|
|
| Computer Technical Help Post your questions about computer hardware and software and configuring same here. |
07-24-2012, 10:05 AM
|
#1
|
|
Carpal \'Tunnel
Join Date: Dec 2006
Posts: 10,185
|
Computer running extremely slow (rkill and OTL log inside)
So since yesterday I've been having some issues with my work computer. MS Outlook, Word, Excel and Chrome have been running extremely slowly (I don't use much else on the computer), with constant freezeups which every 3rd or fourth time would lock up my computer to the need of restarting.
I ran rkill, which actually seemed to solve the issue (at least temporarily). Log below:
Quote:
This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 07/24/2012 at 9:43:21.
Operating System: Windows 7 Home Premium
Processes terminated by Rkill or while it was running:
C:\Users\Braden\AppData\Local\Akamai\netsession_wi n.exe
C:\Users\Braden\AppData\Roaming\Dropbox\bin\Dropbo x.exe
C:\Users\Braden\AppData\Local\Akamai\netsession_wi n.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
Rkill completed on 07/24/2012 at 9:43:32.
|
Also ran OTL. Log below
Quote:
OTL logfile created on: 7/24/2012 9:45:40 AM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Braden\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.91 Gb Total Physical Memory | 4.06 Gb Available Physical Memory | 68.74% Memory free
11.82 Gb Paging File | 9.76 Gb Available in Paging File | 82.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.87 Gb Total Space | 349.38 Gb Free Space | 77.15% Space Free | Partition Type: NTFS
Drive Q: | 11.72 Gb Total Space | 3.46 Gb Free Space | 29.49% Space Free | Partition Type: NTFS
Computer Name: BRADEN-THINK | User Name: Braden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/07/24 09:45:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Braden\Downloads\OTL.exe
PRC - [2012/05/02 09:16:08 | 003,050,848 | ---- | M] (GFI Software) -- C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe
PRC - [2012/05/02 08:59:28 | 003,289,680 | ---- | M] (GFI Software) -- C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
PRC - [2012/05/02 08:58:48 | 000,173,920 | ---- | M] (GFI Software) -- C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
PRC - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2011/06/01 14:01:00 | 000,148,840 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe
PRC - [2011/05/26 06:43:14 | 000,328,040 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2011/05/04 17:50:12 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\egnyte_backup_systray.exe
PRC - [2011/05/04 17:50:12 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\EgnyteBackupService.exe
PRC - [2011/04/13 08:58:14 | 000,084,088 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2011/04/04 21:22:12 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011/04/04 21:22:10 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011/04/04 21:21:56 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2011/04/03 21:27:22 | 000,045,496 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2011/03/29 00:41:10 | 000,064,952 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2011/02/24 03:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/21 23:19:12 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/21 23:19:08 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/06 23:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2010/11/25 12:51:34 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2010/04/07 01:37:40 | 000,093,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
PRC - [2010/04/01 01:50:46 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2010/03/11 17:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/05/28 01:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2008/01/10 15:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2012/07/10 00:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\ppgooglenaclpluginchrome.dll
MOD - [2012/07/10 00:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\pdf.dll
MOD - [2012/07/10 00:07:39 | 000,554,520 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\libglesv2.dll
MOD - [2012/07/10 00:07:37 | 000,117,784 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\libegl.dll
MOD - [2012/07/10 00:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\avutil-51.dll
MOD - [2012/07/10 00:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\avformat-54.dll
MOD - [2012/07/10 00:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\avcodec-54.dll
MOD - [2012/07/09 22:17:27 | 009,255,112 | ---- | M] () -- C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\gcswf32.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/05/04 17:50:12 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\egnyte_backup_systray.exe
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/10/26 09:27:14 | 000,023,552 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_multiprocessing.pyd
MOD - [2009/10/26 09:27:14 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\select.pyd
MOD - [2009/10/26 09:27:12 | 000,311,808 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_hashlib.pyd
MOD - [2009/10/26 09:27:06 | 000,153,088 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\pyexpat.pyd
MOD - [2009/10/26 09:25:42 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_ctypes.pyd
MOD - [2009/10/26 09:25:34 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_elementtree.pyd
MOD - [2009/10/26 09:25:22 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_sqlite3.pyd
MOD - [2009/10/26 09:25:18 | 000,645,120 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_ssl.pyd
MOD - [2009/10/26 09:25:02 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_socket.pyd
MOD - [2009/10/26 09:25:00 | 000,572,928 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\sqlite3.dll
MOD - [2009/09/18 09:50:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\Cheetah._namemapper.pyd
MOD - [2009/07/06 03:16:02 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32file.pyd
MOD - [2009/07/05 05:36:42 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\pythoncom26.dll
MOD - [2009/07/05 05:35:52 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32api.pyd
MOD - [2009/07/05 05:35:46 | 000,024,576 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32wnet.pyd
MOD - [2009/07/05 05:35:44 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32service.pyd
MOD - [2009/07/05 05:35:36 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32pipe.pyd
MOD - [2009/07/05 05:35:34 | 000,065,024 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32net.pyd
MOD - [2009/07/05 05:35:28 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\win32event.pyd
MOD - [2009/07/05 05:35:18 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\pywintypes26.dll
MOD - [2009/05/28 01:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
MOD - [2009/05/14 20:09:48 | 000,675,328 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wx._misc_.pyd
MOD - [2009/05/14 20:09:00 | 000,966,144 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wx._controls_.pyd
MOD - [2009/05/14 20:08:30 | 000,669,696 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wx._windows_.pyd
MOD - [2009/05/14 20:08:14 | 000,744,960 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wx._gdi_.pyd
MOD - [2009/05/14 20:07:18 | 000,980,992 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wx._core_.pyd
MOD - [2009/05/14 19:55:08 | 000,479,744 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wxmsw28uh_html_vc.dll
MOD - [2009/05/14 19:54:38 | 000,730,112 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wxmsw28uh_adv_vc.dll
MOD - [2009/05/14 19:54:20 | 003,168,768 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wxmsw28uh_core_vc.dll
MOD - [2009/05/14 19:52:26 | 000,122,368 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wxbase28uh_net_vc.dll
MOD - [2009/05/14 19:52:20 | 001,306,112 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\wxbase28uh_vc.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2009/02/20 12:19:02 | 000,270,848 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\pycurl.pyd
MOD - [2009/02/20 05:37:58 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\Egnyte Backup\_librsync_wrapper.pyd
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/04/19 21:04:40 | 000,144,232 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2011/04/04 21:22:12 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2011/04/04 21:21:56 | 000,040,808 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2011/04/03 21:27:22 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2011/03/29 22:15:36 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2011/03/29 00:41:10 | 000,064,952 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2011/02/01 01:05:12 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2010/12/16 18:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010/12/03 16:01:54 | 000,116,072 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2010/09/22 21:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/07 01:37:40 | 000,093,032 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/10 14:07:33 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012/05/02 08:59:28 | 003,289,680 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/05/02 08:58:48 | 000,173,920 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe -- (SBPIMSvc)
SRV - [2012/03/14 15:26:37 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/01 14:01:00 | 000,148,840 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2011/06/01 14:01:00 | 000,083,304 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2011/05/04 17:50:12 | 000,023,552 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Egnyte Backup\EgnyteBackupService.exe -- (egnyteBackup)
SRV - [2011/04/13 08:58:14 | 000,084,088 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2011/02/24 03:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/21 23:19:12 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/21 23:19:08 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/01/06 23:28:42 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2010/11/25 12:51:34 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 17:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/10 15:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/04/13 21:30:04 | 000,085,248 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/25 22:21:26 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2011/11/29 07:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2011/08/20 12:13:02 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/20 12:13:02 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/07/15 15:44:50 | 001,453,616 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/06/01 14:01:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2011/05/13 03:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 03:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 03:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 03:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 03:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/04/27 19:46:20 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/04/27 19:46:10 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/04/12 20:21:56 | 001,143,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011/03/29 22:13:40 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2011/03/29 22:11:48 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2011/03/24 02:36:20 | 001,576,064 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/03/23 19:25:00 | 000,101,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011/02/01 01:05:12 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2010/12/28 14:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/03 16:01:58 | 000,031,592 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 03:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/07 01:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/07/01 22:16:02 | 000,040,512 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2012/01/25 22:21:26 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {16BCB545-ABDD-4111-8751-35749D598DBB}
IE:64bit: - HKLM\..\SearchScopes\{16BCB545-ABDD-4111-8751-35749D598DBB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {16BCB545-ABDD-4111-8751-35749D598DBB}
IE - HKLM\..\SearchScopes\{16BCB545-ABDD-4111-8751-35749D598DBB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {16BCB545-ABDD-4111-8751-35749D598DBB}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local;<local>
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Braden\AppData\Roaming\Mozilla\plugins\np googletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Braden\AppData\Roaming\Mozilla\plugins\np gtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Braden\AppData\Local\Google\Update\1.3.21 .115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Braden\AppData\Local\Google\Update\1.3.21 .115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\VIP@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2011/08/20 12:40:40 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://lenovo.msn.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:accepte dSuggestion}{google riginalQueryForSuggestion}{go ogle:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldt rialParameter}client=chrome&hl={language}&q={searc hTerms}
CHR - homepage: http://lenovo.msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Braden\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Braden\AppData\Local\Google\Chrome\Applic ation\plugins\npatgpc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Braden\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_0\
