Thanks for replying back so quickly! Here is the combofix log ComboFix 12-09-23.03 - Customer 09/24/2012 8:49.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1704 [GMT -4:00] Running from: C:\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_ctypes.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_elementtree.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_hashlib.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_socket.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_ssl.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pyexpat.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pysqlite2._sqlite.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\python26.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pythoncom26.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pywintypes26.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\select.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\unicodedata.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32api.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32com.shell.shell.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32crypt.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32event.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32file.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32inet.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32pdh.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32process.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32security.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\windows._cacheinvalidation.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._controls_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._core_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._gdi_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._html2.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._misc_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._windows_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._wizard.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxbase293u_net_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxbase293u_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_adv_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_core_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_html_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_webview_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\nsx1BA.tmp\newadvsplash.dll c:\docume~1\Customer\LOCALS~1\Temp\nsx1BA.tmp\System.dll c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Customer\Application Data\.# c:\documents and settings\Customer\g2mdlhlpx.exe c:\documents and settings\Customer\Local Settings\Application Data\assembly\tmp c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_ctypes.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_elementtree.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_hashlib.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_socket.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_ssl.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pyexpat.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pysqlite2._sqlite.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\python26.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pythoncom26.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pywintypes26.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\select.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\unicodedata.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32api.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32com.shell.shell.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32crypt.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32event.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32file.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32inet.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32pdh.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32process.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32security.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\windows._cacheinvalidation.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._controls_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._core_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._gdi_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._html2.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._misc_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._windows_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._wizard.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxbase293u_net_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxbase293u_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_adv_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_core_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_html_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_webview_vc.dll c:\documents and settings\Customer\Local Settings\Temp\nsx1BA.tmp\newadvsplash.dll c:\documents and settings\Customer\Local Settings\Temp\nsx1BA.tmp\System.dll c:\documents and settings\Customer\WINDOWS C:\Install.exe C:\Thumbs.db c:\windows\system32\Cache c:\windows\system32\dllcache\dlimport.exe c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\KGyGaAvL.sys c:\windows\system32\wpcap.dll C:\x C:\x.txt c:\x\DCIM\100MEDIA\IMAG0001.jpg c:\x\DCIM\100MEDIA\IMAG0002.jpg c:\x\DCIM\100MEDIA\IMAG0003.jpg c:\x\DCIM\100MEDIA\IMAG0004.jpg c:\x\DCIM\100MEDIA\IMAG0005.jpg c:\x\DCIM\100MEDIA\IMAG0006.jpg c:\x\DCIM\100MEDIA\IMAG0007.jpg c:\x\DCIM\100MEDIA\IMAG0008.jpg c:\x\DCIM\100MEDIA\IMAG0009.jpg c:\x\DCIM\100MEDIA\IMAG0010.jpg c:\x\DCIM\100MEDIA\IMAG0011.jpg c:\x\DCIM\100MEDIA\IMAG0012.jpg c:\x\DCIM\100MEDIA\IMAG0013.jpg c:\x\DCIM\100MEDIA\IMAG0014.jpg c:\x\DCIM\100MEDIA\IMAG0015.jpg c:\x\DCIM\100MEDIA\IMAG0016.jpg c:\x\DCIM\100MEDIA\IMAG0017.jpg c:\x\DCIM\100MEDIA\IMAG0018.jpg c:\x\DCIM\100MEDIA\IMAG0019.jpg c:\x\DCIM\100MEDIA\IMAG0020.jpg c:\x\DCIM\100MEDIA\IMAG0021.jpg c:\x\DCIM\100MEDIA\IMAG0022.jpg c:\x\DCIM\100MEDIA\IMAG0023.jpg c:\x\DCIM\100MEDIA\IMAG0024.jpg c:\x\DCIM\100MEDIA\IMAG0025.jpg c:\x\DCIM\100MEDIA\IMAG0026.jpg c:\x\DCIM\100MEDIA\IMAG0027.jpg c:\x\DCIM\100MEDIA\IMAG0028.jpg c:\x\DCIM\100MEDIA\IMAG0029.jpg c:\x\DCIM\100MEDIA\IMAG0030.jpg c:\x\DCIM\100MEDIA\IMAG0031.jpg c:\x\DCIM\100MEDIA\IMAG0032.jpg c:\x\DCIM\100MEDIA\IMAG0033.jpg c:\x\DCIM\100MEDIA\IMAG0034.jpg c:\x\DCIM\100MEDIA\IMAG0035.jpg c:\x\DCIM\100MEDIA\IMAG0036.jpg c:\x\DCIM\100MEDIA\Thumbs.db c:\x\IMAG0204.jpg c:\x\IMAG0222.jpg c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350033a7-3500339b.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350033a7-3d0033dc.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350033a7-3f0033da.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\35003497-3000348f.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\35003497-3200348d.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\35003497-3d003479.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-300034b8.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-370034c8.jpg c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-3c0034cc.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-3d0034c9.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-3e0034ca.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\Thumbs.db c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-35004611.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-37004640.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-38004609.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004646.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004647.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004648.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004649.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-3a004644.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-3b004641.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-3b004642.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\36004220-3d00462c.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3e004653-36004655.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-08-24 to 2012-09-24 ))))))))))))))))))))))))))))))) . . 2012-09-23 21:14 . 2012-09-23 21:15 -------- d-----w- c:\documents and settings\Customer\Application Data\vlc 2012-09-21 19:45 . 2001-08-17 17:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2012-09-21 19:45 . 