Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Google redirect and all programs missing from start menu [Closed]

Started by catttreanor , Sep 08 2012 01:13 PM

This topic is locked

#1
catttreanor

Posted 08 September 2012 - 01:13 PM

Member

Member
67 posts

I have some type of virus I think. Google is redirecting everything, this has happened to me before and I thought I fixed it. I also noticed that ALL of my programs have vanished from the all programs menu and I can't find them when I search for them either. I have no idea how long the programs have been missing, it could be months, as I really only use the stuff that's on my desktop. Can someone help please?

#2
Essexboy

Posted 08 September 2012 - 02:29 PM

GeekU Moderator

Retired Staff
69,964 posts

Hi there, hopefully you have not emptied your temporary files

Download RogueKiller and save it on your desktop.
Quit all programs
Start RogueKiller.exe.
Wait until Prescan has finished ...
Click on Scan

Wait for the end of the scan.
The report has been created on the desktop.
Click on the Delete button.

The report has been created on the desktop.

Next click on the ShortcutsFix
The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

THEN

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Select All Users
Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
%systemdrive%\$Recycle.Bin|@;true;true;true
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
CREATERESTOREPOINT
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Post both logs

#3
catttreanor

Posted 08 September 2012 - 03:19 PM

Member

Topic Starter
Member
67 posts

RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : catt [Admin rights]
Mode : Remove -- Date : 09/08/2012 16:18:23

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 9 ¤¤¤
[TASK][SUSP PATH] winupd : C:\Users\catt\AppData\Local\Temp:winupd.exe -> DELETED
[STARTUP][SUSP PATH] OpenOffice.org 3.3.lnk @catt : C:\Users\catt\AppData\Local\temp\quickstart.exe -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[84] : NtCreateSection @ 0x82E7A04D -> HOOKED (Unknown @ 0x8D2A840E)
SSDT[316] : NtSetContextThread @ 0x82F34755 -> HOOKED (Unknown @ 0x8D2A8413)
SSDT[370] : NtTerminateProcess @ 0x82EB1BCD -> HOOKED (Unknown @ 0x8D2A83AF)
S_SSDT[585] : Unknown -> HOOKED (Unknown @ 0x8D2A8418)
S_SSDT[588] : Unknown -> HOOKED (Unknown @ 0x8D2A841D)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAJS-08L7A0 ATA Device +++++
--- User ---
[MBR] b033b3248f82dc134004f448cc574bd2
[BSP] b6c9365541b4c72f33da7bf8297e27c0 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 279469 Mo
2 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 572559360 | Size: 25675 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[6].txt >>
RKreport[5].txt ; RKreport[6].txt

#4
catttreanor

Posted 08 September 2012 - 03:20 PM

Member

Topic Starter
Member
67 posts

#5
catttreanor

Posted 08 September 2012 - 03:21 PM

Member

Topic Starter
Member
67 posts

OTL only made one log.. I triple checked my desktop folder for the extras log but its not there. I also ran a full computer search for it.

OTL logfile created on: 9/8/2012 4:06:34 PM - Run 11
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\catt\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 57.34% Memory free
3.50 Gb Paging File | 2.34 Gb Available in Paging File | 66.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 272.92 Gb Total Space | 75.04 Gb Free Space | 27.50% Space Free | Partition Type: NTFS

Computer Name: BETSY | User Name: catt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/08 16:00:18 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Desktop\OTL(1).exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/21 04:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/28 12:28:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/23 23:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/17 12:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011/04/27 03:25:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/07 03:20:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/01 09:47:13 | 002,988,400 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2010/07/23 09:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\DIBS\DDNIService.exe
PRC - [2010/07/20 11:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/28 13:09:06 | 000,827,392 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\HealthCare\HealthCare.exe
PRC - [2009/08/24 08:15:32 | 000,221,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
PRC - [2009/07/29 17:01:10 | 000,049,152 | ---- | M] (Lenovo (Shenzhen) Electronic Co., Ltd.) -- C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
PRC - [2009/07/10 11:04:58 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/10 11:04:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/03 22:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

========== Modules (No Company Name) ==========

MOD - [2009/09/09 11:25:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\en-us\en-us.dll
MOD - [2009/06/03 22:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 22:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
MOD - [2008/09/27 10:39:26 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\HOOK.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/09/07 12:17:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/04 09:12:07 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/28 12:28:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/04/27 03:25:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/04 03:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/23 09:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 11:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 11:04:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\catt\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/06/28 12:28:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 12:28:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/04/05 17:35:20 | 000,221,784 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw)
DRV - [2011/04/05 17:35:20 | 000,094,040 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011/04/05 17:35:20 | 000,078,936 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\sbtis.sys -- (SbTis)
DRV - [2011/02/08 09:14:22 | 000,069,208 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV - [2011/02/08 09:14:22 | 000,069,208 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/13 17:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 11:40:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/05 19:18:08 | 000,011,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\spio.sys -- (SuperIO)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 23:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009/03/02 13:00:32 | 000,016,200 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2008/08/06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{B37A3E90-AEDB-4334-A12D-210C842EF19C}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=723823"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://leftaction.co...en-US:official"
FF - prefs.js..extensions.enabledAddons: [email protected]:1.9
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827
FF - prefs.js..extensions.enabledAddons: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:4.14
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:1.7
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.95
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 12:17:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 17:09:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 12:17:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 17:09:15 | 000,000,000 | ---D | M]

[2010/11/01 09:45:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Extensions
[2012/09/04 09:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions
[2012/09/04 09:30:38 | 000,000,000 | ---D | M] (WOT) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/03/22 09:04:30 | 000,000,000 | ---D | M] (Performance Cache) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2012/09/04 09:30:36 | 000,243,317 | ---- | M] () (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2012/08/10 18:41:13 | 000,375,811 | ---- | M] () (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2012/03/25 11:28:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/07 12:17:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/27 01:56:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 12:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012/09/04 09:30:24 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/04 09:30:24 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/03/25 11:15:58 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\HealthCare\HealthCare.exe (Lenovo)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe (Lenovo (Shenzhen) Electronic Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - Startup: C:\Users\catt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/08 16:00:16 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\catt\Desktop\OTL(1).exe
[2010/04/29 06:40:04 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe

========== Files - Modified Within 30 Days ==========

[2012/09/08 16:00:18 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Desktop\OTL(1).exe
[2012/09/08 15:58:00 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/08 15:56:52 | 001,378,816 | ---- | M] () -- C:\Users\catt\Desktop\RogueKiller.exe
[2012/09/08 15:30:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/09/08 10:46:42 | 000,014,240 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/08 10:46:42 | 000,014,240 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/08 01:58:00 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/07 12:17:58 | 000,001,990 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/05 03:18:31 | 000,450,824 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/09/05 03:18:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/05 03:17:50 | 1407,746,048 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/30 13:42:28 | 000,132,181 | ---- | M] () -- C:\Users\catt\Desktop\558235_405683219490115_458526124_n.jpg
[2012/08/20 19:49:59 | 000,041,779 | ---- | M] () -- C:\Users\catt\Desktop\122710-807985_6_935994_full.jpg
[2012/08/20 19:40:31 | 000,045,297 | ---- | M] () -- C:\Users\catt\Desktop\1065464_34_1513986_full.jpg
[2012/08/20 19:38:51 | 000,026,908 | ---- | M] () -- C:\Users\catt\Desktop\936483_351_1650623_full.jpg
[2012/08/20 19:28:31 | 000,033,412 | ---- | M] () -- C:\Users\catt\Desktop\070411_1356140_6_2119240_full.jpg
[2012/08/20 19:25:37 | 000,061,891 | ---- | M] () -- C:\Users\catt\Desktop\JosephL_full.jpg
[2012/08/20 18:47:44 | 000,031,127 | ---- | M] () -- C:\Users\catt\Desktop\072012-2478512_6_4584758_full.jpg
[2012/08/20 18:34:02 | 000,066,285 | ---- | M] () -- C:\Users\catt\Desktop\142730_87_113856_full.jpg
[2012/08/20 18:31:28 | 000,081,072 | ---- | M] () -- C:\Users\catt\Desktop\AJ-Crandall-r_full.jpg
[2012/08/11 13:15:18 | 000,001,276 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DivX to DVD Converter.lnk
[2012/08/11 13:15:18 | 000,001,252 | ---- | M] () -- C:\Users\catt\Desktop\Xilisoft DivX to DVD Converter.lnk

========== Files Created - No Company Name ==========

[2012/09/08 15:56:49 | 001,378,816 | ---- | C] () -- C:\Users\catt\Desktop\RogueKiller.exe
[2012/08/30 13:42:23 | 000,132,181 | ---- | C] () -- C:\Users\catt\Desktop\558235_405683219490115_458526124_n.jpg
[2012/08/20 19:49:58 | 000,041,779 | ---- | C] () -- C:\Users\catt\Desktop\122710-807985_6_935994_full.jpg
[2012/08/20 19:40:30 | 000,045,297 | ---- | C] () -- C:\Users\catt\Desktop\1065464_34_1513986_full.jpg
[2012/08/20 19:38:50 | 000,026,908 | ---- | C] () -- C:\Users\catt\Desktop\936483_351_1650623_full.jpg
[2012/08/20 19:28:28 | 000,033,412 | ---- | C] () -- C:\Users\catt\Desktop\070411_1356140_6_2119240_full.jpg
[2012/08/20 19:25:36 | 000,061,891 | ---- | C] () -- C:\Users\catt\Desktop\JosephL_full.jpg
[2012/08/20 18:47:43 | 000,031,127 | ---- | C] () -- C:\Users\catt\Desktop\072012-2478512_6_4584758_full.jpg
[2012/08/20 18:34:01 | 000,066,285 | ---- | C] () -- C:\Users\catt\Desktop\142730_87_113856_full.jpg
[2012/08/20 18:31:25 | 000,081,072 | ---- | C] () -- C:\Users\catt\Desktop\AJ-Crandall-r_full.jpg
[2012/08/11 13:15:18 | 000,001,276 | ---- | C] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DivX to DVD Converter.lnk
[2012/08/11 13:15:18 | 000,001,252 | ---- | C] () -- C:\Users\catt\Desktop\Xilisoft DivX to DVD Converter.lnk
[2012/03/19 17:06:56 | 000,000,512 | ---- | C] () -- C:\Users\catt\MBR.dat
[2012/01/10 10:50:13 | 014,999,886 | ---- | C] () -- C:\Users\catt\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2011/08/26 15:01:38 | 000,139,264 | ---- | C] () -- C:\windows\System32\gswin32c.exe
[2011/08/10 17:16:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/08/10 17:16:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/08/10 17:16:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/08/10 17:16:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/08/10 17:16:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/08/10 17:03:00 | 000,023,624 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/31 23:58:10 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/31 23:58:10 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2010/11/03 21:53:06 | 000,136,489 | ---- | C] () -- C:\windows\hphins33.dat
[2010/11/03 21:53:06 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat

========== LOP Check ==========

[2012/09/08 16:04:53 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\BitTorrent
[2012/01/26 14:09:30 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\Catalina Marketing Corp
[2012/01/26 14:08:59 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\OpenOffice.org
[2009/07/13 23:53:46 | 000,030,140 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

========== Base Services ==========
SRV - [2009/07/13 20:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2010/11/20 07:18:03 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/13 20:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 07:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 07:18:06 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/17 00:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 16:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/04/23 23:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 07:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 07:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 00:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/13 20:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 07:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/07/13 20:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 20:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 20:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2010/11/20 07:20:30 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/13 20:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 05:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 00:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 00:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/13 20:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 07:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 07:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/13 20:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 00:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/13 20:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 07:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 07:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 07:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 07:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 20:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/04/30 23:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 07:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 07:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 07:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 07:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 07:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 07:19:40 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 07:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 07:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/13 20:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 17:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 07:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/13 20:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 07:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: QMGR.DLL >
[2009/07/13 20:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) MD5=53F476476F55A27F580661BDE09C4EC4 -- C:\Windows\ERDNT\cache\qmgr.dll
[2009/07/13 20:16:12 | 000,589,312 | ---- | M] (Microsoft Corporation) MD5=53F476476F55A27F580661BDE09C4EC4 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7600.16385_none_23671b105ac5a0fd\qmgr.dll
[2010/11/20 07:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\System32\qmgr.dll
[2010/11/20 07:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) MD5=E585445D5021971FAE10393F0F1C3961 -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_25982ed857b42497\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 16:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.CFG >
[2012/04/04 00:53:54 | 000,585,987 | ---- | M] () MD5=7BAB089A4F862C6BC86E0201D5BF1779 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 12:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 20:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 21:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/13 21:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 23:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\_OTL\MovedFiles\03192012_171329\C_Users\catt\AppData\Local\Temp\smtmp\1\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 16:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 16:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/13 21:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 15:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SERVICES.RDB >
[2011/01/17 18:52:22 | 000,237,568 | ---- | M] () MD5=507957679AE4579C15D57FA741EA6FFA -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
[2011/01/17 18:51:48 | 005,539,328 | ---- | M] () MD5=F2B666905F7FDAA80C86A101A7DE62F9 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb

< MD5 for: SERVICES.SBS >
[2011/03/01 09:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/12/24 18:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011/12/24 18:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"DisplayName" = @%SystemRoot%\system32\qmgr.dll,-1000
"ImagePath" = %SystemRoot%\system32\svchost.exe -k netsvcs -- [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\qmgr.dll,-1001
"ObjectName" = LocalSystem
"ErrorControl" = 1
"Start" = 3
"DelayedAutoStart" = 1
"Type" = 32
"DependOnService" = RpcSsEventSystem [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeCreateGlobalPrivilegeSeImperson [Binary data over 200 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = %systemroot%\system32\qmgr.dll -- [2010/11/20 07:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Performance]
"Library" = bitsperf.dll -- [2010/11/20 07:18:07 | 000,019,456 | ---- | M] (Microsoft Corporation)
"Open" = PerfMon_Open
"Collect" = PerfMon_Collect
"Close" = PerfMon_Close
"InstallType" = 1
"PerfIniFile" = bitsctrs.ini
"First Counter" = 2002
"Last Counter" = 2018
"First Help" = 2003
"Last Help" = 2019
"Object List" = 2002
"PerfMMFileName" = Global\MMF_BITS_s
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = 01 00 14 80 90 00 00 00 A0 00 00 00 14 00 00 00 34 00 00 00 02 00 20 00 01 00 00 00 02 C0 18 00 00 00 0C 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 02 00 5C 00 04 00 00 00 00 02 14 00 FF 01 0F 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 [Binary data over 200 bytes]

< End of report >

#6
Essexboy

Posted 08 September 2012 - 03:42 PM

GeekU Moderator

Retired Staff
69,964 posts

That was run 11 of OTL, are you gettting help elsewhere ?

