Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Follow-up to "Shockwave Flash regularly crashes Chrome?"


  • This topic is locked This topic is locked
15 replies to this topic

#1 The Wren

The Wren

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 18 October 2011 - 11:56 PM

I am posting in reply to a previous thread:

http://www.bleepingcomputer.com/forums/topic423617.html

(I did not run gmer, because my system is running 64 bit windows 7)

Thank you,
-- The Wren


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by David at 23:23:23 on 2011-10-18
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8079.5414 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\SysWOW64\SAsrv.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\notepad.exe
C:\Users\David\Downloads\smrez3wk.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://lenovo.msn.com
uDefault_Page_URL = hxxp://lenovo.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Symantec VIP Access Add-On: {c63cd127-a1cb-4d49-a4f7-d6f88a917be6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Google Update] "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\ThinkPad\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\02C696E6B637569702A6A6 : DhcpNameServer = 192.168.1.1 68.94.156.1 68.94.157.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\3416279626F657 : DhcpNameServer = 205.139.50.143 63.209.206.118 4.2.2.2
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\3516E6460244F6C6C6162702949494 : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\377716 : DhcpNameServer = 10.60.0.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\F4054594F4E43534944595 : DhcpNameServer = 10.0.1.6 64.81.159.2
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO-X64: IEPlugin - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun-x64: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun-x64: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vvrzjyn3.default\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\David\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\system32\DRIVERS\DzHDD64.sys --> C:\Windows\system32\DRIVERS\DzHDD64.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys --> C:\Windows\system32\DRIVERS\ApsHM64.sys [?]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiifx64.sys --> C:\Windows\system32\DRIVERS\smiifx64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2010-12-3 31592]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\system32\CxAudMsg64.exe --> C:\Windows\system32\CxAudMsg64.exe [?]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-7-20 40808]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2010-12-29 45496]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-7-20 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2010-12-29 93032]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-20 2009704]
R2 risdxc;risdxc;C:\Windows\system32\DRIVERS\risdxc64.sys --> C:\Windows\system32\DRIVERS\risdxc64.sys [?]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SASrv.exe [2011-7-20 446592]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-25 378472]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2010-12-29 114024]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2010-12-29 64440]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-20 2656280]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-4-13 84088]
R3 5U877;USB Video Device;C:\Windows\system32\DRIVERS\5U877.sys --> C:\Windows\system32\DRIVERS\5U877.sys [?]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys --> C:\Windows\system32\DRIVERS\Tvti2c.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2010-12-3 116072]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-7-20 477032]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-7-20 79208]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-19 03:17:39 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2728F1F-4623-4484-9130-8E56ED117121}\offreg.dll
2011-10-19 03:17:35 9049936 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F2728F1F-4623-4484-9130-8E56ED117121}\mpengine.dll
2011-10-18 20:27:11 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 20:23:53 -------- d-----w- C:\ProgramData\McAfee Security Scan
2011-10-18 20:23:50 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2011-10-15 21:25:03 -------- d-----w- C:\Program Files\Ghostgum
2011-10-15 21:20:12 -------- d-----w- C:\Program Files\gs
2011-10-15 21:07:03 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2011-10-13 01:58:00 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-13 01:57:58 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-13 01:57:58 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-13 01:57:58 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-13 01:57:58 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-13 01:54:57 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-13 01:54:57 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-13 01:54:57 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-13 01:54:57 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-11 16:51:56 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16E39710-A6D9-4944-AE1E-9046D4E0A064}\gapaengine.dll
2011-09-29 07:05:28 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-09-28 22:02:30 -------- d-----w- C:\Users\David\AppData\Local\Microsoft Games
2011-09-22 06:14:19 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-09-21 02:52:11 -------- d-----w- C:\TINKER_BELL
2011-09-19 06:08:03 -------- d-----w- C:\Users\David\AppData\Roaming\Playrix Entertainment
.
==================== Find3M ====================
.
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-07 04:23:25 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 23:24:20.45 ===============

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:52 PM

Posted 24 October 2011 - 12:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/424101 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 The Wren

The Wren
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 24 October 2011 - 12:32 AM

I am still having problems with Chrome freezing up (due to Shockwave Flash crashing). Nothing has improved since my original post. Again, my system is Win7 64 bit, so I am only posting DDS logs, and no GMER.

Thanks,
-- The Wren

Attached File  Attach.zip   2.08KB   4 downloads

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by David at 0:22:16 on 2011-10-24
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8079.5915 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\SysWOW64\SAsrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://lenovo.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Symantec VIP Access Add-On: {c63cd127-a1cb-4d49-a4f7-d6f88a917be6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
uRun: [Google Update] "C:\Users\David\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\ThinkPad\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\02C696E6B637569702A6A6 : DhcpNameServer = 192.168.1.1 68.94.156.1 68.94.157.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\3416279626F657 : DhcpNameServer = 205.139.50.143 63.209.206.118 4.2.2.2
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\3516E6460244F6C6C6162702949494 : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\377716 : DhcpNameServer = 10.60.0.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\E45445B2140563 : DhcpNameServer = 192.168.60.1
TCP: Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}\F4054594F4E43534944595 : DhcpNameServer = 10.0.1.6 64.81.159.2
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
LSA: Notification Packages = scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-X64: StartNow Toolbar Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO-X64: IEPlugin - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
mRun-x64: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun-x64: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun-x64: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun-x64: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vvrzjyn3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z192&install_date=20111024
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20111024&q=
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\David\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\system32\DRIVERS\DzHDD64.sys --> C:\Windows\system32\DRIVERS\DzHDD64.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\system32\DRIVERS\ApsHM64.sys --> C:\Windows\system32\DRIVERS\ApsHM64.sys [?]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiifx64.sys --> C:\Windows\system32\DRIVERS\smiifx64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2010-12-3 31592]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\system32\CxAudMsg64.exe --> C:\Windows\system32\CxAudMsg64.exe [?]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2011-7-20 40808]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2010-12-29 45496]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-7-20 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2010-12-29 93032]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-20 2009704]
R2 risdxc;risdxc;C:\Windows\system32\DRIVERS\risdxc64.sys --> C:\Windows\system32\DRIVERS\risdxc64.sys [?]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SASrv.exe [2011-7-20 446592]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
R2 smihlp;SMI Helper Driver (smihlp);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-3-13 13840]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-5-25 378472]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2010-12-29 114024]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2010-12-29 64440]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-20 2656280]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-7-27 267488]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-4-13 84088]
R3 5U877;USB Video Device;C:\Windows\system32\DRIVERS\5U877.sys --> C:\Windows\system32\DRIVERS\5U877.sys [?]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys --> C:\Windows\system32\DRIVERS\Tvti2c.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2010-12-3 116072]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-7-20 477032]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pmxdrv;pmxdrv;\??\C:\Windows\system32\drivers\pmxdrv.sys --> C:\Windows\system32\drivers\pmxdrv.sys [?]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-7-20 79208]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-24 05:13:28 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3856E771-114A-474D-8557-0F441CAC1B71}\offreg.dll
2011-10-24 05:12:23 -------- d-----w- C:\Users\David\AppData\Roaming\Mael
2011-10-24 04:05:03 -------- d-----w- C:\Program Files (x86)\StartNow Toolbar
2011-10-23 15:22:24 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3856E771-114A-474D-8557-0F441CAC1B71}\mpengine.dll
2011-10-18 20:27:11 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-18 20:23:53 -------- d-----w- C:\ProgramData\McAfee Security Scan
2011-10-18 20:23:50 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2011-10-15 21:25:03 -------- d-----w- C:\Program Files\Ghostgum
2011-10-15 21:20:12 -------- d-----w- C:\Program Files\gs
2011-10-15 21:07:03 101376 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPWN7.DLL
2011-10-13 01:58:00 3138048 ----a-w- C:\Windows\System32\win32k.sys
2011-10-13 01:57:58 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax
2011-10-13 01:57:58 613888 ----a-w- C:\Windows\System32\psisdecd.dll
2011-10-13 01:57:58 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll
2011-10-13 01:57:58 108032 ----a-w- C:\Windows\System32\psisrndr.ax
2011-10-13 01:54:57 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-13 01:54:57 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-13 01:54:57 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-10-13 01:54:57 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-10-11 16:51:56 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16E39710-A6D9-4944-AE1E-9046D4E0A064}\gapaengine.dll
2011-09-29 07:05:28 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-09-28 22:02:30 -------- d-----w- C:\Users\David\AppData\Local\Microsoft Games
.
==================== Find3M ====================
.
2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-07 04:23:25 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 0:22:49.05 ===============

Edited by The Wren, 24 October 2011 - 12:35 AM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 25 October 2011 - 02:50 AM

Hello The Wren,

Apologies for the delay.

Please download MiniToolBox and save it to your desktop and run it.

Checkmark following checkboxes:
  • List IP configuration
Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.

#5 The Wren

The Wren
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 25 October 2011 - 08:00 PM

Thank you for your help. Here is the result from the scan:


MiniToolBox by Farbar
Ran by David (administrator) on 25-10-2011 at 19:51:56
Windows 7 Professional Service Pack 1 (X64)

***************************************************************************
========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?/ subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : WorkLaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Hrencecin

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Hrencecin
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-92-BF-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::455a:393a:aaf:1afb%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, October 25, 2011 5:47:56 PM
Lease Expires . . . . . . . . . . : Tuesday, October 25, 2011 10:36:06 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 396396724
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B8-E9-F0-F0-DE-F1-76-76-AB
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-76-76-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Hrencecin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Hrencecin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2EE57933-5E9C-4D2A-A5C0-B050C69C020F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:62:10af:9d02:5af5(Preferred)
Link-local IPv6 Address . . . . . : fe80::62:10af:9d02:5af5%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com.Hrencecin
Address: 207.223.0.140


Pinging google.com [74.125.225.52] with 32 bytes of data:
Reply from 74.125.225.52: bytes=32 time=40ms TTL=54
Reply from 74.125.225.52: bytes=32 time=15ms TTL=54

Ping statistics for 74.125.225.52:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 40ms, Average = 27ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com.Hrencecin
Address: 207.223.0.140


Pinging yahoo.com [67.195.160.76] with 32 bytes of data:
Reply from 67.195.160.76: bytes=32 time=69ms TTL=49
Reply from 67.195.160.76: bytes=32 time=42ms TTL=49

Ping statistics for 67.195.160.76:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 42ms, Maximum = 69ms, Average = 55ms

Pinging 127.0.0.1 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
===========================================================================
Interface List
15...a0 88 b4 92 bf 08 ......Intel® Centrino® Advanced-N 6205
13...f0 de f1 76 76 ab ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.104 281
192.168.0.104 255.255.255.255 On-link 192.168.0.104 281
192.168.0.255 255.255.255.255 On-link 192.168.0.104 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.104 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:62:10af:9d02:5af5/128
On-link
15 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::62:10af:9d02:5af5/128
On-link
15 281 fe80::455a:393a:aaf:1afb/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

**** End of log ****

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 26 October 2011 - 06:57 AM

We need to do a test.