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Backup Notifications] C:\Program Files (x86)\Egnyte Backup\egnyte_backup_systray.exe ()
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Braden\AppData\Local\Akamai\netsession_wi n.exe (Akamai Technologies, Inc)
O4 - Startup: C:\Users\Braden\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Braden\AppData\Roaming\Dropbox\bin\Dropbo x.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{B060799D-3D08-4EA9-A1F2-5556C822E03E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{C0C71555-E534-4349-AD46-24139FC7C25C}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe ()
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe ()
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/29 18:41:57 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/06/10 12:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{52c4907d-f56c-11e0-b13b-f0def17fdf2d}\Shell - "" = AutoRun
O33 - MountPoints2\{52c4907d-f56c-11e0-b13b-f0def17fdf2d}\Shell\AutoRun\command - "" = E:\KODAK_Camera_Setup_App.exe
O33 - MountPoints2\{79a3a846-cb47-11e0-ab4f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{79a3a846-cb47-11e0-ab4f-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009/08/10 17:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SBAMSvc - C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SafeBootMin: SBPIMSvc - C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SBAMSvc - C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SafeBootNet: SBPIMSvc - C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2E314943-C476-6DAB-70A5-A01ACB878243} - Microsoft Windows Media Player
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9AA19CEE-CE9D-3E86-AE64-4C2B611D244D} - Java (Sun)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FE38920B-79AF-EADC-C93E-BF99186878AA} - DirectX
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
========== Files/Folders - Created Within 30 Days ==========
[2012/07/24 09:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/07/24 09:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/07/24 09:49:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/07/23 12:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GFI Software
[2012/07/23 09:37:46 | 000,000,000 | ---D | C] -- C:\Users\Braden\AppData\Roaming\Mozilla
[2012/07/23 03:03:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/23 03:03:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/23 03:03:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/23 03:03:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/23 03:03:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/23 03:03:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/23 03:03:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/23 03:03:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/23 03:03:21 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/23 03:03:21 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/23 03:03:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/23 03:03:21 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/23 03:03:21 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/11 09:15:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/11 09:15:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/11 09:15:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/11 09:15:21 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/11 09:15:20 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
========== Files - Modified Within 30 Days ==========
[2012/07/24 09:52:02 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/07/24 09:44:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-342191246-1884942190-497382858-1000UA.job
[2012/07/24 09:36:59 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/24 09:36:59 | 000,024,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/24 09:34:20 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/24 09:34:20 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/24 09:34:20 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/24 09:30:13 | 000,000,586 | ---- | M] () -- C:\Users\Braden\Desktop\distributedsun File Server.lnk
[2012/07/24 09:29:53 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/24 09:29:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/24 09:29:26 | 467,062,783 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/24 09:13:36 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/23 14:51:36 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-342191246-1884942190-497382858-1000Core.job
[2012/07/23 12:25:02 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\VIPRE.lnk
[2012/07/23 03:26:35 | 000,375,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/23 03:26:30 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/07/19 09:41:15 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012/07/12 14:40:13 | 000,002,375 | ---- | M] () -- C:\Users\Braden\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2012/04/19 10:43:19 | 000,000,336 | ---- | C] () -- C:\Users\Braden\.JavaPowUpload.properties
[2012/03/07 15:32:35 | 000,060,304 | ---- | C] () -- C:\Users\Braden\g2mdlhlpx.exe
[2011/10/26 09:38:35 | 000,189,191 | ---- | C] () -- C:\Windows\hpwins23.dat
[2011/10/26 09:38:35 | 000,001,501 | ---- | C] () -- C:\Windows\hpwmdl23.dat
[2011/09/03 16:40:40 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/08/29 10:56:03 | 000,000,772 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2011/08/29 10:56:03 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2011/08/29 10:55:50 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/08/29 10:54:51 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2011/08/29 10:54:51 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2011/08/29 10:54:51 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2011/08/29 10:54:48 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2011/08/29 10:54:39 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2011/08/20 12:26:02 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/08/20 12:26:01 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/08/20 12:26:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/08/20 12:26:01 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/08/20 12:26:00 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
========== Custom Scans ==========
< >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\drivers\*.sys >
[2012/01/25 22:21:26 | 000,101,112 | ---- | M] (GFI Software) -- C:\Windows\system32\drivers\SBREDrv.sys
[2004/12/23 07:47:10 | 000,027,392 | R--- | M] (Ulead Systems, Inc.) -- C:\Windows\system32\drivers\ULCDRHlp.sys
[2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys
< %systemroot%\system32\drivers\*.dll >
< %systemroot%\system32\drivers\*.ini >
< %systemroot%\system32\drivers\*.exe >
< %SYSTEMDRIVE%\*.* >
[2010/11/20 23:23:51 | 000,383,786 | RHS- | M] () -- C:\bootmgr
[2011/02/15 05:42:44 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/07/24 09:29:26 | 467,062,783 | -HS- | M] () -- C:\hiberfil.sys
[2006/12/02 02:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2012/07/24 09:29:29 | 2054,406,143 | -HS- | M] () -- C:\pagefile.sys
[2012/07/24 09:43:32 | 000,000,575 | ---- | M] () -- C:\rkill.log
< %PROGRAMFILES%\*. >
[2011/08/20 12:29:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2012/03/19 18:57:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2012/03/19 18:56:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2011/08/29 10:54:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Brother
[2011/08/20 12:20:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2012/01/13 12:02:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Citrix
[2012/03/19 18:56:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/08/20 12:35:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Corel
[2011/08/29 13:18:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Egnyte Backup
[2012/03/09 15:18:41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GFI Software
[2011/11/23 21:18:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2011/11/23 10:55:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2011/08/29 10:54:37 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/08/20 12:40:22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/07/23 03:24:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/03/19 18:58:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2012/02/10 11:44:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2011/08/20 12:42:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lenovo
[2011/08/20 12:30:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lenovo Registration
[2012/04/20 11:36:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2011/08/26 00:04:04 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011/08/26 00:08:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/05/20 03:28:21 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/08/20 12:38:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/03/06 14:33:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/08/26 17:30:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2012/03/14 15:27:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Palisade
[2012/04/12 17:58:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PokerStove
[2012/02/22 16:53:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PVsyst5
[2011/08/20 12:21:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/08/20 12:21:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ricoh
[2012/07/24 09:49:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/08/29 11:34:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sunbelt Software
[2011/08/20 12:40:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2011/08/20 12:27:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ThinkPad
[2011/08/20 12:20:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ThinkPad Wireless LAN Adapter Software
[2009/07/14 00:57:06 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2011/08/20 12:39:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 01:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/20 23:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2010/11/21 03:06:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
< MD5 for: ATAPI.SYS >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\ms hdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35 _6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: EXPLORER.EXE >
[2011/08/20 12:11:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87 e574ddfe652d\explorer.exe
[2011/08/20 12:11:44 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/08/20 12:11:44 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa7 9dc39081d0ba\explorer.exe
[2011/08/20 12:11:44 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b033 3b22a99da332\explorer.exe
[2011/01/16 15:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Users\Braden\AppData\Local\Temp\RarSFX0\procs\e xplorer.exe
[2010/11/20 23:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f 56d3c4bcbafb\explorer.exe
[2011/08/20 12:11:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/08/20 12:11:44 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc 4815c4e292b5\explorer.exe
[2005/08/16 01:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Users\Braden\AppData\Local\Temp\RarSFX0\h\explo rer.exe
[2010/11/20 23:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afda ac81905bf900\explorer.exe
[2012/07/24 09:42:10 | 001,012,656 | ---- | M] () MD5=C7D040F4C3C0214B460AABDE52BE9189 -- C:\Users\Braden\Downloads\eXplorer.exe
< MD5 for: IASTOR.SYS >
[2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\SWTOOLS\DRIVERS\IMSM\iaStor.sys
[2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/11/05 10:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\ia ahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 23:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de30 24012ff21116\userinit.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Braden\AppData\Local\Temp\RarSFX0\userini t.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 23:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4e bf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 23:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde9 0685eb910636\winlogon.exe
[2009/05/26 18:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Users\Braden\AppData\Local\Temp\RarSFX0\winlogo n.exe
< End of report >
|
Thanks for any help
|
|
|
|
07-24-2012, 10:44 AM
|
#2
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 12,625
|
Re: Computer running extremely slow (rkill and OTL log inside)
- Please run OTL.exe again
- Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:
Code:
:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {16BCB545-ABDD-4111-8751-35749D598DBB}
IE:64bit: - HKLM\..\SearchScopes\{16BCB545-ABDD-4111-8751-35749D598DBB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {16BCB545-ABDD-4111-8751-35749D598DBB}
IE - HKLM\..\SearchScopes\{16BCB545-ABDD-4111-8751-35749D598DBB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox
IE - HKCU\..\SearchScopes,DefaultScope = {16BCB545-ABDD-4111-8751-35749D598DBB}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local;<local>
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
- CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
- If it asks to reboot the computer, please allow that.
- Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)
====================
- Download TDSSKiller by Kaspersky from here and save it to your desktop
- Doubleclick TDSSKiller.exe to run the tool
- Click the Start Scan button
- After the scan has finished, click the Close button
- Click the Report button and copy/paste the contents of it into your next reply
- The report can also be found in the root of your Windows drive (most likely C:\).
====================
I'm running tdsskiller, but not expecting to find anything. You should look through the OTL log yourself. The first sections lists processes, modules, services. Maybe you have some stuff running you do not really need, but that is consuming resources.
|
|
|
|
|
07-24-2012, 05:08 PM
|
#3
|
|
Carpal \'Tunnel
Join Date: Dec 2006
Posts: 10,185
|
Re: Computer running extremely slow (rkill and OTL log inside)
Gabe thanks for correcting me. Contents of the OTL scan log below. Will reply shortly with the TDSkiller.
Quote:
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16BCB545-ABDD-4111-8751-35749D598DBB}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16BCB54 5-ABDD-4111-8751-35749D598DBB}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{16BCB545-ABDD-4111-8751-35749D598DBB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16BCB54 5-ABDD-4111-8751-35749D598DBB}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\\ProxyOverride| /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C84 0-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C84 0-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFA C-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
OTL by OldTimer - Version 3.2.54.1 log created on 07242012_170657
|
|
|
|
|
|
07-24-2012, 05:12 PM
|
#4
|
|
Carpal \'Tunnel
Join Date: Dec 2006
Posts: 10,185
|
Re: Computer running extremely slow (rkill and OTL log inside)
tdsskiller report (note that the Akamai potential threat that was found I think was one of the programs closed when I ran rkill - which allowed the computer to function again).
Quote:
17:09:02.0605 7068 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:09:02.0805 7068 ================================================== ==========
17:09:02.0805 7068 Current date / time: 2012/07/24 17:09:02.0805
17:09:02.0805 7068 SystemInfo:
17:09:02.0805 7068
17:09:02.0806 7068 OS Version: 6.1.7601 ServicePack: 1.0
17:09:02.0806 7068 Product type: Workstation
17:09:02.0806 7068 ComputerName: BRADEN-THINK
17:09:02.0806 7068 UserName: Braden
17:09:02.0806 7068 Windows directory: C:\Windows
17:09:02.0806 7068 System windows directory: C:\Windows
17:09:02.0806 7068 Running under WOW64
17:09:02.0806 7068 Processor architecture: Intel x64
17:09:02.0806 7068 Number of processors: 4
17:09:02.0806 7068 Page size: 0x1000
17:09:02.0806 7068 Boot type: Normal boot
17:09:02.0806 7068 ================================================== ==========
17:09:03.0424 7068 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:03.0429 7068 ================================================== ==========
17:09:03.0429 7068 \Device\Harddisk0\DR0:
17:09:03.0429 7068 MBR partitions:
17:09:03.0429 7068 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
17:09:03.0429 7068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x389BD000
17:09:03.0429 7068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38C15800, BlocksNum 0x1770000
17:09:03.0429 7068 ================================================== ==========
17:09:03.0454 7068 C: <-> \Device\Harddisk0\DR0\Partition1
17:09:03.0495 7068 Q: <-> \Device\Harddisk0\DR0\Partition2
17:09:03.0496 7068 ================================================== ==========
17:09:03.0496 7068 Initialize success
17:09:03.0496 7068 ================================================== ==========
17:09:06.0148 1240 ================================================== ==========
17:09:06.0149 1240 Scan started
17:09:06.0149 1240 Mode: Manual;
17:09:06.0149 1240 ================================================== ==========
17:09:09.0160 1240 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:09:09.0177 1240 1394ohci - ok
17:09:09.0208 1240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:09:09.0225 1240 ACPI - ok
17:09:09.0237 1240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:09:09.0240 1240 AcpiPmi - ok
17:09:09.0273 1240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:09:09.0294 1240 adp94xx - ok
17:09:09.0313 1240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:09:09.0332 1240 adpahci - ok
17:09:09.0345 1240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:09:09.0360 1240 adpu320 - ok
17:09:09.0390 1240 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:09:09.0391 1240 AeLookupSvc - ok
17:09:09.0451 1240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:09:09.0473 1240 AFD - ok
17:09:09.0494 1240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:09:09.0498 1240 agp440 - ok
17:09:09.0775 1240 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
17:09:09.0776 1240 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
17:09:09.0784 1240 Akamai ( HiddenFile****lti.Generic ) - warning
17:09:09.0784 1240 Akamai - detected HiddenFile****lti.Generic (1)
17:09:09.0879 1240 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:09:09.0884 1240 ALG - ok
17:09:09.0939 1240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:09:09.0942 1240 aliide - ok
17:09:09.0946 1240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:09:09.0948 1240 amdide - ok
17:09:09.0955 1240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:09:09.0958 1240 AmdK8 - ok
17:09:09.0964 1240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:09:09.0969 1240 AmdPPM - ok
17:09:10.0001 1240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:09:10.0005 1240 amdsata - ok
17:09:10.0035 1240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:09:10.0047 1240 amdsbs - ok
17:09:10.0061 1240 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:09:10.0064 1240 amdxata - ok
17:09:10.0100 1240 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
17:09:10.0104 1240 androidusb - ok
17:09:10.0134 1240 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:09:10.0137 1240 AppID - ok
17:09:10.0148 1240 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:09:10.0152 1240 AppIDSvc - ok
17:09:10.0163 1240 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:09:10.0167 1240 Appinfo - ok
17:09:10.0287 1240 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:09:10.0291 1240 Apple Mobile Device - ok
17:09:10.0309 1240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:09:10.0312 1240 arc - ok
17:09:10.0324 1240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:09:10.0328 1240 arcsas - ok
17:09:10.0353 1240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:09:10.0356 1240 AsyncMac - ok
17:09:10.0381 1240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:09:10.0384 1240 atapi - ok
17:09:10.0439 1240 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:09:10.0465 1240 AudioEndpointBuilder - ok
17:09:10.0470 1240 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:09:10.0474 1240 AudioSrv - ok
17:09:10.0492 1240 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:09:10.0497 1240 AxInstSV - ok
17:09:10.0527 1240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:09:10.0545 1240 b06bdrv - ok
17:09:10.0573 1240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:09:10.0590 1240 b57nd60a - ok
17:09:10.0701 1240 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:09:10.0713 1240 BBSvc - ok
17:09:10.0745 1240 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:09:10.0763 1240 BBUpdate - ok
17:09:10.0784 1240 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:09:10.0789 1240 BDESVC - ok
17:09:10.0803 1240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:09:10.0806 1240 Beep - ok
17:09:10.0860 1240 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:09:10.0866 1240 BFE - ok
17:09:10.0915 1240 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:09:10.0921 1240 BITS - ok
17:09:10.0975 1240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:09:10.0979 1240 blbdrive - ok
17:09:11.0053 1240 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:09:11.0075 1240 Bonjour Service - ok
17:09:11.0093 1240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:09:11.0098 1240 bowser - ok
17:09:11.0119 1240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:09:11.0122 1240 BrFiltLo - ok
17:09:11.0125 1240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:09:11.0129 1240 BrFiltUp - ok
17:09:11.0161 1240 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:09:11.0173 1240 Browser - ok
17:09:11.0193 1240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:09:11.0229 1240 Brserid - ok
17:09:11.0235 1240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:09:11.0243 1240 BrSerWdm - ok