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application
Then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Get the report by selecting Reports
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

#7
catttreanor

Posted 08 September 2012 - 03:56 PM

Member

Topic Starter
Member
67 posts

I am not getting help elsewhere. It was run #11 because I've gotten help here before and used OTL before and still have it on my computer from those times. I also had to run it twice this time because I left firefox open the first time I ran it and I wasn't sure if that was okay or not. Here is the result of TDSS, cure was not an option on any of the 4 suspicious threats it found.

16:52:28.0570 5844 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:52:28.0994 5844 ============================================================
16:52:28.0994 5844 Current date / time: 2012/09/08 16:52:28.0994
16:52:28.0994 5844 SystemInfo:
16:52:28.0994 5844
16:52:28.0994 5844 OS Version: 6.1.7601 ServicePack: 1.0
16:52:28.0994 5844 Product type: Workstation
16:52:28.0994 5844 ComputerName: BETSY
16:52:28.0994 5844 UserName: catt
16:52:28.0994 5844 Windows directory: C:\windows
16:52:28.0994 5844 System windows directory: C:\windows
16:52:28.0994 5844 Processor architecture: Intel x86
16:52:28.0994 5844 Number of processors: 2
16:52:28.0994 5844 Page size: 0x1000
16:52:28.0994 5844 Boot type: Normal boot
16:52:28.0994 5844 ============================================================
16:52:30.0277 5844 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:52:30.0328 5844 ============================================================
16:52:30.0328 5844 \Device\Harddisk0\DR0:
16:52:30.0329 5844 MBR partitions:
16:52:30.0329 5844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:52:30.0329 5844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x221D6800
16:52:30.0329 5844 ============================================================
16:52:30.0401 5844 C: <-> \Device\Harddisk0\DR0\Partition2
16:52:30.0414 5844 ============================================================
16:52:30.0415 5844 Initialize success
16:52:30.0415 5844 ============================================================
16:52:38.0898 3352 ============================================================
16:52:38.0898 3352 Scan started
16:52:38.0898 3352 Mode: Manual; SigCheck; TDLFS;
16:52:38.0898 3352 ============================================================
16:52:39.0363 3352 ================ Scan system memory ========================
16:52:39.0363 3352 System memory - ok
16:52:39.0363 3352 ================ Scan services =============================
16:52:39.0484 3352 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:52:39.0593 3352 1394ohci - ok
16:52:39.0640 3352 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:52:39.0656 3352 ACPI - ok
16:52:39.0687 3352 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:52:39.0765 3352 AcpiPmi - ok
16:52:39.0874 3352 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:52:39.0890 3352 AdobeARMservice - ok
16:52:39.0937 3352 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:52:39.0952 3352 AdobeFlashPlayerUpdateSvc - ok
16:52:39.0999 3352 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:52:40.0015 3352 adp94xx - ok
16:52:40.0030 3352 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:52:40.0046 3352 adpahci - ok
16:52:40.0061 3352 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:52:40.0077 3352 adpu320 - ok
16:52:40.0093 3352 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:52:40.0186 3352 AeLookupSvc - ok
16:52:40.0233 3352 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
16:52:40.0280 3352 AFD - ok
16:52:40.0311 3352 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
16:52:40.0342 3352 agp440 - ok
16:52:40.0373 3352 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:52:40.0373 3352 aic78xx - ok
16:52:40.0420 3352 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:52:40.0498 3352 ALG - ok
16:52:40.0529 3352 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
16:52:40.0545 3352 aliide - ok
16:52:40.0561 3352 [ E3836DCF317E75D31698B0584DEEC313 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:52:40.0623 3352 AMD External Events Utility - ok
16:52:40.0670 3352 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
16:52:40.0685 3352 amdagp - ok
16:52:40.0701 3352 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
16:52:40.0717 3352 amdide - ok
16:52:40.0732 3352 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:52:40.0795 3352 AmdK8 - ok
16:52:40.0810 3352 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:52:40.0873 3352 AmdPPM - ok
16:52:40.0904 3352 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
16:52:40.0935 3352 amdsata - ok
16:52:40.0966 3352 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:52:40.0982 3352 amdsbs - ok
16:52:40.0997 3352 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:52:41.0013 3352 amdxata - ok
16:52:41.0060 3352 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:52:41.0075 3352 AntiVirSchedulerService - ok
16:52:41.0091 3352 [ DF5A3016052755C910A206058B4A1729 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:52:41.0107 3352 AntiVirService - ok
16:52:41.0153 3352 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
16:52:41.0263 3352 AppID - ok
16:52:41.0294 3352 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:52:41.0356 3352 AppIDSvc - ok
16:52:41.0403 3352 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
16:52:41.0481 3352 Appinfo - ok
16:52:41.0543 3352 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:52:41.0575 3352 arc - ok
16:52:41.0590 3352 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:52:41.0606 3352 arcsas - ok
16:52:41.0621 3352 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:52:41.0746 3352 AsyncMac - ok
16:52:41.0777 3352 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
16:52:41.0793 3352 atapi - ok
16:52:41.0918 3352 [ C17C77E84B11B5E01F32DD6B98930F36 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:52:42.0043 3352 atikmdag - ok
16:52:42.0074 3352 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
16:52:42.0089 3352 AtiPcie - ok
16:52:42.0152 3352 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:52:42.0245 3352 AudioEndpointBuilder - ok
16:52:42.0261 3352 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:52:42.0308 3352 Audiosrv - ok
16:52:42.0339 3352 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
16:52:42.0355 3352 avgntflt - ok
16:52:42.0370 3352 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
16:52:42.0386 3352 avipbb - ok
16:52:42.0433 3352 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:52:42.0542 3352 AxInstSV - ok
16:52:42.0573 3352 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:52:42.0651 3352 b06bdrv - ok
16:52:42.0667 3352 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:52:42.0713 3352 b57nd60x - ok
16:52:42.0791 3352 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
16:52:42.0823 3352 BBSvc - ok
16:52:42.0869 3352 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
16:52:42.0901 3352 BBUpdate - ok
16:52:42.0963 3352 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
16:52:42.0994 3352 BcmSqlStartupSvc - ok
16:52:43.0025 3352 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:52:43.0103 3352 BDESVC - ok
16:52:43.0166 3352 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:52:43.0259 3352 Beep - ok
16:52:43.0353 3352 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
16:52:43.0447 3352 BFE - ok
16:52:43.0493 3352 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
16:52:43.0556 3352 BITS - ok
16:52:43.0587 3352 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:52:43.0634 3352 blbdrive - ok
16:52:43.0665 3352 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:52:43.0727 3352 bowser - ok
16:52:43.0743 3352 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:52:43.0821 3352 BrFiltLo - ok
16:52:43.0852 3352 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:52:43.0899 3352 BrFiltUp - ok
16:52:43.0946 3352 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:52:43.0993 3352 BridgeMP - ok
16:52:44.0039 3352 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
16:52:44.0102 3352 Browser - ok
16:52:44.0117 3352 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:52:44.0180 3352 Brserid - ok
16:52:44.0195 3352 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:52:44.0242 3352 BrSerWdm - ok
16:52:44.0258 3352 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:52:44.0305 3352 BrUsbMdm - ok
16:52:44.0336 3352 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:52:44.0383 3352 BrUsbSer - ok
16:52:44.0414 3352 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:52:44.0445 3352 BTHMODEM - ok
16:52:44.0492 3352 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:52:44.0554 3352 bthserv - ok
16:52:44.0632 3352 catchme - ok
16:52:44.0663 3352 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:52:44.0757 3352 cdfs - ok
16:52:44.0804 3352 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
16:52:44.0851 3352 cdrom - ok
16:52:44.0897 3352 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
16:52:44.0975 3352 CertPropSvc - ok
16:52:45.0007 3352 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:52:45.0022 3352 circlass - ok
16:52:45.0053 3352 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:52:45.0069 3352 CLFS - ok
16:52:45.0131 3352 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:52:45.0163 3352 clr_optimization_v2.0.50727_32 - ok
16:52:45.0178 3352 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:52:45.0225 3352 CmBatt - ok
16:52:45.0287 3352 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
16:52:45.0303 3352 cmdide - ok
16:52:45.0365 3352 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
16:52:45.0412 3352 CNG - ok
16:52:45.0443 3352 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:52:45.0443 3352 Compbatt - ok
16:52:45.0475 3352 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:52:45.0521 3352 CompositeBus - ok
16:52:45.0537 3352 COMSysApp - ok
16:52:45.0568 3352 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:52:45.0584 3352 crcdisk - ok
16:52:45.0631 3352 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\windows\system32\cryptsvc.dll
16:52:45.0677 3352 CryptSvc - ok
16:52:45.0709 3352 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
16:52:45.0802 3352 DcomLaunch - ok
16:52:45.0849 3352 [ 696C496DDAB0A608D02894E9D4F62980 ] DDNIMSGService C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
16:52:45.0896 3352 DDNIMSGService ( UnsignedFile.Multi.Generic ) - warning
16:52:45.0896 3352 DDNIMSGService - detected UnsignedFile.Multi.Generic (1)
16:52:45.0943 3352 [ A767A85632556477021D43259397B21A ] DDNIService C:\Program Files\DDNI\DIBS\DDNIService.exe
16:52:45.0989 3352 DDNIService ( UnsignedFile.Multi.Generic ) - warning
16:52:45.0989 3352 DDNIService - detected UnsignedFile.Multi.Generic (1)
16:52:46.0036 3352 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:52:46.0083 3352 defragsvc - ok
16:52:46.0130 3352 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:52:46.0208 3352 DfsC - ok
16:52:46.0255 3352 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
16:52:46.0317 3352 Dhcp - ok
16:52:46.0348 3352 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:52:46.0411 3352 discache - ok
16:52:46.0442 3352 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:52:46.0473 3352 Disk - ok
16:52:46.0504 3352 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:52:46.0551 3352 Dnscache - ok
16:52:46.0582 3352 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
16:52:46.0613 3352 dot3svc - ok
16:52:46.0660 3352 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
16:52:46.0723 3352 Dot4 - ok
16:52:46.0769 3352 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
16:52:46.0801 3352 Dot4Print - ok
16:52:46.0832 3352 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
16:52:46.0879 3352 dot4usb - ok
16:52:46.0910 3352 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
16:52:46.0988 3352 DPS - ok
16:52:47.0035 3352 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:52:47.0081 3352 drmkaud - ok
16:52:47.0144 3352 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:52:47.0175 3352 DXGKrnl - ok
16:52:47.0206 3352 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:52:47.0269 3352 EapHost - ok
16:52:47.0362 3352 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:52:47.0440 3352 ebdrv - ok
16:52:47.0471 3352 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
16:52:47.0518 3352 EFS - ok
16:52:47.0612 3352 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:52:47.0674 3352 ehRecvr - ok
16:52:47.0705 3352 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:52:47.0752 3352 ehSched - ok
16:52:47.0783 3352 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:52:47.0815 3352 elxstor - ok
16:52:47.0846 3352 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:52:47.0893 3352 ErrDev - ok
16:52:47.0939 3352 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:52:48.0017 3352 EventSystem - ok
16:52:48.0033 3352 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:52:48.0064 3352 exfat - ok
16:52:48.0080 3352 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:52:48.0127 3352 fastfat - ok
16:52:48.0173 3352 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
16:52:48.0267 3352 Fax - ok
16:52:48.0298 3352 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:52:48.0345 3352 fdc - ok
16:52:48.0376 3352 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:52:48.0423 3352 fdPHost - ok
16:52:48.0439 3352 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:52:48.0470 3352 FDResPub - ok
16:52:48.0470 3352 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:52:48.0485 3352 FileInfo - ok
16:52:48.0501 3352 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:52:48.0517 3352 Filetrace - ok
16:52:48.0532 3352 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:52:48.0579 3352 flpydisk - ok
16:52:48.0610 3352 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:52:48.0626 3352 FltMgr - ok
16:52:48.0673 3352 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
16:52:48.0766 3352 FontCache - ok
16:52:48.0813 3352 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:52:48.0844 3352 FontCache3.0.0.0 - ok
16:52:48.0860 3352 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:52:48.0875 3352 FsDepends - ok
16:52:48.0907 3352 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:52:48.0922 3352 Fs_Rec - ok
16:52:48.0953 3352 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:52:48.0985 3352 fvevol - ok
16:52:49.0000 3352 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:52:49.0016 3352 gagp30kx - ok
16:52:49.0063 3352 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
16:52:49.0141 3352 gpsvc - ok
16:52:49.0234 3352 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:52:49.0265 3352 gupdate - ok
16:52:49.0297 3352 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:52:49.0312 3352 gupdatem - ok
16:52:49.0328 3352 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:52:49.0390 3352 hcw85cir - ok
16:52:49.0421 3352 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:52:49.0484 3352 HdAudAddService - ok
16:52:49.0515 3352 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:52:49.0577 3352 HDAudBus - ok
16:52:49.0593 3352 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:52:49.0624 3352 HidBatt - ok
16:52:49.0640 3352 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:52:49.0687 3352 HidBth - ok
16:52:49.0702 3352 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:52:49.0765 3352 HidIr - ok