  • Please go to start =>control panel => Programs and Features and uninstall ZoneAlarm.
  • Important: Reboot
  • Run MiniToolBox.

    Checkmark following checkboxes:
    • Flush DNS
    • List IP configuration
    • List last 10 Event Viewer log
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.
  • Please download OTL by OldTimer.
    • Save it to your desktop.
    • Double click on the OTL icon on your desktop.
    • Click the "Scan All Users" checkbox.
    • Under Output select "Standard Output" checkbox.
    • Set Services and Drivers to All.
    • Click Run Scan button.
    • Two reports will open:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
  • Copy and paste OTL.txt and attach Extra.txt to your reply.


#7 The Wren

The Wren
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 26 October 2011 - 06:51 PM

MiniToolBox by Farbar
Ran by David (administrator) on 26-10-2011 at 18:28:20
Windows 7 Professional Service Pack 1 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.
========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?B subinterface=ethernet_6 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : WorkLaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Hrencecin

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Hrencecin
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-92-BF-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::455a:393a:aaf:1afb%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, October 26, 2011 6:18:45 PM
Lease Expires . . . . . . . . . . : Wednesday, October 26, 2011 9:18:45 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 396396724
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B8-E9-F0-F0-DE-F1-76-76-AB
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-76-76-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Hrencecin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Hrencecin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3062:d82:3f57:ff97(Preferred)
Link-local IPv6 Address . . . . . : fe80::3062:d82:3f57:ff97%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.0.1

Name: google.com.Hrencecin
Address: 207.223.0.140


Pinging google.com [74.125.225.20] with 32 bytes of data:
Reply from 74.125.225.20: bytes=32 time=13ms TTL=54
Reply from 74.125.225.20: bytes=32 time=14ms TTL=54

Ping statistics for 74.125.225.20:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 14ms, Average = 13ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com.Hrencecin
Address: 207.223.0.140


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=83ms TTL=46
Reply from 98.137.149.56: bytes=32 time=84ms TTL=46

Ping statistics for 98.137.149.56:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 83ms, Maximum = 84ms, Average = 83ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...a0 88 b4 92 bf 08 ......Intel® Centrino® Advanced-N 6205
13...f0 de f1 76 76 ab ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.104 281
192.168.0.104 255.255.255.255 On-link 192.168.0.104 281
192.168.0.255 255.255.255.255 On-link 192.168.0.104 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.104 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.104 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:5ef5:79fd:3062:d82:3f57:ff97/128
On-link
15 281 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::3062:d82:3f57:ff97/128
On-link
15 281 fe80::455a:393a:aaf:1afb/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/26/2011 06:19:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2011 06:12:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2011 06:08:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/26/2011 08:24:52 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/25/2011 09:54:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/24/2011 10:54:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/24/2011 00:14:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2011 00:27:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2011 06:45:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (10/21/2011 05:50:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/26/2011 06:18:52 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/26/2011 06:12:17 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/25/2011 09:54:24 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/24/2011 10:54:12 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/24/2011 00:14:16 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/23/2011 00:27:28 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/21/2011 05:50:30 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/21/2011 00:00:42 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/20/2011 07:14:50 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (10/18/2011 03:00:42 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842


Microsoft Office Sessions:
=========================
Error: (10/26/2011 06:19:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2011 06:12:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2011 06:08:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\David\Downloads\esetsmartinstaller_enu.exe

Error: (10/26/2011 08:24:52 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (10/25/2011 09:54:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/24/2011 10:54:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/24/2011 00:14:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2011 00:27:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/21/2011 06:45:10 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (10/21/2011 05:50:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


**** End of log ****



OTL logfile created on: 10/26/2011 6:35:00 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\David\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.89 Gb Total Physical Memory | 5.99 Gb Available Physical Memory | 75.87% Memory free
15.78 Gb Paging File | 13.76 Gb Available in Paging File | 87.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 281.29 Gb Total Space | 186.75 Gb Free Space | 66.39% Space Free | Partition Type: NTFS
Drive Q: | 15.62 Gb Total Space | 5.94 Gb Free Space | 38.00% Space Free | Partition Type: NTFS

Computer Name: WORKLAPTOP | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2011/10/26 18:07:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/25 19:07:46 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/05/25 18:21:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/04/13 07:58:14 | 000,084,088 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
PRC - [2011/04/04 20:22:12 | 000,059,240 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
PRC - [2011/04/04 20:22:10 | 000,041,320 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
PRC - [2011/04/04 20:21:56 | 000,040,808 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe
PRC - [2011/03/23 13:48:00 | 000,062,824 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2011/03/14 22:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\SysWOW64\SASrv.exe
PRC - [2011/02/28 11:35:26 | 000,281,448 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
PRC - [2011/02/24 02:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/01/16 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/01/16 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/29 01:18:32 | 000,137,656 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2010/12/29 01:18:14 | 000,259,432 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2010/12/14 16:07:36 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2010/12/01 22:55:56 | 000,064,440 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010/11/24 02:34:26 | 000,045,496 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\micmute.exe
PRC - [2010/11/20 22:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010/11/16 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/04/07 00:37:40 | 000,093,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
PRC - [2010/04/01 00:50:46 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2010/03/11 16:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/05/28 00:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2008/01/10 14:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (No Company Name) ==========

MOD - [2011/05/31 23:37:24 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010/04/06 11:05:16 | 002,085,888 | ---- | M] () -- C:\Program Files\Lenovo\AutoLock\cv210.dll
MOD - [2010/04/06 11:04:06 | 002,201,088 | ---- | M] () -- C:\Program Files\Lenovo\AutoLock\cxcore210.dll
MOD - [2010/02/28 02:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
MOD - [2009/05/28 00:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe


========== Win32 Services (All) ==========

SRV:64bit: - [2011/08/07 02:55:20 | 001,255,736 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV:64bit: - [2011/07/20 14:44:09 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2011/07/20 14:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2011/07/20 14:40:40 | 001,139,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2011/05/25 21:59:04 | 000,993,896 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysNative\nvvsvc.exe -- (NVSvc)
SRV:64bit: - [2011/05/24 06:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2011/05/04 00:19:28 | 000,591,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/04/04 20:22:12 | 000,059,240 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe -- (LENOVO.TPKNRSVC)
SRV:64bit: - [2011/04/04 20:21:56 | 000,040,808 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\Communications Utility\CamMute.exe -- (LENOVO.CAMMUTE)
SRV:64bit: - [2010/12/18 17:50:36 | 000,962,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/12/17 16:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/12/17 16:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/12/17 11:18:08 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010/12/15 18:46:46 | 000,047,728 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2010/12/03 15:01:54 | 000,116,072 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe -- (HyperW7Svc)
SRV:64bit: - [2010/12/02 21:00:56 | 000,114,024 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV:64bit: - [2010/12/01 22:55:56 | 000,064,440 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV:64bit: - [2010/11/24 02:34:26 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV:64bit: - [2010/11/20 22:25:14 | 001,504,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2010/11/20 22:25:14 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2010/11/20 22:25:10 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2010/11/20 22:25:07 | 000,214,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2010/11/20 22:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2010/11/20 22:25:05 | 001,525,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV:64bit: - [2010/11/20 22:24:52 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2010/11/20 22:24:51 | 000,232,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2010/11/20 22:24:51 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2010/11/20 22:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 22:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
SRV:64bit: - [2010/11/20 22:24:41 | 000,692,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2010/11/20 22:24:36 | 001,743,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2010/11/20 22:24:36 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2010/11/20 22:24:35 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2010/11/20 22:24:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2010/11/20 22:24:33 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,777,728 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 22:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2010/11/20 22:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2010/11/20 22:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 22:24:27 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2010/11/20 22:24:25 | 002,420,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 22:24:24 | 002,018,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2010/11/20 22:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 22:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 22:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 22:24:16 | 000,162,816 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2010/11/20 22:24:16 | 000,136,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2010/11/20 22:24:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
SRV:64bit: - [2010/11/20 22:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2010/11/20 22:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2010/11/20 22:24:14 | 000,569,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2010/11/20 22:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2010/11/20 22:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2010/11/20 22:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2010/11/20 22:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2010/11/20 22:24:07 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 22:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 22:24:01 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 22:24:00 | 001,389,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2010/11/20 22:24:00 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2010/11/20 22:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2010/11/20 22:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2010/11/20 22:23:56 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2010/11/20 22:23:56 | 000,444,416 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2010/11/20 22:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 22:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 22:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2010/11/20 22:23:54 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 22:23:51 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2010/11/20 22:23:50 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2010/11/20 22:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2010/11/20 22:23:48 | 000,476,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
SRV:64bit: - [2010/11/20 22:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/12 04:48:50 | 000,045,928 | ---- | M] (Lenovo.) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/09/21 16:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2010/04/07 00:37:40 | 000,093,032 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV:64bit: - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV:64bit: - [2009/07/13 20:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/13 20:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2009/07/13 20:41:57 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2009/07/13 20:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2009/07/13 20:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2009/07/13 20:41:56 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2009/07/13 20:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2009/07/13 20:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2009/07/13 20:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2009/07/13 20:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2009/07/13 20:41:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
SRV:64bit: - [2009/07/13 20:41:55 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2009/07/13 20:41:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
SRV:64bit: - [2009/07/13 20:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/13 20:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 20:41:54 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2009/07/13 20:41:54 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2009/07/13 20:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/13 20:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/13 20:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2009/07/13 20:41:53 | 000,190,976 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2009/07/13 20:41:53 | 000,186,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2009/07/13 20:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2009/07/13 20:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2009/07/13 20:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/13 20:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2009/07/13 20:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/13 20:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV:64bit: - [2009/07/13 20:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 20:41:28 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
SRV:64bit: - [2009/07/13 20:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 20:41:18 | 000,300,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2009/07/13 20:41:18 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2009/07/13 20:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2009/07/13 20:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2009/07/13 20:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
SRV:64bit: - [2009/07/13 20:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 20:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2009/07/13 20:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2009/07/13 20:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2009/07/13 20:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 20:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/13 20:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/13 20:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 20:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2009/07/13 20:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/13 20:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2009/07/13 20:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2009/07/13 20:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2009/07/13 20:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
SRV:64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
SRV:64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
SRV:64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 20:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\lsass.exe -- (EFS)
SRV:64bit: - [2009/07/13 20:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2009/07/13 20:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2009/07/13 20:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV - [2011/07/27 06:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/25 19:07:46 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/05/25 18:21:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/05/03 23:28:31 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2011/04/13 07:58:14 | 000,084,088 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2011/03/23 13:48:00 | 000,477,032 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE -- (DozeSvc)
SRV - [2011/03/23 13:48:00 | 000,079,208 | ---- | M] (Lenovo) [On_Demand | Stopped] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2011/03/14 22:04:14 | 000,446,592 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\SASrv.exe -- (SAService)
SRV - [2011/02/24 02:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service) Intel®
SRV - [2011/02/07 20:14:52 | 000,136,120 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011/01/16 20:42:04 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/01/16 20:42:02 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010/12/14 16:07:36 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010/11/20 22:25:10 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2010/11/20 22:24:53 | 000,856,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2010/11/20 22:24:52 | 000,042,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2010/11/20 22:24:49 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
SRV - [2010/11/20 22:24:49 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2010/11/20 22:24:42 | 000,696,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2010/11/20 22:24:32 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM) Windows Remote Management (WS-Management)
SRV - [2010/11/20 22:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 22:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2010/11/20 22:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 22:24:08 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2010/11/20 22:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/11/20 22:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 22:24:03 | 000,194,048 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
SRV - [2010/11/20 22:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 22:23:55 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2010/10/20 15:23:26 | 000,821,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 17:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 16:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/11 16:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/07/13 20:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2009/07/13 20:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
SRV - [2009/07/13 20:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2009/07/13 20:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2009/07/13 20:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2009/07/13 20:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2009/07/13 20:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
SRV - [2009/07/13 20:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2009/07/13 20:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV - [2009/07/13 20:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2009/07/13 20:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2009/07/13 20:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2009/07/13 20:14:53 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\appmgmts.dll -- (AppMgmt)
SRV - [2009/07/13 20:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2009/07/13 20:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 15:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/01/10 14:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (All) ==========