2001-08-17 17:53 6784 ----a-w- c:\windows\system32\drivers\serscan.sys 2012-09-21 19:43 . 2006-04-13 00:02 659456 ----a-w- c:\windows\system32\hpowiax2.dll 2012-09-21 19:43 . 2006-04-13 00:02 827392 ----a-w- c:\windows\system32\hpotiop2.dll 2012-09-21 19:43 . 2006-04-13 00:02 254026 ----a-w- c:\windows\system32\hpovst09.dll 2012-09-21 19:22 . 2012-09-21 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\HP 2012-09-21 17:53 . 2006-04-10 18:03 38400 ----a-w- c:\windows\system32\hpz3l054.dll 2012-09-21 17:53 . 2006-04-10 18:02 74240 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp054.dll 2012-09-21 17:47 . 2012-09-21 17:47 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-09-21 17:46 . 2006-03-04 01:03 65536 ----a-w- c:\windows\system32\HPZinw12.exe 2012-09-21 17:46 . 2006-03-04 01:03 69632 ----a-w- c:\windows\system32\HPZipm12.exe 2012-09-21 17:46 . 2012-09-21 17:46 -------- d-----w- c:\program files\HP 2012-09-21 17:46 . 2006-01-04 08:12 77824 ----a-w- c:\windows\system32\HPZIDS01.dll 2012-09-21 17:46 . 2005-07-19 01:39 98304 ----a-w- c:\windows\system32\hpzjsn01.dll 2012-09-20 18:37 . 2012-09-20 18:37 2212440 ----a-w- C:\tdsskiller.exe 2012-09-18 05:17 . 2008-04-14 04:16 53376 -c--a-w- c:\windows\system32\dllcache\OLD1DB.tmp 2012-09-18 05:17 . 2001-08-17 18:06 11264 -c--a-w- c:\windows\system32\dllcache\OLD1DF.tmp 2012-09-18 05:17 . 2008-04-14 09:42 32827 -c--a-w- c:\windows\system32\dllcache\OLD1D3.tmp 2012-09-18 05:17 . 2007-04-03 02:06 16384 -c--a-w- c:\windows\system32\dllcache\OLD1D6.tmp 2012-09-18 05:17 . 2008-04-14 09:42 16437 -c--a-w- c:\windows\system32\dllcache\OLD1D0.tmp 2012-09-18 05:17 . 2008-04-14 09:42 20536 -c--a-w- c:\windows\system32\dllcache\OLD1CD.tmp 2012-09-18 05:17 . 2001-08-17 18:56 66048 -c--a-w- c:\windows\system32\dllcache\OLD1CA.tmp 2012-09-18 05:14 . 2001-08-17 18:55 6144 -c--a-w- c:\windows\system32\dllcache\OLD284C.tmp 2012-09-18 05:13 . 2008-04-14 09:41 702845 -c--a-w- c:\windows\system32\dllcache\i81xdnt5.dll 2012-09-18 05:13 . 2004-08-04 02:29 161020 -c--a-w- c:\windows\system32\dllcache\OLD2796.tmp 2012-09-18 05:13 . 2001-08-17 16:49 58592 -c--a-w- c:\windows\system32\dllcache\OLD2790.tmp 2012-09-18 05:13 . 2001-08-17 18:56 353184 -c--a-w- c:\windows\system32\dllcache\OLD278C.tmp 2012-09-18 05:13 . 2008-04-14 04:11 18560 -c--a-w- c:\windows\system32\dllcache\i2omp.sys 2012-09-18 05:13 . 2008-04-14 04:11 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2012-09-18 05:13 . 2008-04-14 11:00 10129408 -c--a-w- c:\windows\system32\dllcache\OLD2784.tmp 2012-09-18 05:13 . 2008-04-14 09:39 13463552 -c--a-w- c:\windows\system32\dllcache\OLD2781.tmp 2012-09-18 05:13 . 2008-04-14 11:00 10096640 -c--a-w- c:\windows\system32\dllcache\OLD277E.tmp 2012-09-18 05:12 . 2008-04-14 04:06 20352 -c--a-w- c:\windows\system32\dllcache\hidbatt.sys 2012-09-18 05:12 . 2008-04-14 04:10 28288 -c--a-w- c:\windows\system32\dllcache\grserial.sys 2012-09-18 05:12 . 2008-04-14 04:15 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys 2012-09-18 05:12 . 2008-04-14 04:15 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys 2012-09-18 05:10 . 2008-04-14 04:09 206976 -c--a-w- c:\windows\system32\dllcache\dot4.sys 2012-09-18 05:10 . 2008-04-14 04:10 8320 -c--a-w- c:\windows\system32\dllcache\dlttape.sys 2012-09-18 05:09 . 2008-04-14 09:41 249856 -c--a-w- c:\windows\system32\dllcache\ctmasetp.dll 2012-09-18 05:09 . 2008-04-14 04:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2012-09-18 05:09 . 2008-04-14 04:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2012-09-18 05:09 . 2008-04-14 09:41 121856 -c--a-w- c:\windows\system32\dllcache\camext30.dll 2012-09-17 15:28 . 2012-09-17 15:28 607260 ------r- C:\dds.com 2012-09-17 15:01 . 2008-04-14 04:16 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2012-09-17 15:01 . 2008-04-14 04:16 13696 -c--a-w- c:\windows\system32\dllcache\avcstrm.sys 2012-09-17 15:01 . 2008-04-14 04:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys 2012-09-17 15:01 . 2008-04-14 04:16 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys 2012-09-17 15:01 . 2008-04-14 04:10 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys 2012-09-17 15:01 . 2008-04-14 04:57 2188928 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-09-17 14:36 . 2012-09-17 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro 2012-09-17 14:26 . 2012-09-17 14:26 131384 ----a-w- c:\windows\system32\drivers\tmrkb.sys 2012-09-17 14:26 . 2012-06-05 07:37 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-17 14:26 . 2012-09-17 14:26 -------- d-----w- c:\program files\WinPcap 2012-09-17 14:25 . 2012-09-17 14:25 -------- d-----w- c:\program files\Trend Micro 2012-09-17 14:11 . 2008-04-14 09:42 221184 ----a-w- c:\windows\system32\wmpns.dll 2012-09-17 14:07 . 2008-04-14 09:42 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-09-17 14:07 . 2008-04-14 02:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-09-17 14:05 . 2008-04-14 09:41 25471 -c--a-w- c:\windows\system32\dllcache\atv04nt5.dll 2012-09-17 13:42 . 2012-09-17 13:42 -------- d-----w- C:\e888c916eb7ac54122 2012-09-12 18:09 . 2012-09-12 18:09 -------- d-----w- c:\documents and settings\Customer\Application Data\Malwarebytes 2012-09-12 18:09 . 2012-09-12 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-09-12 18:09 . 2012-09-12 18:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-12 18:09 . 2012-09-07 21:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-12 13:21 . 2012-09-12 13:24 -------- d-----w- c:\documents and settings\Customer\Application Data\QuickScan 2012-09-11 21:44 . 2008-04-14 04:26 30592 ----a-w- c:\windows\system32\drivers\rndismpx.sys 2012-09-11 21:44 . 2008-04-14 04:26 12800 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2012-09-11 18:11 . 2012-09-24 12:22 -------- d-----w- c:\documents and settings\Customer\Application Data\gtk-2.0 2012-09-11 13:51 . 2012-09-11 14:47 -------- d-----w- c:\program files\pidgin 2012-09-10 22:34 . 2012-09-10 22:34 -------- d-----w- c:\program files\KUSO EXIF Viewer 2012-09-10 21:43 . 2008-11-06 15:13 273408 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpcpp6de.DLL 2012-09-10 21:43 . 2008-11-06 15:12 149504 ----a-w- c:\windows\system32\hpcpn6de.dll 2012-09-06 17:53 . 2009-06-10 04:49 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys 2012-09-06 17:53 . 2012-09-06 17:53 -------- d-----w- c:\program files\Spirent Communications 2012-09-06 17:53 . 2012-09-06 17:53 -------- d-----w- c:\program files\HTC 2012-09-06 17:52 . 2012-09-07 13:26 -------- d-----w- C:\evo3D 2012-09-05 13:51 . 2010-03-26 08:08 4608 ------w- c:\windows\system32\drivers\TSMAPIP.SYS 2012-09-04 19:45 . 2012-09-04 19:46 -------- d-----w- c:\documents and settings\Customer\Application Data\Spreadsheet Compare 2012-09-03 21:24 . 2012-09-03 21:24 -------- d-----w- c:\program files\Common Files\Java 2012-09-03 21:22 . 2012-09-03 21:22 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-03 21:22 . 2012-09-03 21:22 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-03 16:57 . 2012-09-03 17:00 -------- d-----w- c:\documents and settings\Customer\Application Data\WindSolutions 2012-09-03 16:57 . 2012-09-03 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\WindSolutions 2012-09-02 19:15 . 2004-01-28 19:03 21456 ----a-w- c:\windows\system32\drivers\SilvrLnk.sys 2012-09-02 19:15 . 2004-02-04 14:27 49536 ----a-w- c:\windows\system32\drivers\tiehdusb.sys 2012-09-02 19:15 . 2012-09-02 19:15 -------- d-----w- c:\program files\TI Education 2012-09-02 19:15 . 2012-09-02 19:15 -------- d-----w- c:\program files\Common Files\TI Shared 2012-09-02 19:14 . 2012-09-02 19:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-08-27 04:25 . 2012-08-27 08:36 -------- d-----w- C:\Z . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-24 12:57 . 2011-11-15 11:40 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys 2012-09-19 15:19 . 2012-09-19 15:02 12319557 ----a-w- C:\iv_formats.zip 2012-09-19 14:59 . 2012-09-19 14:57 54312623 ----a-w- C:\5DIIand1DsIIIRaws.zip 2012-09-03 21:22 . 2011-11-25 07:31 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-07-19 17:17 . 2012-04-03 05:25 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-19 17:17 . 2011-10-20 08:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-05 18:09 . 2012-07-05 18:09 249856 ------w- c:\windows\Setup1.exe 2012-07-05 18:09 . 2012-07-05 18:09 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-06-26 06:59 . 