2015-04-19 10:47 - 2015-04-19 10:47 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (40).jnlp
2015-04-18 18:33 - 2015-04-18 18:33 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (39).jnlp
2015-04-18 18:13 - 2015-04-18 18:14 - 12483827 _____ () C:\Users\Raphael\Downloads\UMDTP53_curated_2012_R1_US.xlsx.zip
2015-04-18 18:03 - 2015-04-18 18:03 - 00539294 _____ () C:\Users\Raphael\Downloads\TT-101 VEF export - nonsynonymous coding variants (1).vcf
2015-04-18 18:01 - 2015-04-18 18:01 - 00539294 _____ () C:\Users\Raphael\Downloads\TT-101 VEF export - nonsynonymous coding variants.vcf
2015-04-18 17:55 - 2015-04-18 17:56 - 04088365 _____ () C:\Users\Raphael\Downloads\p53_Hanbook_2.0.pdf.zip
2015-04-17 20:30 - 2015-04-23 15:14 - 01918535 _____ () C:\Users\Raphael\Downloads\TT-101v2 validation tool.xlsx
2015-04-17 16:30 - 2015-04-17 16:30 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (38).jnlp
2015-04-17 12:46 - 2015-04-17 12:46 - 00000000 ____D () C:\Users\Raphael\Tracing
2015-04-16 23:20 - 2015-04-16 23:20 - 01265141 _____ () C:\Users\Raphael\Documents\croco.pptx
2015-04-16 23:09 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2015-04-15 16:43 - 2015-04-15 16:43 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (37).jnlp
2015-04-14 12:15 - 2015-04-01 17:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-14 12:15 - 2015-04-01 16:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-14 12:15 - 2015-03-24 20:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-14 12:15 - 2015-03-24 20:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-14 12:15 - 2015-03-24 20:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-14 12:15 - 2015-03-24 20:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-14 12:15 - 2015-03-24 20:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-14 12:15 - 2015-03-24 20:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-14 12:15 - 2015-03-22 20:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-14 12:15 - 2015-03-22 20:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-14 12:15 - 2015-03-22 20:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-14 12:15 - 2015-03-22 20:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-14 12:15 - 2015-03-16 22:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-14 12:15 - 2015-03-16 22:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-14 12:15 - 2015-03-16 22:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-14 12:15 - 2015-03-16 22:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-14 12:15 - 2015-03-16 22:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-14 12:15 - 2015-03-16 22:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-14 12:15 - 2015-03-16 22:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-14 12:15 - 2015-03-16 22:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-14 12:15 - 2015-03-16 22:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-14 12:15 - 2015-03-16 22:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-14 12:15 - 2015-03-16 22:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-14 12:15 - 2015-03-16 22:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-14 12:15 - 2015-03-16 22:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-14 12:15 - 2015-03-16 22:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-14 12:15 - 2015-03-16 22:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 22:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-14 12:15 - 2015-03-16 22:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-14 12:15 - 2015-03-16 21:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-14 12:15 - 2015-03-16 21:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-14 12:15 - 2015-03-16 21:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-14 12:15 - 2015-03-16 21:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-14 12:15 - 2015-03-16 21:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-14 12:15 - 2015-03-16 21:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-14 12:15 - 2015-03-16 21:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 21:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-14 12:15 - 2015-03-16 20:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-14 12:15 - 2015-03-16 20:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 12:15 - 2015-03-16 20:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 12:15 - 2015-03-12 21:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-14 12:15 - 2015-03-12 21:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-14 12:15 - 2015-03-12 21:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-14 12:15 - 2015-03-12 21:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-14 12:15 - 2015-03-12 21:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-14 12:15 - 2015-03-12 21:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-14 12:15 - 2015-03-12 21:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-14 12:15 - 2015-03-12 21:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-14 12:15 - 2015-03-12 21:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-14 12:15 - 2015-03-12 21:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-14 12:15 - 2015-03-12 20:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-14 12:15 - 2015-03-12 20:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-14 12:15 - 2015-03-12 20:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-14 12:15 - 2015-03-12 20:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-14 12:15 - 2015-03-12 20:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-14 12:15 - 2015-03-12 20:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-14 12:15 - 2015-03-12 20:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-14 12:15 - 2015-03-12 20:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-14 12:15 - 2015-03-12 20:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-14 12:15 - 2015-03-12 20:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-14 12:15 - 2015-03-12 20:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 12:15 - 2015-03-12 20:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-14 12:15 - 2015-03-12 20:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-14 12:15 - 2015-03-12 20:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-14 12:15 - 2015-03-12 20:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-14 12:15 - 2015-03-12 20:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-14 12:15 - 2015-03-12 20:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-14 12:15 - 2015-03-12 20:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-14 12:15 - 2015-03-12 20:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-14 12:15 - 2015-03-12 20:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-14 12:15 - 2015-03-12 20:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-14 12:15 - 2015-03-12 20:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-14 12:15 - 2015-03-12 20:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-14 12:15 - 2015-03-12 20:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-14 12:15 - 2015-03-12 20:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-14 12:15 - 2015-03-12 20:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-14 12:15 - 2015-03-12 20:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-14 12:15 - 2015-03-12 20:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-14 12:15 - 2015-03-12 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-14 12:15 - 2015-03-12 20:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-14 12:15 - 2015-03-12 20:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 12:15 - 2015-03-12 20:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-14 12:15 - 2015-03-12 19:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-14 12:15 - 2015-03-12 19:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-14 12:15 - 2015-03-12 19:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-14 12:15 - 2015-03-12 19:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-14 12:15 - 2015-03-12 19:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-14 12:15 - 2015-03-12 19:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-14 12:15 - 2015-03-12 19:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-14 12:15 - 2015-03-12 19:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-14 12:15 - 2015-03-12 19:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-14 12:15 - 2015-03-12 19:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-14 12:15 - 2015-03-12 19:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-14 12:15 - 2015-03-12 19:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-14 12:15 - 2015-03-12 19:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-14 12:15 - 2015-03-12 19:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-14 12:15 - 2015-03-09 20:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-14 12:15 - 2015-03-09 20:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-14 12:15 - 2015-03-09 20:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-14 12:15 - 2015-03-09 20:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-14 12:15 - 2015-03-04 22:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-14 12:15 - 2015-03-04 21:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-14 12:15 - 2015-02-24 20:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-14 12:12 - 2015-03-03 21:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-14 12:12 - 2015-03-03 21:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-14 12:12 - 2015-03-03 21:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-13 15:03 - 2015-04-13 15:04 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (36).jnlp
2015-04-08 14:40 - 2015-04-08 14:40 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (35).jnlp
2015-04-08 12:43 - 2015-04-08 12:43 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (34).jnlp
2015-04-08 12:39 - 2015-04-08 12:39 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (33).jnlp
2015-04-07 18:34 - 2015-04-07 18:34 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (32).jnlp
2015-04-07 15:28 - 2015-04-07 15:28 - 00003345 _____ () C:\Users\Raphael\Downloads\Flight_616_0530PM_11Apr2015.ics
2015-04-07 15:12 - 2015-04-07 15:12 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (31).jnlp
2015-04-07 10:51 - 2015-04-07 10:51 - 00002002 _____ () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2015-04-06 21:28 - 2015-04-06 21:28 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (30).jnlp
2015-04-06 16:00 - 2015-04-06 16:00 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (29).jnlp
2015-04-06 13:58 - 2015-04-06 13:58 - 07983616 _____ () C:\Users\Raphael\Downloads\10.1016-j.cell.2011.03.035Figure.ppt
2015-04-06 13:25 - 2015-04-06 13:26 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (28).jnlp
2015-04-06 13:22 - 2015-04-06 13:22 - 00002856 _____ () C:\Users\Raphael\Downloads\IpaApplication (27).jnlp
2015-04-05 00:00 - 2015-04-05 00:01 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-05 00:00 - 2015-04-05 00:00 - 00000000 ___SD () C:\windows\SysWOW64\GWX
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-05-04 10:40 - 2013-11-12 03:39 - 00000000 ____D () C:\Users\Raphael\Documents\Outlook Files
2015-05-04 09:56 - 2014-05-13 15:28 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002UA.job
2015-05-04 09:55 - 2013-11-17 11:12 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-04 09:53 - 2014-01-27 17:54 - 00000574 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2449499492-303717644-1581424519-1002.job
2015-05-04 09:10 - 2013-11-12 00:29 - 01631132 _____ () C:\windows\WindowsUpdate.log
2015-05-04 03:11 - 2013-11-12 12:06 - 00000072 _____ () C:\Users\Public\LMDebug.log
2015-05-04 00:44 - 2013-11-13 16:50 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-03 21:56 - 2014-05-13 15:28 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2449499492-303717644-1581424519-1002Core.job
2015-05-03 11:45 - 2013-11-26 06:24 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\vlc
2015-05-02 23:41 - 2009-07-13 21:45 - 00034432 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-02 23:41 - 2009-07-13 21:45 - 00034432 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-02 17:17 - 2013-12-21 10:15 - 00000000 ____D () C:\Users\Raphael\AppData\Local\pyGraboid
2015-05-02 01:41 - 2014-02-27 18:01 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\VSee
2015-04-30 18:00 - 2009-07-13 22:13 - 00786622 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-30 17:44 - 2013-11-12 00:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-30 17:44 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-30 17:43 - 2013-11-17 11:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-30 17:14 - 2011-02-24 10:03 - 00000000 ____D () C:\windows\Panther
2015-04-30 15:31 - 2013-11-21 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-30 14:13 - 2014-03-13 03:23 - 00002194 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 19:21 - 2014-06-02 15:20 - 00000000 ____D () C:\Users\Raphael\Documents\ReadCube Media
2015-04-26 15:13 - 2013-11-12 03:53 - 00000000 ____D () C:\Program Files\CrashPlan
2015-04-25 12:37 - 2013-11-12 00:36 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-25 12:37 - 2013-11-12 00:36 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-25 12:37 - 2013-11-12 00:36 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-25 12:37 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\Help
2015-04-25 12:21 - 2014-09-18 10:25 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\LSC
2015-04-25 11:19 - 2013-11-28 17:23 - 00000000 ____D () C:\Users\Raphael\AppData\Local\CrashDumps
2015-04-24 21:51 - 2013-11-12 01:32 - 00000000 ____D () C:\Users\Raphael
2015-04-24 09:12 - 2013-12-26 17:21 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\Skype
2015-04-23 15:44 - 2014-11-17 13:57 - 00000000 ____D () C:\Program Files\Java
2015-04-23 15:07 - 2014-11-17 14:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-21 17:58 - 2013-11-17 11:07 - 00000000 ____D () C:\Users\Raphael\AppData\Roaming\Mozilla
2015-04-21 15:01 - 2015-03-07 04:54 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-20 22:01 - 2009-07-13 20:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-04-20 14:17 - 2009-07-13 22:08 - 00032546 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-04-19 03:53 - 2013-11-26 06:22 - 00001077 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2015-04-18 10:37 - 2014-01-27 17:54 - 00003618 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2449499492-303717644-1581424519-1002
2015-04-18 10:37 - 2013-11-14 14:56 - 00001426 _____ () C:\Users\Raphael\Desktop\GoToMeeting.lnk
2015-04-18 06:51 - 2013-11-12 00:16 - 00000000 ____D () C:\ProgramData\Lenovo
2015-04-17 12:46 - 2014-10-31 07:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-17 12:46 - 2013-12-26 17:21 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 23:08 - 2015-03-07 04:44 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-16 04:58 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache
2015-04-15 06:04 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-15 04:54 - 2014-12-10 04:57 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 04:54 - 2014-05-01 03:01 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 03:44 - 2013-11-12 01:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 03:41 - 2013-11-12 00:29 - 00763344 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-15 03:32 - 2013-11-14 12:17 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 03:15 - 2013-11-14 12:17 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 03:14 - 2009-07-13 19:34 - 00000478 _____ () C:\windows\win.ini
2015-04-14 14:56 - 2013-11-17 11:12 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 14:56 - 2013-11-17 11:12 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 14:56 - 2013-11-17 11:12 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-07 10:51 - 2013-11-12 00:40 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2015-04-07 10:49 - 2013-11-12 00:40 - 00000000 ____D () C:\windows\Downloaded Installations
2015-04-07 10:46 - 2011-12-08 13:42 - 00000000 ___RD () C:\Users\Public\Recorded TV
 
==================== Files in the root of some directories =======
 
2014-02-05 16:38 - 2014-02-06 01:41 - 0000000 _____ () C:\Users\Raphael\AppData\Roaming\bibstats
2014-02-05 09:37 - 2014-09-12 10:19 - 0000260 _____ () C:\Users\Raphael\AppData\Roaming\rftg
2014-09-09 15:13 - 2014-09-09 15:13 - 0007596 _____ () C:\Users\Raphael\AppData\Local\Resmon.ResmonCfg
2013-11-14 12:28 - 2013-11-14 12:28 - 0035678 _____ () C:\Users\Raphael\AppData\Local\WiDiSetupLog.20131114.112851.wdl
2013-11-14 12:42 - 2013-11-14 12:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some content of TEMP:
====================
C:\Users\Raphael\AppData\Local\Temp\Quarantine.exe
C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe
C:\Users\Raphael\AppData\Local\Temp\sqlite3.dll
 
 
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-24 21:15
 
==================== End Of Log ============================


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:00 PM

Posted 06 May 2015 - 10:24 AM

Greetings Raphael and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
Toolbar: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
S3 SPUVCbv; System32\Drivers\SPUVCbv_x64.sys [X]
C:\Users\Raphael\AppData\Local\Temp\Quarantine.exe
C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe
C:\Users\Raphael\AppData\Local\Temp\sqlite3.dll
CHR Extension: (No Name) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfpecihdjjdaocoeacnmdlcfnahpilc [2015-04-30]
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Run TDSSKiller by Kaspersky

--------------------
  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply even if no threats are found.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================

aswMBR

--------------------
  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.

aswMBR1.png

  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.

aswMBR2.png

  • Please post the contents of the log in your next reply.
NOTE: aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • TDSSKiller log
  • aswMBR report
  • System Summary Information

Edited by Oh My!, 06 May 2015 - 11:05 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,767 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:00 PM

Posted 06 May 2015 - 10:38 AM

My fix deleted.