DRV:64bit: - [2011/07/20 14:57:00 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2011/07/20 14:45:44 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2011/07/20 14:45:44 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2011/07/20 14:45:40 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2011/07/20 14:45:40 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2011/07/20 14:44:17 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2011/07/08 21:46:28 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2011/06/21 01:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2011/06/21 01:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2011/05/31 23:37:26 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/05/31 23:37:24 | 013,056,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2011/04/28 22:06:10 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2011/04/28 22:05:49 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/28 22:05:37 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/27 22:55:08 | 000,552,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2011/04/27 22:54:56 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/04/26 21:40:40 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2011/04/26 21:39:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2011/04/24 21:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2011/04/18 13:18:50 | 000,189,440 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MpFilter.sys -- (MpFilter)
DRV:64bit: - [2011/04/18 13:18:50 | 000,040,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MpNWMon.sys -- (MpNWMon)
DRV:64bit: - [2011/03/24 22:29:26 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2011/03/24 22:29:14 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2011/03/24 22:29:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2011/03/24 22:29:04 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2011/03/24 22:29:03 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2011/03/24 05:50:30 | 001,423,408 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/23 18:25:00 | 000,101,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdxc64.sys -- (risdxc)
DRV:64bit: - [2011/03/23 13:48:00 | 000,031,344 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DZHDD64.SYS -- (DzHDD64)
DRV:64bit: - [2011/03/23 13:48:00 | 000,014,960 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2011/03/11 01:41:34 | 001,659,776 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2011/03/11 01:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/10 23:37:16 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2011/03/06 06:52:22 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/04 20:18:42 | 000,166,016 | ---- | M] (Ricoh co.,Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\5U877.sys -- (5U877)
DRV:64bit: - [2011/02/09 17:48:56 | 001,577,600 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/12/21 11:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel®
DRV:64bit: - [2010/12/20 11:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel®
DRV:64bit: - [2010/12/18 02:58:00 | 000,425,000 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010/12/18 02:57:34 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/12/18 02:57:34 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/12/18 02:57:32 | 000,162,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/12/18 02:57:32 | 000,145,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/12/15 18:45:16 | 000,139,888 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2010/12/15 18:43:00 | 000,023,664 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2010/12/09 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/09 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/03 15:01:58 | 000,031,592 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys -- (PHCORE)
DRV:64bit: - [2010/11/20 22:25:07 | 000,165,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (RDPDR)
DRV:64bit: - [2010/11/20 22:24:41 | 000,514,560 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2010/11/20 22:24:39 | 000,223,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2010/11/20 22:24:36 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2010/11/20 22:24:33 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2010/11/20 22:24:33 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV:64bit: - [2010/11/20 22:24:33 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:24:32 | 000,982,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2010/11/20 22:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2010/11/20 22:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2010/11/20 22:24:32 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2010/11/20 22:24:29 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2010/11/20 22:24:27 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2010/11/20 22:24:26 | 000,075,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2010/11/20 22:24:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2010/11/20 22:24:24 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2010/11/20 22:24:15 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2010/11/20 22:24:15 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2010/11/20 22:24:15 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2010/11/20 22:24:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2010/11/20 22:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2010/11/20 22:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2010/11/20 22:24:09 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2010/11/20 22:24:08 | 000,459,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2010/11/20 22:24:08 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2010/11/20 22:24:08 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2010/11/20 22:24:08 | 000,152,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2010/11/20 22:24:08 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2010/11/20 22:24:08 | 000,095,616 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2010/11/20 22:24:00 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2010/11/20 22:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2010/11/20 22:23:55 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2010/11/20 22:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2010/11/20 22:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2010/11/20 22:23:52 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2010/11/20 22:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2010/11/20 22:23:51 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2010/11/20 22:23:50 | 000,172,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2010/11/20 22:23:50 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2010/11/20 22:23:48 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,199,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2010/11/20 22:23:48 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,046,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,034,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2010/11/20 22:23:48 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2010/11/20 22:23:47 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2010/11/20 22:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2010/11/20 22:23:47 | 000,295,808 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2010/11/20 22:23:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2010/11/20 22:23:47 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2010/11/20 22:23:47 | 000,184,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2010/11/20 22:23:47 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2010/11/20 22:23:47 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2010/11/20 22:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2010/11/20 22:23:47 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2010/11/20 22:23:47 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2010/11/20 22:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2010/11/20 22:23:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2010/11/20 22:23:47 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2010/11/20 22:23:47 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2010/11/20 22:23:47 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2010/11/12 04:48:30 | 000,039,024 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2010/11/05 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/09/07 00:09:36 | 000,015,472 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2009/12/02 02:33:30 | 000,040,512 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2009/09/24 06:58:38 | 000,041,536 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tvti2c.sys -- (TVTI2C)
DRV:64bit: - [2009/07/13 20:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS) Common Log (CLFS)
DRV:64bit: - [2009/07/13 20:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009/07/13 20:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/13 20:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/13 20:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/13 20:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/13 20:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/13 20:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/07/13 20:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/07/13 20:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009/07/13 20:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009/07/13 20:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009/07/13 20:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009/07/13 20:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/13 20:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/13 20:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/13 20:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/13 20:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009/07/13 20:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/13 20:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/13 20:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009/07/13 20:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/07/13 20:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/13 20:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/13 20:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009/07/13 20:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009/07/13 20:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009/07/13 20:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/13 20:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/13 20:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2009/07/13 20:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/13 20:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009/07/13 20:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009/07/13 20:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009/07/13 20:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/07/13 20:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/13 20:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009/07/13 20:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/13 20:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/13 20:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009/07/13 20:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/13 20:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/13 20:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/13 20:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/07/13 20:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV:64bit: - [2009/07/13 20:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2009/07/13 19:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009/07/13 19:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/13 19:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/13 19:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009/07/13 19:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009/07/13 19:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2009/07/13 19:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009/07/13 19:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/13 19:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp) WAN Miniport (SSTP)
DRV:64bit: - [2009/07/13 19:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/13 19:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/07/13 19:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009/07/13 19:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009/07/13 19:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009/07/13 19:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009/07/13 19:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009/07/13 19:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009/07/13 19:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/13 19:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb) Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)
DRV:64bit: - [2009/07/13 19:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009/07/13 19:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009/07/13 19:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009/07/13 19:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009/07/13 19:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/13 19:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/07/13 19:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/13 19:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/13 19:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2009/07/13 19:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/07/13 19:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009/07/13 19:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009/07/13 19:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009/07/13 19:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/13 19:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394) 1394 OHCI Compliant Host Controller (Legacy)
DRV:64bit: - [2009/07/13 19:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir) eHome Infrared Receiver (USBCIR)
DRV:64bit: - [2009/07/13 19:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009/07/13 19:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/13 19:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009/07/13 19:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009/07/13 19:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/13 19:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009/07/13 19:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009/07/13 19:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009/07/13 19:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009/07/13 19:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009/07/13 19:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009/07/13 19:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009/07/13 19:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009/07/13 19:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009/07/13 19:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009/07/13 19:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009/07/13 19:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009/07/13 19:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009/07/13 19:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009/07/13 19:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009/07/13 19:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009/07/13 19:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/13 18:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009/07/13 18:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009/07/13 18:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009/07/13 18:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/13 18:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009/07/13 18:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/13 18:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009/07/13 18:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/13 18:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009/07/13 18:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009/07/13 18:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009/07/13 18:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/07/13 18:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/07/13 18:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/07/13 18:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009/07/13 18:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009/07/13 18:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/07/13 18:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/13 18:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009/07/13 18:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009/07/13 18:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009/07/13 18:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009/07/13 18:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/13 18:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009/06/10 15:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/10 15:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/10 15:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/10 15:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/10 15:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/10 15:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/13 15:47:34 | 000,013,840 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0