2011-10-20 08:48 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432] "Netdrive"="c:\program files\NetDrive\netdrive.exe" [2001-08-23 294912] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-10-29 925696] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440] "PSQLLauncher"="c:\program files\ThinkVantage Fingerprint Software\launcher.exe" [2010-07-21 55120] "TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-15 2282792] "LenovoAutoScrollUtility"="c:\program files\Lenovo\VIRTSCRL\virtscrl.exe" [2011-10-20 101440] "TpShocks"="TpShocks.exe" [2011-03-29 337256] "LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688] "LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248] "Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2010-12-15 75072] "RDVCHG"="c:\program files\Sprint\Sprint SmartView\RDVCHG.exe" [2010-12-15 316736] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632] "PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2011-10-04 818240] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-02-22 2140880] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920] "TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312] "Trend Micro RUBotted V2.0 Beta"="c:\program files\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184] . c:\documents and settings\Customer\Start Menu\Programs\Startup\ bmem.lnk - c:\program files\bmem\bmem.exe [2011-11-10 18944] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] Pidgin.lnk - c:\program files\pidgin\PidginPortable.exe [2012-4-6 137328] Samsung SSD Magician.lnk - c:\program files\Samsung SSD Magician\Samsung SSD Magician.exe [2012-8-16 2056192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2010-07-22 00:28 100176 ----a-w- c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "Pidgin"="c:\pidgin\App\Pidgin\pidgin.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Sprint\\Sprint SmartView\\SwiApiMux.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Books\\Stanza\\Calibre Portable\\Calibre\\calibre.exe"= "c:\\mongodb\\bin\\mongod.exe"= "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\Stanza.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\DRIVERS\\HP Photosmart 3300\\setup\\HPZnet01.exe"= "c:\\DRIVERS\\HP Photosmart 3300\\setup\\hponicifs01.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 . R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [11/16/2011 10:18 AM 25968] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [3/29/2011 10:12 PM 20592] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/22/2010 5:50 PM 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/22/2010 5:51 PM 95872] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [10/20/2011 5:52 PM 13680] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [10/20/2011 4:33 AM 21992] R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [11/16/2011 10:18 AM 292200] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/22/2010 5:50 PM 810120] R2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\x86\novacomd.exe [3/15/2011 5:35 PM 61440] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [10/20/2009 2:19 PM 50704] R2 NvtlService;NovaCore SDK Service;c:\program files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [1/11/2010 5:10 PM 82944] R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [3/31/2011 4:08 PM 80896] R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.exe [11/16/2011 10:18 AM 69632] R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\ThinkPad\Utilities\PWMEWSVC.exe [11/16/2011 10:18 AM 175168] R2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [3/13/2009 5:47 PM 12560] R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\Lenovo\HOTKEY\tphkload.exe [10/20/2011 5:52 PM 131432] R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [10/20/2011 5:52 PM 142696] R2 WebDriveFSD;WebDrive File System Driver;c:\program files\NetDrive\rffsd.sys [7/11/2012 1:28 PM 67032] R3 NETwLx32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/20/2011 8:20 PM 6609920] R3 VSBC;Virtual Serial Bus Enumerator (Eltima Software);c:\windows\system32\drivers\evsbc.sys [4/3/2012 1:12 AM 27904] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2011 4:49 PM 136176] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [10/20/2011 5:52 PM 101736] S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\RUBotSrv.exe [9/17/2012 10:25 AM 439632] S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [3/26/2010 11:07 PM 319488] S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [3/26/2010 11:04 PM 51456] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [8/8/2012 4:24 PM 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [8/8/2012 4:24 PM 8456] S3 evserial;Virtual Serial Ports Driver (Eltima Softwate);c:\windows\system32\drivers\evserial.sys [4/3/2012 1:12 AM 53888] S3 GenericMount Helper Service;GenericMount Helper Service;"c:\program files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe" --> c:\program files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [?] S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys --> c:\windows\system32\DRIVERS\GenericMount.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2011 4:49 PM 136176] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [9/6/2012 1:53 PM 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248] S3 MongoDB;Mongo DB;c:\mongodb\bin\mongod.exe [7/16/2012 9:54 AM 3908096] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/30/2012 10:09 AM 113120] S3 SER2AT;ATEN USB to Serial port driver;c:\windows\system32\drivers\SER2AT.sys [4/3/2012 2:44 AM 51200] S3 SKYSCOUT;Celestron SkyScout driver;c:\windows\system32\drivers\UsbScout.sys [1/27/2012 7:38 PM 20480] S3 SymSnapService;SymSnapService;"c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe" --> c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [?] S4 RFNP32;WebDrive Provider; [x] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/26/2012 3:29 AM 691696] . --- Other Services/Drivers In Memory --- . *Deregistered* - BMLoad . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder . 2012-06-12 c:\windows\Tasks\AOR Pacing.job - c:\wwp\aor\aor.bat [2012-06-11 21:20] . 2012-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-08 20:48] . 2012-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-08 20:48] . 2012-05-03 c:\windows\Tasks\Lead Alerts.job - c:\perl\wwp.bat [2012-05-01 16:38] . 2012-09-24 c:\windows\Tasks\PMTask.job - c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2011-11-16 06:39] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Open with KUSO EXIF Viewer - c:\program files\KUSO EXIF Viewer\EXIF.htm IE: Send to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 205.152.144.23 205.152.132.23 FF - ProfilePath - c:\documents and settings\Customer\Application Data\Mozilla\Firefox\Profiles\a7zp1i7x.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . - - - - ORPHANS REMOVED - - - - . HKLM-Run-WebDriveTray - c:\program files\NetDrive\webdrive.exe AddRemove-{F7E1CA14-B39D-452A-960B-39423DDDD933} - f:\xml\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-24 08:57 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(620) c:\windows\system32\vrlogon.dll c:\windows\system32\Ati2evxx.dll c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll c:\program files\ThinkVantage Fingerprint Software\homefus2.dll c:\program files\ThinkVantage Fingerprint Software\infql2.dll c:\program files\ThinkVantage Fingerprint Software\homepass.dll c:\program files\ThinkVantage Fingerprint Software\bio.dll c:\program files\ThinkVantage Fingerprint Software\qlbase.dll c:\program files\ThinkVantage Fingerprint Software\ps2css.dll c:\windows\system32\RFNP32.DLL c:\windows\system32\RFHelper.dll c:\windows\system32\rfhres.dll . - - - - - - - > 'lsass.exe'(676) c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll c:\program files\ThinkVantage Fingerprint Software\homefus2.dll c:\program files\ThinkVantage Fingerprint Software\infql2.dll . - - - - - - - > 'explorer.exe'(3680) c:\program files\Google\Drive\googledrivesync32.dll c:\windows\system32\ieframe.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\windows\system32\Ati2evxx.exe c:\program files\Intel\WiFi\bin\S24EvMon.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\inetsrv\inetinfo.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\MySQL\MySQL Server 5.1\bin\mysqld.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Lenovo\System Update\SUService.exe c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe c:\program files\NetDrive\wdservice.exe c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe c:\program files\LENOVO\HOTKEY\tposdsvc.exe c:\windows\system32\wscntfy.exe c:\program files\Lenovo\HOTKEY\TPONSCR.exe c:\program files\Lenovo\Zoom\TpScrex.