16:52:49.0796 3352 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
16:52:49.0858 3352 hidserv - ok
16:52:49.0921 3352 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
16:52:49.0967 3352 HidUsb - ok
16:52:49.0999 3352 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
16:52:50.0092 3352 hkmsvc - ok
16:52:50.0123 3352 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:52:50.0155 3352 HomeGroupListener - ok
16:52:50.0186 3352 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:52:50.0264 3352 HomeGroupProvider - ok
16:52:50.0311 3352 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:52:50.0342 3352 HpSAMD - ok
16:52:50.0389 3352 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:52:50.0451 3352 HTTP - ok
16:52:50.0482 3352 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:52:50.0513 3352 hwpolicy - ok
16:52:50.0545 3352 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:52:50.0591 3352 i8042prt - ok
16:52:50.0623 3352 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:52:50.0654 3352 iaStorV - ok
16:52:50.0716 3352 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:52:50.0779 3352 idsvc - ok
16:52:50.0810 3352 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:52:50.0810 3352 iirsp - ok
16:52:50.0872 3352 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
16:52:50.0966 3352 IKEEXT - ok
16:52:51.0075 3352 [ 8948879A8F1614721B857FB21FB980E6 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
16:52:51.0137 3352 IntcAzAudAddService - ok
16:52:51.0153 3352 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
16:52:51.0153 3352 intelide - ok
16:52:51.0184 3352 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:52:51.0231 3352 intelppm - ok
16:52:51.0262 3352 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:52:51.0340 3352 IPBusEnum - ok
16:52:51.0371 3352 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:52:51.0434 3352 IpFilterDriver - ok
16:52:51.0496 3352 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:52:51.0590 3352 iphlpsvc - ok
16:52:51.0621 3352 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:52:51.0637 3352 IPMIDRV - ok
16:52:51.0652 3352 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:52:51.0730 3352 IPNAT - ok
16:52:51.0761 3352 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:52:51.0839 3352 IRENUM - ok
16:52:51.0855 3352 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:52:51.0871 3352 isapnp - ok
16:52:51.0902 3352 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:52:51.0917 3352 iScsiPrt - ok
16:52:51.0949 3352 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:52:51.0949 3352 kbdclass - ok
16:52:51.0995 3352 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:52:52.0042 3352 kbdhid - ok
16:52:52.0073 3352 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
16:52:52.0105 3352 KeyIso - ok
16:52:52.0136 3352 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:52:52.0167 3352 KSecDD - ok
16:52:52.0183 3352 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:52:52.0214 3352 KSecPkg - ok
16:52:52.0229 3352 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:52:52.0276 3352 KtmRm - ok
16:52:52.0307 3352 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
16:52:52.0385 3352 LanmanServer - ok
16:52:52.0401 3352 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:52:52.0479 3352 LanmanWorkstation - ok
16:52:52.0510 3352 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:52:52.0557 3352 lltdio - ok
16:52:52.0588 3352 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:52:52.0651 3352 lltdsvc - ok
16:52:52.0697 3352 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:52:52.0775 3352 lmhosts - ok
16:52:52.0822 3352 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:52:52.0838 3352 LSI_FC - ok
16:52:52.0853 3352 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:52:52.0869 3352 LSI_SAS - ok
16:52:52.0885 3352 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:52:52.0900 3352 LSI_SAS2 - ok
16:52:52.0900 3352 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:52:52.0916 3352 LSI_SCSI - ok
16:52:52.0931 3352 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:52:52.0963 3352 luafv - ok
16:52:53.0041 3352 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
16:52:53.0072 3352 McComponentHostService - ok
16:52:53.0119 3352 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:52:53.0134 3352 Mcx2Svc - ok
16:52:53.0150 3352 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:52:53.0165 3352 megasas - ok
16:52:53.0181 3352 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:52:53.0197 3352 MegaSR - ok
16:52:53.0228 3352 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:52:53.0275 3352 MMCSS - ok
16:52:53.0290 3352 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:52:53.0384 3352 Modem - ok
16:52:53.0415 3352 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:52:53.0462 3352 monitor - ok
16:52:53.0493 3352 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
16:52:53.0524 3352 mouclass - ok
16:52:53.0540 3352 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:52:53.0571 3352 mouhid - ok
16:52:53.0618 3352 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:52:53.0618 3352 mountmgr - ok
16:52:53.0680 3352 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:52:53.0711 3352 MozillaMaintenance - ok
16:52:53.0758 3352 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
16:52:53.0789 3352 mpio - ok
16:52:53.0805 3352 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:52:53.0852 3352 mpsdrv - ok
16:52:53.0899 3352 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
16:52:53.0977 3352 MpsSvc - ok
16:52:54.0008 3352 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:52:54.0023 3352 MRxDAV - ok
16:52:54.0070 3352 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:52:54.0148 3352 mrxsmb - ok
16:52:54.0179 3352 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:52:54.0211 3352 mrxsmb10 - ok
16:52:54.0242 3352 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:52:54.0289 3352 mrxsmb20 - ok
16:52:54.0320 3352 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
16:52:54.0335 3352 msahci - ok
16:52:54.0351 3352 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:52:54.0367 3352 msdsm - ok
16:52:54.0382 3352 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:52:54.0429 3352 MSDTC - ok
16:52:54.0460 3352 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:52:54.0507 3352 Msfs - ok
16:52:54.0523 3352 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:52:54.0554 3352 mshidkmdf - ok
16:52:54.0569 3352 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:52:54.0585 3352 msisadrv - ok
16:52:54.0616 3352 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:52:54.0694 3352 MSiSCSI - ok
16:52:54.0710 3352 msiserver - ok
16:52:54.0725 3352 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:52:54.0788 3352 MSKSSRV - ok
16:52:54.0803 3352 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:52:54.0850 3352 MSPCLOCK - ok
16:52:54.0866 3352 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:52:54.0928 3352 MSPQM - ok
16:52:54.0959 3352 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:52:54.0991 3352 MsRPC - ok
16:52:55.0037 3352 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:52:55.0037 3352 mssmbios - ok
16:52:55.0100 3352 MSSQL$MSSMLBIZ - ok
16:52:55.0162 3352 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
16:52:55.0193 3352 MSSQLServerADHelper - ok
16:52:55.0209 3352 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:52:55.0240 3352 MSTEE - ok
16:52:55.0256 3352 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:52:55.0271 3352 MTConfig - ok
16:52:55.0287 3352 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:52:55.0303 3352 Mup - ok
16:52:55.0334 3352 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
16:52:55.0412 3352 napagent - ok
16:52:55.0459 3352 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:52:55.0505 3352 NativeWifiP - ok
16:52:55.0583 3352 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
16:52:55.0615 3352 NDIS - ok
16:52:55.0646 3352 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:52:55.0677 3352 NdisCap - ok
16:52:55.0693 3352 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:52:55.0771 3352 NdisTapi - ok
16:52:55.0802 3352 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:52:55.0880 3352 Ndisuio - ok
16:52:55.0927 3352 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:52:55.0989 3352 NdisWan - ok
16:52:56.0020 3352 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:52:56.0067 3352 NDProxy - ok
16:52:56.0098 3352 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
16:52:56.0114 3352 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:52:56.0114 3352 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:52:56.0161 3352 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:52:56.0239 3352 NetBIOS - ok
16:52:56.0270 3352 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:52:56.0317 3352 NetBT - ok
16:52:56.0332 3352 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
16:52:56.0348 3352 Netlogon - ok
16:52:56.0379 3352 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:52:56.0457 3352 Netman - ok
16:52:56.0488 3352 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:52:56.0566 3352 netprofm - ok
16:52:56.0597 3352 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:52:56.0629 3352 NetTcpPortSharing - ok
16:52:56.0644 3352 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:52:56.0691 3352 nfrd960 - ok
16:52:56.0722 3352 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
16:52:56.0800 3352 NlaSvc - ok
16:52:56.0831 3352 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:52:56.0847 3352 Npfs - ok
16:52:56.0878 3352 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:52:56.0909 3352 nsi - ok
16:52:56.0909 3352 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:52:56.0956 3352 nsiproxy - ok
16:52:57.0019 3352 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:52:57.0050 3352 Ntfs - ok
16:52:57.0065 3352 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:52:57.0097 3352 Null - ok
16:52:57.0128 3352 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:52:57.0143 3352 nvraid - ok
16:52:57.0175 3352 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:52:57.0190 3352 nvstor - ok
16:52:57.0206 3352 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:52:57.0221 3352 nv_agp - ok
16:52:57.0284 3352 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:52:57.0331 3352 odserv - ok
16:52:57.0362 3352 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:52:57.0424 3352 ohci1394 - ok
16:52:57.0455 3352 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:52:57.0487 3352 ose - ok
16:52:57.0518 3352 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:52:57.0549 3352 p2pimsvc - ok
16:52:57.0580 3352 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:52:57.0643 3352 p2psvc - ok
16:52:57.0674 3352 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:52:57.0705 3352 Parport - ok
16:52:57.0752 3352 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
16:52:57.0783 3352 partmgr - ok
16:52:57.0799 3352 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:52:57.0830 3352 Parvdm - ok
16:52:57.0861 3352 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:52:57.0908 3352 PcaSvc - ok
16:52:57.0923 3352 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
16:52:57.0939 3352 pci - ok
16:52:57.0970 3352 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
16:52:57.0986 3352 pciide - ok
16:52:58.0001 3352 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:52:58.0017 3352 pcmcia - ok
16:52:58.0033 3352 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:52:58.0048 3352 pcw - ok
16:52:58.0064 3352 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:52:58.0095 3352 PEAUTH - ok
16:52:58.0189 3352 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
16:52:58.0267 3352 pla - ok
16:52:58.0313 3352 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:52:58.0391 3352 PlugPlay - ok
16:52:58.0407 3352 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
16:52:58.0438 3352 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:52:58.0438 3352 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:52:58.0469 3352 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:52:58.0485 3352 PNRPAutoReg - ok
16:52:58.0501 3352 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:52:58.0532 3352 PNRPsvc - ok
16:52:58.0563 3352 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:52:58.0625 3352 PolicyAgent - ok
16:52:58.0672 3352 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
16:52:58.0719 3352 Power - ok
16:52:58.0750 3352 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:52:58.0781 3352 PptpMiniport - ok
16:52:58.0797 3352 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:52:58.0828 3352 Processor - ok
16:52:58.0891 3352 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
16:52:58.0984 3352 ProfSvc - ok
16:52:59.0000 3352 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:52:59.0031 3352 ProtectedStorage - ok
16:52:59.0047 3352 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:52:59.0093 3352 Psched - ok
16:52:59.0125 3352 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:52:59.0156 3352 ql2300 - ok
16:52:59.0171 3352 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:52:59.0187 3352 ql40xx - ok
16:52:59.0218 3352 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:52:59.0265 3352 QWAVE - ok
16:52:59.0281 3352 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:52:59.0296 3352 QWAVEdrv - ok
16:52:59.0312 3352 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:52:59.0359 3352 RasAcd - ok
16:52:59.0390 3352 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:52:59.0468 3352 RasAgileVpn - ok
16:52:59.0483 3352 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:52:59.0546 3352 RasAuto - ok
16:52:59.0561 3352 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:52:59.0624 3352 Rasl2tp - ok
16:52:59.0671 3352 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
16:52:59.0764 3352 RasMan - ok
16:52:59.0795 3352 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:52:59.0827 3352 RasPppoe - ok
16:52:59.0858 3352 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:52:59.0920 3352 RasSstp - ok
16:52:59.0951 3352 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:53:00.0029 3352 rdbss - ok
16:53:00.0045 3352 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:53:00.0061 3352 rdpbus - ok
16:53:00.0123 3352 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:53:00.0170 3352 RDPCDD - ok
16:53:00.0217 3352 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:53:00.0248 3352 RDPENCDD - ok
16:53:00.0295 3352 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:53:00.0326 3352 RDPREFMP - ok
16:53:00.0373 3352 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:53:00.0435 3352 RDPWD - ok
16:53:00.0482 3352 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:53:00.0497 3352 rdyboost - ok
16:53:00.0529 3352 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:53:00.0575 3352 RemoteAccess - ok
16:53:00.0607 3352 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:53:00.0669 3352 RemoteRegistry - ok
16:53:00.0700 3352 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:53:00.0747 3352 RpcEptMapper - ok
16:53:00.0794 3352 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:53:00.0825 3352 RpcLocator - ok
16:53:00.0856 3352 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\System32\rpcss.dll
16:53:00.0887 3352 RpcSs - ok
16:53:00.0919 3352 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:53:01.0012 3352 rspndr - ok