IE - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
IE - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad [binary data]
IE - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=Z192&install_date=20111024
IE - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://lenovo.msn.com
IE - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=Z192&install_date=20111024"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z192&form=ZGAADF&install_date=20111024&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\David\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\David\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\VIP@verisign.com: C:\Program Files (x86)\Symantec\VIP Access Client\ [2011/07/20 15:20:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/18 15:05:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/10/18 15:05:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Extensions
[2011/10/23 23:05:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vvrzjyn3.default\extensions
[2011/10/23 23:05:05 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vvrzjyn3.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2011/10/23 23:05:02 | 000,001,945 | ---- | M] () -- C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\vvrzjyn3.default\searchplugins\bing-zugo.xml
[2011/10/18 15:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml.old

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\David\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\David\AppData\Local\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\David\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\David\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [ForteConfig] C:\Program Files\CONEXANT\ForteConfig\fmapp.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Ricoh co.,Ltd.)
O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files (x86)\StartNow Toolbar\ToolbarHelper.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1939230792-2753754755-823622898-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1939230792-2753754755-823622898-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\S-1-5-21-1939230792-2753754755-823622898-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C3795F4-D3F5-4E1A-AC40-5ECDCCFE67F4}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/10 11:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{1b5ec4ba-b309-11e0-b05b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1b5ec4ba-b309-11e0-b05b-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009/08/10 16:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/26 18:19:19 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/10/26 18:07:46 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2011/10/24 22:59:35 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/24 00:12:23 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Mael
[2011/10/23 23:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities
[2011/10/23 23:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StartNow Toolbar
[2011/10/22 18:38:02 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alien Stars
[2011/10/21 20:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2011/10/18 23:33:12 | 000,000,000 | ---D | C] -- C:\Users\David\Documents\Antivirus
[2011/10/18 15:23:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2011/10/18 15:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee Security Scan
[2011/10/18 15:05:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Mozilla
[2011/10/18 15:05:51 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Mozilla
[2011/10/18 15:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/10/16 01:16:46 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winter Wolves
[2011/10/15 16:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostgum
[2011/10/15 16:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Ghostgum
[2011/10/15 16:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2011/10/15 16:20:12 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2011/10/13 01:32:43 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/13 01:32:43 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/13 01:32:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/13 01:32:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/13 01:32:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/13 01:32:38 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/10/13 01:32:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/13 01:32:37 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/10/13 01:32:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/10/12 20:57:58 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/12 20:57:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/12 20:57:58 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/12 20:57:58 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/12 20:54:57 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/12 20:54:57 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/11 12:09:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011/10/01 13:05:39 | 000,000,000 | ---D | C] -- C:\Users\David\Desktop\music videos
[2011/09/29 02:05:28 | 000,627,600 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/09/29 02:05:28 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/09/29 02:05:28 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/09/29 02:05:28 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2011/09/29 02:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/09/28 17:02:30 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Microsoft Games
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/26 18:27:00 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/10/26 18:25:53 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/26 18:25:53 | 000,031,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/26 18:22:54 | 000,730,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/26 18:22:54 | 000,628,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/26 18:22:54 | 000,108,426 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/26 18:18:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/26 18:18:20 | 2058,801,151 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/26 18:07:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2011/10/26 18:06:23 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1939230792-2753754755-823622898-1001Core.job
[2011/10/26 18:06:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1939230792-2753754755-823622898-1001UA.job
[2011/10/24 23:20:04 | 000,001,677 | ---- | M] () -- C:\Users\David\Desktop\StartNowToolbarUninstall - Shortcut.lnk
[2011/10/24 22:59:35 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/24 22:51:22 | 000,000,068 | ---- | M] () -- C:\Users\David\Desktop\About Adobe Flash Player.url
[2011/10/23 23:06:48 | 000,001,034 | ---- | M] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\HxD.lnk
[2011/10/23 23:04:48 | 000,872,029 | ---- | M] () -- C:\Users\David\Desktop\HxDSetupEN.zip
[2011/10/21 20:39:31 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/10/21 20:39:31 | 000,001,864 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/10/21 17:50:18 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/10/21 17:49:14 | 000,007,602 | ---- | M] () -- C:\Users\David\AppData\Local\Resmon.ResmonCfg
[2011/10/20 23:56:24 | 000,120,945 | ---- | M] () -- C:\Users\David\Desktop\emailsnapshot.png
[2011/10/18 15:05:48 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/15 16:25:26 | 000,011,120 | ---- | M] () -- C:\Users\David\gsview64.ini
[2011/10/14 00:25:04 | 013,639,189 | ---- | M] () -- C:\Users\David\Desktop\OWS-Mailing-List.CSV
[2011/10/13 01:42:24 | 000,324,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/09/29 02:05:17 | 000,627,600 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2011/09/29 02:05:17 | 000,252,296 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2011/09/29 02:05:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2011/09/29 02:05:17 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/24 23:20:04 | 000,001,677 | ---- | C] () -- C:\Users\David\Desktop\StartNowToolbarUninstall - Shortcut.lnk
[2011/10/24 22:51:22 | 000,000,068 | ---- | C] () -- C:\Users\David\Desktop\About Adobe Flash Player.url
[2011/10/23 23:06:48 | 000,001,034 | ---- | C] () -- C:\Users\David\Application Data\Microsoft\Internet Explorer\Quick Launch\HxD.lnk
[2011/10/23 23:04:52 | 000,872,029 | ---- | C] () -- C:\Users\David\Desktop\HxDSetupEN.zip
[2011/10/21 17:49:14 | 000,007,602 | ---- | C] () -- C:\Users\David\AppData\Local\Resmon.ResmonCfg
[2011/10/20 23:56:24 | 000,120,945 | ---- | C] () -- C:\Users\David\Desktop\emailsnapshot.png
[2011/10/18 15:23:53 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/10/18 15:23:53 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/10/18 15:05:48 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/18 15:05:48 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/10/15 16:25:08 | 000,011,120 | ---- | C] () -- C:\Users\David\gsview64.ini
[2011/10/05 17:45:14 | 003,217,408 | ---- | C] () -- C:\Users\David\Desktop\fp551.exe
[2011/07/28 22:37:43 | 000,749,120 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/28 21:22:18 | 000,000,171 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/07/20 15:02:12 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/07/20 15:02:12 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/07/20 15:02:11 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/07/20 14:39:19 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >


Attached File  Extras.Txt   45.39KB   4 downloads

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 27 October 2011 - 01:18 AM

It looks better now.:thumbup2:

We just do an extra check to make sure.

  • You have the latest version of Java (Java 7) and it is good. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
    Please uninstall the following:

    Java™ 6 Update 26
  • Please download MBRCheck by clicking here and save it to your desktop.
    • Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt).
    • A window will open on your desktop.
    • If an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
    • If nothing unusual is found just press Enter.
    • A .txt file named MBRCheck_mm.dd.yy_hh.mm.txt should appear on your desktop.
    • Please post the contents of that file in your next reply.
  • Please tell me if you have still the issue.


#9 The Wren

The Wren
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 27 October 2011 - 10:12 AM

Thanks again for your help so far. One quick question... am I correct in understanding that I should no longer use ZoneAlarm (ZA), as it conflicts with Microsoft Security Essentials(MSE)? ZA had been blocking something that recently popped up called the the StartNow toolbar (which appears to be a virus?, installed on 23 Oct??), and I'm less familiar with the Windows Firewall to know which programs are allowed or blocked.

I have not uninstalled StartNow yet, because I don't want to confuse things by changing anything in the system until after we've covered everything else here.

In any case, here is the log:

-----------------------------------------------------------------------------------------------------
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Professional
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: LENOVO
BIOS Manufacturer: LENOVO
System Manufacturer: LENOVO
System Product Name: 4270CTO
Logical Drives Mask: 0x00030024