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\TpShocks.exe c:\windows\system32\rundll32.exe c:\program files\Synaptics\SynTP\SynTPLpr.exe c:\program files\iPod\bin\iPodService.exe c:\progra~1\ThinkPad\UTILIT~1\SCHTASK.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\program files\pidgin\App\Pidgin\pidgin-portable.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Completion time: 2012-09-24 09:00:01 - machine was rebooted ComboFix-quarantined-files.txt 2012-09-24 12:59 . Pre-Run: 7,785,623,552 bytes free Post-Run: 15,865,167,872 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - BCEF5E4D31FF867226D6CE7EB6F7B64B Here is the TDSSKiller log file 09:12:58.0296 4116 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 09:12:58.0578 4116 ============================================================ 09:12:58.0578 4116 Current date / time: 2012/09/24 09:12:58.0578 09:12:58.0578 4116 SystemInfo: 09:12:58.0578 4116 09:12:58.0578 4116 OS Version: 5.1.2600 ServicePack: 3.0 09:12:58.0578 4116 Product type: Workstation 09:12:58.0578 4116 ComputerName: T60P 09:12:58.0578 4116 UserName: Customer 09:12:58.0578 4116 Windows directory: C:\WINDOWS 09:12:58.0578 4116 System windows directory: C:\WINDOWS 09:12:58.0578 4116 Processor architecture: Intel x86 09:12:58.0578 4116 Number of processors: 2 09:12:58.0578 4116 Page size: 0x1000 09:12:58.0578 4116 Boot type: Normal boot 09:12:58.0578 4116 ============================================================ 09:12:59.0140 4116 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x8134, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050 09:12:59.0140 4116 ============================================================ 09:12:59.0140 4116 \Device\Harddisk0\DR0: 09:12:59.0140 4116 MBR partitions: 09:12:59.0140 4116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4191 09:12:59.0140 4116 ============================================================ 09:12:59.0140 4116 C: <-> \Device\Harddisk0\DR0\Partition1 09:12:59.0156 4116 ============================================================ 09:12:59.0156 4116 Initialize success 09:12:59.0156 4116 ============================================================ 09:13:01.0265 4028 ============================================================ 09:13:01.0265 4028 Scan started 09:13:01.0265 4028 Mode: Manual; 09:13:01.0265 4028 ============================================================ 09:13:01.0468 4028 ================ Scan system memory ======================== 09:13:01.0484 4028 System memory - ok 09:13:01.0484 4028 ================ Scan services ============================= 09:13:01.0515 4028 Abiosdsk - ok 09:13:01.0531 4028 abp480n5 - ok 09:13:01.0531 4028 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 09:13:01.0609 4028 ACPI - ok 09:13:01.0625 4028 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 09:13:01.0656 4028 ACPIEC - ok 09:13:01.0671 4028 [ B7C4F2A40B7D2289EB944FFF30F385FF ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys 09:13:01.0703 4028 ADIHdAudAddService - ok 09:13:01.0703 4028 adpu160m - ok 09:13:01.0718 4028 [ C984DE22ED71414ABC42C1E03D412E33 ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys 09:13:01.0734 4028 AEAudioService - ok 09:13:01.0734 4028 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 09:13:01.0765 4028 aec - ok 09:13:01.0765 4028 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys 09:13:01.0765 4028 AFD - ok 09:13:01.0765 4028 Aha154x - ok 09:13:01.0781 4028 aic78u2 - ok 09:13:01.0781 4028 aic78xx - ok 09:13:01.0781 4028 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 09:13:01.0796 4028 Alerter - ok 09:13:01.0796 4028 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 09:13:01.0796 4028 ALG - ok 09:13:01.0796 4028 AliIde - ok 09:13:01.0796 4028 amsint - ok 09:13:01.0812 4028 ANIWZCSdService - ok 09:13:01.0812 4028 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:13:01.0812 4028 Apple Mobile Device - ok 09:13:01.0812 4028 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 09:13:01.0828 4028 AppMgmt - ok 09:13:01.0828 4028 asc - ok 09:13:01.0828 4028 asc3350p - ok 09:13:01.0828 4028 asc3550 - ok 09:13:01.0843 4028 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 09:13:01.0843 4028 aspnet_state - ok 09:13:01.0859 4028 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:13:01.0875 4028 AsyncMac - ok 09:13:01.0875 4028 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 09:13:01.0890 4028 atapi - ok 09:13:01.0890 4028 Atdisk - ok 09:13:01.0906 4028 [ B921D1790A8EF84B2DBDEEEF4909FBA1 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 09:13:01.0921 4028 Ati HotKey Poller - ok 09:13:01.0968 4028 [ 5A13723FB8BFDD2090DEFB2D0CB98A27 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 09:13:02.0015 4028 ati2mtag - ok 09:13:02.0031 4028 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 09:13:02.0046 4028 Atmarpc - ok 09:13:02.0046 4028 [ DBF0D7E2DF33B469EB55406FEA759350 ] atmeltpm C:\WINDOWS\system32\DRIVERS\atmeltpm.sys 09:13:02.0062 4028 atmeltpm - ok 09:13:02.0078 4028 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 09:13:02.0078 4028 AudioSrv - ok 09:13:02.0078 4028 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 09:13:02.0093 4028 audstub - ok 09:13:02.0109 4028 [ 54C533AE49CDF9C4630E80379A1090FE ] bcm C:\WINDOWS\system32\DRIVERS\drxvi314.sys 09:13:02.0140 4028 bcm - ok 09:13:02.0140 4028 [ 44A70E32615770A4EC60E0267C0C8408 ] bcmbusctr C:\WINDOWS\system32\DRIVERS\BcmBusCtr.sys 09:13:02.0171 4028 bcmbusctr - ok 09:13:02.0187 4028 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 09:13:02.0203 4028 Beep - ok 09:13:02.0203 4028 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 09:13:02.0218 4028 BITS - ok 09:13:02.0218 4028 [ 98F4630B5867D911AD6EAE79874BF5E6 ] BMLoad C:\WINDOWS\system32\drivers\BMLoad.sys 09:13:02.0218 4028 BMLoad - ok 09:13:02.0234 4028 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys 09:13:02.0265 4028 Bridge - ok 09:13:02.0265 4028 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys 09:13:02.0265 4028 BridgeMP - ok 09:13:02.0265 4028 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll 09:13:02.0265 4028 Browser - ok 09:13:02.0281 4028 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys 09:13:02.0296 4028 BTDriver - ok 09:13:02.0312 4028 [ D26B5B9A40A2B2191B35C76D5CBF5D2A ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys 09:13:02.0328 4028 BTKRNL - ok 09:13:02.0343 4028 [ C261E704B5558BA04DD643A0D998327D ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe 09:13:02.0343 4028 btwdins - ok 09:13:02.0359 4028 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys 09:13:02.0375 4028 BTWDNDIS - ok 09:13:02.0375 4028 [ 7696F6F2E63086EEEDB76B71BB7BB455 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys 09:13:02.0390 4028 BTWUSB - ok 09:13:02.0390 4028 catchme - ok 09:13:02.0390 4028 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 09:13:02.0406 4028 cbidf2k - ok 09:13:02.0406 4028 cd20xrnt - ok 09:13:02.0421 4028 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 09:13:02.0437 4028 Cdaudio - ok 09:13:02.0437 4028 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 09:13:02.0453 4028 Cdfs - ok 09:13:02.0468 4028 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 09:13:02.0484 4028 Cdrom - ok 09:13:02.0484 4028 Changer - ok 09:13:02.0484 4028 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 09:13:02.0484 4028 CiSvc - ok 09:13:02.0500 4028 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 09:13:02.0500 4028 ClipSrv - ok 09:13:02.0500 4028 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:13:02.0515 4028 clr_optimization_v2.0.50727_32 - ok 09:13:02.0515 4028 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:13:02.0515 4028 clr_optimization_v4.0.30319_32 - ok 09:13:02.0515 4028 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 09:13:02.0531 4028 CmBatt - ok 09:13:02.0546 4028 CmdIde - ok 09:13:02.0546 4028 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 09:13:02.0562 4028 Compbatt - ok 09:13:02.0562 4028 COMSysApp - ok 09:13:02.0578 4028 Cpqarray - ok 09:13:02.0578 4028 [ C2EB4539A4F6AB6EDD01BDC191619975 ] cpuz135 C:\WINDOWS\system32\drivers\cpuz135_x32.sys 09:13:02.0593 4028 cpuz135 - ok 09:13:02.0609 4028 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 09:13:02.0609 4028 CryptSvc - ok 09:13:02.0609 4028 dac2w2k - ok 09:13:02.0609 