16:53:01.0059 3352 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
16:53:01.0121 3352 RTL8167 - ok
16:53:01.0153 3352 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
16:53:01.0168 3352 SamSs - ok
16:53:01.0199 3352 [ 9C9BCC79AEF0AA97F16766C498002D36 ] SbFw C:\windows\system32\drivers\SbFw.sys
16:53:01.0215 3352 SbFw - ok
16:53:01.0246 3352 [ F27B38D70B7621378161D6F48BE04D2C ] SBFWIMCL C:\windows\system32\DRIVERS\sbfwim.sys
16:53:01.0262 3352 SBFWIMCL - ok
16:53:01.0277 3352 [ F27B38D70B7621378161D6F48BE04D2C ] SBFWIMCLMP C:\windows\system32\DRIVERS\SBFWIM.sys
16:53:01.0277 3352 SBFWIMCLMP - ok
16:53:01.0293 3352 [ 53E5E7DC26BB920B97F258BBD52ABFDC ] sbhips C:\windows\system32\drivers\sbhips.sys
16:53:01.0309 3352 sbhips - ok
16:53:01.0324 3352 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:53:01.0340 3352 sbp2port - ok
16:53:01.0371 3352 SBRE - ok
16:53:01.0480 3352 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
16:53:01.0511 3352 SBSDWSCService - ok
16:53:01.0527 3352 [ 6468E2973E04525DECC105947DDD0D34 ] SbTis C:\windows\system32\drivers\sbtis.sys
16:53:01.0543 3352 SbTis - ok
16:53:01.0574 3352 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:53:01.0621 3352 SCardSvr - ok
16:53:01.0636 3352 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:53:01.0667 3352 scfilter - ok
16:53:01.0714 3352 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
16:53:01.0808 3352 Schedule - ok
16:53:01.0823 3352 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
16:53:01.0870 3352 SCPolicySvc - ok
16:53:01.0917 3352 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:53:01.0979 3352 SDRSVC - ok
16:53:02.0011 3352 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:53:02.0104 3352 secdrv - ok
16:53:02.0135 3352 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:53:02.0198 3352 seclogon - ok
16:53:02.0229 3352 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
16:53:02.0291 3352 SENS - ok
16:53:02.0307 3352 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:53:02.0369 3352 SensrSvc - ok
16:53:02.0401 3352 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:53:02.0432 3352 Serenum - ok
16:53:02.0463 3352 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:53:02.0479 3352 Serial - ok
16:53:02.0525 3352 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:53:02.0557 3352 sermouse - ok
16:53:02.0619 3352 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
16:53:02.0697 3352 SessionEnv - ok
16:53:02.0728 3352 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:53:02.0744 3352 sffdisk - ok
16:53:02.0744 3352 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:53:02.0759 3352 sffp_mmc - ok
16:53:02.0775 3352 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:53:02.0791 3352 sffp_sd - ok
16:53:02.0806 3352 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:53:02.0837 3352 sfloppy - ok
16:53:02.0884 3352 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:53:02.0962 3352 SharedAccess - ok
16:53:03.0009 3352 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:53:03.0087 3352 ShellHWDetection - ok
16:53:03.0118 3352 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
16:53:03.0150 3352 sisagp - ok
16:53:03.0181 3352 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:53:03.0212 3352 SiSRaid2 - ok
16:53:03.0228 3352 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:53:03.0243 3352 SiSRaid4 - ok
16:53:03.0274 3352 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:53:03.0306 3352 Smb - ok
16:53:03.0337 3352 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:53:03.0337 3352 SNMPTRAP - ok
16:53:03.0352 3352 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:53:03.0368 3352 spldr - ok
16:53:03.0415 3352 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
16:53:03.0477 3352 Spooler - ok
16:53:03.0586 3352 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
16:53:03.0758 3352 sppsvc - ok
16:53:03.0805 3352 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:53:03.0867 3352 sppuinotify - ok
16:53:03.0898 3352 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:53:03.0914 3352 SQLBrowser - ok
16:53:03.0930 3352 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:53:03.0945 3352 SQLWriter - ok
16:53:03.0992 3352 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
16:53:04.0039 3352 srv - ok
16:53:04.0054 3352 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:53:04.0086 3352 srv2 - ok
16:53:04.0101 3352 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:53:04.0117 3352 srvnet - ok
16:53:04.0148 3352 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:53:04.0179 3352 SSDPSRV - ok
16:53:04.0195 3352 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
16:53:04.0210 3352 ssmdrv - ok
16:53:04.0226 3352 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:53:04.0273 3352 SstpSvc - ok
16:53:04.0304 3352 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:53:04.0335 3352 stexstor - ok
16:53:04.0382 3352 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
16:53:04.0460 3352 StiSvc - ok
16:53:04.0491 3352 [ D4701170925CC1A532511C5948B195FB ] SuperIO C:\windows\system32\DRIVERS\spio.sys
16:53:04.0507 3352 SuperIO - ok
16:53:04.0538 3352 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
16:53:04.0569 3352 swenum - ok
16:53:04.0585 3352 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:53:04.0632 3352 swprv - ok
16:53:04.0694 3352 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
16:53:04.0788 3352 SysMain - ok
16:53:04.0819 3352 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:53:04.0850 3352 TabletInputService - ok
16:53:04.0881 3352 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
16:53:04.0959 3352 TapiSrv - ok
16:53:04.0990 3352 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:53:05.0068 3352 TBS - ok
16:53:05.0131 3352 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:53:05.0178 3352 Tcpip - ok
16:53:05.0349 3352 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:53:05.0380 3352 TCPIP6 - ok
16:53:05.0427 3352 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:53:05.0505 3352 tcpipreg - ok
16:53:05.0536 3352 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:53:05.0599 3352 TDPIPE - ok
16:53:05.0630 3352 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:53:05.0661 3352 TDTCP - ok
16:53:05.0708 3352 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:53:05.0755 3352 tdx - ok
16:53:05.0802 3352 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
16:53:05.0833 3352 TermDD - ok
16:53:05.0880 3352 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
16:53:05.0942 3352 TermService - ok
16:53:05.0973 3352 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:53:06.0020 3352 Themes - ok
16:53:06.0036 3352 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:53:06.0067 3352 THREADORDER - ok
16:53:06.0098 3352 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:53:06.0145 3352 TrkWks - ok
16:53:06.0223 3352 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:53:06.0301 3352 TrustedInstaller - ok
16:53:06.0332 3352 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:53:06.0363 3352 tssecsrv - ok
16:53:06.0426 3352 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:53:06.0472 3352 TsUsbFlt - ok
16:53:06.0504 3352 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:53:06.0582 3352 tunnel - ok
16:53:06.0613 3352 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:53:06.0628 3352 uagp35 - ok
16:53:06.0675 3352 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:53:06.0722 3352 udfs - ok
16:53:06.0753 3352 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:53:06.0800 3352 UI0Detect - ok
16:53:06.0831 3352 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:53:06.0862 3352 uliagpkx - ok
16:53:06.0878 3352 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
16:53:06.0909 3352 umbus - ok
16:53:06.0909 3352 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:53:06.0956 3352 UmPass - ok
16:53:06.0987 3352 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:53:07.0096 3352 upnphost - ok
16:53:07.0112 3352 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\drivers\usbccgp.sys
16:53:07.0143 3352 usbccgp - ok
16:53:07.0143 3352 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:53:07.0159 3352 usbcir - ok
16:53:07.0206 3352 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:53:07.0237 3352 usbehci - ok
16:53:07.0268 3352 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:53:07.0299 3352 usbhub - ok
16:53:07.0315 3352 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:53:07.0346 3352 usbohci - ok
16:53:07.0393 3352 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:53:07.0424 3352 usbprint - ok
16:53:07.0471 3352 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
16:53:07.0518 3352 USBSTOR - ok
16:53:07.0533 3352 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:53:07.0549 3352 usbuhci - ok
16:53:07.0580 3352 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:53:07.0596 3352 UxSms - ok
16:53:07.0627 3352 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
16:53:07.0627 3352 VaultSvc - ok
16:53:07.0658 3352 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:53:07.0674 3352 vdrvroot - ok
16:53:07.0705 3352 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
16:53:07.0783 3352 vds - ok
16:53:07.0798 3352 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:53:07.0845 3352 vga - ok
16:53:07.0861 3352 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:53:07.0892 3352 VgaSave - ok
16:53:07.0923 3352 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:53:07.0939 3352 vhdmp - ok
16:53:07.0970 3352 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
16:53:07.0970 3352 viaagp - ok
16:53:07.0986 3352 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:53:08.0032 3352 ViaC7 - ok
16:53:08.0064 3352 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
16:53:08.0079 3352 viaide - ok
16:53:08.0095 3352 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:53:08.0110 3352 volmgr - ok
16:53:08.0126 3352 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:53:08.0126 3352 volmgrx - ok
16:53:08.0142 3352 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:53:08.0157 3352 volsnap - ok
16:53:08.0188 3352 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:53:08.0204 3352 vsmraid - ok
16:53:08.0266 3352 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
16:53:08.0344 3352 VSS - ok
16:53:08.0360 3352 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
16:53:08.0407 3352 vwifibus - ok
16:53:08.0438 3352 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:53:08.0516 3352 W32Time - ok
16:53:08.0532 3352 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:53:08.0578 3352 WacomPen - ok
16:53:08.0641 3352 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:53:08.0719 3352 WANARP - ok
16:53:08.0719 3352 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:53:08.0750 3352 Wanarpv6 - ok
16:53:08.0828 3352 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:53:08.0906 3352 WatAdminSvc - ok
16:53:08.0968 3352 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
16:53:09.0046 3352 wbengine - ok
16:53:09.0078 3352 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:53:09.0093 3352 WbioSrvc - ok
16:53:09.0140 3352 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
16:53:09.0171 3352 wcncsvc - ok
16:53:09.0187 3352 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:53:09.0202 3352 WcsPlugInService - ok
16:53:09.0234 3352 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:53:09.0234 3352 Wd - ok
16:53:09.0265 3352 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:53:09.0280 3352 Wdf01000 - ok
16:53:09.0296 3352 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:53:09.0358 3352 WdiServiceHost - ok
16:53:09.0358 3352 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:53:09.0374 3352 WdiSystemHost - ok
16:53:09.0405 3352 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
16:53:09.0452 3352 WebClient - ok
16:53:09.0483 3352 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:53:09.0530 3352 Wecsvc - ok
16:53:09.0546 3352 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:53:09.0561 3352 wercplsupport - ok
16:53:09.0577 3352 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:53:09.0639 3352 WerSvc - ok
16:53:09.0670 3352 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:53:09.0717 3352 WfpLwf - ok
16:53:09.0733 3352 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
16:53:09.0748 3352 WimFltr - ok
16:53:09.0764 3352 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:53:09.0780 3352 WIMMount - ok
16:53:09.0826 3352 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:53:09.0904 3352 WinDefend - ok
16:53:09.0904 3352 WinHttpAutoProxySvc - ok
16:53:09.0951 3352 [ 8C33A2B630E95D71A7067A4E489952E2 ] WinI2C-DDC C:\windows\system32\drivers\DDCDrv.sys
16:53:09.0982 3352 WinI2C-DDC - ok
16:53:10.0014 3352 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:53:10.0076 3352 Winmgmt - ok
16:53:10.0138 3352 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
16:53:10.0216 3352 WinRM - ok
16:53:10.0279 3352 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:53:10.0310 3352 WinUsb - ok
16:53:10.0372 3352 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:53:10.0450 3352 Wlansvc - ok
16:53:10.0466 3352 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:53:10.0513 3352 WmiAcpi - ok
16:53:10.0560 3352 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:53:10.0606 3352 wmiApSrv - ok
16:53:10.0716 3352 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:53:10.0762 3352 WMPNetworkSvc - ok
16:53:10.0778 3352 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:53:10.0840 3352 WPCSvc - ok
16:53:10.0887 3352 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:53:10.0965 3352 WPDBusEnum - ok
16:53:10.0981 3352 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:53:11.0043 3352 ws2ifsl - ok
16:53:11.0074 3352 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
16:53:11.0106 3352 wscsvc - ok
16:53:11.0121 3352 WSearch - ok
16:53:11.0168 3352 [ BAEDC491374DEFD5E76336901D6D397D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
16:53:11.0168 3352 wsvd - ok
16:53:11.0246 3352 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
16:53:11.0308 3352 wuauserv - ok
16:53:11.0340 3352 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:53:11.0418 3352 WudfPf - ok
16:53:11.0464 3352 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:53:11.0527 3352 WUDFRd - ok
16:53:11.0542 3352 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:53:11.0574 3352 wudfsvc - ok
16:53:11.0605 3352 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:53:11.0667 3352 WwanSvc - ok
16:53:11.0714 3352 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
16:53:11.0761 3352 yukonw7 - ok
16:53:11.0761 3352 ================ Scan global ===============================
16:53:11.0792 3352 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:53:11.0839 3352 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
16:53:11.0854 3352 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
16:53:11.0901 3352 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:53:11.0901 3352 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:53:11.0917 3352 [Global] - ok
16:53:11.0917 3352 ================ Scan MBR ==================================
16:53:11.0932 3352 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:53:12.0244 3352 \Device\Harddisk0\DR0 - ok
16:53:12.0244 3352 ================ Scan VBR ==================================
16:53:12.0244 3352 [ 62549D7CF47B0CC8E15DD197085E36E8 ] \Device\Harddisk0\DR0\Partition1