17:09:11.0247 1240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:09:11.0250 1240 BrUsbMdm - ok
17:09:11.0253 1240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:09:11.0256 1240 BrUsbSer - ok
17:09:11.0264 1240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:09:11.0268 1240 BTHMODEM - ok
17:09:11.0300 1240 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:09:11.0304 1240 bthserv - ok
17:09:11.0324 1240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:09:11.0328 1240 cdfs - ok
17:09:11.0349 1240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:09:11.0354 1240 cdrom - ok
17:09:11.0381 1240 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:09:11.0385 1240 CertPropSvc - ok
17:09:11.0400 1240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:09:11.0404 1240 circlass - ok
17:09:11.0434 1240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:09:11.0450 1240 CLFS - ok
17:09:11.0530 1240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
17:09:11.0536 1240 clr_optimization_v2.0.50727_32 - ok
17:09:11.0589 1240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
17:09:11.0594 1240 clr_optimization_v2.0.50727_64 - ok
17:09:11.0663 1240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
17:09:11.0669 1240 clr_optimization_v4.0.30319_32 - ok
17:09:11.0718 1240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
17:09:11.0723 1240 clr_optimization_v4.0.30319_64 - ok
17:09:11.0747 1240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:09:11.0750 1240 CmBatt - ok
17:09:11.0765 1240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:09:11.0768 1240 cmdide - ok
17:09:11.0813 1240 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
17:09:11.0835 1240 CNG - ok
17:09:11.0933 1240 CnxtHdAudService (290cd2777caf8a5e5499c7fc9e74cb87) C:\Windows\system32\drivers\CHDRT64.sys
17:09:12.0017 1240 CnxtHdAudService - ok
17:09:12.0105 1240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:09:12.0108 1240 Compbatt - ok
17:09:12.0123 1240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:09:12.0126 1240 CompositeBus - ok
17:09:12.0138 1240 COMSysApp - ok
17:09:12.0154 1240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:09:12.0157 1240 crcdisk - ok
17:09:12.0200 1240 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:09:12.0207 1240 CryptSvc - ok
17:09:12.0245 1240 CxAudMsg (9d0d050170d47e778b624a28c90f23de) C:\Windows\system32\CxAudMsg64.exe
17:09:12.0255 1240 CxAudMsg - ok
17:09:12.0300 1240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:09:12.0304 1240 DcomLaunch - ok
17:09:12.0341 1240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:09:12.0358 1240 defragsvc - ok
17:09:12.0373 1240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:09:12.0379 1240 DfsC - ok
17:09:12.0412 1240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:09:12.0430 1240 Dhcp - ok
17:09:12.0451 1240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:09:12.0455 1240 discache - ok
17:09:12.0481 1240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:09:12.0485 1240 Disk - ok
17:09:12.0514 1240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:09:12.0526 1240 Dnscache - ok
17:09:12.0547 1240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:09:12.0564 1240 dot3svc - ok
17:09:12.0584 1240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:09:12.0586 1240 DPS - ok
17:09:12.0606 1240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:09:12.0609 1240 drmkaud - ok
17:09:12.0659 1240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:09:12.0686 1240 DXGKrnl - ok
17:09:12.0702 1240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:09:12.0704 1240 EapHost - ok
17:09:12.0818 1240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:09:12.0900 1240 ebdrv - ok
17:09:13.0011 1240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:09:13.0013 1240 EFS - ok
17:09:13.0088 1240 egnyteBackup (d7d0cb012a2f80d05010237bdd642cd0) C:\Program Files (x86)\Egnyte Backup\EgnyteBackupService.exe
17:09:13.0185 1240 egnyteBackup - ok
17:09:13.0243 1240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:09:13.0265 1240 ehRecvr - ok
17:09:13.0284 1240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:09:13.0289 1240 ehSched - ok
17:09:13.0359 1240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:09:13.0380 1240 elxstor - ok
17:09:13.0384 1240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:09:13.0388 1240 ErrDev - ok
17:09:13.0426 1240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:09:13.0429 1240 EventSystem - ok
17:09:13.0454 1240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:09:13.0471 1240 exfat - ok
17:09:13.0490 1240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:09:13.0502 1240 fastfat - ok
17:09:13.0555 1240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:09:13.0561 1240 Fax - ok
17:09:13.0570 1240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:09:13.0573 1240 fdc - ok
17:09:13.0603 1240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:09:13.0607 1240 fdPHost - ok
17:09:13.0630 1240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:09:13.0634 1240 FDResPub - ok
17:09:13.0646 1240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:09:13.0650 1240 FileInfo - ok
17:09:13.0666 1240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:09:13.0670 1240 Filetrace - ok
17:09:13.0771 1240 FLEXnet Licensing Service (d778107d7c2a19d7e7a884a9f0d79581) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:09:14.0044 1240 FLEXnet Licensing Service - ok
17:09:14.0079 1240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:09:14.0082 1240 flpydisk - ok
17:09:14.0106 1240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:09:14.0122 1240 FltMgr - ok
17:09:14.0188 1240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:09:14.0243 1240 FontCache - ok
17:09:14.0286 1240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
17:09:14.0289 1240 FontCache3.0.0.0 - ok
17:09:14.0309 1240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:09:14.0312 1240 FsDepends - ok
17:09:14.0345 1240 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:09:14.0348 1240 Fs_Rec - ok
17:09:14.0386 1240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:09:14.0403 1240 fvevol - ok
17:09:14.0418 1240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:09:14.0422 1240 gagp30kx - ok
17:09:14.0463 1240 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:09:14.0466 1240 GEARAspiWDM - ok
17:09:14.0518 1240 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:09:14.0543 1240 gpsvc - ok
17:09:14.0611 1240 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:09:14.0612 1240 gupdate - ok
17:09:14.0626 1240 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:09:14.0627 1240 gupdatem - ok
17:09:14.0637 1240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:09:14.0640 1240 hcw85cir - ok
17:09:14.0672 1240 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:09:14.0689 1240 HdAudAddService - ok
17:09:14.0717 1240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:09:14.0722 1240 HDAudBus - ok
17:09:14.0727 1240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:09:14.0729 1240 HidBatt - ok
17:09:14.0740 1240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:09:14.0743 1240 HidBth - ok
17:09:14.0750 1240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:09:14.0754 1240 HidIr - ok
17:09:14.0764 1240 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:09:14.0768 1240 hidserv - ok
17:09:14.0783 1240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:09:14.0786 1240 HidUsb - ok
17:09:14.0805 1240 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:09:14.0807 1240 hkmsvc - ok
17:09:14.0830 1240 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:09:14.0847 1240 HomeGroupListener - ok
17:09:14.0877 1240 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:09:14.0889 1240 HomeGroupProvider - ok
17:09:14.0912 1240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:09:14.0915 1240 HpSAMD - ok
17:09:15.0029 1240 HPSLPSVC (1be48b0542c91487bb8a94bf2278f55d) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:09:15.0075 1240 HPSLPSVC - ok
17:09:15.0124 1240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:09:15.0148 1240 HTTP - ok
17:09:15.0160 1240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:09:15.0164 1240 hwpolicy - ok
17:09:15.0231 1240 HyperW7Svc (9149907ff8681ad6475607eebf62dd2f) C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
17:09:15.0243 1240 HyperW7Svc - ok
17:09:15.0273 1240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:09:15.0278 1240 i8042prt - ok
17:09:15.0310 1240 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
17:09:15.0313 1240 iaStor - ok
17:09:15.0343 1240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:09:15.0359 1240 iaStorV - ok