4028 dac960nt - ok 09:13:02.0625 4028 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 09:13:02.0625 4028 DcomLaunch - ok 09:13:02.0625 4028 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 09:13:02.0640 4028 Dhcp - ok 09:13:02.0640 4028 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 09:13:02.0656 4028 Disk - ok 09:13:02.0656 4028 dmadmin - ok 09:13:02.0671 4028 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 09:13:02.0718 4028 dmboot - ok 09:13:02.0718 4028 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 09:13:02.0734 4028 dmio - ok 09:13:02.0750 4028 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 09:13:02.0765 4028 dmload - ok 09:13:02.0765 4028 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 09:13:02.0765 4028 dmserver - ok 09:13:02.0765 4028 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 09:13:02.0781 4028 DMusic - ok 09:13:02.0781 4028 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 09:13:02.0781 4028 Dnscache - ok 09:13:02.0781 4028 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 09:13:02.0796 4028 Dot3svc - ok 09:13:02.0796 4028 [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD C:\WINDOWS\system32\DRIVERS\DozeHDD.sys 09:13:02.0796 4028 DozeHDD - ok 09:13:02.0812 4028 [ 21B364856DDBC03D1AFCF348528E5B49 ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE 09:13:02.0812 4028 DozeSvc - ok 09:13:02.0812 4028 dpti2o - ok 09:13:02.0812 4028 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 09:13:02.0843 4028 drmkaud - ok 09:13:02.0843 4028 [ 06D94F4543671B497A5F4A0AEDD5E36A ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys 09:13:02.0859 4028 e1express - ok 09:13:02.0875 4028 [ 55E754E04C09DAF19FC0054E72713D80 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys 09:13:02.0890 4028 eamon - ok 09:13:02.0890 4028 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 09:13:02.0890 4028 EapHost - ok 09:13:02.0906 4028 [ 6F2441C26D74BDE88C25E240A2720EEB ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys 09:13:02.0921 4028 ehdrv - ok 09:13:02.0921 4028 [ EE0F138E023787DE4D3F1C86A6907CC4 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 09:13:02.0921 4028 EhttpSrv - ok 09:13:02.0937 4028 [ CD76857C30BB34D5D9E02A7C9DE5FB9E ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 09:13:02.0953 4028 ekrn - ok 09:13:02.0953 4028 [ A8317313533E02D573E9DA4962CE1BAD ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 09:13:02.0984 4028 epfwtdir - ok 09:13:03.0000 4028 [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys 09:13:03.0000 4028 epmntdrv - ok 09:13:03.0000 4028 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 09:13:03.0000 4028 ERSvc - ok 09:13:03.0015 4028 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys 09:13:03.0015 4028 EuGdiDrv - ok 09:13:03.0015 4028 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe 09:13:03.0015 4028 Eventlog - ok 09:13:03.0031 4028 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll 09:13:03.0031 4028 EventSystem - ok 09:13:03.0031 4028 [ EA2BEE20E81C36C36FE2C29FDA145552 ] evserial C:\WINDOWS\system32\DRIVERS\evserial.sys 09:13:03.0046 4028 evserial - ok 09:13:03.0062 4028 [ 52859724EDD0EE282522225E056B6EB3 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 09:13:03.0078 4028 EvtEng - ok 09:13:03.0078 4028 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 09:13:03.0093 4028 Fastfat - ok 09:13:03.0109 4028 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 09:13:03.0109 4028 FastUserSwitchingCompatibility - ok 09:13:03.0109 4028 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 09:13:03.0125 4028 Fdc - ok 09:13:03.0140 4028 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 09:13:03.0156 4028 Fips - ok 09:13:03.0156 4028 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 09:13:03.0171 4028 Flpydisk - ok 09:13:03.0187 4028 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 09:13:03.0203 4028 FltMgr - ok 09:13:03.0203 4028 [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:13:03.0203 4028 FontCache3.0.0.0 - ok 09:13:03.0218 4028 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:13:03.0250 4028 Fs_Rec - ok 09:13:03.0265 4028 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 09:13:03.0281 4028 Ftdisk - ok 09:13:03.0312 4028 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 09:13:03.0312 4028 GEARAspiWDM - ok 09:13:03.0312 4028 GenericMount - ok 09:13:03.0312 4028 GenericMount Helper Service - ok 09:13:03.0328 4028 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 09:13:03.0343 4028 Gpc - ok 09:13:03.0343 4028 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 09:13:03.0359 4028 gupdate - ok 09:13:03.0359 4028 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 09:13:03.0359 4028 gupdatem - ok 09:13:03.0359 4028 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 09:13:03.0375 4028 HDAudBus - ok 09:13:03.0390 4028 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 09:13:03.0390 4028 helpsvc - ok 09:13:03.0390 4028 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 09:13:03.0390 4028 HidServ - ok 09:13:03.0390 4028 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 09:13:03.0421 4028 HidUsb - ok 09:13:03.0437 4028 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 09:13:03.0437 4028 hkmsvc - ok 09:13:03.0437 4028 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPBPRO.EXE 09:13:03.0453 4028 HP Port Resolver - ok 09:13:03.0453 4028 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPBOID.EXE 09:13:03.0453 4028 HP Status Server - ok 09:13:03.0453 4028 hpn - ok 09:13:03.0468 4028 [ B1FC0B027DF4374F9E5B796CFDF797B3 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys 09:13:03.0484 4028 HSF_DPV - ok 09:13:03.0484 4028 [ 3AF45F5B4157C88FFAE24D89BA408302 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys 09:13:03.0515 4028 HSXHWAZL - ok 09:13:03.0515 4028 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys 09:13:03.0515 4028 HTCAND32 - ok 09:13:03.0515 4028 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys 09:13:03.0515 4028 htcnprot - ok 09:13:03.0531 4028 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 09:13:03.0546 4028 HTTP - ok 09:13:03.0546 4028 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 09:13:03.0562 4028 HTTPFilter - ok 09:13:03.0562 4028 i2omgmt - ok 09:13:03.0562 4028 i2omp - ok 09:13:03.0562 4028 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 09:13:03.0593 4028 i8042prt - ok 09:13:03.0609 4028 [ 2358C53F30CB9DCD1D3843C4E2F299B2 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys 09:13:03.0609 4028 iaStor - ok 09:13:03.0609 4028 [ E3FFC8CB45B3F55264EE10F084B2731B ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys 09:13:03.0625 4028 IBMPMDRV - ok 09:13:03.0625 4028 [ 5565982522EE9D4E8921FEB304D4226F ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe 09:13:03.0625 4028 IBMPMSVC - ok 09:13:03.0625 4028 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 09:13:03.0625 4028 IDriverT - ok 09:13:03.0656 4028 [ E7CC3AEAED9893A88876744CD439F76C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:13:03.0656 4028 idsvc - ok 09:13:03.0671 4028 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe 09:13:03.0671 4028 IISADMIN - ok 09:13:03.0671 4028 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 09:13:03.0687 4028 Imapi - ok 09:13:03.0703 4028 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 09:13:03.0703 4028 ImapiService - ok 09:13:03.0703 4028 ini910u - ok 09:13:03.0718 4028 IntelIde - ok 09:13:03.0718 4028 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 09:13:03.0734 4028 intelppm - ok 09:13:03.0734 4028 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 09:13:03.0765 4028 Ip6Fw - ok 09:13:03.0781 4028 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:13:03.0812 4028 IpFilterDriver - ok 09:13:03.0828 4028 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 09:13:03.0843 4028 IpInIp - ok 09:13:03.0843 4028 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 09:13:03.0859 4028 IpNat - ok 09:13:03.0875 4028 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:13:03.0890 4028 iPod Service - ok 09:13:03.0906 4028 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 09:13:03.0921 4028 IPSec - ok 09:13:03.0921 4028 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 09:13:03.0937 4028 irda - ok 09:13:03.0953 4028 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 09:13:03.0968 4028 IRENUM - ok 09:13:03.0968 4028 [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon C:\WINDOWS\System32\irmon.dll 09:13:03.0968 4028 Irmon - ok 09:13:03.0968 4028 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 09:13:04.0000 4028 isapnp - ok 09:13:04.0000 4028 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 09:13:04.0000 4028 JavaQuickStarterService - ok 09:13:04.0015 4028 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 09:13:04.0031 4028 Kbdclass - ok 09:13:04.0031 4028 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 09:13:04.0046 4028 kbdhid - ok 09:13:04.0062 4028 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 09:13:04.0078 4028 kmixer - ok 09:13:04.0078 4028 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 09:13:04.0093 4028 KSecDD - ok 09:13:04.0109 4028 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 09:13:04.0109 4028 lanmanserver - ok 09:13:04.0109 4028 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 09:13:04.0125 4028 lanmanworkstation - ok 09:13:04.0125 4028 lbrtfdc - ok 09:13:04.0125 4028 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 09:13:04.0140 4028 LENOVO.MICMUTE - ok 09:13:04.0140 4028 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\WINDOWS\system32\DRIVERS\smiif32.sys 09:13:04.0140 4028 lenovo.smi - ok 09:13:04.0156 4028 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 09:13:04.0156 4028 LmHosts - ok 09:13:04.0156 4028 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 09:13:04.0156 4028 mdmxsdk - ok 09:13:04.0156 4028 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 09:13:04.0171 4028 Messenger - ok 09:13:04.0171 4028 [ A7DA20AB18A1BDAE28B0F349E57DA0D1 ] mf C:\WINDOWS\system32\DRIVERS\mf.sys 09:13:04.0187 4028 mf - ok 09:13:04.0187 4028 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 09:13:04.0203 4028 Microsoft Office Groove Audit Service - ok 09:13:04.0203 4028 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 09:13:04.0218 4028 mnmdd - ok 09:13:04.0218 4028 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 09:13:04.0234 4028 mnmsrvc - ok 09:13:04.0234 4028 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 09:13:04.0250 4028 Modem - ok 09:13:04.0328 4028 [ B9530A79218016DEFC55004E17C6FB77 ] MongoDB C:\mongodb\bin\mongod.exe 09:13:04.0390 4028 MongoDB - ok 09:13:04.0406 4028 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 09:13:04.0421 4028 Mouclass - ok 09:13:04.0421 4028 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 09:13:04.0437 4028 mouhid - ok 09:13:04.0453 4028 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 09:13:04.0468 4028 MountMgr - ok 09:13:04.0468 4028 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 09:13:04.0484 4028 MozillaMaintenance - ok 09:13:04.0484 4028 mraid35x - ok 09:13:04.0484 4028 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 09:13:04.0515 4028 MRxDAV - ok 09:13:04.0531 4028 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:13:04.0562 4028 MRxSmb - ok 09:13:04.0562 4028 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 09:13:04.0562 4028 MSDTC - ok 09:13:04.0578 4028 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 09:13:04.0593 4028 Msfs - ok 09:13:04.0593 4028 MSIServer - ok 09:13:04.0593 4028 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:13:04.0609 4028 MSKSSRV - ok 09:13:04.0625 4028 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:13:04.0640 4028 MSPCLOCK - ok 09:13:04.0640 4028 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 09:13:04.0656 4028 MSPQM - ok 09:13:04.0656 4028 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 09:13:04.0671 4028 mssmbios - ok 09:13:04.0687 4028 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 09:13:04.0703 4028 Mup - ok 09:13:04.0703 4028 MySQL - ok 09:13:04.0718 4028 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 09:13:04.0718 4028 napagent - ok 09:13:04.0734 4028 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 09:13:04.0734 4028 NDIS - ok 09:13:04.0734 4028 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:13:04.0750 4028 NdisTapi - ok 09:13:04.0750 4028 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:13:04.0765 4028 Ndisuio - ok 09:13:04.0781 4028 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:13:04.0796 4028 NdisWan - ok 09:13:04.0796 4028 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 09:13:04.0812 4028 NDProxy - ok 09:13:04.0828 4028 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 09:13:04.0828 4028 Net Driver HPZ12 - ok 09:13:04.0828 4028 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 09:13:04.0843 4028 NetBIOS - ok 09:13:04.0859 4028 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 09:13:04.0875 4028 NetBT - ok 09:13:04.0875 4028 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 09:13:04.0890 4028 NetDDE - ok 09:13:04.0890 4028 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 09:13:04.0890 4028 NetDDEdsdm - ok 09:13:04.0890 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 09:13:04.0906 4028 Netlogon - ok 09:13:04.0906 4028 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 09:13:04.0906 4028 Netman - ok 09:13:04.0921 4028 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:13:04.0921 4028 NetTcpPortSharing - ok 09:13:04.0968 4028 [ 05743FFFC2BC88CC8E426321BC6A762E ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 09:13:05.0031 4028 NETw5x32 - ok 09:13:05.0140 4028 [ 72062B53186E4A3F5FCBC41EBB62B905 ] NETwLx32 C:\WINDOWS\system32\DRIVERS\NETwLx32.sys 09:13:05.0250 4028 NETwLx32 - ok 09:13:05.0250 4028 [ 37260A293B6A89373AE76791E6CC5A12 ] nhcDriverDevice C:\WINDOWS\system32\drivers\nhcDriver.sys 09:13:05.0281 4028 nhcDriverDevice - ok 09:13:05.0281 4028 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll 09:13:05.0281 4028 Nla - ok 09:13:05.0296 4028 [ B0D5188E282DC4EDAE7020F333427BC8 ] Nmea C:\WINDOWS\system32\DRIVERS\pctnullport.sys 09:13:05.0296 4028 Nmea - ok 09:13:05.0296 4028 [ 085440078813949C51C33589557BFD29 ] NovacomD C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe 09:13:05.0296 4028 NovacomD - ok 09:13:05.0312 4028 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\npf.sys 09:13:05.0312 4028 NPF - ok 09:13:05.0312 4028 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 09:13:05.0328 4028 Npfs - ok 09:13:05.0343 4028 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys 09:13:05.0375 4028 NSCIRDA - ok 09:13:05.0390 4028 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 09:13:05.0406 4028 Ntfs - ok 09:13:05.0406 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 09:13:05.0406 4028 NtLmSsp - ok 09:13:05.0421 4028 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 09:13:05.0421 4028 NtmsSvc - ok 09:13:05.0437 4028 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 09:13:05.0453 4028 Null - ok 09:13:05.0453 4028 [ 7D4ED787E0D06677776339318DF25BDC ] NvtlService C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe 09:13:05.0468 4028 NvtlService - ok 09:13:05.0468 4028 [ 93213C7EC08E01E37A935BF144E75DF6 ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys 09:13:05.0500 4028 NWADI - ok 09:13:05.0500 4028 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 09:13:05.0515 4028 NwlnkFlt - ok 09:13:05.0531 4028 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 09:13:05.0546 4028 NwlnkFwd - ok 09:13:05.0562 4028 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:13:05.0562 4028 odserv - ok 09:13:05.0578 4028 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:13:05.0578 4028 ose - ok 09:13:05.0593 4028 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys 09:13:05.0609 4028 Parport - ok 09:13:05.0609 4028 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 09:13:05.0625 4028 PartMgr - ok 09:13:05.0640 4028 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 09:13:05.0656 4028 ParVdm - ok 09:13:05.0656 4028 [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 09:13:05.0671 4028 PassThru Service - ok 09:13:05.0671 4028 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys 09:13:05.0671 4028 PCASp50 - ok 09:13:05.0671 4028 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 09:13:05.0703 4028 PCI - ok 09:13:05.0703 4028 PCIDump - ok 09:13:05.0703 4028 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 09:13:05.0718 4028 PCIIde - ok 09:13:05.0734 4028 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 09:13:05.0765 4028 Pcmcia - ok 09:13:05.0765 4028 [ 1E715247EFFFDDA938C085913045D599 ] PCTINDIS5 C:\WINDOWS\system32\PCTINDIS5.SYS 09:13:05.0781 4028 PCTINDIS5 - ok 09:13:05.0796 4028 PDCOMP - ok 09:13:05.0796 4028 PDFRAME - ok 09:13:05.0796 4028 PDRELI - ok 