Edited by nasdaq, 06 May 2015 - 10:40 AM.


#7 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 06 May 2015 - 03:54 PM

Dear Gary –

First, I want to thank you very much for your help.

Second, I want to let you know of a few questions/differences from your instructions. 

1) When I ran the FRST tool, I got the error message that the fixit log must be in the same folder.  It turned out that FRST was in the Downloads folder, not the Desktop, so moving the fixit log there resolved the problem.  For later portions of the instructions, I moved the relevant application from the downloads folder to the desktop. 

2) The TDSSKiller tool did not find threats.  I assumed that the rest of the instructions were not relevant (e.g., restarting to complete the cleaning process).

3) When running aswMBR, there was an additional option on the tool below the final line in your picture, a dropdown menu that was set as a default at “Quick scan”.  I did not adjust this option.

4) I could not find an option to attach a file in the reply, even under the "more reply options" screen as described in the "Hijack this log" post that you referred me to.  So the system information file is missing.

5) I received an error that the "post was too long", so I will try to split it up into several.

Now, for the logs:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015 01

Ran by Raphael at 2015-05-06 12:56:24 Run:1

Running from C:\Users\Raphael\Downloads

Loaded Profiles: Raphael (Available profiles: UpdatusUser & Raphael)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

Toolbar: HKU\S-1-5-21-2449499492-303717644-1581424519-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

S3 SPUVCbv; System32\Drivers\SPUVCbv_x64.sys [X]

C:\Users\Raphael\AppData\Local\Temp\Quarantine.exe

C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe

C:\Users\Raphael\AppData\Local\Temp\sqlite3.dll

CHR Extension: (No Name) - C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfpecihdjjdaocoeacnmdlcfnahpilc [2015-04-30]

*****************

 

HKU\S-1-5-21-2449499492-303717644-1581424519-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.

HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.

SPUVCbv => Service deleted successfully.

C:\Users\Raphael\AppData\Local\Temp\Quarantine.exe => Moved successfully.

C:\Users\Raphael\AppData\Local\Temp\ReadCubeTray64.exe => Moved successfully.

C:\Users\Raphael\AppData\Local\Temp\sqlite3.dll => Moved successfully.

C:\Users\Raphael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfpecihdjjdaocoeacnmdlcfnahpilc => Moved successfully.

 

==== End of Fixlog 12:56:48 ====

13:03:51.0347 0x4cb8  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

13:03:51.0347 0x4cb8  UEFI system

13:03:56.0506 0x4cb8  ============================================================

13:03:56.0507 0x4cb8  Current date / time: 2015/05/06 13:03:56.0506

13:03:56.0507 0x4cb8  SystemInfo:

13:03:56.0507 0x4cb8 

13:03:56.0507 0x4cb8  OS Version: 6.1.7601 ServicePack: 1.0

13:03:56.0507 0x4cb8  Product type: Workstation

13:03:56.0507 0x4cb8  ComputerName: RAPHAEL-GENEKEY

13:03:56.0507 0x4cb8  UserName: Raphael

13:03:56.0507 0x4cb8  Windows directory: C:\windows

13:03:56.0507 0x4cb8  System windows directory: C:\windows

13:03:56.0507 0x4cb8  Running under WOW64

13:03:56.0507 0x4cb8  Processor architecture: Intel x64

13:03:56.0507 0x4cb8  Number of processors: 4

13:03:56.0507 0x4cb8  Page size: 0x1000

13:03:56.0507 0x4cb8  Boot type: Normal boot

13:03:56.0507 0x4cb8  ============================================================

13:03:58.0268 0x4cb8  KLMD registered as C:\windows\system32\drivers\16172547.sys

13:03:58.0400 0x4cb8  System UUID: {C197E6DD-C749-6364-41FA-5FACCBDB610B}

13:03:58.0877 0x4cb8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:03:58.0904 0x4cb8  Drive \Device\Harddisk1\DR1 - Size: 0x3BA816000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:03:58.0911 0x4cb8  ============================================================

13:03:58.0911 0x4cb8  \Device\Harddisk0\DR0:

13:03:58.0912 0x4cb8  GPT partitions:

13:03:58.0912 0x4cb8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8DC7209C-6EC3-40B6-BDD7-9B9256ED7E8F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000

13:03:58.0912 0x4cb8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A78920C0-EE11-40E9-A2AC-F124D4FE1E1E}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000

13:03:58.0912 0x4cb8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3F8A05DA-3F28-4030-B742-CA6C1A8EA74F}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x72B3C000

13:03:58.0912 0x4cb8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C7AE1DD9-0323-42E7-8E9A-E2AE160F41F1}, Name: Basic data partition, StartLBA 0x72BAE800, BlocksNum 0x1B58000

13:03:58.0912 0x4cb8  MBR partitions:

13:03:58.0913 0x4cb8  \Device\Harddisk1\DR1:

13:03:58.0917 0x4cb8  MBR partitions:

13:03:58.0917 0x4cb8  ============================================================

13:03:58.0948 0x4cb8  C: <-> \Device\Harddisk0\DR0\Partition3

13:03:59.0013 0x4cb8  Q: <-> \Device\Harddisk0\DR0\Partition4

13:03:59.0013 0x4cb8  ============================================================

13:03:59.0013 0x4cb8  Initialize success

13:03:59.0013 0x4cb8  ============================================================

13:04:01.0549 0x4d9c  ============================================================

13:04:01.0549 0x4d9c  Scan started

13:04:01.0550 0x4d9c  Mode: Manual;

13:04:01.0550 0x4d9c  ============================================================

13:04:01.0550 0x4d9c  KSN ping started

13:04:04.0897 0x4d9c  KSN ping finished: true

13:04:06.0605 0x4d9c  ================ Scan system memory ========================

13:04:06.0605 0x4d9c  System memory - ok

13:04:06.0605 0x4d9c  ================ Scan services =============================

13:04:06.0755 0x4d9c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\DRIVERS\1394ohci.sys

13:04:06.0766 0x4d9c  1394ohci - ok

13:04:06.0821 0x4d9c  [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877           C:\windows\system32\DRIVERS\5U877.sys

13:04:06.0826 0x4d9c  5U877 - ok

13:04:06.0913 0x4d9c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys

13:04:06.0930 0x4d9c  ACPI - ok

13:04:06.0953 0x4d9c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys

13:04:06.0956 0x4d9c  AcpiPmi - ok

13:04:07.0168 0x4d9c  [ 769FD9201F291D75B20D8F781F45D6B6, BE29DDFB361BBE950A16A5DCBE1A0BE6D1289445E864C1D8F10D3F0061808EE8 ] AcPrfMgrSvc     C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

13:04:07.0174 0x4d9c  AcPrfMgrSvc - ok

13:04:07.0197 0x4d9c  [ D6D67C2B007ECE441CCFD72124D74517, 3D7A8908563BA5C805EF70FD5AFA60FFB69F40BEF59BF827777DE88662F688DC ] AcSvc           C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

13:04:07.0205 0x4d9c  AcSvc - ok

13:04:07.0262 0x4d9c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

13:04:07.0266 0x4d9c  AdobeARMservice - ok

13:04:07.0562 0x4d9c  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:04:07.0574 0x4d9c  AdobeFlashPlayerUpdateSvc - ok

13:04:07.0627 0x4d9c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys

13:04:07.0644 0x4d9c  adp94xx - ok

13:04:07.0667 0x4d9c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys

13:04:07.0674 0x4d9c  adpahci - ok

13:04:07.0687 0x4d9c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys

13:04:07.0692 0x4d9c  adpu320 - ok

13:04:07.0714 0x4d9c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll

13:04:07.0716 0x4d9c  AeLookupSvc - ok

13:04:07.0752 0x4d9c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys

13:04:07.0774 0x4d9c  AFD - ok

13:04:07.0812 0x4d9c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys

13:04:07.0814 0x4d9c  agp440 - ok

13:04:07.0860 0x4d9c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe

13:04:07.0865 0x4d9c  ALG - ok

13:04:07.0892 0x4d9c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys

13:04:07.0895 0x4d9c  aliide - ok

13:04:07.0923 0x4d9c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys

13:04:07.0926 0x4d9c  amdide - ok

13:04:07.0957 0x4d9c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys

13:04:07.0961 0x4d9c  AmdK8 - ok

13:04:07.0985 0x4d9c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys

13:04:07.0989 0x4d9c  AmdPPM - ok

13:04:08.0027 0x4d9c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys

13:04:08.0035 0x4d9c  amdsata - ok

13:04:08.0060 0x4d9c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys

13:04:08.0065 0x4d9c  amdsbs - ok

13:04:08.0087 0x4d9c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys

13:04:08.0088 0x4d9c  amdxata - ok

13:04:08.0120 0x4d9c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys

13:04:08.0124 0x4d9c  AppID - ok

13:04:08.0149 0x4d9c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll

13:04:08.0152 0x4d9c  AppIDSvc - ok

13:04:08.0195 0x4d9c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll

13:04:08.0197 0x4d9c  Appinfo - ok

13:04:08.0259 0x4d9c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\windows\System32\appmgmts.dll

13:04:08.0269 0x4d9c  AppMgmt - ok

13:04:08.0291 0x4d9c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys

13:04:08.0294 0x4d9c  arc - ok

13:04:08.0317 0x4d9c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys

13:04:08.0320 0x4d9c  arcsas - ok

13:04:08.0424 0x4d9c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

13:04:08.0428 0x4d9c  aspnet_state - ok

13:04:08.0471 0x4d9c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys

13:04:08.0473 0x4d9c  AsyncMac - ok

13:04:08.0522 0x4d9c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys

13:04:08.0525 0x4d9c  atapi - ok

13:04:08.0698 0x4d9c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

13:04:08.0722 0x4d9c  AudioEndpointBuilder - ok

13:04:08.0775 0x4d9c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll

13:04:08.0785 0x4d9c  AudioSrv - ok

13:04:08.0805 0x4d9c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll

13:04:08.0809 0x4d9c  AxInstSV - ok

13:04:08.0942 0x4d9c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys

13:04:08.0961 0x4d9c  b06bdrv - ok

13:04:08.0997 0x4d9c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys

13:04:09.0002 0x4d9c  b57nd60a - ok

13:04:09.0085 0x4d9c  [ BC88D56376CCFAF08BE25E33A7046D1F, AF477E93212F7B06AC68BF3ADEA306A805E5C94CE5A799D70DAE3E29B097FB80 ] bcbtums         C:\windows\system32\drivers\bcbtums.sys

13:04:09.0107 0x4d9c  bcbtums - ok

13:04:09.0128 0x4d9c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll

13:04:09.0138 0x4d9c  BDESVC - ok

13:04:09.0154 0x4d9c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys

13:04:09.0155 0x4d9c  Beep - ok

13:04:09.0320 0x4d9c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll

13:04:09.0338 0x4d9c  BFE - ok

13:04:09.0529 0x4d9c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll

13:04:09.0554 0x4d9c  BITS - ok

13:04:09.0580 0x4d9c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys

13:04:09.0582 0x4d9c  blbdrive - ok

13:04:09.0605 0x4d9c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys

13:04:09.0610 0x4d9c  bowser - ok

13:04:09.0659 0x4d9c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys

13:04:09.0661 0x4d9c  BrFiltLo - ok

13:04:09.0693 0x4d9c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys

13:04:09.0696 0x4d9c  BrFiltUp - ok

13:04:09.0758 0x4d9c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll

13:04:09.0762 0x4d9c  Browser - ok

13:04:09.0789 0x4d9c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys

13:04:09.0795 0x4d9c  Brserid - ok

13:04:09.0814 0x4d9c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys

13:04:09.0817 0x4d9c  BrSerWdm - ok

13:04:09.0837 0x4d9c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys

13:04:09.0839 0x4d9c  BrUsbMdm - ok

13:04:09.0856 0x4d9c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys

13:04:09.0857 0x4d9c  BrUsbSer - ok

13:04:09.0904 0x4d9c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\windows\system32\DRIVERS\BthEnum.sys

13:04:09.0908 0x4d9c  BthEnum - ok

13:04:09.0942 0x4d9c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys

13:04:09.0945 0x4d9c  BTHMODEM - ok

13:04:09.0978 0x4d9c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys

13:04:09.0984 0x4d9c  BthPan - ok

13:04:10.0082 0x4d9c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\windows\system32\Drivers\BTHport.sys

13:04:10.0103 0x4d9c  BTHPORT - ok

13:04:10.0141 0x4d9c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll

13:04:10.0144 0x4d9c  bthserv - ok

13:04:10.0160 0x4d9c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys

13:04:10.0163 0x4d9c  BTHUSB - ok

13:04:10.0207 0x4d9c  [ 93F0E54C65EF7FCB56287FA685E4C4B7, FF8644C2F9DC4CDB1BDBD7C25968225769B2DAE7E063BE0FEDCD51809C48CB4D ] btwampfl        C:\windows\system32\drivers\btwampfl.sys