17:09:15.0392 1240 IBMPMDRV (a9bd44426a69079240767fe4aee0ea71) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
17:09:15.0399 1240 IBMPMDRV - ok
17:09:15.0411 1240 IBMPMSVC (57d4a3ed5497db0c5a53e680a9bdd1c6) C:\Windows\system32\ibmpmsvc.exe
17:09:15.0418 1240 IBMPMSVC - ok
17:09:15.0500 1240 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:09:15.0532 1240 idsvc - ok
17:09:16.0008 1240 igfx (6383899c5f964d71b0f96b81fbe59bb8) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:09:16.0399 1240 igfx - ok
17:09:16.0493 1240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:09:16.0496 1240 iirsp - ok
17:09:16.0561 1240 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:09:16.0569 1240 IKEEXT - ok
17:09:16.0604 1240 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:09:16.0621 1240 IntcDAud - ok
17:09:16.0625 1240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:09:16.0627 1240 intelide - ok
17:09:16.0647 1240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:09:16.0651 1240 intelppm - ok
17:09:16.0672 1240 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:09:16.0678 1240 IPBusEnum - ok
17:09:16.0687 1240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:09:16.0691 1240 IpFilterDriver - ok
17:09:16.0738 1240 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:09:16.0742 1240 iphlpsvc - ok
17:09:16.0756 1240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:09:16.0770 1240 IPMIDRV - ok
17:09:16.0779 1240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:09:16.0784 1240 IPNAT - ok
17:09:16.0880 1240 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
17:09:16.0924 1240 iPod Service - ok
17:09:16.0946 1240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:09:16.0949 1240 IRENUM - ok
17:09:16.0953 1240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:09:16.0955 1240 isapnp - ok
17:09:16.0983 1240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:09:16.0999 1240 iScsiPrt - ok
17:09:17.0102 1240 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
17:09:17.0400 1240 jhi_service - ok
17:09:17.0421 1240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:09:17.0425 1240 kbdclass - ok
17:09:17.0437 1240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:09:17.0440 1240 kbdhid - ok
17:09:17.0465 1240 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:09:17.0466 1240 KeyIso - ok
17:09:17.0494 1240 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
17:09:17.0498 1240 KSecDD - ok
17:09:17.0516 1240 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
17:09:17.0521 1240 KSecPkg - ok
17:09:17.0536 1240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:09:17.0539 1240 ksthunk - ok
17:09:17.0575 1240 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:09:17.0592 1240 KtmRm - ok
17:09:17.0616 1240 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:09:17.0620 1240 LanmanServer - ok
17:09:17.0644 1240 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:09:17.0647 1240 LanmanWorkstation - ok
17:09:17.0734 1240 LENOVO.CAMMUTE (1ef45f1bd62b8f4c19458326a3e91930) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:09:17.0741 1240 LENOVO.CAMMUTE - ok
17:09:17.0778 1240 LENOVO.MICMUTE (128158d8b1df639bf3e3fdbcbb64cdac) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
17:09:17.0785 1240 LENOVO.MICMUTE - ok
17:09:17.0802 1240 lenovo.smi (2b9d8555dc004e240082d18e7725ce20) C:\Windows\system32\DRIVERS\smiifx64.sys
17:09:17.0808 1240 lenovo.smi - ok
17:09:17.0817 1240 LENOVO.TPKNRSVC (448be3e001004a55e8a959c57e17f6d8) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:09:17.0824 1240 LENOVO.TPKNRSVC - ok
17:09:17.0836 1240 Lenovo.VIRTSCRLSVC (6f2cc57eb5836d2ac9bd37f3554d55f8) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
17:09:17.0844 1240 Lenovo.VIRTSCRLSVC - ok
17:09:17.0876 1240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:09:17.0880 1240 lltdio - ok
17:09:17.0907 1240 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:09:17.0924 1240 lltdsvc - ok
17:09:17.0940 1240 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:09:17.0944 1240 lmhosts - ok
17:09:18.0006 1240 LMS (e7859ba062db5e23c6dd34ad66b09f50) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:09:18.0030 1240 LMS - ok
17:09:18.0060 1240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:09:18.0065 1240 LSI_FC - ok
17:09:18.0089 1240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:09:18.0093 1240 LSI_SAS - ok
17:09:18.0102 1240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:09:18.0106 1240 LSI_SAS2 - ok
17:09:18.0121 1240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:09:18.0125 1240 LSI_SCSI - ok
17:09:18.0144 1240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:09:18.0145 1240 luafv - ok
17:09:18.0164 1240 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:09:18.0169 1240 Mcx2Svc - ok
17:09:18.0181 1240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:09:18.0184 1240 megasas - ok
17:09:18.0218 1240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:09:18.0235 1240 MegaSR - ok
17:09:18.0253 1240 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
17:09:18.0257 1240 MEIx64 - ok
17:09:18.0273 1240 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:09:18.0274 1240 MMCSS - ok
17:09:18.0288 1240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:09:18.0291 1240 Modem - ok
17:09:18.0304 1240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:09:18.0307 1240 monitor - ok
17:09:18.0315 1240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:09:18.0319 1240 mouclass - ok
17:09:18.0343 1240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:09:18.0347 1240 mouhid - ok
17:09:18.0360 1240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:09:18.0364 1240 mountmgr - ok
17:09:18.0381 1240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:09:18.0386 1240 mpio - ok
17:09:18.0395 1240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:09:18.0399 1240 mpsdrv - ok
17:09:18.0449 1240 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:09:18.0455 1240 MpsSvc - ok
17:09:18.0469 1240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:09:18.0474 1240 MRxDAV - ok
17:09:18.0513 1240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:09:18.0525 1240 mrxsmb - ok
17:09:18.0546 1240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:09:18.0553 1240 mrxsmb10 - ok
17:09:18.0569 1240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:09:18.0575 1240 mrxsmb20 - ok
17:09:18.0587 1240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:09:18.0589 1240 msahci - ok
17:09:18.0604 1240 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:09:18.0609 1240 msdsm - ok
17:09:18.0629 1240 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:09:18.0634 1240 MSDTC - ok
17:09:18.0653 1240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:09:18.0656 1240 Msfs - ok
17:09:18.0663 1240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:09:18.0666 1240 mshidkmdf - ok
17:09:18.0678 1240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:09:18.0681 1240 msisadrv - ok
17:09:18.0707 1240 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:09:18.0719 1240 MSiSCSI - ok
17:09:18.0722 1240 msiserver - ok
17:09:18.0748 1240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:09:18.0751 1240 MSKSSRV - ok
17:09:18.0754 1240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:09:18.0756 1240 MSPCLOCK - ok
17:09:18.0758 1240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:09:18.0761 1240 MSPQM - ok
17:09:18.0787 1240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:09:18.0805 1240 MsRPC - ok
17:09:18.0818 1240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:09:18.0821 1240 mssmbios - ok
17:09:18.0829 1240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:09:18.0832 1240 MSTEE - ok
17:09:18.0853 1240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:09:18.0855 1240 MTConfig - ok
17:09:18.0866 1240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:09:18.0869 1240 Mup - ok
17:09:18.0913 1240 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:09:18.0916 1240 napagent - ok
17:09:18.0965 1240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:09:18.0981 1240 NativeWifiP - ok
17:09:19.0029 1240 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:09:19.0036 1240 NDIS - ok
17:09:19.0048 1240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:09:19.0051 1240 NdisCap - ok
17:09:19.0072 1240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:09:19.0075 1240 NdisTapi - ok
17:09:19.0098 1240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:09:19.0102 1240 Ndisuio - ok
17:09:19.0119 1240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:09:19.0133 1240 NdisWan - ok
17:09:19.0148 1240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:09:19.0152 1240 NDProxy - ok