16:53:12.0244 3352 \Device\Harddisk0\DR0\Partition1 - ok
16:53:12.0291 3352 [ 2A89B148068EA17C836D159D9753AE51 ] \Device\Harddisk0\DR0\Partition2
16:53:12.0291 3352 \Device\Harddisk0\DR0\Partition2 - ok
16:53:12.0291 3352 ============================================================
16:53:12.0291 3352 Scan finished
16:53:12.0291 3352 ============================================================
16:53:12.0307 2072 Detected object count: 4
16:53:12.0307 2072 Actual detected object count: 4
16:53:19.0498 2072 DDNIMSGService ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:19.0514 2072 DDNIMSGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:19.0514 2072 DDNIService ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:19.0514 2072 DDNIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:19.0514 2072 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:19.0514 2072 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:19.0514 2072 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:53:19.0514 2072 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:53:23.0071 5304 ============================================================
16:53:23.0071 5304 Scan started
16:53:23.0071 5304 Mode: Manual; SigCheck; TDLFS;
16:53:23.0071 5304 ============================================================
16:53:23.0352 5304 ================ Scan system memory ========================
16:53:23.0352 5304 System memory - ok
16:53:23.0352 5304 ================ Scan services =============================
16:53:23.0523 5304 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:53:23.0570 5304 1394ohci - ok
16:53:23.0617 5304 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:53:23.0632 5304 ACPI - ok
16:53:23.0664 5304 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:53:23.0679 5304 AcpiPmi - ok
16:53:23.0742 5304 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:53:23.0773 5304 AdobeARMservice - ok
16:53:23.0804 5304 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:53:23.0820 5304 AdobeFlashPlayerUpdateSvc - ok
16:53:23.0851 5304 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:53:23.0866 5304 adp94xx - ok
16:53:23.0898 5304 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:53:23.0913 5304 adpahci - ok
16:53:23.0929 5304 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:53:23.0944 5304 adpu320 - ok
16:53:23.0976 5304 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:53:23.0991 5304 AeLookupSvc - ok
16:53:24.0022 5304 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
16:53:24.0038 5304 AFD - ok
16:53:24.0069 5304 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
16:53:24.0069 5304 agp440 - ok
16:53:24.0085 5304 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:53:24.0100 5304 aic78xx - ok
16:53:24.0116 5304 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:53:24.0132 5304 ALG - ok
16:53:24.0147 5304 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
16:53:24.0163 5304 aliide - ok
16:53:24.0178 5304 [ E3836DCF317E75D31698B0584DEEC313 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:53:24.0194 5304 AMD External Events Utility - ok
16:53:24.0225 5304 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
16:53:24.0241 5304 amdagp - ok
16:53:24.0256 5304 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
16:53:24.0256 5304 amdide - ok
16:53:24.0288 5304 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:53:24.0288 5304 AmdK8 - ok
16:53:24.0303 5304 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:53:24.0319 5304 AmdPPM - ok
16:53:24.0350 5304 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
16:53:24.0366 5304 amdsata - ok
16:53:24.0381 5304 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:53:24.0397 5304 amdsbs - ok
16:53:24.0397 5304 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:53:24.0412 5304 amdxata - ok
16:53:24.0459 5304 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:53:24.0475 5304 AntiVirSchedulerService - ok
16:53:24.0490 5304 [ DF5A3016052755C910A206058B4A1729 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:53:24.0506 5304 AntiVirService - ok
16:53:24.0537 5304 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
16:53:24.0553 5304 AppID - ok
16:53:24.0584 5304 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:53:24.0615 5304 AppIDSvc - ok
16:53:24.0646 5304 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
16:53:24.0662 5304 Appinfo - ok
16:53:24.0693 5304 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:53:24.0709 5304 arc - ok
16:53:24.0724 5304 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:53:24.0740 5304 arcsas - ok
16:53:24.0740 5304 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:53:24.0771 5304 AsyncMac - ok
16:53:24.0802 5304 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
16:53:24.0818 5304 atapi - ok
16:53:24.0927 5304 [ C17C77E84B11B5E01F32DD6B98930F36 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:53:24.0990 5304 atikmdag - ok
16:53:25.0021 5304 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
16:53:25.0021 5304 AtiPcie - ok
16:53:25.0068 5304 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:53:25.0099 5304 AudioEndpointBuilder - ok
16:53:25.0114 5304 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:53:25.0146 5304 Audiosrv - ok
16:53:25.0161 5304 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
16:53:25.0177 5304 avgntflt - ok
16:53:25.0192 5304 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
16:53:25.0208 5304 avipbb - ok
16:53:25.0239 5304 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:53:25.0255 5304 AxInstSV - ok
16:53:25.0286 5304 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:53:25.0302 5304 b06bdrv - ok
16:53:25.0333 5304 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:53:25.0333 5304 b57nd60x - ok
16:53:25.0380 5304 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
16:53:25.0395 5304 BBSvc - ok
16:53:25.0442 5304 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
16:53:25.0473 5304 BBUpdate - ok
16:53:25.0520 5304 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
16:53:25.0520 5304 BcmSqlStartupSvc - ok
16:53:25.0551 5304 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:53:25.0567 5304 BDESVC - ok
16:53:25.0598 5304 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:53:25.0629 5304 Beep - ok
16:53:25.0676 5304 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
16:53:25.0723 5304 BFE - ok
16:53:25.0770 5304 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
16:53:25.0816 5304 BITS - ok
16:53:25.0832 5304 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:53:25.0848 5304 blbdrive - ok
16:53:25.0894 5304 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:53:25.0926 5304 bowser - ok
16:53:25.0926 5304 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:53:25.0941 5304 BrFiltLo - ok
16:53:25.0957 5304 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:53:25.0972 5304 BrFiltUp - ok
16:53:25.0988 5304 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:53:26.0019 5304 BridgeMP - ok
16:53:26.0050 5304 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
16:53:26.0066 5304 Browser - ok
16:53:26.0082 5304 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:53:26.0097 5304 Brserid - ok
16:53:26.0113 5304 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:53:26.0128 5304 BrSerWdm - ok
16:53:26.0144 5304 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:53:26.0160 5304 BrUsbMdm - ok
16:53:26.0160 5304 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:53:26.0175 5304 BrUsbSer - ok
16:53:26.0191 5304 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:53:26.0206 5304 BTHMODEM - ok
16:53:26.0222 5304 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:53:26.0253 5304 bthserv - ok
16:53:26.0300 5304 catchme - ok
16:53:26.0316 5304 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:53:26.0347 5304 cdfs - ok
16:53:26.0394 5304 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
16:53:26.0425 5304 cdrom - ok
16:53:26.0456 5304 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
16:53:26.0487 5304 CertPropSvc - ok
16:53:26.0503 5304 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:53:26.0518 5304 circlass - ok
16:53:26.0550 5304 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:53:26.0565 5304 CLFS - ok
16:53:26.0612 5304 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:53:26.0628 5304 clr_optimization_v2.0.50727_32 - ok
16:53:26.0643 5304 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:53:26.0659 5304 CmBatt - ok
16:53:26.0690 5304 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
16:53:26.0706 5304 cmdide - ok
16:53:26.0752 5304 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
16:53:26.0768 5304 CNG - ok
16:53:26.0784 5304 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:53:26.0799 5304 Compbatt - ok
16:53:26.0815 5304 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:53:26.0830 5304 CompositeBus - ok
16:53:26.0830 5304 COMSysApp - ok
16:53:26.0862 5304 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:53:26.0862 5304 crcdisk - ok
16:53:26.0908 5304 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\windows\system32\cryptsvc.dll
16:53:26.0940 5304 CryptSvc - ok
16:53:26.0986 5304 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
16:53:27.0018 5304 DcomLaunch - ok
16:53:27.0064 5304 [ 696C496DDAB0A608D02894E9D4F62980 ] DDNIMSGService C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
16:53:27.0096 5304 DDNIMSGService ( UnsignedFile.Multi.Generic ) - warning
16:53:27.0096 5304 DDNIMSGService - detected UnsignedFile.Multi.Generic (1)
16:53:27.0127 5304 [ A767A85632556477021D43259397B21A ] DDNIService C:\Program Files\DDNI\DIBS\DDNIService.exe
16:53:27.0158 5304 DDNIService ( UnsignedFile.Multi.Generic ) - warning
16:53:27.0158 5304 DDNIService - detected UnsignedFile.Multi.Generic (1)
16:53:27.0174 5304 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:53:27.0205 5304 defragsvc - ok
16:53:27.0252 5304 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:53:27.0267 5304 DfsC - ok
16:53:27.0298 5304 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
16:53:27.0330 5304 Dhcp - ok
16:53:27.0361 5304 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:53:27.0376 5304 discache - ok
16:53:27.0392 5304 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:53:27.0408 5304 Disk - ok
16:53:27.0454 5304 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:53:27.0486 5304 Dnscache - ok
16:53:27.0517 5304 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
16:53:27.0548 5304 dot3svc - ok
16:53:27.0579 5304 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
16:53:27.0595 5304 Dot4 - ok
16:53:27.0626 5304 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
16:53:27.0642 5304 Dot4Print - ok
16:53:27.0688 5304 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
16:53:27.0720 5304 dot4usb - ok
16:53:27.0751 5304 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
16:53:27.0782 5304 DPS - ok
16:53:27.0798 5304 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:53:27.0829 5304 drmkaud - ok
16:53:27.0876 5304 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:53:27.0907 5304 DXGKrnl - ok
16:53:27.0938 5304 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:53:27.0969 5304 EapHost - ok
16:53:28.0047 5304 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:53:28.0094 5304 ebdrv - ok
16:53:28.0125 5304 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
16:53:28.0141 5304 EFS - ok
16:53:28.0188 5304 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:53:28.0203 5304 ehRecvr - ok
16:53:28.0234 5304 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:53:28.0250 5304 ehSched - ok
16:53:28.0266 5304 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:53:28.0281 5304 elxstor - ok
16:53:28.0312 5304 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:53:28.0328 5304 ErrDev - ok
16:53:28.0359 5304 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:53:28.0390 5304 EventSystem - ok
16:53:28.0406 5304 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:53:28.0422 5304 exfat - ok
16:53:28.0437 5304 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:53:28.0468 5304 fastfat - ok
16:53:28.0515 5304 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
16:53:28.0531 5304 Fax - ok
16:53:28.0546 5304 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:53:28.0562 5304 fdc - ok
16:53:28.0578 5304 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:53:28.0593 5304 fdPHost - ok
16:53:28.0624 5304 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:53:28.0640 5304 FDResPub - ok
16:53:28.0656 5304 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:53:28.0671 5304 FileInfo - ok
16:53:28.0687 5304 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:53:28.0702 5304 Filetrace - ok
16:53:28.0718 5304 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:53:28.0734 5304 flpydisk - ok
16:53:28.0749 5304 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:53:28.0749 5304 FltMgr - ok
16:53:28.0812 5304 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
16:53:28.0858 5304 FontCache - ok
16:53:28.0905 5304 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:53:28.0905 5304 FontCache3.0.0.0 - ok
16:53:28.0936 5304 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:53:28.0952 5304 FsDepends - ok
16:53:28.0983 5304 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:53:29.0014 5304 Fs_Rec - ok
16:53:29.0046 5304 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:53:29.0092 5304 fvevol - ok
16:53:29.0108 5304 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:53:29.0139 5304 gagp30kx - ok
16:53:29.0186 5304 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
16:53:29.0248 5304 gpsvc - ok
16:53:29.0326 5304 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:53:29.0358 5304 gupdate - ok
16:53:29.0373 5304 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:53:29.0373 5304 gupdatem - ok
16:53:29.0389 5304 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:53:29.0404 5304 hcw85cir - ok
16:53:29.0436 5304 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:53:29.0451 5304 HdAudAddService - ok
16:53:29.0482 5304 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:53:29.0498 5304 HDAudBus - ok
16:53:29.0529 5304 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:53:29.0529 5304 HidBatt - ok
16:53:29.0545 5304 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:53:29.0560 5304 HidBth - ok
16:53:29.0576 5304 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:53:29.0592 5304 HidIr - ok
16:53:29.0623 5304 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
16:53:29.0638 5304 hidserv - ok
16:53:29.0654 5304 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
16:53:29.0670 5304 HidUsb - ok
16:53:29.0716 5304 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
16:53:29.0763 5304 hkmsvc - ok
16:53:29.0794 5304 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:53:29.0810 5304 HomeGroupListener - ok
16:53:29.0872 5304 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:53:29.0904 5304 HomeGroupProvider - ok
16:53:29.0919 5304 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:53:29.0935 5304 HpSAMD - ok
16:53:29.0982 5304 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:53:30.0013 5304 HTTP - ok
16:53:30.0060 5304 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:53:30.0091 5304 hwpolicy - ok
16:53:30.0122 5304 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:53:30.0138 5304 i8042prt - ok
16:53:30.0184 5304 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:53:30.0200 5304 iaStorV - ok
16:53:30.0262 5304 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:53:30.0294 5304 idsvc - ok