13:04:10.0222 0x4d9c  btwampfl - ok

13:04:10.0294 0x4d9c  [ D1F3C58892C621935947C0261BAEF3C0, AEDAF86A78F615C9124A968568FAA41AA145E6AAE910AB16E370B83BC67BB603 ] btwaudio        C:\windows\system32\drivers\btwaudio.sys

13:04:10.0302 0x4d9c  btwaudio - ok

13:04:10.0331 0x4d9c  [ 9C7A3858D87F3A2574C1D326CA6C1461, EA98D1DE3E1BF3BB952FC11511082EC1D398B448C712141B7FC35AFB7E40C4E5 ] btwavdt         C:\windows\system32\drivers\btwavdt.sys

13:04:10.0337 0x4d9c  btwavdt - ok

13:04:10.0669 0x4d9c  [ 88C77D9CB0353821D3F0F8B9CBBB499B, F068CF96CB16C47B16532FF63285B45DD56123A896B1FD38B0EE95C45EE1C3DE ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

13:04:10.0683 0x4d9c  btwdins - ok

13:04:10.0713 0x4d9c  [ B1ACFD00CDD13B48D86F46BFEC153BF9, CD7BE27D93364735511CC714B85CB7D97E21E84E3C2361EC405BADAAEA550925 ] btwl2cap        C:\windows\system32\DRIVERS\btwl2cap.sys

13:04:10.0715 0x4d9c  btwl2cap - ok

13:04:10.0726 0x4d9c  [ BB892C59D453E127797F8C5B203678DC, 9ED6E44B1E1050F275BEDE733970F455867147F6EC08CD6522E5AA2F55CB5B71 ] btwrchid        C:\windows\system32\DRIVERS\btwrchid.sys

13:04:10.0727 0x4d9c  btwrchid - ok

13:04:10.0759 0x4d9c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys

13:04:10.0762 0x4d9c  cdfs - ok

13:04:10.0794 0x4d9c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys

13:04:10.0798 0x4d9c  cdrom - ok

13:04:10.0828 0x4d9c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll

13:04:10.0831 0x4d9c  CertPropSvc - ok

13:04:10.0891 0x4d9c  [ 3B6316004C773CFAD5E6C38EC5DDDBD4, 7F8A68A6267E0C8EC11F84A1034F71991DBD78BB1C7440B6D4AE025EFBCBB534 ] cfwids          C:\windows\system32\drivers\cfwids.sys

13:04:10.0896 0x4d9c  cfwids - ok

13:04:10.0926 0x4d9c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys

13:04:10.0927 0x4d9c  circlass - ok

13:04:11.0041 0x4d9c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\windows\system32\CLFS.sys

13:04:11.0056 0x4d9c  CLFS - ok

13:04:11.0217 0x4d9c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:04:11.0221 0x4d9c  clr_optimization_v2.0.50727_32 - ok

13:04:11.0273 0x4d9c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:04:11.0279 0x4d9c  clr_optimization_v2.0.50727_64 - ok

13:04:11.0356 0x4d9c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:04:11.0362 0x4d9c  clr_optimization_v4.0.30319_32 - ok

13:04:11.0395 0x4d9c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:04:11.0402 0x4d9c  clr_optimization_v4.0.30319_64 - ok

13:04:11.0422 0x4d9c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys

13:04:11.0423 0x4d9c  CmBatt - ok

13:04:11.0535 0x4d9c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys

13:04:11.0568 0x4d9c  cmdide - ok

13:04:11.0701 0x4d9c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys

13:04:11.0723 0x4d9c  CNG - ok

13:04:11.0739 0x4d9c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys

13:04:11.0745 0x4d9c  Compbatt - ok

13:04:11.0753 0x4d9c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys

13:04:11.0755 0x4d9c  CompositeBus - ok

13:04:11.0762 0x4d9c  COMSysApp - ok

13:04:11.0931 0x4d9c  [ EB726E02074FDC44EBE97E01A2660AA6, D4C64BF00D71BB7A3DB429EF8B648056067A3FE857F72DD9CE4944A1359BE05D ] cphs            C:\windows\SysWow64\IntelCpHeciSvc.exe

13:04:11.0943 0x4d9c  cphs - ok

13:04:11.0973 0x4d9c  [ 2C0197886BB851E6589087434D890926, 345AC2F80DB3FB530F6AD89FDB1BFF0423E27EF59B2DC46B65F9E2DB0D9D2E89 ] CrashPlanService C:\Program Files\CrashPlan\CrashPlanService.exe

13:04:11.0978 0x4d9c  CrashPlanService - ok

13:04:12.0042 0x4d9c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys

13:04:12.0044 0x4d9c  crcdisk - ok

13:04:12.0093 0x4d9c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\windows\system32\cryptsvc.dll

13:04:12.0116 0x4d9c  CryptSvc - ok

13:04:12.0253 0x4d9c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\windows\system32\drivers\csc.sys

13:04:12.0269 0x4d9c  CSC - ok

13:04:12.0369 0x4d9c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\windows\System32\cscsvc.dll

13:04:12.0390 0x4d9c  CscService - ok

13:04:12.0553 0x4d9c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll

13:04:12.0568 0x4d9c  DcomLaunch - ok

13:04:12.0617 0x4d9c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll

13:04:12.0624 0x4d9c  defragsvc - ok

13:04:12.0643 0x4d9c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys

13:04:12.0652 0x4d9c  DfsC - ok

13:04:12.0761 0x4d9c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll

13:04:12.0773 0x4d9c  Dhcp - ok

13:04:12.0809 0x4d9c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys

13:04:12.0810 0x4d9c  discache - ok

13:04:12.0824 0x4d9c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys

13:04:12.0830 0x4d9c  Disk - ok

13:04:14.0291 0x4d9c  [ 4453DA8650DA827BC33B8D41A8F97894, 543A88C85D0D5299D430736ABF88E7DA5A3BAE63C3D8ACA0AC4B4E6D26EDF4F6 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe

13:04:16.0934 0x4d9c  DisplayLinkService - ok

13:04:17.0036 0x4d9c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\windows\system32\drivers\dmvsc.sys

13:04:17.0042 0x4d9c  dmvsc - ok

13:04:17.0096 0x4d9c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll

13:04:17.0105 0x4d9c  Dnscache - ok

13:04:17.0140 0x4d9c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll

13:04:17.0152 0x4d9c  dot3svc - ok

13:04:17.0293 0x4d9c  [ E819FCE666C841B7894837F4BB8AFE20, EA80646F9743FD2B37A930C8A1A1544B3F3FBBC979E57C69850034ACF63DB6A3 ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE

13:04:17.0306 0x4d9c  DozeSvc - ok

13:04:17.0341 0x4d9c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll

13:04:17.0346 0x4d9c  DPS - ok

13:04:17.0391 0x4d9c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys

13:04:17.0393 0x4d9c  drmkaud - ok

13:04:17.0721 0x4d9c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys

13:04:17.0743 0x4d9c  DXGKrnl - ok

13:04:17.0774 0x4d9c  [ 3CE83D7EE95D9C9F03323810A2E747DF, 50E34E2EC26584A1BE06EA5049481D1AE2F3213B2A81BA86411623ADCEE24F53 ] DzHDD64         C:\windows\system32\DRIVERS\DzHDD64.sys

13:04:17.0779 0x4d9c  DzHDD64 - ok

13:04:17.0939 0x4d9c  [ 23B6F8081F5C7AF1343810641EE0DD58, 571EF6BC76C062AF0FC696213638831EBC90B056B353AD440B01CA17E0D5B1B7 ] e1cexpress      C:\windows\system32\DRIVERS\e1c62x64.sys

13:04:17.0959 0x4d9c  e1cexpress - ok

13:04:17.0994 0x4d9c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll

13:04:17.0997 0x4d9c  EapHost - ok

13:04:18.0788 0x4d9c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys

13:04:18.0947 0x4d9c  ebdrv - ok

13:04:18.0979 0x4d9c  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS             C:\windows\System32\lsass.exe

13:04:18.0980 0x4d9c  EFS - ok

13:04:19.0174 0x4d9c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe

13:04:19.0209 0x4d9c  ehRecvr - ok

13:04:19.0223 0x4d9c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe

13:04:19.0226 0x4d9c  ehSched - ok

13:04:19.0274 0x4d9c  [ 627350A11295D82BF78D155B12FFD0EF, BF4A80A379803C765EF5163EE7422A30D8F35820E38690F11A27FA605DD20FFA ] ElRawDisk       C:\windows\system32\drivers\ElRawDsk.sys

13:04:19.0275 0x4d9c  ElRawDisk - ok

13:04:19.0416 0x4d9c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys

13:04:19.0434 0x4d9c  elxstor - ok

13:04:19.0456 0x4d9c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys

13:04:19.0457 0x4d9c  ErrDev - ok

13:04:19.0511 0x4d9c  [ DF96C3CD6AE15F6D0A6BCB70F9C1E88D, 4D9E779684D19137D43472CA18C8A955AD29C82C5F9D7C7E248A1400EE40EE59 ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys

13:04:19.0512 0x4d9c  esgiguard - ok

13:04:19.0542 0x4d9c  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\windows\system32\DRIVERS\EsgScanner.sys

13:04:19.0543 0x4d9c  EsgScanner - ok

13:04:19.0627 0x4d9c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll

13:04:19.0643 0x4d9c  EventSystem - ok

13:04:19.0732 0x4d9c  [ 50F9ACB987E517E6643E1F448BEAD8A0, C38A1271F2699B379D536A84C6097412BF1F9B3578E8C5AB0EFF77E459F283C1 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe

13:04:19.0772 0x4d9c  EvtEng - ok

13:04:19.0821 0x4d9c  [ D2EAA04AF43154B62FA85B08BAD0A7CA, B18F09CAD04AD61A1B8DCD3BBC70A82FB50008C147389D3245E39856BA940A87 ] excfs           C:\windows\system32\DRIVERS\excfs.sys

13:04:19.0825 0x4d9c  excfs - ok

13:04:19.0859 0x4d9c  [ E6082A6C109238A725D83184724C4A36, 66F0D4798C357FFCC5A35E45BE8E5F0A97E7BCF98CFAA1BB2269F6D6B910A0A3 ] excsd           C:\windows\system32\DRIVERS\excsd.sys

13:04:19.0865 0x4d9c  excsd - ok

13:04:19.0916 0x4d9c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys

13:04:19.0925 0x4d9c  exfat - ok

13:04:19.0976 0x4d9c  [ 68030FF4B7669E15916910885E2E6160, 324EC07A0135354A5D41ED841919D61C218ECA718DE8A8357B0D2AD0B621777B ] ExpressCache    C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe

13:04:19.0981 0x4d9c  ExpressCache - ok

13:04:20.0054 0x4d9c  [ EB3A7D5663ACAC417DF986D4AEE12170, E2E7A0DEF42E0E9D8E2A70FAEC84D4BB67D8C6F9F6B4C0DE884FA4A12C031F91 ] Fastboot        C:\windows\system32\DRIVERS\Fastboot.sys

13:04:20.0058 0x4d9c  Fastboot - ok

13:04:20.0180 0x4d9c  [ 63511240AF70D10343A4AE05F8E2CA12, E4A873CE9F685E42347390F7D7D50CD8D3C9A5FCFFEA26093438F679D1CE275D ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe

13:04:20.0186 0x4d9c  FastbootService - ok

13:04:20.0228 0x4d9c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys

13:04:20.0238 0x4d9c  fastfat - ok

13:04:20.0342 0x4d9c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe

13:04:20.0366 0x4d9c  Fax - ok

13:04:20.0397 0x4d9c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys

13:04:20.0398 0x4d9c  fdc - ok

13:04:20.0424 0x4d9c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll

13:04:20.0425 0x4d9c  fdPHost - ok

13:04:20.0436 0x4d9c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll

13:04:20.0439 0x4d9c  FDResPub - ok

13:04:20.0457 0x4d9c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys

13:04:20.0460 0x4d9c  FileInfo - ok

13:04:20.0493 0x4d9c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys

13:04:20.0495 0x4d9c  Filetrace - ok

13:04:20.0516 0x4d9c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys

13:04:20.0517 0x4d9c  flpydisk - ok

13:04:20.0585 0x4d9c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys

13:04:20.0602 0x4d9c  FltMgr - ok

13:04:20.0668 0x4d9c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll

13:04:20.0700 0x4d9c  FontCache - ok

13:04:20.0742 0x4d9c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:04:20.0744 0x4d9c  FontCache3.0.0.0 - ok

13:04:20.0768 0x4d9c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys

13:04:20.0770 0x4d9c  FsDepends - ok

13:04:20.0815 0x4d9c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys

13:04:20.0818 0x4d9c  Fs_Rec - ok

13:04:20.0875 0x4d9c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys

13:04:20.0885 0x4d9c  fvevol - ok

13:04:20.0931 0x4d9c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys

13:04:20.0938 0x4d9c  gagp30kx - ok

13:04:21.0034 0x4d9c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll

13:04:21.0056 0x4d9c  gpsvc - ok

13:04:21.0127 0x4d9c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:04:21.0131 0x4d9c  gupdate - ok

13:04:21.0148 0x4d9c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:04:21.0151 0x4d9c  gupdatem - ok