Kernel Drivers (total 216):
0x01C4C000 \SystemRoot\system32\ntoskrnl.exe
0x01C03000 \SystemRoot\system32\hal.dll
0x01AC4000 \SystemRoot\system32\kdcom.dll
0x00C89000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00CD8000 \SystemRoot\system32\PSHED.dll
0x00CEC000 \SystemRoot\system32\CLFS.SYS
0x00E07000 \SystemRoot\system32\CI.dll
0x00EC7000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F6B000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00F7A000 \SystemRoot\system32\drivers\ACPI.sys
0x00FD1000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00FDA000 \SystemRoot\system32\drivers\msisadrv.sys
0x00D4A000 \SystemRoot\system32\drivers\pci.sys
0x00FE4000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00D7D000 \SystemRoot\System32\drivers\partmgr.sys
0x00FF1000 \SystemRoot\system32\drivers\compbatt.sys
0x00D92000 \SystemRoot\system32\drivers\BATTC.SYS
0x00D9E000 \SystemRoot\system32\drivers\volmgr.sys
0x00C00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00C5C000 \SystemRoot\System32\drivers\mountmgr.sys
0x01018000 \SystemRoot\system32\drivers\iaStor.sys
0x0116C000 \SystemRoot\system32\drivers\amdxata.sys
0x01177000 \SystemRoot\system32\drivers\fltmgr.sys
0x011C3000 \SystemRoot\system32\drivers\fileinfo.sys
0x0120B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x01480000 \SystemRoot\System32\Drivers\msrpc.sys
0x014DE000 \SystemRoot\System32\Drivers\ksecdd.sys
0x014F9000 \SystemRoot\System32\Drivers\cng.sys
0x0156B000 \SystemRoot\System32\drivers\pcw.sys
0x0157C000 \SystemRoot\System32\DRIVERS\DzHDD64.sys
0x01587000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x0163B000 \SystemRoot\system32\drivers\ndis.sys
0x0172E000 \SystemRoot\system32\drivers\NETIO.SYS
0x0178E000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x018AB000 \SystemRoot\System32\drivers\tcpip.sys
0x01AAF000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01AF9000 \SystemRoot\system32\drivers\vmstorfl.sys
0x01B09000 \SystemRoot\system32\drivers\volsnap.sys
0x01B55000 \SystemRoot\System32\DRIVERS\ApsHM64.sys
0x01B5F000 \SystemRoot\System32\Drivers\spldr.sys
0x01B67000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BA1000 \SystemRoot\System32\DRIVERS\Apsx64.sys
0x01BC7000 \SystemRoot\system32\DRIVERS\nvpciflt.sys
0x01BCC000 \SystemRoot\System32\Drivers\mup.sys
0x01BDE000 \SystemRoot\System32\drivers\hwpolicy.sys
0x01800000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0183A000 \SystemRoot\system32\drivers\disk.sys
0x01850000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x02C00000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x02C2A000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x02C5B000 \SystemRoot\System32\Drivers\Null.SYS
0x02C64000 \SystemRoot\System32\Drivers\Beep.SYS
0x03453000 \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
0x03400000 \SystemRoot\System32\drivers\vga.sys
0x0340E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x03433000 \SystemRoot\System32\drivers\watchdog.sys
0x03443000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x02C6B000 \SystemRoot\system32\drivers\rdpencdd.sys
0x02C74000 \SystemRoot\system32\drivers\rdprefmp.sys
0x02DEE000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0188E000 \SystemRoot\System32\Drivers\Npfs.SYS
0x017B9000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01BE7000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x04615000 \SystemRoot\system32\drivers\afd.sys
0x0469E000 \SystemRoot\System32\DRIVERS\netbt.sys
0x046E3000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x046EC000 \SystemRoot\system32\DRIVERS\pacer.sys
0x04712000 \SystemRoot\system32\DRIVERS\vpcnfltr.sys
0x04726000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x0473C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0474B000 \SystemRoot\system32\DRIVERS\serial.sys
0x04768000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x04783000 \SystemRoot\system32\drivers\vpcvmm.sys
0x047DA000 \SystemRoot\System32\drivers\Tppwr64v.sys
0x047E1000 \SystemRoot\system32\DRIVERS\termdd.sys
0x01591000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x04600000 \SystemRoot\system32\drivers\nsiproxy.sys
0x047F5000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x0460C000 \SystemRoot\system32\DRIVERS\smiifx64.sys
0x017DB000 \SystemRoot\System32\drivers\discache.sys
0x0486A000 \SystemRoot\system32\drivers\csc.sys
0x048ED000 \SystemRoot\System32\Drivers\dfsc.sys
0x0490B000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x0491C000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04942000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x056DE000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x06351000 \SystemRoot\System32\Drivers\nvBridge.kmd
0x04A88000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x04B7C000 \SystemRoot\System32\drivers\dxgmms1.sys
0x06415000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x06FC8000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x06FD9000 \SystemRoot\system32\DRIVERS\serenum.sys
0x04A00000 \SystemRoot\system32\DRIVERS\e1c62x64.sys
0x06FE5000 \SystemRoot\system32\drivers\usbehci.sys
0x06353000 \SystemRoot\system32\drivers\USBPORT.SYS
0x04A50000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04C69000 \SystemRoot\system32\DRIVERS\NETwNs64.sys
0x054D4000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x054E1000 \SystemRoot\system32\DRIVERS\risdxc64.sys
0x0553D000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x0556E000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05570000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x0558E000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x07205000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x07367000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x07376000 \SystemRoot\system32\drivers\tpm.sys
0x07385000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0738A000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
0x07397000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x073A0000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x073B0000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x073C6000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x073EA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x0559D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x055CC000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04C00000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x04C21000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04C3B000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x04C46000 \SystemRoot\system32\DRIVERS\psadd.sys
0x04C54000 \SystemRoot\system32\DRIVERS\Tvti2c.sys
0x073F6000 \SystemRoot\system32\DRIVERS\swenum.sys
0x063A9000 \SystemRoot\system32\DRIVERS\ks.sys
0x055E7000 \SystemRoot\system32\DRIVERS\umbus.sys
0x04BC2000 \SystemRoot\system32\DRIVERS\vpcusb.sys
0x06400000 \SystemRoot\system32\DRIVERS\usbrpm.sys
0x05600000 \SystemRoot\system32\DRIVERS\vpchbus.sys
0x0563C000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04BDF000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x05696000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x08835000 \SystemRoot\system32\drivers\CHDRT64.sys
0x04958000 \SystemRoot\system32\drivers\portcls.sys
0x089C4000 \SystemRoot\system32\drivers\drmk.sys
0x089E6000 \SystemRoot\system32\drivers\ksthunk.sys
0x08800000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0881D000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x056AB000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x0882B000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x089EC000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x04A74000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x00060000 \SystemRoot\System32\win32k.sys
0x056C4000 \SystemRoot\System32\drivers\Dxapi.sys
0x056D0000 \SystemRoot\System32\Drivers\crashdmp.sys
0x02C7D000 \SystemRoot\System32\Drivers\dump_iaStor.sys
0x063EC000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x049D7000 \SystemRoot\system32\DRIVERS\5U877.sys
0x04800000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x00500000 \SystemRoot\System32\TSDDD.dll
0x00630000 \SystemRoot\System32\cdd.dll
0x0481F000 \SystemRoot\system32\drivers\luafv.sys
0x073F8000 \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
0x04842000 \SystemRoot\system32\drivers\WudfPf.sys
0x04995000 \SystemRoot\system32\DRIVERS\WinUSB.sys
0x049A6000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x02DD1000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x01400000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x017EA000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x01600000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x1EC36000 \SystemRoot\system32\drivers\HTTP.sys
0x1ECFF000 \SystemRoot\system32\DRIVERS\bowser.sys
0x1ED1D000 \SystemRoot\System32\drivers\mpsdrv.sys
0x1ED35000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x1ED62000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x1EDB0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x1F46E000 \SystemRoot\system32\drivers\peauth.sys
0x1F514000 \SystemRoot\System32\Drivers\secdrv.SYS
0x1F51F000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x1F550000 \SystemRoot\System32\drivers\tcpipreg.sys
0x1F562000 \SystemRoot\System32\DRIVERS\srv2.sys
0x1FA2D000 \SystemRoot\System32\DRIVERS\srv.sys
0x1FAC5000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0x1FADD000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x1FAE8000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x1FBA9000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x1FA00000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x1FA0B000 \SystemRoot\system32\DRIVERS\MpNWMon.sys
0x1C1D5000 \SystemRoot\system32\DRIVERS\monitor.sys
0x77710000 \Windows\System32\ntdll.dll
0x47C80000 \Windows\System32\smss.exe
0xFFA30000 \Windows\System32\apisetschema.dll
0xFF900000 \Windows\System32\autochk.exe
0xFF940000 \Windows\System32\oleaut32.dll
0xFF760000 \Windows\System32\setupapi.dll
0xFF6F0000 \Windows\System32\gdi32.dll
0xFF650000 \Windows\System32\msvcrt.dll
0xFF5D0000 \Windows\System32\shlwapi.dll
0xFF5B0000 \Windows\System32\imagehlp.dll
0x77610000 \Windows\System32\user32.dll
0xFF4A0000 \Windows\System32\msctf.dll
0xFF290000 \Windows\System32\ole32.dll
0x77400000 \Windows\System32\iertutil.dll
0x778E0000 \Windows\System32\psapi.dll
0xFF1F0000 \Windows\System32\comdlg32.dll
0xFF110000 \Windows\System32\advapi32.dll
0xFF090000 \Windows\System32\difxapi.dll
0xFF060000 \Windows\System32\imm32.dll
0xFE2D0000 \Windows\System32\shell32.dll
0xFE2C0000 \Windows\System32\lpk.dll
0xFE220000 \Windows\System32\clbcatq.dll
0xFE0F0000 \Windows\System32\rpcrt4.dll
0xFE0A0000 \Windows\System32\ws2_32.dll
0x778D0000 \Windows\System32\normaliz.dll
0x772A0000 \Windows\System32\wininet.dll
0xFDFD0000 \Windows\System32\usp10.dll
0xFDF70000 \Windows\System32\Wldap32.dll
0x77180000 \Windows\System32\kernel32.dll
0x77030000 \Windows\System32\urlmon.dll
0xFDF50000 \Windows\System32\sechost.dll
0xFDF40000 \Windows\System32\nsi.dll
0xFDF20000 \Windows\System32\devobj.dll
0xFDE80000 \Windows\System32\comctl32.dll
0xFDD10000 \Windows\System32\crypt32.dll
0xFDCD0000 \Windows\System32\cfgmgr32.dll
0xFDC60000 \Windows\System32\KernelBase.dll
0xFDC20000 \Windows\System32\wintrust.dll
0xFDC10000 \Windows\System32\msasn1.dll
0x75300000 \Windows\SysWOW64\normaliz.dll