16:53:30.0325 5304 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:53:30.0356 5304 iirsp - ok
16:53:30.0403 5304 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
16:53:30.0450 5304 IKEEXT - ok
16:53:30.0528 5304 [ 8948879A8F1614721B857FB21FB980E6 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
16:53:30.0574 5304 IntcAzAudAddService - ok
16:53:30.0606 5304 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
16:53:30.0621 5304 intelide - ok
16:53:30.0637 5304 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:53:30.0668 5304 intelppm - ok
16:53:30.0699 5304 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:53:30.0730 5304 IPBusEnum - ok
16:53:30.0746 5304 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:53:30.0777 5304 IpFilterDriver - ok
16:53:30.0824 5304 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:53:30.0871 5304 iphlpsvc - ok
16:53:30.0902 5304 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:53:30.0933 5304 IPMIDRV - ok
16:53:30.0949 5304 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:53:30.0980 5304 IPNAT - ok
16:53:30.0996 5304 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:53:31.0011 5304 IRENUM - ok
16:53:31.0027 5304 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:53:31.0042 5304 isapnp - ok
16:53:31.0074 5304 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:53:31.0105 5304 iScsiPrt - ok
16:53:31.0105 5304 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:53:31.0120 5304 kbdclass - ok
16:53:31.0152 5304 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:53:31.0167 5304 kbdhid - ok
16:53:31.0183 5304 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
16:53:31.0183 5304 KeyIso - ok
16:53:31.0230 5304 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:53:31.0230 5304 KSecDD - ok
16:53:31.0245 5304 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:53:31.0261 5304 KSecPkg - ok
16:53:31.0292 5304 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:53:31.0323 5304 KtmRm - ok
16:53:31.0339 5304 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
16:53:31.0370 5304 LanmanServer - ok
16:53:31.0386 5304 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:53:31.0401 5304 LanmanWorkstation - ok
16:53:31.0417 5304 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:53:31.0448 5304 lltdio - ok
16:53:31.0479 5304 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:53:31.0495 5304 lltdsvc - ok
16:53:31.0510 5304 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:53:31.0542 5304 lmhosts - ok
16:53:31.0557 5304 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:53:31.0573 5304 LSI_FC - ok
16:53:31.0573 5304 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:53:31.0588 5304 LSI_SAS - ok
16:53:31.0604 5304 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:53:31.0620 5304 LSI_SAS2 - ok
16:53:31.0620 5304 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:53:31.0635 5304 LSI_SCSI - ok
16:53:31.0651 5304 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:53:31.0666 5304 luafv - ok
16:53:31.0713 5304 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
16:53:31.0744 5304 McComponentHostService - ok
16:53:31.0791 5304 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:53:31.0807 5304 Mcx2Svc - ok
16:53:31.0822 5304 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:53:31.0838 5304 megasas - ok
16:53:31.0854 5304 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:53:31.0854 5304 MegaSR - ok
16:53:31.0885 5304 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:53:31.0900 5304 MMCSS - ok
16:53:31.0916 5304 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:53:31.0947 5304 Modem - ok
16:53:31.0963 5304 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:53:31.0978 5304 monitor - ok
16:53:31.0994 5304 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
16:53:32.0010 5304 mouclass - ok
16:53:32.0025 5304 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:53:32.0025 5304 mouhid - ok
16:53:32.0072 5304 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:53:32.0103 5304 mountmgr - ok
16:53:32.0150 5304 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:53:32.0181 5304 MozillaMaintenance - ok
16:53:32.0228 5304 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
16:53:32.0259 5304 mpio - ok
16:53:32.0275 5304 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:53:32.0290 5304 mpsdrv - ok
16:53:32.0353 5304 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
16:53:32.0400 5304 MpsSvc - ok
16:53:32.0431 5304 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:53:32.0446 5304 MRxDAV - ok
16:53:32.0493 5304 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:53:32.0524 5304 mrxsmb - ok
16:53:32.0571 5304 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:53:32.0602 5304 mrxsmb10 - ok
16:53:32.0618 5304 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:53:32.0649 5304 mrxsmb20 - ok
16:53:32.0649 5304 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
16:53:32.0665 5304 msahci - ok
16:53:32.0680 5304 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:53:32.0696 5304 msdsm - ok
16:53:32.0712 5304 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:53:32.0727 5304 MSDTC - ok
16:53:32.0758 5304 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:53:32.0790 5304 Msfs - ok
16:53:32.0790 5304 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:53:32.0821 5304 mshidkmdf - ok
16:53:32.0836 5304 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:53:32.0852 5304 msisadrv - ok
16:53:32.0883 5304 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:53:32.0914 5304 MSiSCSI - ok
16:53:32.0914 5304 msiserver - ok
16:53:32.0946 5304 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:53:32.0961 5304 MSKSSRV - ok
16:53:32.0977 5304 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:53:32.0992 5304 MSPCLOCK - ok
16:53:33.0008 5304 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:53:33.0039 5304 MSPQM - ok
16:53:33.0055 5304 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:53:33.0070 5304 MsRPC - ok
16:53:33.0086 5304 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:53:33.0086 5304 mssmbios - ok
16:53:33.0148 5304 MSSQL$MSSMLBIZ - ok
16:53:33.0211 5304 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
16:53:33.0226 5304 MSSQLServerADHelper - ok
16:53:33.0242 5304 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:53:33.0273 5304 MSTEE - ok
16:53:33.0273 5304 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:53:33.0289 5304 MTConfig - ok
16:53:33.0320 5304 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:53:33.0320 5304 Mup - ok
16:53:33.0367 5304 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
16:53:33.0429 5304 napagent - ok
16:53:33.0445 5304 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:53:33.0460 5304 NativeWifiP - ok
16:53:33.0523 5304 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
16:53:33.0570 5304 NDIS - ok
16:53:33.0585 5304 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:53:33.0616 5304 NdisCap - ok
16:53:33.0648 5304 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:53:33.0663 5304 NdisTapi - ok
16:53:33.0694 5304 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:53:33.0726 5304 Ndisuio - ok
16:53:33.0788 5304 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:53:33.0835 5304 NdisWan - ok
16:53:33.0928 5304 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:53:33.0975 5304 NDProxy - ok
16:53:34.0006 5304 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
16:53:34.0022 5304 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:53:34.0022 5304 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:53:34.0038 5304 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:53:34.0069 5304 NetBIOS - ok
16:53:34.0100 5304 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:53:34.0147 5304 NetBT - ok
16:53:34.0162 5304 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
16:53:34.0178 5304 Netlogon - ok
16:53:34.0209 5304 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:53:34.0225 5304 Netman - ok
16:53:34.0240 5304 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:53:34.0272 5304 netprofm - ok
16:53:34.0303 5304 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:53:34.0318 5304 NetTcpPortSharing - ok
16:53:34.0334 5304 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:53:34.0334 5304 nfrd960 - ok
16:53:34.0381 5304 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
16:53:34.0459 5304 NlaSvc - ok
16:53:34.0459 5304 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:53:34.0490 5304 Npfs - ok
16:53:34.0506 5304 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:53:34.0537 5304 nsi - ok
16:53:34.0552 5304 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:53:34.0568 5304 nsiproxy - ok
16:53:34.0630 5304 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:53:34.0646 5304 Ntfs - ok
16:53:34.0677 5304 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:53:34.0693 5304 Null - ok
16:53:34.0740 5304 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:53:34.0771 5304 nvraid - ok
16:53:34.0802 5304 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:53:34.0833 5304 nvstor - ok
16:53:34.0849 5304 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:53:34.0864 5304 nv_agp - ok
16:53:34.0927 5304 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:53:34.0974 5304 odserv - ok
16:53:35.0005 5304 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:53:35.0036 5304 ohci1394 - ok
16:53:35.0052 5304 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:53:35.0067 5304 ose - ok
16:53:35.0114 5304 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:53:35.0130 5304 p2pimsvc - ok
16:53:35.0145 5304 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:53:35.0161 5304 p2psvc - ok
16:53:35.0192 5304 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:53:35.0208 5304 Parport - ok
16:53:35.0239 5304 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
16:53:35.0270 5304 partmgr - ok
16:53:35.0286 5304 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:53:35.0301 5304 Parvdm - ok
16:53:35.0301 5304 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:53:35.0332 5304 PcaSvc - ok
16:53:35.0348 5304 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
16:53:35.0348 5304 pci - ok
16:53:35.0395 5304 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
16:53:35.0426 5304 pciide - ok
16:53:35.0442 5304 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:53:35.0457 5304 pcmcia - ok
16:53:35.0488 5304 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:53:35.0488 5304 pcw - ok
16:53:35.0520 5304 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:53:35.0551 5304 PEAUTH - ok
16:53:35.0629 5304 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
16:53:35.0676 5304 pla - ok
16:53:35.0722 5304 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:53:35.0738 5304 PlugPlay - ok
16:53:35.0754 5304 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
16:53:35.0754 5304 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:53:35.0754 5304 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:53:35.0769 5304 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:53:35.0785 5304 PNRPAutoReg - ok
16:53:35.0800 5304 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:53:35.0816 5304 PNRPsvc - ok
16:53:35.0832 5304 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:53:35.0847 5304 PolicyAgent - ok
16:53:35.0894 5304 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
16:53:35.0910 5304 Power - ok
16:53:35.0941 5304 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:53:35.0956 5304 PptpMiniport - ok
16:53:35.0972 5304 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:53:35.0988 5304 Processor - ok
16:53:36.0034 5304 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
16:53:36.0066 5304 ProfSvc - ok
16:53:36.0081 5304 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:53:36.0097 5304 ProtectedStorage - ok
16:53:36.0112 5304 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:53:36.0128 5304 Psched - ok
16:53:36.0159 5304 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:53:36.0190 5304 ql2300 - ok
16:53:36.0222 5304 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:53:36.0222 5304 ql40xx - ok
16:53:36.0253 5304 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:53:36.0300 5304 QWAVE - ok
16:53:36.0315 5304 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:53:36.0331 5304 QWAVEdrv - ok
16:53:36.0346 5304 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:53:36.0378 5304 RasAcd - ok
16:53:36.0393 5304 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:53:36.0409 5304 RasAgileVpn - ok
16:53:36.0424 5304 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:53:36.0456 5304 RasAuto - ok
16:53:36.0471 5304 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:53:36.0502 5304 Rasl2tp - ok
16:53:36.0549 5304 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
16:53:36.0596 5304 RasMan - ok
16:53:36.0612 5304 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:53:36.0643 5304 RasPppoe - ok
16:53:36.0658 5304 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:53:36.0674 5304 RasSstp - ok
16:53:36.0705 5304 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:53:36.0752 5304 rdbss - ok
16:53:36.0768 5304 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:53:36.0783 5304 rdpbus - ok
16:53:36.0814 5304 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:53:36.0877 5304 RDPCDD - ok
16:53:36.0892 5304 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:53:36.0924 5304 RDPENCDD - ok
16:53:36.0924 5304 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:53:36.0955 5304 RDPREFMP - ok
16:53:36.0986 5304 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:53:37.0002 5304 RDPWD - ok
16:53:37.0048 5304 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:53:37.0080 5304 rdyboost - ok
16:53:37.0111 5304 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:53:37.0142 5304 RemoteAccess - ok
16:53:37.0158 5304 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:53:37.0189 5304 RemoteRegistry - ok
16:53:37.0204 5304 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:53:37.0236 5304 RpcEptMapper - ok
16:53:37.0251 5304 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:53:37.0267 5304 RpcLocator - ok
16:53:37.0282 5304 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\System32\rpcss.dll
16:53:37.0329 5304 RpcSs - ok
16:53:37.0345 5304 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:53:37.0376 5304 rspndr - ok
16:53:37.0392 5304 [ 26A9D6227D12B9D9DA5A81BB9B55D810 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
16:53:37.0407 5304 RTL8167 - ok
16:53:37.0423 5304 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
16:53:37.0438 5304 SamSs - ok
16:53:37.0454 5304 [ 9C9BCC79AEF0AA97F16766C498002D36 ] SbFw C:\windows\system32\drivers\SbFw.sys
16:53:37.0470 5304 SbFw - ok
16:53:37.0485 5304 [ F27B38D70B7621378161D6F48BE04D2C ] SBFWIMCL C:\windows\system32\DRIVERS\sbfwim.sys
16:53:37.0501 5304 SBFWIMCL - ok
16:53:37.0501 5304 [ F27B38D70B7621378161D6F48BE04D2C ] SBFWIMCLMP C:\windows\system32\DRIVERS\SBFWIM.sys
16:53:37.0516 5304 SBFWIMCLMP - ok
16:53:37.0532 5304 [ 53E5E7DC26BB920B97F258BBD52ABFDC ] sbhips C:\windows\system32\drivers\sbhips.sys
16:53:37.0532 5304 sbhips - ok
16:53:37.0563 5304 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:53:37.0563 5304 sbp2port - ok
16:53:37.0579 5304 SBRE - ok
16:53:37.0672 5304 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
16:53:37.0704 5304 SBSDWSCService - ok
16:53:37.0735 5304 [ 6468E2973E04525DECC105947DDD0D34 ] SbTis C:\windows\system32\drivers\sbtis.sys