13:04:21.0215 0x4d9c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys

13:04:21.0218 0x4d9c  hcw85cir - ok

13:04:21.0268 0x4d9c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

13:04:21.0282 0x4d9c  HdAudAddService - ok

13:04:21.0316 0x4d9c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys

13:04:21.0319 0x4d9c  HDAudBus - ok

13:04:21.0340 0x4d9c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys

13:04:21.0342 0x4d9c  HidBatt - ok

13:04:21.0373 0x4d9c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys

13:04:21.0376 0x4d9c  HidBth - ok

13:04:21.0400 0x4d9c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys

13:04:21.0402 0x4d9c  HidIr - ok

13:04:21.0455 0x4d9c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll

13:04:21.0457 0x4d9c  hidserv - ok

13:04:21.0500 0x4d9c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys

13:04:21.0501 0x4d9c  HidUsb - ok

13:04:21.0550 0x4d9c  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\windows\system32\drivers\HipShieldK.sys

13:04:21.0558 0x4d9c  HipShieldK - ok

13:04:21.0601 0x4d9c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll

13:04:21.0606 0x4d9c  hkmsvc - ok

13:04:21.0625 0x4d9c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll

13:04:21.0634 0x4d9c  HomeGroupListener - ok

13:04:21.0676 0x4d9c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll

13:04:21.0681 0x4d9c  HomeGroupProvider - ok

13:04:21.0829 0x4d9c  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

13:04:21.0843 0x4d9c  HomeNetSvc - ok

13:04:21.0877 0x4d9c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys

13:04:21.0879 0x4d9c  HpSAMD - ok

13:04:21.0923 0x4d9c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\windows\system32\drivers\HTTP.sys

13:04:21.0946 0x4d9c  HTTP - ok

13:04:22.0009 0x4d9c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys

13:04:22.0013 0x4d9c  hwpolicy - ok

13:04:22.0218 0x4d9c  [ 46FD38CBD57D2EC86C42DCCE05C82F67, 808CCA666DBB1BB2600C48E4ABB69546296C5BC161E85A53667D7EE65953734A ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe

13:04:22.0260 0x4d9c  HyperW7Svc - ok

13:04:22.0297 0x4d9c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys

13:04:22.0303 0x4d9c  i8042prt - ok

13:04:22.0384 0x4d9c  [ 180E64F00371B32E976A40E5819467CF, B1BA12E3354E77490F5FF144F1A7254CEC0D116D1215A753BED9BB277B495613 ] iaStor          C:\windows\system32\drivers\iaStor.sys

13:04:22.0404 0x4d9c  iaStor - ok

13:04:22.0592 0x4d9c  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\windows\system32\DRIVERS\iaStorA.sys

13:04:22.0614 0x4d9c  iaStorA - ok

13:04:22.0650 0x4d9c  [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF         C:\windows\system32\DRIVERS\iaStorF.sys

13:04:22.0652 0x4d9c  iaStorF - ok

13:04:22.0836 0x4d9c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys

13:04:22.0852 0x4d9c  iaStorV - ok

13:04:22.0880 0x4d9c  [ A410235155EAC4D43262532B53F229E3, A4C40F513CB56BC11DCD40F8B5EDC0D575FD7503A04A72803AD324ECDB2282DD ] IBMPMDRV        C:\windows\system32\DRIVERS\ibmpmdrv.sys

13:04:22.0883 0x4d9c  IBMPMDRV - ok

13:04:22.0955 0x4d9c  [ A0680FF223F055DE508E72B185A41484, 7FFB4F9B7F4395CFDF059D5744BDEACF91C70C08B6C399A17BDDA5610D879B15 ] IBMPMSVC        C:\windows\system32\ibmpmsvc.exe

13:04:22.0959 0x4d9c  IBMPMSVC - ok

13:04:23.0198 0x4d9c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:04:23.0223 0x4d9c  idsvc - ok

13:04:23.0233 0x4d9c  IEEtwCollectorService - ok

13:04:24.0194 0x4d9c  [ B9857625DF8B539ABCB90E15B5716568, 99393C74D6C5BB1D3B7399C628DEF47641563A3A1118988597091B0735805F06 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys

13:04:24.0425 0x4d9c  igfx - ok

13:04:24.0463 0x4d9c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys

13:04:24.0465 0x4d9c  iirsp - ok

13:04:24.0674 0x4d9c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll

13:04:24.0696 0x4d9c  IKEEXT - ok

13:04:24.0754 0x4d9c  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys

13:04:24.0757 0x4d9c  intaud_WaveExtensible - ok

13:04:25.0504 0x4d9c  [ D739148367AAE1DA0C12160DE141ECED, 471E6EA03F2BD7DD1E2812B56EFB00EDDCAA87E974833B75114B8EE93DC358A5 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

13:04:25.0578 0x4d9c  IntcAzAudAddService - ok

13:04:25.0785 0x4d9c  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

13:04:25.0801 0x4d9c  Intel® Capability Licensing Service Interface - ok

13:04:25.0842 0x4d9c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys

13:04:25.0844 0x4d9c  intelide - ok

13:04:25.0877 0x4d9c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys

13:04:25.0879 0x4d9c  intelppm - ok

13:04:26.0471 0x4d9c  [ 75C2F9D71EB7D156D3EF97E93DD1A871, CD90E3B88CF197CC79D6AFB1C9E549552B874CE14B0BC2E98AD874F81DEFECD1 ] ioloSystemService C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

13:04:26.0605 0x4d9c  ioloSystemService - ok

13:04:26.0640 0x4d9c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll

13:04:26.0675 0x4d9c  IPBusEnum - ok

13:04:26.0719 0x4d9c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys

13:04:26.0722 0x4d9c  IpFilterDriver - ok

13:04:26.0767 0x4d9c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll

13:04:26.0789 0x4d9c  iphlpsvc - ok

13:04:26.0832 0x4d9c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys

13:04:26.0848 0x4d9c  IPMIDRV - ok

13:04:26.0883 0x4d9c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys

13:04:26.0907 0x4d9c  IPNAT - ok

13:04:26.0949 0x4d9c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys

13:04:26.0981 0x4d9c  IRENUM - ok

13:04:27.0000 0x4d9c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys

13:04:27.0002 0x4d9c  isapnp - ok

13:04:27.0083 0x4d9c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys

13:04:27.0107 0x4d9c  iScsiPrt - ok

13:04:27.0155 0x4d9c  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\windows\system32\DRIVERS\iusb3hcs.sys

13:04:27.0157 0x4d9c  iusb3hcs - ok

13:04:27.0202 0x4d9c  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\windows\system32\DRIVERS\iusb3hub.sys

13:04:27.0209 0x4d9c  iusb3hub - ok

13:04:27.0391 0x4d9c  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\windows\system32\DRIVERS\iusb3xhc.sys

13:04:27.0415 0x4d9c  iusb3xhc - ok

13:04:27.0486 0x4d9c  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\windows\system32\DRIVERS\iwdbus.sys

13:04:27.0511 0x4d9c  iwdbus - ok

13:04:27.0607 0x4d9c  [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

13:04:27.0611 0x4d9c  jhi_service - ok

13:04:27.0639 0x4d9c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys

13:04:27.0641 0x4d9c  kbdclass - ok

13:04:27.0663 0x4d9c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys

13:04:27.0665 0x4d9c  kbdhid - ok

13:04:27.0679 0x4d9c  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso          C:\windows\system32\lsass.exe

13:04:27.0681 0x4d9c  KeyIso - ok

13:04:27.0721 0x4d9c  [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys

13:04:27.0724 0x4d9c  KSecDD - ok

13:04:27.0798 0x4d9c  [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys

13:04:27.0812 0x4d9c  KSecPkg - ok

13:04:27.0854 0x4d9c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys

13:04:27.0855 0x4d9c  ksthunk - ok

13:04:27.0897 0x4d9c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll

13:04:27.0907 0x4d9c  KtmRm - ok

13:04:27.0973 0x4d9c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll

13:04:27.0979 0x4d9c  LanmanServer - ok

13:04:28.0000 0x4d9c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll

13:04:28.0005 0x4d9c  LanmanWorkstation - ok

13:04:28.0218 0x4d9c  [ B28F352952FC7B77A06DCFF01CBF8131, DAC90126613D2BE9E95E8884444A984D08BAC8A1B37571C54EB9B228EF7EEA24 ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe

13:04:28.0234 0x4d9c  Lenovo EasyPlus Hotspot - ok

13:04:28.0307 0x4d9c  [ 0895324DA49F41699F788214689A618F, 9C475AF098B6B56AB14E7DED7AC710C429F2E8B338ABE4EDB9BD5ED98F67B660 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

13:04:28.0310 0x4d9c  LENOVO.CAMMUTE - ok

13:04:28.0399 0x4d9c  [ D5D33958026F3BC85ED4CDAA7090C083, 0D556266D1C0FEAC5F06A7B4B65B098F6A95D159CB3817CC314E331A3D5A9A80 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

13:04:28.0405 0x4d9c  LENOVO.MICMUTE - ok

13:04:28.0458 0x4d9c  [ AA962ADAB96C9F2AD43A8AFA2981F6C2, 15868C7A3CE82859B144B3752F56344177CB4AE06014E4A278E184452CE15BC7 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

13:04:28.0460 0x4d9c  LENOVO.TPKNRSVC - ok

13:04:28.0486 0x4d9c  [ FB67560D2D78D5A2D9E7A002F3EF5287, FD00EE844DB2794B7BD1CD71DF3F73B0AA26975768B5620A35BFA67AED6103C1 ] LENOVO.TVTVCAM  C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe

13:04:28.0490 0x4d9c  LENOVO.TVTVCAM - ok

13:04:28.0537 0x4d9c  [ EE982F13F0957AB40992DDBC47164A76, C75AA052A8B2E5A1CBA06C32D855B74C576F2E349B8D1A4570F7E991933FEE6A ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

13:04:28.0540 0x4d9c  Lenovo.VIRTSCRLSVC - ok

13:04:28.0600 0x4d9c  [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd        C:\windows\system32\Drivers\LenovoRd.sys

13:04:28.0606 0x4d9c  LenovoRd - ok

13:04:28.0629 0x4d9c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys

13:04:28.0632 0x4d9c  lltdio - ok

13:04:28.0763 0x4d9c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll

13:04:28.0777 0x4d9c  lltdsvc - ok

13:04:28.0809 0x4d9c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll

13:04:28.0811 0x4d9c  lmhosts - ok

13:04:28.0897 0x4d9c  [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

13:04:28.0909 0x4d9c  LMS - ok

13:04:29.0089 0x4d9c  [ 30223D9D80819C55531F2CF0CCB7C355, 1CA88470D6ECCF84BE23A71B1198B42107789EFD6EE7A37B2F880380F888FC83 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe

13:04:29.0101 0x4d9c  LSCWinService - ok

13:04:29.0147 0x4d9c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys

13:04:29.0150 0x4d9c  LSI_FC - ok

13:04:29.0174 0x4d9c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys

13:04:29.0176 0x4d9c  LSI_SAS - ok

13:04:29.0197 0x4d9c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys

13:04:29.0199 0x4d9c  LSI_SAS2 - ok

13:04:29.0237 0x4d9c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys

13:04:29.0240 0x4d9c  LSI_SCSI - ok

13:04:29.0274 0x4d9c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys

13:04:29.0277 0x4d9c  luafv - ok

13:04:29.0312 0x4d9c  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\windows\system32\drivers\mbam.sys

13:04:29.0318 0x4d9c  MBAMProtector - ok

13:04:29.0422 0x4d9c  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

13:04:29.0442 0x4d9c  MBAMService - ok

13:04:29.0483 0x4d9c  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys

13:04:29.0488 0x4d9c  MBAMWebAccessControl - ok

13:04:29.0608 0x4d9c  [ 22F6F5D0E2C9B38AD455E9F74CCDF162, 6EB697C211CAB625EEDDA44384EBF9982E7F58006A7C8EED708423F894B7953A ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

13:04:29.0616 0x4d9c  McAfee SiteAdvisor Service - ok

13:04:29.0823 0x4d9c  [ E6864F959001AFA6D16A471DA2CEA0FB, E8F56494D47DCF420C5D7B4527FBADD8DE67AC04699BD59627A2FDF476AED00C ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe

13:04:29.0842 0x4d9c  McAPExe - ok

13:04:29.0950 0x4d9c  [ DD489BA0B13CF83690800FFE6A96B1A2, 64548F555B4C816AD62FC0D400F076CFCBC7EC731B37FA2D14DAF5AFD271B61C ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe

13:04:29.0965 0x4d9c  mccspsvc - ok

13:04:30.0005 0x4d9c  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

13:04:30.0013 0x4d9c  McMPFSvc - ok

13:04:30.0058 0x4d9c  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

13:04:30.0064 0x4d9c  McNaiAnn - ok

13:04:30.0235 0x4d9c  [ 9094EF1B5F12CCC545C8635EF17A087D, 98489943CD3551B8636E8BC7B8B1013B746F9A4EBD0AC908C9103811CDF54E1F ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe

13:04:30.0250 0x4d9c  McODS - ok

13:04:30.0290 0x4d9c  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

13:04:30.0295 0x4d9c  mcpltsvc - ok

13:04:30.0312 0x4d9c  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

13:04:30.0317 0x4d9c  McProxy - ok

13:04:30.0349 0x4d9c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll

13:04:30.0352 0x4d9c  Mcx2Svc - ok

13:04:30.0381 0x4d9c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys

13:04:30.0382 0x4d9c  megasas - ok

13:04:30.0403 0x4d9c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys

13:04:30.0409 0x4d9c  MegaSR - ok

13:04:30.0475 0x4d9c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys

13:04:30.0479 0x4d9c  MEIx64 - ok

13:04:30.0577 0x4d9c  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys

13:04:30.0585 0x4d9c  mfeapfk - ok

13:04:30.0642 0x4d9c  [ 3EAF75ED747B2D60ABA4E45107D96E80, DC8141AAE425417F64D5070D573A0BDA40CF4FBDE041240FB331B2DDF0F8A361 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys

13:04:30.0652 0x4d9c  mfeavfk - ok

13:04:31.0025 0x4d9c  [ 862CCECA53B237BDF3AA52EDD681FCE1, 752850CE18FD2ED747EDB4A2DE4D9B7730A704A992FDC2C99C84A7E48F1CCDA4 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

13:04:31.0054 0x4d9c  mfecore - ok

13:04:31.0168 0x4d9c  [ 12279E1080026A15D272AE6AAB97FBC7, A52F2D9B7CECA6D1CF28B72F5766F001F1480F08C7ACDC32BC7F9057FBBF9277 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

13:04:31.0178 0x4d9c  mfefire - ok

13:04:31.0235 0x4d9c  [ 07CFCE5D75C27474E20DE8715794F229, C20F36B242DB592D2FE1EB43EA339514969BAB9561D76FAC7CA6204F6AFCB8B8 ] mfefirek        C:\windows\system32\drivers\mfefirek.sys

13:04:31.0246 0x4d9c  mfefirek - ok

 

See next post for 2nd half...