Processes (total 125):
0 System Idle Process
4 System
424 C:\Windows\System32\smss.exe
580 csrss.exe
672 C:\Windows\System32\wininit.exe
692 csrss.exe
728 C:\Windows\System32\services.exe
744 C:\Windows\System32\lsass.exe
752 C:\Windows\System32\lsm.exe
864 C:\Windows\System32\svchost.exe
952 C:\Windows\System32\ibmpmsvc.exe
992 C:\Windows\System32\nvvsvc.exe
136 C:\Windows\System32\svchost.exe
600 C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
816 C:\Windows\System32\svchost.exe
1040 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1164 C:\Windows\System32\winlogon.exe
1348 C:\Windows\System32\svchost.exe
1440 WUDFHost.exe
1504 C:\Windows\System32\svchost.exe
1684 C:\Windows\System32\wlanext.exe
1692 C:\Windows\System32\conhost.exe
1796 C:\Windows\System32\spoolsv.exe
1856 C:\Windows\System32\svchost.exe
1964 C:\Program Files\Lenovo\HOTKEY\tphkload.exe
1984 C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
2016 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
684 C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
1536 C:\Windows\System32\CxAudMsg64.exe
1824 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2216 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
2364 C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
2484 C:\Program Files\Lenovo\Communications Utility\CamMute.exe
2520 C:\Program Files\Lenovo\HOTKEY\micmute.exe
2540 C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
2568 C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
2604 C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
2640 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
2664 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2696 C:\Windows\SysWOW64\SASrv.exe
2724 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2756 C:\Windows\System32\svchost.exe
2792 C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
1080 C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
2464 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2620 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
472 C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
3512 C:\Windows\System32\svchost.exe
3580 C:\Windows\System32\dwm.exe
3604 C:\Windows\explorer.exe
3684 WmiPrvSE.exe
3720 WmiPrvSE.exe
3796 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3804 C:\Windows\System32\TpShocks.exe
3836 C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
3904 C:\Windows\System32\hkcmd.exe
3920 C:\Windows\System32\igfxpers.exe
3948 C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
3996 C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
4020 C:\Program Files\Microsoft Security Client\msseces.exe
2404 C:\Program Files\Windows Sidebar\sidebar.exe
3240 C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
3220 C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
520 C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
3320 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
3412 C:\Windows\SysWOW64\rundll32.exe
2184 C:\Windows\System32\rundll32.exe
3832 C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.EXE
3984 C:\Windows\System32\svchost.exe
1848 C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
4104 unsecapp.exe
4200 C:\Windows\System32\rundll32.exe
4212 C:\PROGRA~1\Lenovo\ZOOM\TpScrex.exe
4220 C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.exe
4240 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
4252 C:\Windows\System32\nvvsvc.exe
4320 C:\Windows\System32\taskhost.exe
4500 C:\PROGRA~1\Lenovo\VIRTSCRL\virtscrl.exe
4512 C:\Windows\System32\rundll32.exe
4520 C:\PROGRA~1\Lenovo\ZOOM\TpScrex.exe
4532 C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.exe
2372 C:\Program Files\Windows Media Player\wmpnetwk.exe
4840 C:\Windows\SysWOW64\rundll32.exe
5320 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
5540 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
5280 C:\Windows\System32\SearchIndexer.exe
5608 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
4136 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
5116 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
5572 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
4060 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
4460 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
3228 C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2112 C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
4716 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
1880 C:\Windows\System32\taskeng.exe
3136 C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
6052 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
3912 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
5168 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
5140 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
3472 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
4340 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
1804 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
5104 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
2160 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
4012 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
3496 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
5684 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
5020 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
6152 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
6164 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
6236 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
6300 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
6284 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
3956 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
5516 C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe
2592 C:\Windows\System32\audiodg.exe
7624 C:\Windows\System32\msiexec.exe
3960 C:\Windows\System32\svchost.exe
1500 dllhost.exe
8160 dllhost.exe
7464 C:\Users\David\Downloads\MBRCheck.exe
7184 C:\Windows\System32\conhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`4b100000 (NTFS)
\\.\Q: --> \\.\PhysicalDrive0 at offset 0x00000046`9dc00000 (NTFS)
\\.\R: --> error 5

PhysicalDrive0 Model Number: WDCWD3200BEKT-08PVMT1, Rev: 02.01A02

Size Device Name MBR Status
--------------------------------------------
298 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 17C0D094E9F740F5722123FCC021FEB82A62370C


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 27 October 2011 - 11:32 AM

I'm not very found of ZA but it is all up to you to keep it and uninstalling ZA is temporarily to rule out its role.

  • Please go ahead and uninstall StartNow toolbar.
  • Open your Malwarebytes' Anti-Malware.
    • First update it, to do that under the Update tab press "Check for Updates".
    • Under Scanner tab select "Perform Quick Scan", then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the MBAM log.
    Extra Note:
    If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

  • Please download TDSSKiller.zip and and extract it.
    • Run TDSSKiller.exe.
    • Click Start scan.
    • When it is finished the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
    • Let reboot if needed and tell me if the tool needed a reboot.
    • Click on Report and post the contents of the text file that will open.

      Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


#11 The Wren

The Wren
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 27 October 2011 - 01:55 PM

farbar,

Thank you very much for your help. Might I ask, since you are not fond of ZA, what you recommend using for a firewall program?

Here are the scan results. Nothing found by either -- have we uncovered or removed anything since starting this thread?

In any case, I have not had shockwave flash issues (crashing/freezing Chrome) in the past two days, but I'm not sure why the problem seems to have gone away.

Cheers,
-- The Wren


---------------------
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8030

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/27/2011 1:32:12 PM
mbam-log-2011-10-27 (13-32-12).txt

Scan type: Quick scan
Objects scanned: 189529
Time elapsed: 5 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