09:13:05.0796 4028 PDRFRAME - ok 09:13:05.0812 4028 perc2 - ok 09:13:05.0812 4028 perc2hib - ok 09:13:05.0828 4028 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe 09:13:05.0828 4028 PlugPlay - ok 09:13:05.0828 4028 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 09:13:05.0828 4028 Pml Driver HPZ12 - ok 09:13:05.0843 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 09:13:05.0843 4028 PolicyAgent - ok 09:13:05.0843 4028 [ 07A5F0D46C06C154560A70C998003C2A ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE 09:13:05.0843 4028 Power Manager DBC Service - ok 09:13:05.0843 4028 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:13:05.0875 4028 PptpMiniport - ok 09:13:05.0875 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 09:13:05.0875 4028 ProtectedStorage - ok 09:13:05.0875 4028 [ F8A25F1DD8B2C332CBC663E3579566E7 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys 09:13:05.0875 4028 psadd - ok 09:13:05.0890 4028 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 09:13:05.0906 4028 Ptilink - ok 09:13:05.0906 4028 [ 40EC047DC4304D3910D9358FCEAA1803 ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE 09:13:05.0906 4028 PwmEWSvc - ok 09:13:05.0921 4028 ql1080 - ok 09:13:05.0921 4028 Ql10wnt - ok 09:13:05.0921 4028 ql12160 - ok 09:13:05.0921 4028 ql1240 - ok 09:13:05.0937 4028 ql1280 - ok 09:13:05.0937 4028 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:13:05.0953 4028 RasAcd - ok 09:13:05.0968 4028 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 09:13:05.0968 4028 RasAuto - ok 09:13:05.0968 4028 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 09:13:05.0984 4028 Rasirda - ok 09:13:06.0000 4028 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:13:06.0015 4028 Rasl2tp - ok 09:13:06.0015 4028 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 09:13:06.0031 4028 RasMan - ok 09:13:06.0031 4028 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:13:06.0046 4028 RasPppoe - ok 09:13:06.0062 4028 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 09:13:06.0093 4028 Raspti - ok 09:13:06.0093 4028 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:13:06.0171 4028 Rdbss - ok 09:13:06.0187 4028 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 09:13:06.0203 4028 RDPCDD - ok 09:13:06.0203 4028 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 09:13:06.0218 4028 rdpdr - ok 09:13:06.0234 4028 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 09:13:06.0281 4028 RDPWD - ok 09:13:06.0281 4028 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 09:13:06.0296 4028 RDSessMgr - ok 09:13:06.0296 4028 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 09:13:06.0312 4028 redbook - ok 09:13:06.0328 4028 [ 3B1A7CEA1E230103264405E0FB05532C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 09:13:06.0343 4028 RegSrvc - ok 09:13:06.0343 4028 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 09:13:06.0343 4028 RemoteAccess - ok 09:13:06.0359 4028 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 09:13:06.0359 4028 RemoteRegistry - ok 09:13:06.0359 4028 RFNP32 - ok 09:13:06.0359 4028 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe 09:13:06.0375 4028 rpcapd - ok 09:13:06.0375 4028 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 09:13:06.0375 4028 RpcLocator - ok 09:13:06.0390 4028 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\System32\rpcss.dll 09:13:06.0390 4028 RpcSs - ok 09:13:06.0406 4028 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 09:13:06.0406 4028 RSVP - ok 09:13:06.0406 4028 [ 0F82A97056EA208183C0085589F83050 ] rt2500usb C:\WINDOWS\system32\DRIVERS\rt2500usb.sys 09:13:06.0437 4028 rt2500usb - ok 09:13:06.0437 4028 [ A0EEA6F631349D0E0B7A6CAA7E099CB0 ] RUBotSrv C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe 09:13:06.0453 4028 RUBotSrv - ok 09:13:06.0468 4028 [ 8C9D57338B02D95C0FC7DB428C50A001 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe 09:13:06.0484 4028 S24EventMonitor - ok 09:13:06.0500 4028 [ 27FC71DA659305E260ACBDA15A318399 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys 09:13:06.0500 4028 s24trans - ok 09:13:06.0500 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 09:13:06.0500 4028 SamSs - ok 09:13:06.0500 4028 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 09:13:06.0515 4028 SCardSvr - ok 09:13:06.0515 4028 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 09:13:06.0531 4028 Schedule - ok 09:13:06.0531 4028 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 09:13:06.0546 4028 Secdrv - ok 09:13:06.0562 4028 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 09:13:06.0562 4028 seclogon - ok 09:13:06.0562 4028 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 09:13:06.0562 4028 SENS - ok 09:13:06.0578 4028 [ 9C80BA2E3B0AD98D108154C020FCB966 ] SER2AT C:\WINDOWS\system32\DRIVERS\SER2AT.sys 09:13:06.0578 4028 SER2AT - ok 09:13:06.0578 4028 Ser2pl - ok 09:13:06.0578 4028 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 09:13:06.0609 4028 Serenum - ok 09:13:06.0609 4028 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys 09:13:06.0640 4028 Serial - ok 09:13:06.0656 4028 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 09:13:06.0671 4028 Sfloppy - ok 09:13:06.0687 4028 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 09:13:06.0687 4028 SharedAccess - ok 09:13:06.0687 4028 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 09:13:06.0703 4028 ShellHWDetection - ok 09:13:06.0703 4028 [ 1624530D05155F4E5A4736531523BFF5 ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys 09:13:06.0734 4028 Shockprf - ok 09:13:06.0750 4028 [ F2AB02C279BFC511A4B859416FFD4EB2 ] Si3112 C:\WINDOWS\system32\drivers\Si3112.sys 09:13:06.0765 4028 Si3112 - ok 09:13:06.0781 4028 Simbad - ok 09:13:06.0781 4028 [ 7E00E1C6F2CF9822F15D17FFB684A200 ] SKYSCOUT C:\WINDOWS\system32\DRIVERS\UsbScout.sys 09:13:06.0796 4028 SKYSCOUT - ok 09:13:06.0812 4028 [ 26341D0DD225D19FD50E0EE3C3C77502 ] Smapint C:\WINDOWS\system32\drivers\Smapint.sys 09:13:06.0812 4028 Smapint - ok 09:13:06.0828 4028 [ 0B9C01236D25BDCB37AA79DC59DFB7D3 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys 09:13:06.0828 4028 smihlp - ok 09:13:06.0828 4028 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe 09:13:06.0828 4028 SMTPSVC - ok 09:13:06.0843 4028 Sparrow - ok 09:13:06.0843 4028 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 09:13:06.0859 4028 splitter - ok 09:13:06.0859 4028 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe 09:13:06.0875 4028 Spooler - ok 09:13:06.0875 4028 [ BFF4D98AC361EFB0D85513F9629AFAF5 ] SprintRcAppSvc C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe 09:13:06.0875 4028 SprintRcAppSvc - ok 09:13:06.0906 4028 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys 09:13:06.0921 4028 sptd - ok 09:13:06.0921 4028 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 09:13:06.0937 4028 sr - ok 09:13:06.0953 4028 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 09:13:06.0953 4028 srservice - ok 09:13:06.0968 4028 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 09:13:06.0984 4028 Srv - ok 09:13:06.0984 4028 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 09:13:07.0000 4028 SSDPSRV - ok 09:13:07.0000 4028 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 09:13:07.0015 4028 StillCam - ok 09:13:07.0031 4028 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 09:13:07.0031 4028 stisvc - ok 09:13:07.0031 4028 [ C2191C1A5DFED0795E3D3B68905B195B ] SUService C:\Program Files\Lenovo\System Update\SUService.exe 09:13:07.0031 4028 SUService - ok 09:13:07.0046 4028 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 09:13:07.0062 4028 swenum - ok 09:13:07.0062 4028 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 09:13:07.0093 4028 swmidi - ok 09:13:07.0125 4028 [ AF88AE62B84D016EB5BDC12DDF1005A3 ] swmx00 C:\WINDOWS\system32\DRIVERS\swmx00.sys 09:13:07.0156 4028 swmx00 - ok 09:13:07.0156 4028 [ 24BCE62E4DA07C6488E3A7FF37A6B6AE ] SWNC5E00 C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys 09:13:07.0187 4028 SWNC5E00 - ok 09:13:07.0187 4028 SwPrv - ok 09:13:07.0187 4028 symc810 - ok 09:13:07.0187 4028 symc8xx - ok 09:13:07.0187 4028 SymSnapService - ok 09:13:07.0203 4028 sym_hi - ok 09:13:07.0203 4028 sym_u3 - ok 09:13:07.0218 4028 [ 7E194E86BF306E07470A0AC56B41DE83 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 09:13:07.0265 4028 SynTP - ok 09:13:07.0265 4028 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 09:13:07.0281 4028 sysaudio - ok 09:13:07.0281 4028 