17:09:19.0184 1240 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
17:09:19.0188 1240 Net Driver HPZ12 - ok
17:09:19.0200 1240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:09:19.0204 1240 NetBIOS - ok
17:09:19.0227 1240 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:09:19.0244 1240 NetBT - ok
17:09:19.0272 1240 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:09:19.0273 1240 Netlogon - ok
17:09:19.0317 1240 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:09:19.0321 1240 Netman - ok
17:09:19.0353 1240 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:09:19.0357 1240 netprofm - ok
17:09:19.0416 1240 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:09:19.0421 1240 NetTcpPortSharing - ok
17:09:19.0447 1240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:09:19.0451 1240 nfrd960 - ok
17:09:19.0485 1240 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:09:19.0489 1240 NlaSvc - ok
17:09:19.0501 1240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:09:19.0504 1240 Npfs - ok
17:09:19.0515 1240 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:09:19.0519 1240 nsi - ok
17:09:19.0532 1240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:09:19.0535 1240 nsiproxy - ok
17:09:19.0617 1240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:09:19.0662 1240 Ntfs - ok
17:09:19.0750 1240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:09:19.0753 1240 Null - ok
17:09:19.0776 1240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:09:19.0781 1240 nvraid - ok
17:09:19.0817 1240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:09:19.0828 1240 nvstor - ok
17:09:19.0853 1240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:09:19.0858 1240 nv_agp - ok
17:09:19.0866 1240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:09:19.0870 1240 ohci1394 - ok
17:09:19.0930 1240 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:09:19.0935 1240 ose - ok
17:09:20.0155 1240 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
17:09:20.0249 1240 osppsvc - ok
17:09:20.0342 1240 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:09:20.0359 1240 p2pimsvc - ok
17:09:20.0391 1240 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:09:20.0407 1240 p2psvc - ok
17:09:20.0446 1240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:09:20.0450 1240 Parport - ok
17:09:20.0485 1240 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:09:20.0489 1240 partmgr - ok
17:09:20.0506 1240 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:09:20.0509 1240 PcaSvc - ok
17:09:20.0533 1240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:09:20.0543 1240 pci - ok
17:09:20.0547 1240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:09:20.0549 1240 pciide - ok
17:09:20.0575 1240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:09:20.0587 1240 pcmcia - ok
17:09:20.0599 1240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:09:20.0602 1240 pcw - ok
17:09:20.0636 1240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:09:20.0657 1240 PEAUTH - ok
17:09:20.0711 1240 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:09:20.0714 1240 PerfHost - ok
17:09:20.0770 1240 PHCORE (18eea095af22ac5fa16fc27fb98c82d3) C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
17:09:20.0804 1240 PHCORE - ok
17:09:20.0891 1240 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:09:20.0925 1240 pla - ok
17:09:20.0969 1240 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:09:20.0974 1240 PlugPlay - ok
17:09:21.0010 1240 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
17:09:21.0015 1240 Pml Driver HPZ12 - ok
17:09:21.0025 1240 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:09:21.0028 1240 PNRPAutoReg - ok
17:09:21.0052 1240 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:09:21.0054 1240 PNRPsvc - ok
17:09:21.0100 1240 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:09:21.0121 1240 PolicyAgent - ok
17:09:21.0151 1240 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:09:21.0157 1240 Power - ok
17:09:21.0215 1240 Power Manager DBC Service (45ffafd8bf60bc9d48b253f1e466d7a1) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
17:09:21.0223 1240 Power Manager DBC Service - ok
17:09:21.0267 1240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:09:21.0273 1240 PptpMiniport - ok
17:09:21.0292 1240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:09:21.0296 1240 Processor - ok
17:09:21.0348 1240 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:09:21.0360 1240 ProfSvc - ok
17:09:21.0393 1240 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:09:21.0394 1240 ProtectedStorage - ok
17:09:21.0431 1240 psadd (515a7c5a0886fcc60901916785efd549) C:\Windows\system32\DRIVERS\psadd.sys
17:09:21.0435 1240 psadd - ok
17:09:21.0458 1240 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:09:21.0460 1240 Psched - ok
17:09:21.0516 1240 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
17:09:21.0530 1240 PSI_SVC_2 - ok
17:09:21.0559 1240 PwmEWSvc (b397fccc113e37e1cc97c45956fb5b02) C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
17:09:21.0566 1240 PwmEWSvc - ok
17:09:21.0641 1240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:09:21.0683 1240 ql2300 - ok
17:09:21.0771 1240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:09:21.0775 1240 ql40xx - ok
17:09:21.0796 1240 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:09:21.0810 1240 QWAVE - ok
17:09:21.0826 1240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:09:21.0829 1240 QWAVEdrv - ok
17:09:21.0832 1240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:09:21.0835 1240 RasAcd - ok
17:09:21.0868 1240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:09:21.0872 1240 RasAgileVpn - ok
17:09:21.0889 1240 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:09:21.0894 1240 RasAuto - ok
17:09:21.0910 1240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:09:21.0915 1240 Rasl2tp - ok
17:09:21.0939 1240 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:09:21.0957 1240 RasMan - ok
17:09:21.0975 1240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:09:21.0979 1240 RasPppoe - ok
17:09:22.0003 1240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:09:22.0008 1240 RasSstp - ok
17:09:22.0031 1240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:09:22.0049 1240 rdbss - ok
17:09:22.0060 1240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:09:22.0065 1240 rdpbus - ok
17:09:22.0084 1240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:09:22.0087 1240 RDPCDD - ok
17:09:22.0099 1240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:09:22.0103 1240 RDPENCDD - ok
17:09:22.0107 1240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:09:22.0109 1240 RDPREFMP - ok
17:09:22.0147 1240 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:09:22.0159 1240 RDPWD - ok
17:09:22.0187 1240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:09:22.0198 1240 rdyboost - ok
17:09:22.0229 1240 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:09:22.0234 1240 RemoteAccess - ok
17:09:22.0249 1240 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:09:22.0262 1240 RemoteRegistry - ok
17:09:22.0290 1240 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:09:22.0293 1240 RimUsb - ok
17:09:22.0329 1240 risdxc (819fe65ae1c0312b535b7aa54d30cfda) C:\Windows\system32\DRIVERS\risdxc64.sys
17:09:22.0427 1240 risdxc - ok
17:09:22.0446 1240 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:09:22.0451 1240 RpcEptMapper - ok
17:09:22.0464 1240 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:09:22.0469 1240 RpcLocator - ok
17:09:22.0498 1240 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:09:22.0503 1240 RpcSs - ok
17:09:22.0523 1240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:09:22.0527 1240 rspndr - ok
17:09:22.0592 1240 RTL8167 (afc12dfa4c7b089673ad67402ca19edb) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:09:22.0612 1240 RTL8167 - ok
17:09:22.0670 1240 RTL8192Ce (513338976b722822b555d739d78f9e9f) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
17:09:22.0697 1240 RTL8192Ce - ok
17:09:22.0746 1240 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:09:22.0747 1240 SamSs - ok
17:09:22.0749 1240 SAService - ok
17:09:22.0971 1240 SBAMSvc (18530d2f605f1ec48ca20a7b184ccbcc) C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe
17:09:23.0083 1240 SBAMSvc - ok
17:09:23.0193 1240 sbapifs (6e342316e72f4b6fa39c99e06373a1a3) C:\Windows\system32\DRIVERS\sbapifs.sys
17:09:23.0197 1240 sbapifs - ok
17:09:23.0222 1240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:09:23.0227 1240 sbp2port - ok
17:09:23.0247 1240 SBPIMSvc (2815772894855506e94008cc0e602738) C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe
17:09:23.0259 1240 SBPIMSvc - ok
17:09:23.0318 1240 SBRE (aae41efbad69b78513875c2eb3de7008) C:\Windows\system32\drivers\SBREdrv.sys