---------------------
13:46:53.0377 7216 TDSS rootkit removing tool 2.6.13.0 Oct 25 2011 13:56:21
13:46:55.0382 7216 ============================================================
13:46:55.0382 7216 Current date / time: 2011/10/27 13:46:55.0382
13:46:55.0383 7216 SystemInfo:
13:46:55.0383 7216
13:46:55.0383 7216 OS Version: 6.1.7601 ServicePack: 1.0
13:46:55.0383 7216 Product type: Workstation
13:46:55.0383 7216 ComputerName: WORKLAPTOP
13:46:55.0384 7216 UserName: David
13:46:55.0384 7216 Windows directory: C:\Windows
13:46:55.0384 7216 System windows directory: C:\Windows
13:46:55.0384 7216 Running under WOW64
13:46:55.0384 7216 Processor architecture: Intel x64
13:46:55.0384 7216 Number of processors: 8
13:46:55.0384 7216 Page size: 0x1000
13:46:55.0384 7216 Boot type: Normal boot
13:46:55.0384 7216 ============================================================
13:46:55.0801 7216 Initialize success
13:47:01.0322 5604 ============================================================
13:47:01.0322 5604 Scan started
13:47:01.0322 5604 Mode: Manual;
13:47:01.0322 5604 ============================================================
13:47:01.0656 5604 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
13:47:01.0660 5604 1394ohci - ok
13:47:01.0707 5604 5U877 (f4af97702bad85bfef64b9a557f11b6f) C:\Windows\system32\DRIVERS\5U877.sys
13:47:01.0710 5604 5U877 - ok
13:47:01.0759 5604 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:47:01.0765 5604 ACPI - ok
13:47:01.0789 5604 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:47:01.0790 5604 AcpiPmi - ok
13:47:01.0862 5604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:47:01.0871 5604 adp94xx - ok
13:47:01.0890 5604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:47:01.0895 5604 adpahci - ok
13:47:01.0926 5604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:47:01.0929 5604 adpu320 - ok
13:47:02.0013 5604 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:47:02.0021 5604 AFD - ok
13:47:02.0061 5604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:47:02.0062 5604 agp440 - ok
13:47:02.0085 5604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:47:02.0086 5604 aliide - ok
13:47:02.0099 5604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:47:02.0100 5604 amdide - ok
13:47:02.0134 5604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:47:02.0136 5604 AmdK8 - ok
13:47:02.0149 5604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:47:02.0151 5604 AmdPPM - ok
13:47:02.0191 5604 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:47:02.0193 5604 amdsata - ok
13:47:02.0221 5604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:47:02.0224 5604 amdsbs - ok
13:47:02.0271 5604 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:47:02.0272 5604 amdxata - ok
13:47:02.0301 5604 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:47:02.0302 5604 AppID - ok
13:47:02.0349 5604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:47:02.0351 5604 arc - ok
13:47:02.0364 5604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:47:02.0366 5604 arcsas - ok
13:47:02.0400 5604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:47:02.0401 5604 AsyncMac - ok
13:47:02.0414 5604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:47:02.0415 5604 atapi - ok
13:47:02.0468 5604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:47:02.0476 5604 b06bdrv - ok
13:47:02.0503 5604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:47:02.0508 5604 b57nd60a - ok
13:47:02.0537 5604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:47:02.0538 5604 Beep - ok
13:47:02.0585 5604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:47:02.0587 5604 blbdrive - ok
13:47:02.0621 5604 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:47:02.0623 5604 bowser - ok
13:47:02.0660 5604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:47:02.0661 5604 BrFiltLo - ok
13:47:02.0673 5604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:47:02.0674 5604 BrFiltUp - ok
13:47:02.0710 5604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:47:02.0715 5604 Brserid - ok
13:47:02.0750 5604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:47:02.0752 5604 BrSerWdm - ok
13:47:02.0766 5604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:47:02.0767 5604 BrUsbMdm - ok
13:47:02.0781 5604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:47:02.0782 5604 BrUsbSer - ok
13:47:02.0832 5604 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:47:02.0833 5604 BthEnum - ok
13:47:02.0847 5604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:47:02.0848 5604 BTHMODEM - ok
13:47:02.0898 5604 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:47:02.0901 5604 BthPan - ok
13:47:02.0968 5604 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:47:02.0977 5604 BTHPORT - ok
13:47:03.0017 5604 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:47:03.0019 5604 BTHUSB - ok
13:47:03.0083 5604 BTWAMPFL (8834f87a6a745872894df8223201a6c3) C:\Windows\system32\DRIVERS\btwampfl.sys
13:47:03.0090 5604 BTWAMPFL - ok
13:47:03.0120 5604 btwaudio (9863d82ecbec6106d377ed73680d99d8) C:\Windows\system32\drivers\btwaudio.sys
13:47:03.0123 5604 btwaudio - ok
13:47:03.0147 5604 btwavdt (3432dd66ae75ab2de6d0527ad78dbfc7) C:\Windows\system32\DRIVERS\btwavdt.sys
13:47:03.0150 5604 btwavdt - ok
13:47:03.0176 5604 btwl2cap (382dc5a631ced0462ea09b7eb898bdbf) C:\Windows\system32\DRIVERS\btwl2cap.sys
13:47:03.0177 5604 btwl2cap - ok
13:47:03.0201 5604 btwrchid (13a9c2cedd44c175e6ca39a536795ca6) C:\Windows\system32\DRIVERS\btwrchid.sys
13:47:03.0202 5604 btwrchid - ok
13:47:03.0240 5604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:47:03.0242 5604 cdfs - ok
13:47:03.0276 5604 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:47:03.0279 5604 cdrom - ok
13:47:03.0307 5604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:47:03.0309 5604 circlass - ok
13:47:03.0344 5604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:47:03.0351 5604 CLFS - ok
13:47:03.0392 5604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:47:03.0392 5604 CmBatt - ok
13:47:03.0407 5604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:47:03.0407 5604 cmdide - ok
13:47:03.0454 5604 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
13:47:03.0454 5604 CNG - ok
13:47:03.0563 5604 CnxtHdAudService (db6f09464c57606892bf6d2458483417) C:\Windows\system32\drivers\CHDRT64.sys
13:47:03.0579 5604 CnxtHdAudService - ok
13:47:03.0610 5604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:47:03.0626 5604 Compbatt - ok
13:47:03.0641 5604 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:47:03.0641 5604 CompositeBus - ok
13:47:03.0688 5604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:47:03.0688 5604 crcdisk - ok
13:47:03.0735 5604 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
13:47:03.0750 5604 CSC - ok
13:47:03.0813 5604 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:47:03.0813 5604 DfsC - ok
13:47:03.0844 5604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:47:03.0844 5604 discache - ok
13:47:03.0893 5604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:47:03.0895 5604 Disk - ok
13:47:03.0921 5604 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
13:47:03.0923 5604 dmvsc - ok
13:47:03.0961 5604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:47:03.0962 5604 drmkaud - ok
13:47:04.0001 5604 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:47:04.0016 5604 DXGKrnl - ok
13:47:04.0055 5604 DzHDD64 (ce4cffd9f64b86bceb1c343fc9924d72) C:\Windows\system32\DRIVERS\DzHDD64.sys
13:47:04.0056 5604 DzHDD64 - ok
13:47:04.0101 5604 e1cexpress (dc1776d086aa9733b1929a3d979d9fdd) C:\Windows\system32\DRIVERS\e1c62x64.sys
13:47:04.0106 5604 e1cexpress - ok
13:47:04.0217 5604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:47:04.0274 5604 ebdrv - ok
13:47:04.0330 5604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:47:04.0339 5604 elxstor - ok
13:47:04.0351 5604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:47:04.0352 5604 ErrDev - ok
13:47:04.0395 5604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:47:04.0399 5604 exfat - ok
13:47:04.0423 5604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:47:04.0427 5604 fastfat - ok
13:47:04.0442 5604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:47:04.0443 5604 fdc - ok
13:47:04.0483 5604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:47:04.0485 5604 FileInfo - ok
13:47:04.0501 5604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:47:04.0503 5604 Filetrace - ok
13:47:04.0514 5604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:47:04.0516 5604 flpydisk - ok
13:47:04.0540 5604 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:47:04.0544 5604 FltMgr - ok
13:47:04.0569 5604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:47:04.0571 5604 FsDepends - ok
13:47:04.0587 5604 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:47:04.0588 5604 Fs_Rec - ok
13:47:04.0622 5604 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:47:04.0626 5604 fvevol - ok
13:47:04.0658 5604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:47:04.0659 5604 gagp30kx - ok
13:47:04.0696 5604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:47:04.0697 5604 hcw85cir - ok
13:47:04.0741 5604 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:47:04.0747 5604 HdAudAddService - ok
13:47:04.0777 5604 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:47:04.0779 5604 HDAudBus - ok
13:47:04.0792 5604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:47:04.0793 5604 HidBatt - ok
13:47:04.0808 5604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:47:04.0811 5604 HidBth - ok
13:47:04.0852 5604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:47:04.0854 5604 HidIr - ok
13:47:04.0878 5604 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:47:04.0879 5604 HidUsb - ok
13:47:04.0914 5604 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:47:04.0914 5604 HpSAMD - ok
13:47:04.0958 5604 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:47:04.0969 5604 HTTP - ok
13:47:04.0994 5604 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:47:04.0995 5604 hwpolicy - ok
13:47:05.0038 5604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:47:05.0041 5604 i8042prt - ok
13:47:05.0092 5604 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
13:47:05.0099 5604 iaStor - ok
13:47:05.0153 5604 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:47:05.0160 5604 iaStorV - ok
13:47:05.0198 5604 IBMPMDRV (29ed470689b7c597a9701d6a4c57a578) C:\Windows\system32\DRIVERS\ibmpmdrv.sys
13:47:05.0200 5604 IBMPMDRV - ok
13:47:05.0558 5604 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:47:05.0766 5604 igfx - ok
13:47:05.0812 5604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:47:05.0813 5604 iirsp - ok
13:47:05.0833 5604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:47:05.0834 5604 intelide - ok
13:47:05.0869 5604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:47:05.0870 5604 intelppm - ok
13:47:05.0898 5604 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:47:05.0900 5604 IpFilterDriver - ok
13:47:05.0921 5604 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:47:05.0923 5604 IPMIDRV - ok
13:47:05.0941 5604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:47:05.0943 5604 IPNAT - ok
13:47:05.0963 5604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:47:05.0964 5604 IRENUM - ok
13:47:05.0976 5604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:47:05.0978 5604 isapnp - ok
13:47:06.0008 5604 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:47:06.0013 5604 iScsiPrt - ok
13:47:06.0060 5604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:47:06.0061 5604 kbdclass - ok
13:47:06.0084 5604 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:47:06.0085 5604 kbdhid - ok
13:47:06.0124 5604 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
13:47:06.0126 5604 KSecDD - ok
13:47:06.0148 5604 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
13:47:06.0151 5604 KSecPkg - ok
13:47:06.0177 5604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:47:06.0178 5604 ksthunk - ok
13:47:06.0253 5604 lenovo.smi (2b9d8555dc004e240082d18e7725ce20) C:\Windows\system32\DRIVERS\smiifx64.sys
13:47:06.0254 5604 lenovo.smi - ok
13:47:06.0296 5604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:47:06.0298 5604 lltdio - ok
13:47:06.0358 5604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:47:06.0361 5604 LSI_FC - ok
13:47:06.0375 5604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:47:06.0377 5604 LSI_SAS - ok
13:47:06.0391 5604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:47:06.0393 5604 LSI_SAS2 - ok
13:47:06.0407 5604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:47:06.0410 5604 LSI_SCSI - ok
13:47:06.0437 5604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:47:06.0439 5604 luafv - ok
13:47:06.0485 5604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:47:06.0486 5604 megasas - ok
13:47:06.0516 5604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:47:06.0521 5604 MegaSR - ok
13:47:06.0574 5604 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
13:47:06.0576 5604 MEIx64 - ok
13:47:06.0593 5604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:47:06.0594 5604 Modem - ok
13:47:06.0623 5604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:47:06.0624 5604 monitor - ok
13:47:06.0652 5604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:47:06.0654 5604 mouclass - ok
13:47:06.0684 5604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:47:06.0685 5604 mouhid - ok
13:47:06.0720 5604 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:47:06.0724 5604 mountmgr - ok
13:47:06.0772 5604 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
13:47:06.0775 5604 MpFilter - ok
13:47:06.0805 5604 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:47:06.0808 5604 mpio - ok
13:47:06.0828 5604 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
13:47:06.0830 5604 MpNWMon - ok
13:47:06.0855 5604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:47:06.0857 5604 mpsdrv - ok
13:47:06.0875 5604 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:47:06.0878 5604 MRxDAV - ok
13:47:06.0906 5604 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:47:06.0909 5604 mrxsmb - ok
13:47:06.0945 5604 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:47:06.0950 5604 mrxsmb10 - ok
13:47:06.0976 5604 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:47:06.0979 5604 mrxsmb20 - ok
13:47:07.0013 5604 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:47:07.0014 5604 msahci - ok
13:47:07.0029 5604 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:47:07.0032 5604 msdsm - ok
13:47:07.0080 5604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:47:07.0081 5604 Msfs - ok
13:47:07.0116 5604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:47:07.0117 5604 mshidkmdf - ok
13:47:07.0134 5604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:47:07.0135 5604 msisadrv - ok