13:04:31.0372 0x4d9c  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\windows\system32\drivers\mfehidk.sys

13:04:31.0399 0x4d9c  mfehidk - ok

13:04:31.0459 0x4d9c  [ 7E0CB59045BEB5976B32C3541DB0BFBB, 8D9B760772D885611DAD5AB4C82705FC8608B8C7F2BC30A19883506A81A804B1 ] mfencbdc        C:\windows\system32\DRIVERS\mfencbdc.sys

13:04:31.0467 0x4d9c  mfencbdc - ok

13:04:31.0515 0x4d9c  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\windows\system32\DRIVERS\mfencrk.sys

13:04:31.0518 0x4d9c  mfencrk - ok

13:04:31.0575 0x4d9c  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\windows\system32\mfevtps.exe

13:04:31.0580 0x4d9c  mfevtp - ok

13:04:31.0695 0x4d9c  [ 1134C87CC1184F5B88F0C7002ACFDC99, 9029E15BF5186258CACF7D46F0E182949E93B78B3F17ED680FE8ECF12EFFF646 ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys

13:04:31.0705 0x4d9c  mfewfpk - ok

13:04:31.0737 0x4d9c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll

13:04:31.0739 0x4d9c  MMCSS - ok

13:04:31.0770 0x4d9c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys

13:04:31.0772 0x4d9c  Modem - ok

13:04:31.0821 0x4d9c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys

13:04:31.0824 0x4d9c  monitor - ok

13:04:31.0857 0x4d9c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys

13:04:31.0859 0x4d9c  mouclass - ok

13:04:31.0888 0x4d9c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\drivers\mouhid.sys

13:04:31.0890 0x4d9c  mouhid - ok

13:04:31.0940 0x4d9c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys

13:04:31.0943 0x4d9c  mountmgr - ok

13:04:31.0989 0x4d9c  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

13:04:31.0993 0x4d9c  MozillaMaintenance - ok

13:04:32.0034 0x4d9c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys

13:04:32.0041 0x4d9c  mpio - ok

13:04:32.0087 0x4d9c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys

13:04:32.0090 0x4d9c  mpsdrv - ok

13:04:32.0297 0x4d9c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll

13:04:32.0321 0x4d9c  MpsSvc - ok

13:04:32.0371 0x4d9c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys

13:04:32.0375 0x4d9c  MRxDAV - ok

13:04:32.0441 0x4d9c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys

13:04:32.0446 0x4d9c  mrxsmb - ok

13:04:32.0492 0x4d9c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys

13:04:32.0501 0x4d9c  mrxsmb10 - ok

13:04:32.0514 0x4d9c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys

13:04:32.0522 0x4d9c  mrxsmb20 - ok

13:04:32.0559 0x4d9c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys

13:04:32.0560 0x4d9c  msahci - ok

13:04:32.0585 0x4d9c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys

13:04:32.0731 0x4d9c  msdsm - ok

13:04:32.0789 0x4d9c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe

13:04:32.0798 0x4d9c  MSDTC - ok

13:04:32.0843 0x4d9c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys

13:04:32.0844 0x4d9c  Msfs - ok

13:04:32.0903 0x4d9c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys

13:04:32.0939 0x4d9c  mshidkmdf - ok

13:04:32.0962 0x4d9c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys

13:04:32.0970 0x4d9c  msisadrv - ok

13:04:33.0050 0x4d9c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll

13:04:33.0059 0x4d9c  MSiSCSI - ok

13:04:33.0083 0x4d9c  msiserver - ok

13:04:33.0116 0x4d9c  [ B2C832BBF64964F755D39174BC49F7B9, 324088F2A8B88AC2FDBBC7A0B49239E32F87980CCA1A97E86A828813B5C637C8 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

13:04:33.0123 0x4d9c  MSK80Service - ok

13:04:33.0177 0x4d9c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys

13:04:33.0180 0x4d9c  MSKSSRV - ok

13:04:33.0216 0x4d9c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys

13:04:33.0217 0x4d9c  MSPCLOCK - ok

13:04:33.0244 0x4d9c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys

13:04:33.0245 0x4d9c  MSPQM - ok

13:04:33.0358 0x4d9c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys

13:04:33.0373 0x4d9c  MsRPC - ok

13:04:33.0409 0x4d9c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys

13:04:33.0411 0x4d9c  mssmbios - ok

13:04:33.0435 0x4d9c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys

13:04:33.0437 0x4d9c  MSTEE - ok

13:04:33.0467 0x4d9c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys

13:04:33.0469 0x4d9c  MTConfig - ok

13:04:33.0487 0x4d9c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys

13:04:33.0493 0x4d9c  Mup - ok

13:04:33.0582 0x4d9c  [ 0F2D4F6F18910DADD7F8C25F12569571, 8C50DDA70F0EFD133DF51BC07062D1E89D141B75EFA718BAFA65D2190F885686 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

13:04:33.0593 0x4d9c  MyWiFiDHCPDNS - ok

13:04:33.0731 0x4d9c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll

13:04:33.0748 0x4d9c  napagent - ok

13:04:33.0795 0x4d9c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys

13:04:33.0802 0x4d9c  NativeWifiP - ok

13:04:33.0942 0x4d9c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys

13:04:33.0964 0x4d9c  NDIS - ok

13:04:34.0006 0x4d9c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys

13:04:34.0007 0x4d9c  NdisCap - ok

13:04:34.0033 0x4d9c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys

13:04:34.0034 0x4d9c  NdisTapi - ok

13:04:34.0057 0x4d9c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys

13:04:34.0059 0x4d9c  Ndisuio - ok

13:04:34.0077 0x4d9c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys

13:04:34.0081 0x4d9c  NdisWan - ok

13:04:34.0103 0x4d9c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys

13:04:34.0105 0x4d9c  NDProxy - ok

13:04:34.0128 0x4d9c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys

13:04:34.0131 0x4d9c  NetBIOS - ok

13:04:34.0158 0x4d9c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys

13:04:34.0164 0x4d9c  NetBT - ok

13:04:34.0189 0x4d9c  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon        C:\windows\system32\lsass.exe

13:04:34.0190 0x4d9c  Netlogon - ok

13:04:34.0329 0x4d9c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll

13:04:34.0344 0x4d9c  Netman - ok

13:04:34.0413 0x4d9c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:04:34.0421 0x4d9c  NetMsmqActivator - ok

13:04:34.0444 0x4d9c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:04:34.0448 0x4d9c  NetPipeActivator - ok

13:04:34.0497 0x4d9c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll

13:04:34.0507 0x4d9c  netprofm - ok

13:04:34.0530 0x4d9c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:04:34.0532 0x4d9c  NetTcpActivator - ok

13:04:34.0546 0x4d9c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:04:34.0548 0x4d9c  NetTcpPortSharing - ok

13:04:36.0249 0x4d9c  [ 7D3646F4E3F2C27A1415F1685391F024, E5426EC1347DBA302C786B72B510C61BA694D7A1FE0023CA61A587672F8F3548 ] NETwNs64        C:\windows\system32\DRIVERS\Netwsw00.sys

13:04:36.0534 0x4d9c  NETwNs64 - ok

13:04:36.0584 0x4d9c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys

13:04:36.0586 0x4d9c  nfrd960 - ok

13:04:36.0678 0x4d9c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll

13:04:36.0694 0x4d9c  NlaSvc - ok

13:04:36.0730 0x4d9c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys

13:04:36.0736 0x4d9c  Npfs - ok

13:04:36.0780 0x4d9c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll

13:04:36.0783 0x4d9c  nsi - ok

13:04:36.0808 0x4d9c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys

13:04:36.0810 0x4d9c  nsiproxy - ok

13:04:36.0929 0x4d9c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys

13:04:36.0960 0x4d9c  Ntfs - ok

13:04:36.0984 0x4d9c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys

13:04:36.0985 0x4d9c  Null - ok

13:04:37.0049 0x4d9c  [ 8D4AAC74B571FC356560E5B308955E93, C7F74F40D708D590EDB5D2ED064CF9C279FB1EBE33EDED073391E4D5E1CEE046 ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys

13:04:37.0058 0x4d9c  NVHDA - ok

13:04:37.0115 0x4d9c  [ 9412BBE7B4416692901B1BE8D962183E, 72A7D9C9ABD20EDD62AF77A52ABEF5402696D1BA214EEA9AAD91E6C69F1CC97C ] nvkflt          C:\windows\system32\DRIVERS\nvkflt.sys

13:04:37.0123 0x4d9c  nvkflt - ok

13:04:39.0016 0x4d9c  [ 23FDD36706F27B9BAECE11E6C1804F00, 999F7C22C1FF24B17BF4767FA701863F3F9D7483AA200A7DE709DE272DA45DC0 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys

13:04:39.0324 0x4d9c  nvlddmkm - ok

13:04:39.0377 0x4d9c  [ 98B1C3093E7012691882111DB7978103, 94396175E50ADF087FE06167B9AF676ADB7C6629D5A8736EA7BC4AAD4F88AB47 ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys

13:04:39.0382 0x4d9c  nvpciflt - ok

13:04:39.0444 0x4d9c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys

13:04:39.0451 0x4d9c  nvraid - ok

13:04:39.0490 0x4d9c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys

13:04:39.0494 0x4d9c  nvstor - ok

13:04:39.0671 0x4d9c  [ D80BAD4DF433124BAAF4ED975723B387, 915DD9AF4A87B6C823DA8992BAAED0E06210E712CE8E7F940D2E8B8D345A6113 ] nvsvc           C:\windows\system32\nvvsvc.exe

13:04:39.0696 0x4d9c  nvsvc - ok

13:04:39.0782 0x4d9c  [ 05E0B6C24F94EBEB17958385B8C2F316, CCED36F94A6EB74A8FF0BA3A8E47D16530072000ECEE33FB0A5927B8ACEA464C ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

13:04:39.0815 0x4d9c  nvUpdatusService - ok

13:04:39.0841 0x4d9c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys

13:04:39.0844 0x4d9c  nv_agp - ok

13:04:39.0898 0x4d9c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys

13:04:39.0902 0x4d9c  ohci1394 - ok

13:04:40.0031 0x4d9c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:04:40.0039 0x4d9c  ose - ok

13:04:40.0784 0x4d9c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:04:40.0933 0x4d9c  osppsvc - ok

13:04:41.0039 0x4d9c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll

13:04:41.0055 0x4d9c  p2pimsvc - ok

13:04:41.0104 0x4d9c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll

13:04:41.0123 0x4d9c  p2psvc - ok

13:04:41.0168 0x4d9c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys

13:04:41.0171 0x4d9c  Parport - ok

13:04:41.0238 0x4d9c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys

13:04:41.0242 0x4d9c  partmgr - ok

13:04:41.0301 0x4d9c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll

13:04:41.0310 0x4d9c  PcaSvc - ok

13:04:41.0366 0x4d9c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys

13:04:41.0381 0x4d9c  pci - ok

13:04:41.0423 0x4d9c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys

13:04:41.0425 0x4d9c  pciide - ok

13:04:41.0535 0x4d9c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys

13:04:41.0553 0x4d9c  pcmcia - ok

13:04:41.0661 0x4d9c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys

13:04:41.0664 0x4d9c  pcw - ok

13:04:41.0734 0x4d9c  [ 8570C04D9DBFDDD2CCF655DEB4D84715, FF2A810A1395EC134154528640152306425163EAB4A8E71D6F506758487D2B6D ] PDFsFilter      C:\windows\system32\DRIVERS\PDFsFilter.sys

13:04:41.0739 0x4d9c  PDFsFilter - ok

13:04:41.0821 0x4d9c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys

13:04:41.0839 0x4d9c  PEAUTH - ok

13:04:41.0904 0x4d9c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\windows\system32\peerdistsvc.dll