16:53:37.0750 5304 SbTis - ok
16:53:37.0782 5304 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:53:37.0813 5304 SCardSvr - ok
16:53:37.0828 5304 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:53:37.0844 5304 scfilter - ok
16:53:37.0891 5304 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
16:53:37.0922 5304 Schedule - ok
16:53:37.0938 5304 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
16:53:37.0953 5304 SCPolicySvc - ok
16:53:38.0000 5304 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:53:38.0031 5304 SDRSVC - ok
16:53:38.0062 5304 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:53:38.0078 5304 secdrv - ok
16:53:38.0094 5304 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:53:38.0109 5304 seclogon - ok
16:53:38.0125 5304 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
16:53:38.0156 5304 SENS - ok
16:53:38.0172 5304 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:53:38.0187 5304 SensrSvc - ok
16:53:38.0203 5304 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:53:38.0203 5304 Serenum - ok
16:53:38.0218 5304 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:53:38.0234 5304 Serial - ok
16:53:38.0281 5304 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:53:38.0312 5304 sermouse - ok
16:53:38.0343 5304 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
16:53:38.0374 5304 SessionEnv - ok
16:53:38.0421 5304 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:53:38.0452 5304 sffdisk - ok
16:53:38.0452 5304 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:53:38.0468 5304 sffp_mmc - ok
16:53:38.0484 5304 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:53:38.0499 5304 sffp_sd - ok
16:53:38.0515 5304 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:53:38.0530 5304 sfloppy - ok
16:53:38.0562 5304 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:53:38.0577 5304 SharedAccess - ok
16:53:38.0624 5304 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:53:38.0655 5304 ShellHWDetection - ok
16:53:38.0686 5304 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
16:53:38.0686 5304 sisagp - ok
16:53:38.0702 5304 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:53:38.0718 5304 SiSRaid2 - ok
16:53:38.0733 5304 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:53:38.0733 5304 SiSRaid4 - ok
16:53:38.0749 5304 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:53:38.0780 5304 Smb - ok
16:53:38.0796 5304 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:53:38.0811 5304 SNMPTRAP - ok
16:53:38.0827 5304 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:53:38.0827 5304 spldr - ok
16:53:38.0874 5304 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
16:53:38.0889 5304 Spooler - ok
16:53:39.0154 5304 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
16:53:39.0201 5304 sppsvc - ok
16:53:39.0248 5304 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:53:39.0295 5304 sppuinotify - ok
16:53:39.0310 5304 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:53:39.0326 5304 SQLBrowser - ok
16:53:39.0342 5304 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:53:39.0357 5304 SQLWriter - ok
16:53:39.0388 5304 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
16:53:39.0404 5304 srv - ok
16:53:39.0420 5304 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:53:39.0435 5304 srv2 - ok
16:53:39.0451 5304 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:53:39.0466 5304 srvnet - ok
16:53:39.0482 5304 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:53:39.0513 5304 SSDPSRV - ok
16:53:39.0529 5304 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
16:53:39.0544 5304 ssmdrv - ok
16:53:39.0544 5304 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:53:39.0576 5304 SstpSvc - ok
16:53:39.0607 5304 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:53:39.0622 5304 stexstor - ok
16:53:39.0654 5304 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
16:53:39.0669 5304 StiSvc - ok
16:53:39.0700 5304 [ D4701170925CC1A532511C5948B195FB ] SuperIO C:\windows\system32\DRIVERS\spio.sys
16:53:39.0700 5304 SuperIO - ok
16:53:39.0747 5304 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
16:53:39.0763 5304 swenum - ok
16:53:39.0794 5304 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:53:39.0825 5304 swprv - ok
16:53:39.0888 5304 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
16:53:39.0934 5304 SysMain - ok
16:53:39.0966 5304 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:53:39.0997 5304 TabletInputService - ok
16:53:40.0028 5304 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
16:53:40.0059 5304 TapiSrv - ok
16:53:40.0075 5304 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:53:40.0090 5304 TBS - ok
16:53:40.0153 5304 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:53:40.0184 5304 Tcpip - ok
16:53:40.0215 5304 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:53:40.0231 5304 TCPIP6 - ok
16:53:40.0278 5304 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:53:40.0324 5304 tcpipreg - ok
16:53:40.0371 5304 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:53:40.0371 5304 TDPIPE - ok
16:53:40.0418 5304 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:53:40.0434 5304 TDTCP - ok
16:53:40.0480 5304 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:53:40.0512 5304 tdx - ok
16:53:40.0558 5304 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
16:53:40.0590 5304 TermDD - ok
16:53:40.0636 5304 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
16:53:40.0668 5304 TermService - ok
16:53:40.0683 5304 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:53:40.0699 5304 Themes - ok
16:53:40.0714 5304 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:53:40.0746 5304 THREADORDER - ok
16:53:40.0761 5304 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:53:40.0777 5304 TrkWks - ok
16:53:40.0839 5304 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:53:40.0870 5304 TrustedInstaller - ok
16:53:40.0902 5304 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:53:40.0917 5304 tssecsrv - ok
16:53:40.0964 5304 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:53:40.0980 5304 TsUsbFlt - ok
16:53:41.0011 5304 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:53:41.0042 5304 tunnel - ok
16:53:41.0073 5304 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:53:41.0089 5304 uagp35 - ok
16:53:41.0120 5304 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:53:41.0167 5304 udfs - ok
16:53:41.0198 5304 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:53:41.0214 5304 UI0Detect - ok
16:53:41.0229 5304 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:53:41.0245 5304 uliagpkx - ok
16:53:41.0260 5304 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
16:53:41.0276 5304 umbus - ok
16:53:41.0292 5304 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:53:41.0292 5304 UmPass - ok
16:53:41.0323 5304 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:53:41.0338 5304 upnphost - ok
16:53:41.0385 5304 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\drivers\usbccgp.sys
16:53:41.0401 5304 usbccgp - ok
16:53:41.0416 5304 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:53:41.0432 5304 usbcir - ok
16:53:41.0463 5304 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:53:41.0494 5304 usbehci - ok
16:53:41.0510 5304 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:53:41.0526 5304 usbhub - ok
16:53:41.0541 5304 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:53:41.0557 5304 usbohci - ok
16:53:41.0572 5304 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:53:41.0588 5304 usbprint - ok
16:53:41.0619 5304 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
16:53:41.0635 5304 USBSTOR - ok
16:53:41.0650 5304 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:53:41.0666 5304 usbuhci - ok
16:53:41.0682 5304 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:53:41.0697 5304 UxSms - ok
16:53:41.0713 5304 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
16:53:41.0728 5304 VaultSvc - ok
16:53:41.0728 5304 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:53:41.0744 5304 vdrvroot - ok
16:53:41.0775 5304 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
16:53:41.0838 5304 vds - ok
16:53:41.0853 5304 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:53:41.0869 5304 vga - ok
16:53:41.0884 5304 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:53:41.0900 5304 VgaSave - ok
16:53:41.0947 5304 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:53:41.0978 5304 vhdmp - ok
16:53:41.0994 5304 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
16:53:42.0009 5304 viaagp - ok
16:53:42.0025 5304 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:53:42.0040 5304 ViaC7 - ok
16:53:42.0072 5304 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
16:53:42.0072 5304 viaide - ok
16:53:42.0087 5304 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:53:42.0103 5304 volmgr - ok
16:53:42.0118 5304 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:53:42.0134 5304 volmgrx - ok
16:53:42.0150 5304 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:53:42.0165 5304 volsnap - ok
16:53:42.0181 5304 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:53:42.0196 5304 vsmraid - ok
16:53:42.0259 5304 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
16:53:42.0321 5304 VSS - ok
16:53:42.0337 5304 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
16:53:42.0352 5304 vwifibus - ok
16:53:42.0384 5304 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:53:42.0399 5304 W32Time - ok
16:53:42.0430 5304 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:53:42.0446 5304 WacomPen - ok
16:53:42.0477 5304 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:53:42.0508 5304 WANARP - ok
16:53:42.0524 5304 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:53:42.0540 5304 Wanarpv6 - ok
16:53:42.0618 5304 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:53:42.0680 5304 WatAdminSvc - ok
16:53:42.0742 5304 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
16:53:42.0789 5304 wbengine - ok
16:53:42.0836 5304 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:53:42.0867 5304 WbioSrvc - ok
16:53:42.0914 5304 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
16:53:42.0945 5304 wcncsvc - ok
16:53:42.0961 5304 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:53:42.0992 5304 WcsPlugInService - ok
16:53:43.0008 5304 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:53:43.0008 5304 Wd - ok
16:53:43.0039 5304 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:53:43.0054 5304 Wdf01000 - ok
16:53:43.0070 5304 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:53:43.0086 5304 WdiServiceHost - ok
16:53:43.0101 5304 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:53:43.0117 5304 WdiSystemHost - ok
16:53:43.0148 5304 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
16:53:43.0164 5304 WebClient - ok
16:53:43.0195 5304 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:53:43.0210 5304 Wecsvc - ok
16:53:43.0226 5304 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:53:43.0242 5304 wercplsupport - ok
16:53:43.0257 5304 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:53:43.0288 5304 WerSvc - ok
16:53:43.0304 5304 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:53:43.0335 5304 WfpLwf - ok
16:53:43.0366 5304 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
16:53:43.0366 5304 WimFltr - ok
16:53:43.0382 5304 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:53:43.0398 5304 WIMMount - ok
16:53:43.0444 5304 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:53:43.0476 5304 WinDefend - ok
16:53:43.0491 5304 WinHttpAutoProxySvc - ok
16:53:43.0507 5304 [ 8C33A2B630E95D71A7067A4E489952E2 ] WinI2C-DDC C:\windows\system32\drivers\DDCDrv.sys
16:53:43.0522 5304 WinI2C-DDC - ok
16:53:43.0554 5304 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:53:43.0616 5304 Winmgmt - ok
16:53:43.0678 5304 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
16:53:43.0725 5304 WinRM - ok
16:53:43.0772 5304 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:53:43.0772 5304 WinUsb - ok
16:53:43.0803 5304 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:53:43.0834 5304 Wlansvc - ok
16:53:43.0850 5304 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:53:43.0866 5304 WmiAcpi - ok
16:53:43.0897 5304 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:53:43.0912 5304 wmiApSrv - ok
16:53:43.0959 5304 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:53:43.0975 5304 WMPNetworkSvc - ok
16:53:43.0990 5304 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:53:44.0006 5304 WPCSvc - ok
16:53:44.0037 5304 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:53:44.0053 5304 WPDBusEnum - ok
16:53:44.0084 5304 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:53:44.0100 5304 ws2ifsl - ok
16:53:44.0115 5304 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
16:53:44.0131 5304 wscsvc - ok
16:53:44.0146 5304 WSearch - ok
16:53:44.0178 5304 [ BAEDC491374DEFD5E76336901D6D397D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
16:53:44.0178 5304 wsvd - ok
16:53:44.0256 5304 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
16:53:44.0318 5304 wuauserv - ok
16:53:44.0349 5304 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:53:44.0365 5304 WudfPf - ok
16:53:44.0412 5304 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:53:44.0427 5304 WUDFRd - ok
16:53:44.0458 5304 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:53:44.0474 5304 wudfsvc - ok
16:53:44.0490 5304 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:53:44.0505 5304 WwanSvc - ok
16:53:44.0536 5304 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
16:53:44.0552 5304 yukonw7 - ok
16:53:44.0552 5304 ================ Scan global ===============================
16:53:44.0583 5304 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:53:44.0630 5304 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
16:53:44.0646 5304 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
16:53:44.0661 5304 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:53:44.0677 5304 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:53:44.0692 5304 [Global] - ok
16:53:44.0692 5304 ================ Scan MBR ==================================
16:53:44.0708 5304 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:53:45.0020 5304 \Device\Harddisk0\DR0 - ok
16:53:45.0020 5304 ================ Scan VBR ==================================
16:53:45.0020 5304 [ 62549D7CF47B0CC8E15DD197085E36E8 ] \Device\Harddisk0\DR0\Partition1
16:53:45.0020 5304 \Device\Harddisk0\DR0\Partition1 - ok
16:53:45.0067 5304 [ 2A89B148068EA17C836D159D9753AE51 ] \Device\Harddisk0\DR0\Partition2
16:53:45.0067 5304 \Device\Harddisk0\DR0\Partition2 - ok
16:53:45.0067 5304 ============================================================
16:53:45.0067 5304 Scan finished
16:53:45.0067 5304 ============================================================
16:53:45.0082 4196 Detected object count: 4
16:53:45.0082 4196 Actual detected object count: 4
16:54:00.0776 4196 DDNIMSGService ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:00.0776 4196 DDNIMSGService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:54:00.0776 4196 DDNIService ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:00.0776 4196 DDNIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:54:00.0776 4196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:00.0776 4196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:54:00.0792 4196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:54:00.0792 4196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