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 09:13:07.0281 4028 SysmonLog - ok 09:13:07.0296 4028 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 09:13:07.0296 4028 TapiSrv - ok 09:13:07.0312 4028 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:13:07.0328 4028 Tcpip - ok 09:13:07.0343 4028 [ 4BED0C7FDF414D1BD26BF33EA673CA49 ] tcpipBM C:\WINDOWS\system32\drivers\tcpipBM.sys 09:13:07.0343 4028 tcpipBM - ok 09:13:07.0359 4028 [ 58E3EB5A5C78740C5870EEE6648CCC46 ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys 09:13:07.0359 4028 TcUsb - ok 09:13:07.0359 4028 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 09:13:07.0375 4028 TDPIPE - ok 09:13:07.0390 4028 [ 564B337034271B7BDDCABFDDC91C6B7A ] TDSMAPI C:\WINDOWS\system32\drivers\TDSMAPI.SYS 09:13:07.0406 4028 TDSMAPI - ok 09:13:07.0406 4028 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 09:13:07.0421 4028 TDTCP - ok 09:13:07.0437 4028 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 09:13:07.0468 4028 TermDD - ok 09:13:07.0484 4028 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 09:13:07.0484 4028 TermService - ok 09:13:07.0500 4028 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll 09:13:07.0500 4028 Themes - ok 09:13:07.0515 4028 [ 9626746A9B120D2ED537DD8D76278405 ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe 09:13:07.0531 4028 ThinkVantage Registry Monitor Service - ok 09:13:07.0531 4028 [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB C:\WINDOWS\system32\drivers\tiehdusb.sys 09:13:07.0531 4028 TIEHDUSB - ok 09:13:07.0546 4028 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 09:13:07.0546 4028 TlntSvr - ok 09:13:07.0546 4028 TosIde - ok 09:13:07.0546 4028 [ D2378FBBD668D9FE9B6B5E3139D506D3 ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys 09:13:07.0578 4028 TPDIGIMN - ok 09:13:07.0578 4028 [ A34A1E6B5461273846D30F5898602A72 ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe 09:13:07.0578 4028 TPHDEXLGSVC - ok 09:13:07.0593 4028 [ 8AEF2188630F5ECD79AD9ABBA630630B ] TPHKDRV C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys 09:13:07.0593 4028 TPHKDRV - ok 09:13:07.0593 4028 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 09:13:07.0593 4028 TPHKLOAD - ok 09:13:07.0609 4028 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 09:13:07.0609 4028 TPHKSVC - ok 09:13:07.0609 4028 [ C037817E2498D9DB736E4BA355B1F4E7 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys 09:13:07.0625 4028 TPPWRIF - ok 09:13:07.0640 4028 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 09:13:07.0640 4028 TrkWks - ok 09:13:07.0640 4028 [ F10F36E20448A5500A5F83F67EE4AAD4 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS 09:13:07.0656 4028 TSMAPIP - ok 09:13:07.0671 4028 [ E9EA448F1174BE4052416B62263EA4EE ] TVT Scheduler C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe 09:13:07.0687 4028 TVT Scheduler - ok 09:13:07.0687 4028 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 09:13:07.0718 4028 Udfs - ok 09:13:07.0718 4028 ultra - ok 09:13:07.0718 4028 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 09:13:07.0765 4028 Update - ok 09:13:07.0781 4028 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 09:13:07.0781 4028 upnphost - ok 09:13:07.0796 4028 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 09:13:07.0796 4028 UPS - ok 09:13:07.0796 4028 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 09:13:07.0828 4028 USBAAPL - ok 09:13:07.0828 4028 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 09:13:07.0843 4028 usbccgp - ok 09:13:07.0843 4028 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 09:13:07.0875 4028 usbehci - ok 09:13:07.0875 4028 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 09:13:07.0890 4028 usbhub - ok 09:13:07.0890 4028 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 09:13:07.0921 4028 usbscan - ok 09:13:07.0921 4028 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 09:13:07.0937 4028 USBSTOR - ok 09:13:07.0937 4028 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 09:13:07.0953 4028 usbuhci - ok 09:13:07.0968 4028 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys 09:13:07.0984 4028 usb_rndisx - ok 09:13:07.0984 4028 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 09:13:08.0000 4028 VgaSave - ok 09:13:08.0000 4028 ViaIde - ok 09:13:08.0015 4028 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 09:13:08.0031 4028 VolSnap - ok 09:13:08.0031 4028 [ ED93E2B7FD5AEB89C924F175824A4D6D ] VSBC C:\WINDOWS\system32\DRIVERS\evsbc.sys 09:13:08.0046 4028 VSBC - ok 09:13:08.0062 4028 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 09:13:08.0062 4028 VSS - ok 09:13:08.0078 4028 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 09:13:08.0093 4028 W32Time - ok 09:13:08.0093 4028 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe 09:13:08.0093 4028 W3SVC - ok 09:13:08.0093 4028 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:13:08.0109 4028 Wanarp - ok 09:13:08.0125 4028 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 09:13:08.0125 4028 Wdf01000 - ok 09:13:08.0140 4028 WDICA - ok 09:13:08.0140 4028 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 09:13:08.0156 4028 wdmaud - ok 09:13:08.0156 4028 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 09:13:08.0171 4028 WebClient - ok 09:13:08.0171 4028 [ A2A5F0ED60CEE2236B433B5B84812EAD ] WebDriveFSD C:\Program Files\NetDrive\rffsd.sys 09:13:08.0187 4028 WebDriveFSD - ok 09:13:08.0187 4028 [ C86DA43F9D80A7E18A92D3BDF705FFDC ] WebDriveService C:\Program Files\NetDrive\wdservice.exe 09:13:08.0187 4028 WebDriveService - ok 09:13:08.0203 4028 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsf C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys 09:13:08.0250 4028 winachsf - ok 09:13:08.0265 4028 [ CE291805CB4CD561A5A569DF4E28E41F ] windrvNT C:\WINDOWS\system32\windrvNT.sys 09:13:08.0281 4028 windrvNT - ok 09:13:08.0296 4028 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 09:13:08.0312 4028 winmgmt - ok 09:13:08.0312 4028 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys 09:13:08.0328 4028 WinUSB - ok 09:13:08.0328 4028 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 09:13:08.0328 4028 WmdmPmSN - ok 09:13:08.0343 4028 [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi C:\WINDOWS\System32\advapi32.dll 09:13:08.0359 4028 Wmi - ok 09:13:08.0375 4028 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 09:13:08.0375 4028 WmiApSrv - ok 09:13:08.0390 4028 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 09:13:08.0421 4028 WPFFontCache_v0400 - ok 09:13:08.0421 4028 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 09:13:08.0437 4028 WS2IFSL - ok 09:13:08.0453 4028 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 09:13:08.0453 4028 wscsvc - ok 09:13:08.0453 4028 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 09:13:08.0453 4028 wuauserv - ok 09:13:08.0468 4028 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 09:13:08.0484 4028 WudfPf - ok 09:13:08.0484 4028 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 09:13:08.0484 4028 WudfRd - ok 09:13:08.0515 4028 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 09:13:08.0515 4028 WudfSvc - ok 09:13:08.0531 4028 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 09:13:08.0546 4028 WZCSVC - ok 09:13:08.0546 4028 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 09:13:08.0546 4028 xmlprov - ok 09:13:08.0562 4028 ================ Scan global =============================== 09:13:08.0562 4028 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 09:13:08.0578 4028 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll 09:13:08.0593 4028 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll 09:13:08.0593 4028 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe 09:13:08.0593 4028 [Global] - ok 09:13:08.0593 4028 ================ Scan MBR ================================== 09:13:08.0609 4028 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 09:13:08.0671 4028 \Device\Harddisk0\DR0 - ok 09:13:08.0671 4028 ================ Scan VBR ================================== 09:13:08.0671 4028 [ 60EF243301F185B5056291BE29E87AC2 ] \Device\Harddisk0\DR0\Partition1 09:13:08.0671 4028 \Device\Harddisk0\DR0\Partition1 - ok 09:13:08.0671 4028 ============================================================ 09:13:08.0671 4028 Scan finished 09:13:08.0671 4028 ============================================================ 09:13:08.0671 1712 Detected object count: 0 09:13:08.0671 1712 Actual detected object count: 0