13:04:41.0960 0x4d9c  PeerDistSvc - ok

13:04:42.0081 0x4d9c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe

13:04:42.0084 0x4d9c  PerfHost - ok

13:04:42.0188 0x4d9c  [ 2CECB15AC87B7869A40305221FD28F82, 0A8261780128B99549A0BE5036F2EB6BF3CCC447110D63D0BB0245D956FEDF7D ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS

13:04:42.0190 0x4d9c  PHCORE - ok

13:04:42.0259 0x4d9c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll

13:04:42.0286 0x4d9c  pla - ok

13:04:42.0327 0x4d9c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll

13:04:42.0336 0x4d9c  PlugPlay - ok

13:04:42.0350 0x4d9c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll

13:04:42.0353 0x4d9c  PNRPAutoReg - ok

13:04:42.0439 0x4d9c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll

13:04:42.0444 0x4d9c  PNRPsvc - ok

13:04:42.0586 0x4d9c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll

13:04:42.0612 0x4d9c  PolicyAgent - ok

13:04:42.0697 0x4d9c  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\windows\system32\umpo.dll

13:04:42.0701 0x4d9c  Power - ok

13:04:42.0854 0x4d9c  [ D605BB10F68C7E45F34E04963FF26BA8, 3AA56F57B57A22A6ABFE8025353E1CC0B02DB2195C08C88CF34758E531DC576B ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE

13:04:42.0897 0x4d9c  Power Manager DBC Service - ok

13:04:42.0925 0x4d9c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys

13:04:42.0928 0x4d9c  PptpMiniport - ok

13:04:42.0986 0x4d9c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys

13:04:42.0991 0x4d9c  Processor - ok

13:04:43.0069 0x4d9c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll

13:04:43.0105 0x4d9c  ProfSvc - ok

13:04:43.0167 0x4d9c  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\windows\system32\lsass.exe

13:04:43.0170 0x4d9c  ProtectedStorage - ok

13:04:43.0261 0x4d9c  [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd           C:\windows\system32\DRIVERS\psadd.sys

13:04:43.0303 0x4d9c  psadd - ok

13:04:43.0390 0x4d9c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys

13:04:43.0438 0x4d9c  Psched - ok

13:04:43.0530 0x4d9c  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

13:04:43.0539 0x4d9c  PSI_SVC_2 - ok

13:04:43.0683 0x4d9c  [ 52EE68730E77D12E7B53995A623B0312, CE1734C607DF24D781AE41182D02CCB9392D3D2EADE90F183589A97A891C7590 ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE

13:04:43.0717 0x4d9c  PwmEWSvc - ok

13:04:43.0788 0x4d9c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys

13:04:43.0817 0x4d9c  ql2300 - ok

13:04:43.0864 0x4d9c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys

13:04:43.0867 0x4d9c  ql40xx - ok

13:04:43.0918 0x4d9c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll

13:04:43.0931 0x4d9c  QWAVE - ok

13:04:43.0955 0x4d9c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys

13:04:43.0958 0x4d9c  QWAVEdrv - ok

13:04:43.0998 0x4d9c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys

13:04:43.0999 0x4d9c  RasAcd - ok

13:04:44.0028 0x4d9c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys

13:04:44.0031 0x4d9c  RasAgileVpn - ok

13:04:44.0068 0x4d9c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll

13:04:44.0071 0x4d9c  RasAuto - ok

13:04:44.0096 0x4d9c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys

13:04:44.0100 0x4d9c  Rasl2tp - ok

13:04:44.0434 0x4d9c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll

13:04:44.0451 0x4d9c  RasMan - ok

13:04:44.0485 0x4d9c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys

13:04:44.0521 0x4d9c  RasPppoe - ok

13:04:44.0548 0x4d9c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys

13:04:44.0551 0x4d9c  RasSstp - ok

13:04:44.0601 0x4d9c  [ BF8E07F564BFEF9F99F16AC0A2A127D0, F527E0104A2C63CD8D25B1C5420E5B0B1DD13E847CA21C984039109408CA3475 ] RawDisk3        C:\windows\system32\drivers\rawdsk3.sys

13:04:44.0604 0x4d9c  RawDisk3 - ok

13:04:44.0674 0x4d9c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys

13:04:44.0682 0x4d9c  rdbss - ok

13:04:44.0699 0x4d9c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys

13:04:44.0701 0x4d9c  rdpbus - ok

13:04:44.0723 0x4d9c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys

13:04:44.0724 0x4d9c  RDPCDD - ok

13:04:44.0774 0x4d9c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\windows\system32\drivers\rdpdr.sys

13:04:44.0778 0x4d9c  RDPDR - ok

13:04:44.0801 0x4d9c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys

13:04:44.0802 0x4d9c  RDPENCDD - ok

13:04:44.0839 0x4d9c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys

13:04:44.0840 0x4d9c  RDPREFMP - ok

13:04:44.0932 0x4d9c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys

13:04:44.0935 0x4d9c  RdpVideoMiniport - ok

13:04:44.0997 0x4d9c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys

13:04:45.0010 0x4d9c  RDPWD - ok

13:04:45.0128 0x4d9c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys

13:04:45.0133 0x4d9c  rdyboost - ok

13:04:45.0254 0x4d9c  [ 51D90954481235A14CB5264C34CEC68B, E0C006A232201F24D29268910D2FE5AA36099AA90853A89335D0C76A369F821B ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

13:04:45.0259 0x4d9c  RegSrvc - ok

13:04:45.0312 0x4d9c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll

13:04:45.0316 0x4d9c  RemoteAccess - ok

13:04:45.0334 0x4d9c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll

13:04:45.0338 0x4d9c  RemoteRegistry - ok

13:04:45.0377 0x4d9c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys

13:04:45.0381 0x4d9c  RFCOMM - ok

13:04:45.0437 0x4d9c  [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc          C:\windows\system32\DRIVERS\risdxc64.sys

13:04:45.0439 0x4d9c  risdxc - ok

13:04:45.0477 0x4d9c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll

13:04:45.0479 0x4d9c  RpcEptMapper - ok

13:04:45.0522 0x4d9c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe

13:04:45.0524 0x4d9c  RpcLocator - ok

13:04:45.0641 0x4d9c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll

13:04:45.0656 0x4d9c  RpcSs - ok

13:04:45.0714 0x4d9c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys

13:04:45.0716 0x4d9c  rspndr - ok

13:04:45.0775 0x4d9c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\windows\system32\drivers\vms3cap.sys

13:04:45.0777 0x4d9c  s3cap - ok

13:04:45.0801 0x4d9c  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs           C:\windows\system32\lsass.exe

13:04:45.0802 0x4d9c  SamSs - ok

13:04:45.0836 0x4d9c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys

13:04:45.0838 0x4d9c  sbp2port - ok

13:04:45.0870 0x4d9c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll

13:04:45.0875 0x4d9c  SCardSvr - ok

13:04:45.0923 0x4d9c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys

13:04:45.0925 0x4d9c  scfilter - ok

13:04:46.0012 0x4d9c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll

13:04:46.0051 0x4d9c  Schedule - ok

13:04:46.0097 0x4d9c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll

13:04:46.0098 0x4d9c  SCPolicySvc - ok

13:04:46.0141 0x4d9c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll

13:04:46.0146 0x4d9c  SDRSVC - ok

13:04:46.0171 0x4d9c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys

13:04:46.0173 0x4d9c  secdrv - ok

13:04:46.0199 0x4d9c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll

13:04:46.0202 0x4d9c  seclogon - ok

13:04:46.0232 0x4d9c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll

13:04:46.0235 0x4d9c  SENS - ok

13:04:46.0251 0x4d9c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll

13:04:46.0253 0x4d9c  SensrSvc - ok

13:04:46.0277 0x4d9c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys

13:04:46.0278 0x4d9c  Serenum - ok

13:04:46.0314 0x4d9c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys

13:04:46.0316 0x4d9c  Serial - ok

13:04:46.0340 0x4d9c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys

13:04:46.0342 0x4d9c  sermouse - ok

13:04:46.0402 0x4d9c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll

13:04:46.0406 0x4d9c  SessionEnv - ok

13:04:46.0454 0x4d9c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys

13:04:46.0457 0x4d9c  sffdisk - ok

13:04:46.0482 0x4d9c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys

13:04:46.0483 0x4d9c  sffp_mmc - ok

13:04:46.0512 0x4d9c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys

13:04:46.0514 0x4d9c  sffp_sd - ok

13:04:46.0543 0x4d9c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys

13:04:46.0545 0x4d9c  sfloppy - ok

13:04:46.0623 0x4d9c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll

13:04:46.0641 0x4d9c  SharedAccess - ok

13:04:46.0737 0x4d9c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll

13:04:46.0746 0x4d9c  ShellHWDetection - ok

13:04:46.0819 0x4d9c  [ 06D00036B3064C838519286ED2F5A51C, 01232D45D72361126DF7CD0CCA4F467C737447AE6710F5A401994E34BA317852 ] Shockprf        C:\windows\system32\DRIVERS\Apsx64.sys

13:04:46.0826 0x4d9c  Shockprf - ok

13:04:46.0897 0x4d9c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys

13:04:46.0899 0x4d9c  SiSRaid2 - ok

13:04:46.0928 0x4d9c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys

13:04:46.0930 0x4d9c  SiSRaid4 - ok

13:04:47.0069 0x4d9c  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

13:04:47.0083 0x4d9c  SkypeUpdate - ok

13:04:47.0171 0x4d9c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys

13:04:47.0177 0x4d9c  Smb - ok

13:04:47.0224 0x4d9c  [ C40F447162D99F6CBFC29A0B7EFE270B, 8826CEC13E5AAE763826B916143E6D3289FB75933206074DC67376B265E4C796 ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys

13:04:47.0227 0x4d9c  SmbDrvI - ok

13:04:47.0298 0x4d9c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe

13:04:47.0301 0x4d9c  SNMPTRAP - ok

13:04:47.0331 0x4d9c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys

13:04:47.0332 0x4d9c  spldr - ok

13:04:47.0476 0x4d9c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe

13:04:47.0491 0x4d9c  Spooler - ok

13:04:47.0856 0x4d9c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe

13:04:47.0937 0x4d9c  sppsvc - ok

13:04:47.0978 0x4d9c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll

13:04:47.0981 0x4d9c  sppuinotify - ok

13:04:48.0044 0x4d9c  [ 484008985EEB63C0ABBBBC4F93E6AF06, 2916E1ADF0062387F422831CD724D2BAE6C1F67F9A949D57C43056ED30685557 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE

13:04:48.0058 0x4d9c  SpyHunter 4 Service - ok

13:04:48.0234 0x4d9c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys

13:04:48.0252 0x4d9c  srv - ok

13:04:48.0297 0x4d9c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys

13:04:48.0305 0x4d9c  srv2 - ok

13:04:48.0393 0x4d9c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys

13:04:48.0401 0x4d9c  srvnet - ok

13:04:48.0446 0x4d9c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll

13:04:48.0491 0x4d9c  SSDPSRV - ok

13:04:48.0530 0x4d9c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll

13:04:48.0536 0x4d9c  SstpSvc - ok

13:04:48.0822 0x4d9c  [ 6671439BA8E9B1D5E94E57885F382BD9, 6EFB42BA8F57ECE86DC605DFD0B6F5CF5D3C3835B7CF9DDAA3A43D5D2AD86978 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

13:04:48.0836 0x4d9c  Stereo Service - ok

13:04:48.0944 0x4d9c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys

13:04:48.0989 0x4d9c  stexstor - ok

13:04:49.0048 0x4d9c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll

13:04:49.0070 0x4d9c  stisvc - ok

13:04:49.0110 0x4d9c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\windows\system32\drivers\vmstorfl.sys

13:04:49.0112 0x4d9c  storflt - ok

13:04:49.0141 0x4d9c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\windows\system32\storsvc.dll

13:04:49.0144 0x4d9c  StorSvc - ok

13:04:49.0205 0x4d9c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\windows\system32\drivers\storvsc.sys

13:04:49.0209 0x4d9c  storvsc - ok

13:04:49.0291 0x4d9c  [ AE0C635CB76C46079C05D68441D9390F, 9EC6B201ABF30C711B21E8A5701F2F9852B821EB0F7007C5A300080F4FAAA8BB ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe

13:04:49.0294 0x4d9c  SUService - ok

13:04:49.0337 0x4d9c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys

13:04:49.0339 0x4d9c  swenum - ok

13:04:49.0387 0x4d9c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll

13:04:49.0407 0x4d9c  swprv - ok

13:04:49.0457 0x4d9c  [ BBF351BB2726CBE6DB12CE8D5B052210, 97F3CCEEC910375A42E5DEA932033BB08BCB012513EE5285FE0E6E99727655F4 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys

13:04:49.0466 0x4d9c  SynTP - ok

13:04:49.0530 0x4d9c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll

13:04:49.0576 0x4d9c  SysMain - ok

13:04:49.0601 0x4d9c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll

13:04:49.0605 0x4d9c  TabletInputService - ok

13:04:49.0628 0x4d9c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll

13:04:49.0637 0x4d9c  TapiSrv - ok

13:04:49.0658 0x4d9c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll

13:04:49.0661 0x4d9c  TBS - ok

13:04:49.0774 0x4d9c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys

13:04:49.0813 0x4d9c  Tcpip - ok

13:04:49.0954 0x4d9c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys

13:04:49.0980 0x4d9c  TCPIP6 - ok

13:04:50.0032 0x4d9c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys

13:04:50.0034 0x4d9c  tcpipreg - ok

13:04:50.0097 0x4d9c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys

13:04:50.0099 0x4d9c  TDPIPE - ok

13:04:50.0153 0x4d9c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys

13:04:50.0156 0x4d9c  TDTCP - ok

13:04:50.0194 0x4d9c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys

13:04:50.0197 0x4d9c  tdx - ok

13:04:50.0213 0x4d9c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys

13:04:50.0216 0x4d9c  TermDD - ok

13:04:50.0269 0x4d9c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll

13:04:50.0291 0x4d9c  TermService - ok

13:04:50.0326 0x4d9c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll

13:04:50.0329 0x4d9c  Themes - ok

13:04:50.0367 0x4d9c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll

13:04:50.0369 0x4d9c  THREADORDER - ok

13:04:50.0397 0x4d9c  [ 7B742DDEBBB43319C747D3477F13A1B0, 217E05F1C93EC976D9571938682236327DCD22C4565FC2FD3478351A6E87FAC0 ] TPDIGIMN        C:\windows\system32\DRIVERS\ApsHM64.sys

13:04:50.0398 0x4d9c  TPDIGIMN - ok

13:04:50.0437 0x4d9c  [ 7CAA562A971725B9556AFA198B762915, 2F82F022DE41F18F2627B569BC5FE78E9C32A21C2204813A985CB24BA2A59BD9 ] TPHDEXLGSVC     C:\windows\system32\TPHDEXLG64.exe

13:04:50.0440 0x4d9c  TPHDEXLGSVC - ok

13:04:50.0500 0x4d9c  [ 3B4250CB21F95FFA64162389106F39BA, 2461E6D335D699F837908254FDA43C789D589FE90C9592B5B43D964CFDB43F11 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

13:04:50.0503 0x4d9c  TPHKLOAD - ok

13:04:50.0533 0x4d9c  [ 667EF334C512416712F14118E3382919, D59D3ED81E823A84885AA0787B020DAFBCA20303F1F5A37F37E5392C5C272F9D ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

13:04:50.0537 0x4d9c  TPHKSVC - ok

13:04:50.0576 0x4d9c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\windows\system32\drivers\tpm.sys

13:04:50.0578 0x4d9c  TPM - ok

13:04:50.0610 0x4d9c  [ A9EF6C7E62DC3B01C51CFB92C1596C62, 432335FDA5DF9FF8C9B86767980A07C720E7158D5362E40D3A745817D4275A07 ] TPPWRIF         C:\windows\system32\drivers\Tppwr64v.sys

13:04:50.0612 0x4d9c  TPPWRIF - ok

13:04:50.0652 0x4d9c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll

13:04:50.0657 0x4d9c  TrkWks - ok

13:04:50.0708 0x4d9c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

13:04:50.0712 0x4d9c  TrustedInstaller - ok

13:04:50.0757 0x4d9c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys

13:04:50.0759 0x4d9c  tssecsrv - ok

13:04:50.0804 0x4d9c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys

13:04:50.0805 0x4d9c  TsUsbFlt - ok

13:04:50.0850 0x4d9c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys

13:04:50.0851 0x4d9c  TsUsbGD - ok

13:04:50.0917 0x4d9c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys

13:04:50.0921 0x4d9c  tunnel - ok

13:04:50.0965 0x4d9c  [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C          C:\windows\system32\DRIVERS\Tvti2c.sys

13:04:50.0966 0x4d9c  TVTI2C - ok

13:04:50.0999 0x4d9c  [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd        C:\windows\system32\DRIVERS\tvtvcamd.sys

13:04:51.0001 0x4d9c  tvtvcamd - ok

13:04:51.0042 0x4d9c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys

13:04:51.0044 0x4d9c  uagp35 - ok

13:04:51.0084 0x4d9c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys

13:04:51.0091 0x4d9c  udfs - ok

13:04:51.0184 0x4d9c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe

13:04:51.0189 0x4d9c  UI0Detect - ok

13:04:51.0260 0x4d9c  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

13:04:51.0262 0x4d9c  UleadBurningHelper - ok

13:04:51.0375 0x4d9c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys

13:04:51.0386 0x4d9c  uliagpkx - ok

13:04:51.0421 0x4d9c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys

13:04:51.0447 0x4d9c  umbus - ok

13:04:51.0484 0x4d9c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys

13:04:51.0502 0x4d9c  UmPass - ok

13:04:51.0564 0x4d9c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\windows\System32\umrdp.dll

13:04:51.0570 0x4d9c  UmRdpService - ok

13:04:51.0745 0x4d9c  [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

13:04:51.0757 0x4d9c  UNS - ok

13:04:51.0845 0x4d9c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll

13:04:51.0853 0x4d9c  upnphost - ok

13:04:51.0894 0x4d9c  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys

13:04:51.0897 0x4d9c  usbccgp - ok

13:04:51.0951 0x4d9c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys

13:04:51.0954 0x4d9c  usbcir - ok

13:04:52.0009 0x4d9c  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\windows\system32\drivers\usbehci.sys

13:04:52.0011 0x4d9c  usbehci - ok

13:04:52.0111 0x4d9c  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys

13:04:52.0126 0x4d9c  usbhub - ok

13:04:52.0192 0x4d9c  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\windows\system32\drivers\usbohci.sys

13:04:52.0195 0x4d9c  usbohci - ok

13:04:52.0253 0x4d9c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys

13:04:52.0256 0x4d9c  usbprint - ok

13:04:52.0299 0x4d9c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys

13:04:52.0301 0x4d9c  usbscan - ok

13:04:52.0326 0x4d9c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS

13:04:52.0329 0x4d9c  USBSTOR - ok

13:04:52.0360 0x4d9c  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\windows\system32\drivers\usbuhci.sys

13:04:52.0362 0x4d9c  usbuhci - ok

13:04:52.0419 0x4d9c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys

13:04:52.0423 0x4d9c  usbvideo - ok

13:04:52.0464 0x4d9c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll

13:04:52.0466 0x4d9c  UxSms - ok

13:04:52.0498 0x4d9c  [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc        C:\windows\system32\lsass.exe

13:04:52.0500 0x4d9c  VaultSvc - ok

13:04:52.0568 0x4d9c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys

13:04:52.0569 0x4d9c  vdrvroot - ok

13:04:52.0707 0x4d9c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe

13:04:52.0730 0x4d9c  vds - ok

13:04:52.0779 0x4d9c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys

13:04:52.0787 0x4d9c  vga - ok

13:04:52.0815 0x4d9c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys

13:04:52.0816 0x4d9c  VgaSave - ok

13:04:52.0849 0x4d9c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys

13:04:52.0854 0x4d9c  vhdmp - ok

13:04:52.0897 0x4d9c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys

13:04:52.0898 0x4d9c  viaide - ok

13:04:52.0985 0x4d9c  [ A9BDE7317E68D497DEFAD1C84FBCFD24, 7870CE7DC2E2E7DADB726C5E53E505EA7D25EF145AB7F4C8734EBD5A7E287BFA ] VIPAppService   C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

13:04:52.0990 0x4d9c  VIPAppService - ok

13:04:53.0083 0x4d9c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\windows\system32\drivers\vmbus.sys

13:04:53.0093 0x4d9c  vmbus - ok

13:04:53.0137 0x4d9c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\windows\system32\drivers\VMBusHID.sys

13:04:53.0143 0x4d9c  VMBusHID - ok

13:04:53.0189 0x4d9c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys

13:04:53.0191 0x4d9c  volmgr - ok

13:04:53.0222 0x4d9c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys

13:04:53.0231 0x4d9c  volmgrx - ok

13:04:53.0288 0x4d9c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys

13:04:53.0294 0x4d9c  volsnap - ok

13:04:53.0325 0x4d9c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys

13:04:53.0329 0x4d9c  vsmraid - ok

13:04:53.0399 0x4d9c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe

13:04:53.0453 0x4d9c  VSS - ok

13:04:53.0511 0x4d9c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys

13:04:53.0513 0x4d9c  vwifibus - ok

13:04:53.0556 0x4d9c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys

13:04:53.0558 0x4d9c  vwififlt - ok

13:04:53.0598 0x4d9c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys

13:04:53.0600 0x4d9c  vwifimp - ok

13:04:53.0702 0x4d9c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll

13:04:53.0720 0x4d9c  W32Time - ok

13:04:53.0809 0x4d9c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys

13:04:53.0810 0x4d9c  WacomPen - ok

13:04:53.0844 0x4d9c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys

13:04:53.0847 0x4d9c  WANARP - ok

13:04:53.0865 0x4d9c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys

13:04:53.0867 0x4d9c  Wanarpv6 - ok

13:04:53.0980 0x4d9c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe

13:04:54.0026 0x4d9c  WatAdminSvc - ok

13:04:54.0319 0x4d9c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe

13:04:54.0392 0x4d9c  wbengine - ok

13:04:54.0417 0x4d9c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll

13:04:54.0423 0x4d9c  WbioSrvc - ok

13:04:54.0463 0x4d9c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll

13:04:54.0472 0x4d9c  wcncsvc - ok

13:04:54.0491 0x4d9c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

13:04:54.0493 0x4d9c  WcsPlugInService - ok

13:04:54.0520 0x4d9c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys

13:04:54.0523 0x4d9c  Wd - ok

13:04:54.0708 0x4d9c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys

13:04:54.0726 0x4d9c  Wdf01000 - ok

13:04:54.0780 0x4d9c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll

13:04:54.0784 0x4d9c  WdiServiceHost - ok

13:04:54.0811 0x4d9c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll

13:04:54.0814 0x4d9c  WdiSystemHost - ok

13:04:54.0871 0x4d9c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll

13:04:54.0879 0x4d9c  WebClient - ok

13:04:54.0939 0x4d9c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll

13:04:54.0945 0x4d9c  Wecsvc - ok

13:04:54.0982 0x4d9c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll

13:04:54.0986 0x4d9c  wercplsupport - ok

13:04:55.0012 0x4d9c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll

13:04:55.0015 0x4d9c  WerSvc - ok

13:04:55.0059 0x4d9c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys

13:04:55.0060 0x4d9c  WfpLwf - ok

13:04:55.0096 0x4d9c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys

13:04:55.0098 0x4d9c  WIMMount - ok

13:04:55.0147 0x4d9c  WinDefend - ok

13:04:55.0197 0x4d9c  WinHttpAutoProxySvc - ok

13:04:55.0288 0x4d9c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll

13:04:55.0302 0x4d9c  Winmgmt - ok

13:04:55.0605 0x4d9c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll

13:04:55.0650 0x4d9c  WinRM - ok

13:04:55.0745 0x4d9c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys

13:04:55.0747 0x4d9c  WinUsb - ok

13:04:55.0805 0x4d9c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll

13:04:55.0823 0x4d9c  Wlansvc - ok

13:04:55.0873 0x4d9c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

13:04:55.0875 0x4d9c  wlcrasvc - ok

13:04:56.0122 0x4d9c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:04:56.0211 0x4d9c  wlidsvc - ok

13:04:56.0280 0x4d9c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys

13:04:56.0282 0x4d9c  WmiAcpi - ok

13:04:56.0414 0x4d9c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe

13:04:56.0423 0x4d9c  wmiApSrv - ok

13:04:56.0509 0x4d9c  WMPNetworkSvc - ok

13:04:56.0563 0x4d9c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll

13:04:56.0565 0x4d9c  WPCSvc - ok

13:04:56.0598 0x4d9c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll

13:04:56.0602 0x4d9c  WPDBusEnum - ok

13:04:56.0644 0x4d9c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys

13:04:56.0645 0x4d9c  ws2ifsl - ok

13:04:56.0666 0x4d9c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll

13:04:56.0670 0x4d9c  wscsvc - ok

13:04:56.0725 0x4d9c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\windows\system32\DRIVERS\WSDPrint.sys

13:04:56.0728 0x4d9c  WSDPrintDevice - ok

13:04:56.0774 0x4d9c  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\windows\system32\DRIVERS\WSDScan.sys

13:04:56.0775 0x4d9c  WSDScan - ok

13:04:56.0798 0x4d9c  WSearch - ok

13:04:56.0948 0x4d9c  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\windows\system32\wuaueng.dll

13:04:57.0016 0x4d9c  wuauserv - ok

13:04:57.0076 0x4d9c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys

13:04:57.0079 0x4d9c  WudfPf - ok

13:04:57.0111 0x4d9c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys

13:04:57.0116 0x4d9c  WUDFRd - ok

13:04:57.0166 0x4d9c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll

13:04:57.0169 0x4d9c  wudfsvc - ok

13:04:57.0208 0x4d9c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll

13:04:57.0214 0x4d9c  WwanSvc - ok

13:04:58.0012 0x4d9c  [ E6B8EB4EE9C4DB54EB7C413A173D877B, 9579BE94E61A32E4FFD1477FF058697555679A78AB90EA73C7D7850151C7E1E7 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

13:04:58.0135 0x4d9c  ZeroConfigService - ok

13:04:58.0241 0x4d9c  ================ Scan global ===============================

13:04:58.0283 0x4d9c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll

13:04:58.0357 0x4d9c  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\windows\system32\winsrv.dll