#8
Essexboy

Posted 08 September 2012 - 04:08 PM

GeekU Moderator

Retired Staff
69,964 posts

Ah OK they should have tidied up when they finished

Could you give me a screenshot of the area where stuff is missing please also what sites are you being redirected to ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following
Posted Image

:OTL
FF - prefs.js..extensions.enabledAddons: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:4.7
FF - prefs.js..extensions.enabledItems: [email protected]:1.0

:Files
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt  /c
ipconfig /release /c
ipconfig /renew /c

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

#9
catttreanor

Posted 08 September 2012 - 04:20 PM

Member

Topic Starter
Member
67 posts

When I try to run the fix on OTL an error message pops up and says 'Cannot create file C:\Users\catt\Desktop\cmd.bat

Also, I have no idea how to take a screenshot

#10
catttreanor

Posted 08 September 2012 - 04:23 PM

Member

Topic Starter
Member
67 posts

And now its not redirecting. It only does it sometimes and I've tried clicking on multiple links to get it to do so, but it doesn't seem to want to redirect now that I actually need it to.

#11
Essexboy

Posted 08 September 2012 - 04:24 PM

GeekU Moderator

Retired Staff
69,964 posts

Go Start > All Programs > Accessories > Snipping Tool

This will activate a small programme that enable you to capture part of the screem

OK close OTL and continue onto the next part please

#12
catttreanor

Posted 08 September 2012 - 04:38 PM

Member

Topic Starter
Member
67 posts

When I first posted there was absolutely NOTHING in my programs under the start menu. Now there are a few things, but the snipping tool is not one of them. Here is the OTL quick scan log

OTL logfile created on: 9/8/2012 5:30:15 PM - Run 12
OTL by OldTimer - Version 3.2.61.2 Folder = C:\Users\catt\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.75 Gb Total Physical Memory | 0.82 Gb Available Physical Memory | 47.17% Memory free
3.50 Gb Paging File | 2.20 Gb Available in Paging File | 62.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 272.92 Gb Total Space | 74.75 Gb Free Space | 27.39% Space Free | Partition Type: NTFS

Computer Name: BETSY | User Name: catt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/08 16:00:18 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Desktop\OTL(1).exe
PRC - [2012/09/07 12:17:50 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/04 09:12:07 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
PRC - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE
PRC - [2011/10/21 04:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/28 12:28:42 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/23 23:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/17 12:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011/04/27 03:25:58 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/07 03:20:39 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/07/23 09:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\DIBS\DDNIService.exe
PRC - [2010/07/20 11:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/09/28 13:09:06 | 000,827,392 | ---- | M] (Lenovo) -- C:\Program Files\Lenovo\HealthCare\HealthCare.exe
PRC - [2009/08/24 08:15:32 | 000,221,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
PRC - [2009/07/29 17:01:10 | 000,049,152 | ---- | M] (Lenovo (Shenzhen) Electronic Co., Ltd.) -- C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
PRC - [2009/07/10 11:04:58 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/10 11:04:28 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/06/03 22:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

========== Modules (No Company Name) ==========

MOD - [2012/09/07 12:17:50 | 002,244,064 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/09/04 09:12:06 | 009,813,704 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_265.dll
MOD - [2012/06/14 03:30:35 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/14 03:29:59 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:29:52 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/10 03:27:21 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 03:26:12 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 03:26:07 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 03:26:05 | 007,967,232 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:25:47 | 011,492,864 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2010/04/29 06:29:11 | 001,732,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3478.18702__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010/04/29 06:29:11 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3478.18776__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/04/29 06:29:11 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3478.18684__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:11 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3478.18704__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/04/29 06:29:11 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3478.18756__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:11 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3478.18737__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:11 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3478.18698__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/04/29 06:29:11 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3478.18727__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:11 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3478.18693__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:10 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3478.18693__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3478.18728__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,360,448 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3478.18724__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3478.18704__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3478.18742__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/04/29 06:29:10 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3478.18734__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3478.18692__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3478.18728__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:10 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3478.18776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/04/29 06:29:10 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3478.18775__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:10 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3478.18729__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:10 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3478.18734__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:10 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3478.18735__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/04/29 06:29:10 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/04/29 06:29:10 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/04/29 06:29:10 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/04/29 06:29:10 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/04/29 06:29:10 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,651,264 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3478.18800__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010/04/29 06:29:09 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3478.18770__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/04/29 06:29:09 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/04/29 06:29:09 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3478.18769__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/04/29 06:29:09 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/04/29 06:29:09 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3478.18781__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/04/29 06:29:09 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/04/29 06:29:09 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/04/29 06:29:09 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/04/29 06:29:09 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/04/29 06:29:09 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/04/29 06:29:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/04/29 06:29:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/04/29 06:29:09 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3478.18679__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/04/29 06:29:09 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/04/29 06:29:08 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3478.18688__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/04/29 06:29:08 | 000,552,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3478.18764__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010/04/29 06:29:08 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3478.18698__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/04/29 06:29:08 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3478.18680__90ba9c70f846762e\APM.Server.dll
MOD - [2010/04/29 06:29:08 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3478.18683__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/04/29 06:29:08 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3478.18681__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/04/29 06:29:08 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/04/29 06:29:08 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3478.18679__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/04/29 06:29:08 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/04/29 06:29:08 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/04/29 06:29:08 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/04/29 06:29:08 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/04/29 06:29:08 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/04/29 06:29:08 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/04/29 06:29:08 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3478.18770__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/09/09 11:25:06 | 000,057,344 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\en-us\en-us.dll
MOD - [2009/06/19 12:33:54 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/06/03 22:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMLSvcPS.dll
MOD - [2009/06/03 22:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\Lenovo\Power2Go\CLMediaLibrary.dll
MOD - [2008/09/27 10:39:26 | 000,045,056 | ---- | M] () -- C:\Program Files\Lenovo\HealthCare\HOOK.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/09/07 12:17:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/04 09:12:07 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 00:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/10/21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/28 12:28:42 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/17 12:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/04/27 03:25:58 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/04 03:00:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/23 09:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/20 11:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/10 11:04:28 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2008/01/11 19:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\catt\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2011/06/28 12:28:43 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/28 12:28:43 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/04/05 17:35:20 | 000,221,784 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw)
DRV - [2011/04/05 17:35:20 | 000,094,040 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)
DRV - [2011/04/05 17:35:20 | 000,078,936 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\sbtis.sys -- (SbTis)
DRV - [2011/02/08 09:14:22 | 000,069,208 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV - [2011/02/08 09:14:22 | 000,069,208 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/21 23:14:58 | 000,081,704 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wsvd.sys -- (wsvd)
DRV - [2009/07/13 17:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 11:40:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/06/05 19:18:08 | 000,011,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\spio.sys -- (SuperIO)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/05/04 23:30:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009/03/02 13:00:32 | 000,016,200 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV - [2008/08/06 14:34:16 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{B37A3E90-AEDB-4334-A12D-210C842EF19C}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=723823"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://leftaction.co...en-US:official"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 12:17:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 17:09:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/07 12:17:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/04/13 17:09:15 | 000,000,000 | ---D | M]

[2010/11/01 09:45:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Extensions
[2012/09/04 09:30:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions
[2012/09/04 09:30:38 | 000,000,000 | ---D | M] (WOT) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/03/22 09:04:30 | 000,000,000 | ---D | M] (Performance Cache) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2012/09/04 09:30:36 | 000,243,317 | ---- | M] () (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\[email protected]
[2012/08/10 18:41:13 | 000,375,811 | ---- | M] () (No name found) -- C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi
[2012/03/25 11:28:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/07 12:17:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/06/27 01:56:16 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2009/07/02 12:19:28 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012/09/04 09:30:24 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/04 09:30:24 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/03/25 11:15:58 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Lenovo\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Healthcare] C:\Program Files\Lenovo\HealthCare\HealthCare.exe (Lenovo)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe (Lenovo (Shenzhen) Electronic Co., Ltd.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC3054F0-C6F0-4F36-8132-BBDB287D3BA5}: DhcpNameServer = 75.75.76.76 75.75.75.75 0.0.0.0
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/08 16:00:16 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\catt\Desktop\OTL(1).exe
[2010/04/29 06:40:04 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\ProgramData\flashax10.exe

========== Files - Modified Within 30 Days ==========

[2012/09/08 17:30:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/09/08 17:25:36 | 000,014,240 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/08 17:25:36 | 000,014,240 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/08 17:18:09 | 000,000,878 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/08 17:17:53 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/08 17:17:48 | 1407,746,048 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/08 16:58:01 | 000,000,882 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/08 16:00:18 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\catt\Desktop\OTL(1).exe
[2012/09/08 15:56:52 | 001,378,816 | ---- | M] () -- C:\Users\catt\Desktop\RogueKiller.exe
[2012/09/07 12:17:58 | 000,001,990 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/09/05 03:18:31 | 000,450,824 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/08/30 13:42:28 | 000,132,181 | ---- | M] () -- C:\Users\catt\Desktop\558235_405683219490115_458526124_n.jpg
[2012/08/20 19:49:59 | 000,041,779 | ---- | M] () -- C:\Users\catt\Desktop\122710-807985_6_935994_full.jpg
[2012/08/20 19:40:31 | 000,045,297 | ---- | M] () -- C:\Users\catt\Desktop\1065464_34_1513986_full.jpg
[2012/08/20 19:38:51 | 000,026,908 | ---- | M] () -- C:\Users\catt\Desktop\936483_351_1650623_full.jpg
[2012/08/20 19:28:31 | 000,033,412 | ---- | M] () -- C:\Users\catt\Desktop\070411_1356140_6_2119240_full.jpg
[2012/08/20 19:25:37 | 000,061,891 | ---- | M] () -- C:\Users\catt\Desktop\JosephL_full.jpg
[2012/08/20 18:47:44 | 000,031,127 | ---- | M] () -- C:\Users\catt\Desktop\072012-2478512_6_4584758_full.jpg
[2012/08/20 18:34:02 | 000,066,285 | ---- | M] () -- C:\Users\catt\Desktop\142730_87_113856_full.jpg
[2012/08/20 18:31:28 | 000,081,072 | ---- | M] () -- C:\Users\catt\Desktop\AJ-Crandall-r_full.jpg
[2012/08/11 13:15:18 | 000,001,276 | ---- | M] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DivX to DVD Converter.lnk
[2012/08/11 13:15:18 | 000,001,252 | ---- | M] () -- C:\Users\catt\Desktop\Xilisoft DivX to DVD Converter.lnk

========== Files Created - No Company Name ==========

[2012/09/08 15:56:49 | 001,378,816 | ---- | C] () -- C:\Users\catt\Desktop\RogueKiller.exe
[2012/08/30 13:42:23 | 000,132,181 | ---- | C] () -- C:\Users\catt\Desktop\558235_405683219490115_458526124_n.jpg
[2012/08/20 19:49:58 | 000,041,779 | ---- | C] () -- C:\Users\catt\Desktop\122710-807985_6_935994_full.jpg
[2012/08/20 19:40:30 | 000,045,297 | ---- | C] () -- C:\Users\catt\Desktop\1065464_34_1513986_full.jpg
[2012/08/20 19:38:50 | 000,026,908 | ---- | C] () -- C:\Users\catt\Desktop\936483_351_1650623_full.jpg
[2012/08/20 19:28:28 | 000,033,412 | ---- | C] () -- C:\Users\catt\Desktop\070411_1356140_6_2119240_full.jpg
[2012/08/20 19:25:36 | 000,061,891 | ---- | C] () -- C:\Users\catt\Desktop\JosephL_full.jpg
[2012/08/20 18:47:43 | 000,031,127 | ---- | C] () -- C:\Users\catt\Desktop\072012-2478512_6_4584758_full.jpg
[2012/08/20 18:34:01 | 000,066,285 | ---- | C] () -- C:\Users\catt\Desktop\142730_87_113856_full.jpg
[2012/08/20 18:31:25 | 000,081,072 | ---- | C] () -- C:\Users\catt\Desktop\AJ-Crandall-r_full.jpg
[2012/08/11 13:15:18 | 000,001,276 | ---- | C] () -- C:\Users\catt\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft DivX to DVD Converter.lnk
[2012/08/11 13:15:18 | 000,001,252 | ---- | C] () -- C:\Users\catt\Desktop\Xilisoft DivX to DVD Converter.lnk
[2012/03/19 17:06:56 | 000,000,512 | ---- | C] () -- C:\Users\catt\MBR.dat
[2012/01/10 10:50:13 | 014,999,886 | ---- | C] () -- C:\Users\catt\teen.mom.s03e08.hdtv.xvid-crimson.avi
[2011/08/26 15:01:38 | 000,139,264 | ---- | C] () -- C:\windows\System32\gswin32c.exe
[2011/08/10 17:16:08 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2011/08/10 17:16:08 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2011/08/10 17:16:08 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011/08/10 17:16:08 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011/08/10 17:16:08 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011/08/10 17:03:00 | 000,023,624 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/07/31 23:58:10 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2011/07/31 23:58:10 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2010/11/03 21:53:06 | 000,136,489 | ---- | C] () -- C:\windows\hphins33.dat
[2010/11/03 21:53:06 | 000,000,512 | ---- | C] () -- C:\windows\hphmdl33.dat

========== LOP Check ==========

[2012/09/08 17:04:59 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\BitTorrent
[2012/01/26 14:09:30 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\Catalina Marketing Corp
[2012/01/26 14:08:59 | 000,000,000 | ---D | M] -- C:\Users\catt\AppData\Roaming\OpenOffice.org
[2009/07/13 23:53:46 | 000,030,388 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

#13
Essexboy

Posted 08 September 2012 - 04:42 PM

GeekU Moderator

Retired Staff
69,964 posts

Could you follow the steps on this page to restore your menus

#14
catttreanor

Posted 08 September 2012 - 04:42 PM

Member

Topic Starter
Member
67 posts

# AdwCleaner v2.000 - Logfile created 09/08/2012 at 17:39:54
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : catt - BETSY
# Boot Mode : Normal
# Running from : C:\Users\catt\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\extensions\[email protected]
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Users\catt\AppData\LocalLow\Search Settings

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKLM\Software\Search Settings

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\catt\AppData\Roaming\Mozilla\Firefox\Profiles\o4u9oc9m.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1217 octets] - [08/09/2012 17:39:41]
AdwCleaner[S1].txt - [1413 octets] - [08/09/2012 17:39:54]

########## EOF - C:\AdwCleaner[S1].txt - [1473 octets] ##########