17:09:23.0325 1240 SBRE - ok
17:09:23.0354 1240 sbwtis (f9aa83a88eabe22b29d8f293c21aaa4d) C:\Windows\system32\DRIVERS\sbwtis.sys
17:09:23.0363 1240 sbwtis - ok
17:09:23.0390 1240 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:09:23.0401 1240 SCardSvr - ok
17:09:23.0418 1240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:09:23.0421 1240 scfilter - ok
17:09:23.0474 1240 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:09:23.0518 1240 Schedule - ok
17:09:23.0542 1240 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:09:23.0543 1240 SCPolicySvc - ok
17:09:23.0561 1240 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:09:23.0572 1240 SDRSVC - ok
17:09:23.0601 1240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:09:23.0603 1240 secdrv - ok
17:09:23.0614 1240 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:09:23.0618 1240 seclogon - ok
17:09:23.0633 1240 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:09:23.0636 1240 SENS - ok
17:09:23.0661 1240 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:09:23.0665 1240 SensrSvc - ok
17:09:23.0678 1240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:09:23.0681 1240 Serenum - ok
17:09:23.0701 1240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:09:23.0706 1240 Serial - ok
17:09:23.0723 1240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:09:23.0725 1240 sermouse - ok
17:09:23.0747 1240 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:09:23.0752 1240 SessionEnv - ok
17:09:23.0756 1240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:09:23.0758 1240 sffdisk - ok
17:09:23.0761 1240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:09:23.0763 1240 sffp_mmc - ok
17:09:23.0779 1240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:09:23.0796 1240 sffp_sd - ok
17:09:23.0800 1240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:09:23.0803 1240 sfloppy - ok
17:09:23.0841 1240 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:09:23.0857 1240 SharedAccess - ok
17:09:23.0886 1240 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:09:23.0891 1240 ShellHWDetection - ok
17:09:23.0920 1240 Shockprf (c3f190562fe82efda7ccef305ebad3e3) C:\Windows\system32\DRIVERS\Apsx64.sys
17:09:23.0929 1240 Shockprf - ok
17:09:23.0943 1240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:09:23.0946 1240 SiSRaid2 - ok
17:09:23.0955 1240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:09:23.0958 1240 SiSRaid4 - ok
17:09:23.0979 1240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:09:23.0982 1240 Smb - ok
17:09:24.0003 1240 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:09:24.0007 1240 SNMPTRAP - ok
17:09:24.0024 1240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:09:24.0027 1240 spldr - ok
17:09:24.0058 1240 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:09:24.0078 1240 Spooler - ok
17:09:24.0227 1240 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:09:24.0293 1240 sppsvc - ok
17:09:24.0386 1240 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:09:24.0396 1240 sppuinotify - ok
17:09:24.0452 1240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:09:24.0473 1240 srv - ok
17:09:24.0502 1240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:09:24.0517 1240 srv2 - ok
17:09:24.0535 1240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:09:24.0547 1240 srvnet - ok
17:09:24.0584 1240 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
17:09:24.0596 1240 ssadbus - ok
17:09:24.0617 1240 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:09:24.0620 1240 ssadmdfl - ok
17:09:24.0642 1240 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
17:09:24.0653 1240 ssadmdm - ok
17:09:24.0688 1240 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
17:09:24.0693 1240 ssadserd - ok
17:09:24.0734 1240 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:09:24.0746 1240 SSDPSRV - ok
17:09:24.0761 1240 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:09:24.0766 1240 SstpSvc - ok
17:09:24.0793 1240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:09:24.0797 1240 stexstor - ok
17:09:24.0822 1240 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:09:24.0825 1240 StillCam - ok
17:09:24.0870 1240 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:09:24.0890 1240 stisvc - ok
17:09:24.0951 1240 SUService (0586a2e9d4e6e18933c9a7d6d6eef70f) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
17:09:25.0030 1240 SUService - ok
17:09:25.0050 1240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:09:25.0053 1240 swenum - ok
17:09:25.0098 1240 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:09:25.0118 1240 swprv - ok
17:09:25.0225 1240 SynTP (ffbe7c45999252c3131cbdd05e2fa135) C:\Windows\system32\DRIVERS\SynTP.sys
17:09:25.0288 1240 SynTP - ok
17:09:25.0421 1240 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:09:25.0431 1240 SysMain - ok
17:09:25.0501 1240 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:09:25.0506 1240 TabletInputService - ok
17:09:25.0529 1240 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:09:25.0547 1240 TapiSrv - ok
17:09:25.0563 1240 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:09:25.0567 1240 TBS - ok
17:09:25.0694 1240 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:09:25.0736 1240 Tcpip - ok
17:09:25.0876 1240 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:09:25.0885 1240 TCPIP6 - ok
17:09:25.0949 1240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:09:25.0953 1240 tcpipreg - ok
17:09:25.0964 1240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:09:25.0966 1240 TDPIPE - ok
17:09:25.0991 1240 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:09:25.0995 1240 TDTCP - ok
17:09:26.0026 1240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:09:26.0031 1240 tdx - ok
17:09:26.0045 1240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:09:26.0052 1240 TermDD - ok
17:09:26.0102 1240 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:09:26.0126 1240 TermService - ok
17:09:26.0137 1240 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:09:26.0141 1240 Themes - ok
17:09:26.0160 1240 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:09:26.0161 1240 THREADORDER - ok
17:09:26.0184 1240 TPDIGIMN (1bb77eccbfa3675b1ee8d6d6d37a1e1e) C:\Windows\system32\DRIVERS\ApsHM64.sys
17:09:26.0189 1240 TPDIGIMN - ok
17:09:26.0216 1240 TPHDEXLGSVC (88f81d810ff16ac65b02643daf308d4f) C:\Windows\system32\TPHDEXLG64.exe
17:09:26.0224 1240 TPHDEXLGSVC - ok
17:09:26.0289 1240 TPHKLOAD (2670d23a61cd706004c24a83d4d48294) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
17:09:26.0300 1240 TPHKLOAD - ok
17:09:26.0313 1240 TPHKSVC (cb0625c2f5b7c72c50c5ae34f8e8f7d0) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
17:09:26.0320 1240 TPHKSVC - ok
17:09:26.0348 1240 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
17:09:26.0351 1240 TPM - ok
17:09:26.0375 1240 TPPWRIF (7165b5a9b4867f64a6d6935f57d4196b) C:\Windows\system32\drivers\Tppwr64v.sys
17:09:26.0381 1240 TPPWRIF - ok
17:09:26.0415 1240 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:09:26.0418 1240 TrkWks - ok
17:09:26.0468 1240 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:09:26.0479 1240 TrustedInstaller - ok
17:09:26.0496 1240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:09:26.0500 1240 tssecsrv - ok
17:09:26.0507 1240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:09:26.0510 1240 TsUsbFlt - ok
17:09:26.0515 1240 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:09:26.0517 1240 TsUsbGD - ok
17:09:26.0547 1240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:09:26.0552 1240 tunnel - ok
17:09:26.0570 1240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:09:26.0573 1240 uagp35 - ok
17:09:26.0621 1240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:09:26.0634 1240 udfs - ok
17:09:26.0647 1240 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:09:26.0651 1240 UI0Detect - ok
17:09:26.0733 1240 UleadBurningHelper (be788a747457e6916586c410ec0111e7) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
17:09:27.0033 1240 UleadBurningHelper - ok
17:09:27.0066 1240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:09:27.0068 1240 uliagpkx - ok
17:09:27.0085 1240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:09:27.0089 1240 umbus - ok
17:09:27.0100 1240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:09:27.0102 1240 UmPass - ok
17:09:27.0253 1240 UNS (e91f8afbd7fb96c94b266579d6bfa77a) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:09:27.0353 1240 UNS - ok
17:09:27.0451 1240 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:09:27.0468 1240 upnphost - ok
17:09:27.0520 1240 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
17:09:27.0524 1240 USBAAPL64 - ok
17:09:27.0552 1240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:09:27.0556 1240 usbccgp - ok