13:04:58.0382 0x4d9c  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\windows\system32\winsrv.dll

13:04:58.0425 0x4d9c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll

13:04:58.0552 0x4d9c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe

13:04:58.0568 0x4d9c  [ Global ] - ok

13:04:58.0568 0x4d9c  ================ Scan MBR ==================================

13:04:58.0588 0x4d9c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

13:04:58.0597 0x4d9c  \Device\Harddisk0\DR0 - ok

13:04:58.0606 0x4d9c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

13:04:58.0621 0x4d9c  \Device\Harddisk1\DR1 - ok

13:04:58.0621 0x4d9c  ================ Scan VBR ==================================

13:04:58.0628 0x4d9c  [ 67F1421D96CE1B70372047349A34467E ] \Device\Harddisk0\DR0\Partition1

13:04:58.0702 0x4d9c  \Device\Harddisk0\DR0\Partition1 - ok

13:04:58.0738 0x4d9c  [ F8935557A0A68CCA0633069957BE3287 ] \Device\Harddisk0\DR0\Partition2

13:04:58.0738 0x4d9c  \Device\Harddisk0\DR0\Partition2 - ok

13:04:58.0754 0x4d9c  [ B74B18304536E943FF70F3673E8EB615 ] \Device\Harddisk0\DR0\Partition3

13:04:58.0854 0x4d9c  \Device\Harddisk0\DR0\Partition3 - ok

13:04:58.0887 0x4d9c  [ 4DB9E7B2B84D1BD1B812E145512D581E ] \Device\Harddisk0\DR0\Partition4

13:04:58.0891 0x4d9c  \Device\Harddisk0\DR0\Partition4 - ok

13:04:58.0891 0x4d9c  ================ Scan generic autorun ======================

13:04:59.0746 0x4d9c  [ E05849E5D0E51EB52080E7D2987B9D3B, E68E43CF0FFD69C193C5B692A019CE13D3FB58197E5827720B3ACDDE0812AAFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

13:05:00.0067 0x4d9c  RTHDVCPL - ok

13:05:00.0175 0x4d9c  [ F66CE44D86EA704B31BED2BF2BEDDF75, EC0B3AB0B2011B718299BFF743A28117A3436E9431B6F31CF34416D68AAF1B56 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

13:05:00.0201 0x4d9c  RtHDVBg_Dolby - ok

13:05:00.0276 0x4d9c  [ 989A3AB6B44712A5BF2C6F2B879083EC, 0D6F76F9933E1FD547A6CBB31127B5284B1B2ABA94557A4C2D530215AC96A16F ] C:\windows\system32\TpShocks.exe

13:05:00.0294 0x4d9c  TpShocks - ok

13:05:00.0366 0x4d9c  [ FEAD4DB559011DFF3CE38C4A7292DE02, CBCBC1AE52CD73EF3F6680865BFAB3C39F686DBB0CA78EDAFA2A2940772B60BD ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe

13:05:00.0376 0x4d9c  LENOVO.TPKNRRES - ok

13:05:00.0479 0x4d9c  [ A37CF0BD29517EA34F331DD5965F3AD8, 5616B4B475D842D120A7E4AB628227128610D05C7EA8F864F47BE195D41012E4 ] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe

13:05:00.0482 0x4d9c  AcWin7Hlpr - ok

13:05:00.0531 0x4d9c  [ 2C8518B622C6429480507F24C21B6223, BA2FF253A3F6C53F4C24903DF406FFB37121792A49E29A5A58E753E62321C312 ] C:\windows\system32\igfxtray.exe

13:05:00.0540 0x4d9c  IgfxTray - ok

13:05:00.0575 0x4d9c  [ 2700358647B5F0253756BF41564586E1, 859ECC17AAADCDAB6ED96FEC372522B69C44C50B7781F29B2B0EAAF13FD0C803 ] C:\windows\system32\hkcmd.exe

13:05:00.0589 0x4d9c  HotKeysCmds - ok

13:05:00.0615 0x4d9c  [ 8D42A43CE49736478BF6FCE9DD3383CB, 7D1A7D4CAF468815BD8BFD324E60956F8A7B12E9714A0064742F403474C03E44 ] C:\windows\system32\igfxpers.exe

13:05:00.0621 0x4d9c  Persistence - ok

13:05:01.0183 0x4d9c  [ F4B7FA4858FC2DA365B6F119E03DD7F0, 865FB002767AE502458CB5C6309546CED4420286DB4D6A973283F4CF665A8FD3 ] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe

13:05:01.0273 0x4d9c  nwiz - ok

13:05:01.0379 0x4d9c  [ DE9600C6DBCDC219EE13E6F14DD2369C, EB79AEAFC60FDEF00C9492ED5081EED9BCC598BD9472BE64F75A97475DCCCAF4 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

13:05:01.0419 0x4d9c  NvBackend - ok

13:05:01.0554 0x4d9c  [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

13:05:01.0556 0x4d9c  RotateImage - ok

13:05:01.0758 0x4d9c  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

13:05:01.0768 0x4d9c  USB3MON - ok

13:05:01.0812 0x4d9c  [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe

13:05:01.0817 0x4d9c  IMSS - ok

13:05:01.0820 0x4d9c  PWMTRV - ok

13:05:01.0934 0x4d9c  [ 885A81A05F749897A455F439E302F1BD, F4CF5980A7CE5449CF5CF1586AE0FCDE0F4C640CBDD0FE5C1870412017A3CB29 ] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe

13:05:01.0954 0x4d9c  Fastboot - ok

13:05:02.0084 0x4d9c  [ 8DD36FCF5E893714029B4315A88EF785, 4CD984AF91A037AAA8DCE54834CF0656473D5BD97FB4B31A6C72ECB79275F51F ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe

13:05:02.0097 0x4d9c  Dolby Advanced Audio v2 - ok

13:05:02.0292 0x4d9c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

13:05:02.0328 0x4d9c  Sidebar - ok

13:05:02.0390 0x4d9c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

13:05:02.0395 0x4d9c  mctadmin - ok

13:05:02.0451 0x4d9c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

13:05:02.0467 0x4d9c  Sidebar - ok

13:05:02.0487 0x4d9c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

13:05:02.0490 0x4d9c  mctadmin - ok

13:05:02.0738 0x4d9c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

13:05:02.0761 0x4d9c  Sidebar - ok

13:05:02.0916 0x4d9c  googletalk - ok

13:05:02.0932 0x4d9c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

13:05:02.0938 0x4d9c  mctadmin - ok

13:05:03.0152 0x4d9c  [ A7C88765B4F21D4C887449FE64A2EA47, 925B64948ACC1F941C0ED71888567F87746C59D13292349D34DDD7B1C3988E8F ] C:\Users\Raphael\AppData\Local\Citrix\GoToMeeting\2553\g2mstart.exe

13:05:03.0154 0x4d9c  GoToMeeting - ok

13:05:03.0194 0x4d9c  VSee - ok

13:05:03.0266 0x4d9c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Raphael\AppData\Local\FluxSoftware\Flux\flux.exe

13:05:03.0279 0x4d9c  f.lux - ok

13:05:03.0400 0x4d9c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Raphael\AppData\Local\Google\Update\GoogleUpdate.exe

13:05:03.0405 0x4d9c  Google Update - ok

13:05:03.0672 0x4d9c  [ C0118AC90C34644D873B1867DBFC6F05, 4DFFD9ABEF2ACC49C2F44398C6E36B000F5E483B93DE1FCA4C65A7D712BD3027 ] C:\Users\Raphael\AppData\Local\com.readcube.Desktop\bin\helper\164\ReadCubeTray.exe

13:05:03.0686 0x4d9c  ReadCube - ok

13:05:04.0340 0x4d9c  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe

13:05:04.0612 0x4d9c  CCleaner Monitoring - ok

13:05:04.0619 0x4d9c  Waiting for KSN requests completion. In queue: 135

13:05:05.0619 0x4d9c  Waiting for KSN requests completion. In queue: 135

13:05:06.0619 0x4d9c  Waiting for KSN requests completion. In queue: 135

13:05:07.0863 0x4d9c  AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51000 ( enabled : updated )

13:05:07.0867 0x4d9c  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 13.6.0.0 ), 0x51010 ( enabled )

13:05:10.0821 0x4d9c  ============================================================

13:05:10.0821 0x4d9c  Scan finished

13:05:10.0821 0x4d9c  ============================================================

13:05:10.0832 0x4844  Detected object count: 0

13:05:10.0833 0x4844  Actual detected object count: 0

13:05:21.0833 0x475c  Deinitialize success



#8 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 06 May 2015 - 04:27 PM

error


Edited by RALehrer, 06 May 2015 - 04:29 PM.


#9 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 06 May 2015 - 04:31 PM

Gary - I am enclosing the system info -

Attached Files



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:00 PM

Posted 06 May 2015 - 04:44 PM

Thank you for the detailed information. Did you run aswMBR? QuickScan is the default and what we wanted to run.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 06 May 2015 - 08:59 PM

Yes, I did.  Did the log not post?

 

Here it is:

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2015-05-06 13:13:39
-----------------------------
13:13:39.272    OS Version: Windows x64 6.1.7601 Service Pack 1
13:13:39.272    Number of processors: 4 586 0x3A09
13:13:39.273    ComputerName: RAPHAEL-GENEKEY  UserName: Raphael
13:13:39.791    Initialize success
13:13:39.842    VM: initialized successfully
13:13:39.843    VM: Intel CPU BiosDisabled 
13:22:30.591    AVAST engine defs: 15050603
13:23:04.501    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007a
13:23:04.505    Disk 0 Vendor:   Size: 0MB BusType: 0
13:23:04.510    Disk 1  \Device\Harddisk1\DR1 -> \Device\0000007c
13:23:04.514    Disk 1 Vendor: SanDisk_ 10.5 Size: 15272MB BusType: 11
13:23:04.618    Disk 0 MBR read successfully
13:23:04.623    Disk 0 MBR scan
13:23:04.631    Disk 0 unknown MBR code
13:23:04.636    Disk 0 MBR hidden
13:23:04.642    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
13:23:04.676    Disk 0 scanning C:\windows\system32\drivers
13:23:15.878    Service scanning
13:23:34.752    Modules scanning
13:23:34.758    Disk 0 trace - called modules:
13:23:34.773    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys 
13:23:34.776    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800aaac060]
13:23:34.780    3 CLASSPNP.SYS[fffff88000e5443f] -> nt!IofCallDriver -> [0xfffffa800a903a60]
13:23:34.784    5 iaStorF.sys[fffff88001a54a84] -> nt!IofCallDriver -> \Device\0000007a[0xfffffa8007c749c0]
13:23:36.787    AVAST engine scan C:\windows
13:23:40.120    AVAST engine scan C:\windows\system32
13:30:50.999    AVAST engine scan C:\windows\system32\drivers
13:31:29.466    AVAST engine scan C:\Users\Raphael
13:39:32.448    Disk 0 MBR has been saved successfully to "C:\Users\Raphael\Desktop\MBR.dat"
13:39:32.607    The log file has been saved successfully to "C:\Users\Raphael\Desktop\aswMBR.txt"


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:00 PM

Posted 06 May 2015 - 09:11 PM

Thanks for the report. Can you provide an update on your computer behavior?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 06 May 2015 - 11:36 PM

There's no change.  Slow computer, track point is jerky (i.e., lags by a second or so)...



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,392 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:00 PM

Posted 07 May 2015 - 09:09 AM

Thanks for the update.

Please do these things.

===================================================

Temporary File Cleaner (TFC)

--------------------
  • Download TFC by OldTimer to your desktop.
  • Close any open windows
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run
  • Click the Start button to begin the process
  • Allow TFC to run uninterrupted
  • If the Program will not run properly run it in Safe Mode
  • Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean
NOTE: It's normal for the computer to boot more slowly the first time after running TFC

TFC will clear out all temporary folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. TFC only cleans temporary folders and will not clean URL history, prefetch, or cookies


===================================================

Uninstalling/Reinstalling a Device Driver

----------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Mice and other pointing devices section by clicking + sign
  • Right click on the Hardware Type ThinkPad UltraNav Pointing Device, select Uninstall, then OK
  • Reboot your computer
  • Check your computer performance
===================================================

WhatInStartup

-------------------
  • Download WhatInStartup for either 64 bit or 32 bit computers and save it to your desktop
  • Unzip the folder onto your desktop
  • Double click the icon to run the program
  • Right click where it says Name just under the Red X and select Auto Size Columns
  • Left click on the top entry to highlight it
  • Please take a screen shot of this window and attach it to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did TFC run properly?
  • Did the device reinstall properly?
  • Attached WhatInStartup report
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 RALehrer

RALehrer
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:00 PM

Posted 07 May 2015 - 01:04 PM

Dear Gary,

 

Thanks for your reply.

 

1) The TFC did run properly.  1.3 GB was deleted.

2) Upon uninstalling the ultranav I received an option (default unchecked) to delete driver information - I left it as is.  When restarting, I was surprised to find that the ultranav still was functional.  After using it for a few minutes, I got a popup that said that the device reinstalled correctly, and a reboot was required (which I did).  In the end, there was no change to the performance. (still jerky).

If you would like me to repeat this with different parameters, please instruct me if there are any keyboard shortcut commands I will need in order to reinstall/reboot without the use of a mouse.

3) Report attached.

4) There is no change to the mouse performance.  However, I have noticed that, due to something somewhere along the process, the time required to shut down the computer decreased dramatically.

 

Thanks, Raphael

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users