17:09:27.0575 1240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:09:27.0580 1240 usbcir - ok
17:09:27.0598 1240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:09:27.0602 1240 usbehci - ok
17:09:27.0640 1240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:09:27.0659 1240 usbhub - ok
17:09:27.0681 1240 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:09:27.0684 1240 usbohci - ok
17:09:27.0705 1240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:09:27.0708 1240 usbprint - ok
17:09:27.0738 1240 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:09:27.0741 1240 usbscan - ok
17:09:27.0768 1240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:09:27.0773 1240 USBSTOR - ok
17:09:27.0788 1240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:09:27.0791 1240 usbuhci - ok
17:09:27.0815 1240 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:09:27.0827 1240 usbvideo - ok
17:09:27.0842 1240 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:09:27.0845 1240 UxSms - ok
17:09:27.0887 1240 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:09:27.0888 1240 VaultSvc - ok
17:09:27.0910 1240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:09:27.0915 1240 vdrvroot - ok
17:09:27.0944 1240 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:09:27.0966 1240 vds - ok
17:09:27.0973 1240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:09:27.0975 1240 vga - ok
17:09:27.0984 1240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:09:27.0987 1240 VgaSave - ok
17:09:28.0014 1240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:09:28.0032 1240 vhdmp - ok
17:09:28.0036 1240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:09:28.0039 1240 viaide - ok
17:09:28.0105 1240 VIPAppService (6ad85f32ea4aa65bb2ea652f2b9d4005) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
17:09:28.0230 1240 VIPAppService - ok
17:09:28.0252 1240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:09:28.0256 1240 volmgr - ok
17:09:28.0282 1240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:09:28.0299 1240 volmgrx - ok
17:09:28.0324 1240 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:09:28.0350 1240 volsnap - ok
17:09:28.0377 1240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:09:28.0389 1240 vsmraid - ok
17:09:28.0464 1240 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:09:28.0502 1240 VSS - ok
17:09:28.0576 1240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:09:28.0578 1240 vwifibus - ok
17:09:28.0593 1240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:09:28.0597 1240 vwififlt - ok
17:09:28.0627 1240 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:09:28.0643 1240 W32Time - ok
17:09:28.0650 1240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:09:28.0652 1240 WacomPen - ok
17:09:28.0679 1240 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:09:28.0683 1240 WANARP - ok
17:09:28.0692 1240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:09:28.0693 1240 Wanarpv6 - ok
17:09:28.0787 1240 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:09:28.0817 1240 WatAdminSvc - ok
17:09:28.0896 1240 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:09:28.0930 1240 wbengine - ok
17:09:28.0999 1240 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:09:29.0017 1240 WbioSrvc - ok
17:09:29.0038 1240 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:09:29.0055 1240 wcncsvc - ok
17:09:29.0066 1240 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:09:29.0070 1240 WcsPlugInService - ok
17:09:29.0102 1240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:09:29.0105 1240 Wd - ok
17:09:29.0148 1240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:09:29.0171 1240 Wdf01000 - ok
17:09:29.0182 1240 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:09:29.0185 1240 WdiServiceHost - ok
17:09:29.0187 1240 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:09:29.0189 1240 WdiSystemHost - ok
17:09:29.0214 1240 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:09:29.0232 1240 WebClient - ok
17:09:29.0250 1240 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:09:29.0263 1240 Wecsvc - ok
17:09:29.0277 1240 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:09:29.0282 1240 wercplsupport - ok
17:09:29.0297 1240 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:09:29.0299 1240 WerSvc - ok
17:09:29.0325 1240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:09:29.0327 1240 WfpLwf - ok
17:09:29.0347 1240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:09:29.0351 1240 WIMMount - ok
17:09:29.0361 1240 WinDefend - ok
17:09:29.0365 1240 WinHttpAutoProxySvc - ok
17:09:29.0414 1240 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:09:29.0426 1240 Winmgmt - ok
17:09:29.0525 1240 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:09:29.0591 1240 WinRM - ok
17:09:29.0698 1240 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:09:29.0702 1240 WinUsb - ok
17:09:29.0747 1240 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:09:29.0753 1240 Wlansvc - ok
17:09:29.0811 1240 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:09:29.0815 1240 wlcrasvc - ok
17:09:29.0924 1240 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:09:29.0972 1240 wlidsvc - ok
17:09:30.0055 1240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:09:30.0057 1240 WmiAcpi - ok
17:09:30.0112 1240 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:09:30.0123 1240 wmiApSrv - ok
17:09:30.0156 1240 WMPNetworkSvc - ok
17:09:30.0185 1240 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:09:30.0189 1240 WPCSvc - ok
17:09:30.0199 1240 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:09:30.0205 1240 WPDBusEnum - ok
17:09:30.0216 1240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:09:30.0220 1240 ws2ifsl - ok
17:09:30.0238 1240 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:09:30.0241 1240 wscsvc - ok
17:09:30.0269 1240 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:09:30.0272 1240 WSDPrintDevice - ok
17:09:30.0275 1240 WSearch - ok
17:09:30.0380 1240 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:09:30.0433 1240 wuauserv - ok
17:09:30.0517 1240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:09:30.0522 1240 WudfPf - ok
17:09:30.0556 1240 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:09:30.0567 1240 WUDFRd - ok
17:09:30.0585 1240 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:09:30.0590 1240 wudfsvc - ok
17:09:30.0608 1240 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:09:30.0624 1240 WwanSvc - ok
17:09:30.0646 1240 MBR (0x1B8) (c5e461e96b311e1336924b6bd097e03b) \Device\Harddisk0\DR0
17:09:30.0858 1240 \Device\Harddisk0\DR0 - ok
17:09:30.0868 1240 Boot (0x1200) (9d1f25cb13cf40a2c0d23d7eec6dfdef) \Device\Harddisk0\DR0\Partition0
17:09:30.0871 1240 \Device\Harddisk0\DR0\Partition0 - ok
17:09:30.0884 1240 Boot (0x1200) (3cc5043d162686e72087c0b4daa52f24) \Device\Harddisk0\DR0\Partition1
17:09:30.0886 1240 \Device\Harddisk0\DR0\Partition1 - ok
17:09:30.0919 1240 Boot (0x1200) (bb29bd77d680a71753cb0774d1ac3bc5) \Device\Harddisk0\DR0\Partition2
17:09:30.0921 1240 \Device\Harddisk0\DR0\Partition2 - ok
17:09:30.0922 1240 ================================================== ==========
17:09:30.0922 1240 Scan finished
17:09:30.0922 1240 ================================================== ==========
17:09:30.0931 1972 Detected object count: 1
17:09:30.0931 1972 Actual detected object count: 1
17:10:10.0564 1972 Akamai ( HiddenFile****lti.Generic ) - skipped by user
17:10:10.0565 1972 Akamai ( HiddenFile****lti.Generic ) - User select action: Skip
17:10:13.0055 6960 Deinitialize success
|
|
|
|
|
|
07-25-2012, 02:03 AM
|
#5
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 12,625
|
Re: Computer running extremely slow (rkill and OTL log inside)
Ok, so that Akamai stuff is legit.
Which does not mean that it cannot screw up your computer performance.
How badly do you need it?
Also all those Egnyte Backup modules. WTF piece of bloatware.
IŽd say look critically at software you run - I do not see any evidence of malware.
Double click OTL.exe to run it again and click the CleanUp button to uninstall and delete backups.
|
|
|
|
|
07-25-2012, 09:47 AM
|
#6
|
|
Carpal \'Tunnel
Join Date: Dec 2006
Posts: 10,185
|
Re: Computer running extremely slow (rkill and OTL log inside)
egnyte backups backup all of my files to a cloud. Not knowing a whole ton about computers - do I only need the most recent egnyte backup and can get rid of the rest?
|
|
|
|
|
07-25-2012, 03:17 PM
|
#7
|
|
Malware Jedi
Join Date: Oct 2007
Location: In front of my monitor
Posts: 12,625
|
Re: Computer running extremely slow (rkill and OTL log inside)
I don't know anything about this app
|
|
|
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -4. The time now is 12:27 PM.
|
Two Plus Two