13:47:07.0171 5604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:47:07.0173 5604 MSKSSRV - ok
13:47:07.0199 5604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:47:07.0201 5604 MSPCLOCK - ok
13:47:07.0221 5604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:47:07.0222 5604 MSPQM - ok
13:47:07.0282 5604 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:47:07.0288 5604 MsRPC - ok
13:47:07.0328 5604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:47:07.0330 5604 mssmbios - ok
13:47:07.0354 5604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:47:07.0355 5604 MSTEE - ok
13:47:07.0369 5604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:47:07.0370 5604 MTConfig - ok
13:47:07.0411 5604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:47:07.0413 5604 Mup - ok
13:47:07.0453 5604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:47:07.0453 5604 NativeWifiP - ok
13:47:07.0544 5604 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:47:07.0559 5604 NDIS - ok
13:47:07.0583 5604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:47:07.0584 5604 NdisCap - ok
13:47:07.0615 5604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:47:07.0616 5604 NdisTapi - ok
13:47:07.0640 5604 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:47:07.0642 5604 Ndisuio - ok
13:47:07.0669 5604 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:47:07.0672 5604 NdisWan - ok
13:47:07.0695 5604 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:47:07.0697 5604 NDProxy - ok
13:47:07.0716 5604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:47:07.0718 5604 NetBIOS - ok
13:47:07.0745 5604 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:47:07.0750 5604 NetBT - ok
13:47:08.0021 5604 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
13:47:08.0167 5604 NETwNs64 - ok
13:47:08.0218 5604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:47:08.0220 5604 nfrd960 - ok
13:47:08.0255 5604 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:47:08.0258 5604 NisDrv - ok
13:47:08.0291 5604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:47:08.0293 5604 Npfs - ok
13:47:08.0315 5604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:47:08.0317 5604 nsiproxy - ok
13:47:08.0394 5604 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:47:08.0422 5604 Ntfs - ok
13:47:08.0442 5604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:47:08.0443 5604 Null - ok
13:47:08.0491 5604 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
13:47:08.0491 5604 nusb3hub - ok
13:47:08.0507 5604 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:47:08.0523 5604 nusb3xhc - ok
13:47:08.0881 5604 nvlddmkm (e2c13f0bc48bbf7fec12aee77f3d3e26) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:47:09.0099 5604 nvlddmkm - ok
13:47:09.0150 5604 nvpciflt (2e6c975ae61742dc8a31b9e260d8af1d) C:\Windows\system32\DRIVERS\nvpciflt.sys
13:47:09.0152 5604 nvpciflt - ok
13:47:09.0212 5604 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:47:09.0215 5604 nvraid - ok
13:47:09.0257 5604 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:47:09.0260 5604 nvstor - ok
13:47:09.0317 5604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:47:09.0320 5604 nv_agp - ok
13:47:09.0334 5604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:47:09.0336 5604 ohci1394 - ok
13:47:09.0393 5604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:47:09.0395 5604 Parport - ok
13:47:09.0414 5604 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:47:09.0416 5604 partmgr - ok
13:47:09.0446 5604 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:47:09.0450 5604 pci - ok
13:47:09.0472 5604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:47:09.0473 5604 pciide - ok
13:47:09.0489 5604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:47:09.0494 5604 pcmcia - ok
13:47:09.0520 5604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:47:09.0522 5604 pcw - ok
13:47:09.0553 5604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:47:09.0564 5604 PEAUTH - ok
13:47:09.0687 5604 PHCORE (18eea095af22ac5fa16fc27fb98c82d3) C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
13:47:09.0689 5604 PHCORE - ok
13:47:09.0831 5604 pmxdrv (0bee791c7c7ace453c134e73633c497d) C:\Windows\system32\drivers\pmxdrv.sys
13:47:09.0833 5604 pmxdrv - ok
13:47:10.0008 5604 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:47:10.0010 5604 PptpMiniport - ok
13:47:10.0065 5604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:47:10.0067 5604 Processor - ok
13:47:10.0124 5604 psadd (a70ad30223866947e39bc221df4c2306) C:\Windows\system32\DRIVERS\psadd.sys
13:47:10.0126 5604 psadd - ok
13:47:10.0171 5604 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:47:10.0174 5604 Psched - ok
13:47:10.0243 5604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:47:10.0267 5604 ql2300 - ok
13:47:10.0283 5604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:47:10.0286 5604 ql40xx - ok
13:47:10.0313 5604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:47:10.0315 5604 QWAVEdrv - ok
13:47:10.0327 5604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:47:10.0329 5604 RasAcd - ok
13:47:10.0369 5604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:47:10.0371 5604 RasAgileVpn - ok
13:47:10.0403 5604 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:47:10.0406 5604 Rasl2tp - ok
13:47:10.0432 5604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:47:10.0435 5604 RasPppoe - ok
13:47:10.0452 5604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:47:10.0455 5604 RasSstp - ok
13:47:10.0484 5604 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:47:10.0489 5604 rdbss - ok
13:47:10.0508 5604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:47:10.0510 5604 rdpbus - ok
13:47:10.0539 5604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:47:10.0541 5604 RDPCDD - ok
13:47:10.0569 5604 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
13:47:10.0573 5604 RDPDR - ok
13:47:10.0598 5604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:47:10.0600 5604 RDPENCDD - ok
13:47:10.0620 5604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:47:10.0622 5604 RDPREFMP - ok
13:47:10.0639 5604 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:47:10.0643 5604 RDPWD - ok
13:47:10.0676 5604 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:47:10.0680 5604 rdyboost - ok
13:47:10.0750 5604 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:47:10.0753 5604 RFCOMM - ok
13:47:10.0796 5604 risdxc (819fe65ae1c0312b535b7aa54d30cfda) C:\Windows\system32\DRIVERS\risdxc64.sys
13:47:10.0799 5604 risdxc - ok
13:47:10.0849 5604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:47:10.0851 5604 rspndr - ok
13:47:10.0873 5604 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
13:47:10.0875 5604 s3cap - ok
13:47:10.0903 5604 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:47:10.0906 5604 sbp2port - ok
13:47:10.0934 5604 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:47:10.0936 5604 scfilter - ok
13:47:10.0976 5604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:47:10.0978 5604 secdrv - ok
13:47:11.0004 5604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:47:11.0006 5604 Serenum - ok
13:47:11.0028 5604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:47:11.0030 5604 Serial - ok
13:47:11.0051 5604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:47:11.0052 5604 sermouse - ok
13:47:11.0080 5604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:47:11.0081 5604 sffdisk - ok
13:47:11.0095 5604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:47:11.0097 5604 sffp_mmc - ok
13:47:11.0111 5604 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:47:11.0112 5604 sffp_sd - ok
13:47:11.0127 5604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:47:11.0128 5604 sfloppy - ok
13:47:11.0194 5604 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:47:11.0205 5604 Sftfs - ok
13:47:11.0265 5604 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:47:11.0270 5604 Sftplay - ok
13:47:11.0299 5604 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:47:11.0301 5604 Sftredir - ok
13:47:11.0347 5604 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:47:11.0349 5604 Sftvol - ok
13:47:11.0399 5604 Shockprf (e2fc046d4edabfe3b5ef7da06406277d) C:\Windows\system32\DRIVERS\Apsx64.sys
13:47:11.0402 5604 Shockprf - ok
13:47:11.0453 5604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:47:11.0455 5604 SiSRaid2 - ok
13:47:11.0470 5604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:47:11.0473 5604 SiSRaid4 - ok
13:47:11.0500 5604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:47:11.0503 5604 Smb - ok
13:47:11.0588 5604 smihlp (c5b1a19b14f19b08ae72fcb20a3075b6) C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
13:47:11.0589 5604 smihlp - ok
13:47:11.0726 5604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:47:11.0727 5604 spldr - ok
13:47:11.0815 5604 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:47:11.0823 5604 srv - ok
13:47:11.0874 5604 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:47:11.0881 5604 srv2 - ok
13:47:11.0941 5604 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:47:11.0945 5604 srvnet - ok
13:47:12.0025 5604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:47:12.0027 5604 stexstor - ok
13:47:12.0185 5604 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
13:47:12.0187 5604 storflt - ok
13:47:12.0269 5604 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
13:47:12.0271 5604 storvsc - ok
13:47:12.0354 5604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:47:12.0355 5604 swenum - ok
13:47:12.0425 5604 SynTP (06d602a637e171e151853f1d8ecd34f1) C:\Windows\system32\DRIVERS\SynTP.sys
13:47:12.0447 5604 SynTP - ok
13:47:12.0607 5604 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
13:47:12.0636 5604 Tcpip - ok
13:47:12.0698 5604 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
13:47:12.0726 5604 TCPIP6 - ok
13:47:12.0769 5604 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:47:12.0771 5604 tcpipreg - ok
13:47:12.0798 5604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:47:12.0800 5604 TDPIPE - ok
13:47:12.0813 5604 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:47:12.0815 5604 TDTCP - ok
13:47:12.0842 5604 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:47:12.0845 5604 tdx - ok
13:47:12.0867 5604 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
13:47:12.0869 5604 TermDD - ok
13:47:12.0915 5604 TPDIGIMN (55b7fe3e1d3b616bdc4e9ea48d92d6e6) C:\Windows\system32\DRIVERS\ApsHM64.sys
13:47:12.0916 5604 TPDIGIMN - ok
13:47:12.0965 5604 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
13:47:12.0966 5604 TPM - ok
13:47:13.0008 5604 TPPWRIF (7165b5a9b4867f64a6d6935f57d4196b) C:\Windows\system32\drivers\Tppwr64v.sys
13:47:13.0009 5604 TPPWRIF - ok
13:47:13.0057 5604 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:47:13.0058 5604 tssecsrv - ok
13:47:13.0087 5604 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:47:13.0089 5604 TsUsbFlt - ok
13:47:13.0103 5604 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:47:13.0104 5604 TsUsbGD - ok
13:47:13.0147 5604 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:47:13.0150 5604 tunnel - ok
13:47:13.0178 5604 TVTI2C (4daae0413cd4e816258838e2fafb3147) C:\Windows\system32\DRIVERS\Tvti2c.sys
13:47:13.0180 5604 TVTI2C - ok
13:47:13.0225 5604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:47:13.0227 5604 uagp35 - ok
13:47:13.0255 5604 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:47:13.0261 5604 udfs - ok
13:47:13.0366 5604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:47:13.0368 5604 uliagpkx - ok
13:47:13.0400 5604 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:47:13.0402 5604 umbus - ok
13:47:13.0415 5604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:47:13.0416 5604 UmPass - ok
13:47:13.0460 5604 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:47:13.0463 5604 usbccgp - ok
13:47:13.0477 5604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:47:13.0480 5604 usbcir - ok
13:47:13.0503 5604 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:47:13.0505 5604 usbehci - ok
13:47:13.0542 5604 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:47:13.0548 5604 usbhub - ok
13:47:13.0571 5604 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:47:13.0573 5604 usbohci - ok
13:47:13.0613 5604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:47:13.0614 5604 usbprint - ok
13:47:13.0634 5604 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:47:13.0637 5604 USBSTOR - ok
13:47:13.0661 5604 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:47:13.0663 5604 usbuhci - ok
13:47:13.0705 5604 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:47:13.0709 5604 usbvideo - ok
13:47:13.0780 5604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:47:13.0782 5604 vdrvroot - ok
13:47:13.0800 5604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:47:13.0802 5604 vga - ok
13:47:13.0823 5604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:47:13.0824 5604 VgaSave - ok
13:47:13.0852 5604 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:47:13.0856 5604 vhdmp - ok
13:47:13.0869 5604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:47:13.0871 5604 viaide - ok
13:47:13.0893 5604 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
13:47:13.0897 5604 vmbus - ok
13:47:13.0912 5604 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
13:47:13.0913 5604 VMBusHID - ok
13:47:13.0941 5604 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:47:13.0943 5604 volmgr - ok
13:47:13.0969 5604 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:47:13.0975 5604 volmgrx - ok
13:47:13.0995 5604 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:47:14.0011 5604 volsnap - ok
13:47:14.0059 5604 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
13:47:14.0063 5604 vpcbus - ok
13:47:14.0114 5604 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:47:14.0116 5604 vpcnfltr - ok
13:47:14.0162 5604 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
13:47:14.0165 5604 vpcusb - ok
13:47:14.0208 5604 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
13:47:14.0214 5604 vpcvmm - ok
13:47:14.0309 5604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:47:14.0312 5604 vsmraid - ok
13:47:14.0340 5604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:47:14.0341 5604 vwifibus - ok
13:47:14.0366 5604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:47:14.0368 5604 vwififlt - ok
13:47:14.0450 5604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:47:14.0452 5604 WacomPen - ok
13:47:14.0484 5604 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:47:14.0487 5604 WANARP - ok
13:47:14.0502 5604 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:47:14.0504 5604 Wanarpv6 - ok
13:47:14.0677 5604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:47:14.0679 5604 Wd - ok
13:47:14.0741 5604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:47:14.0751 5604 Wdf01000 - ok
13:47:14.0942 5604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:47:14.0943 5604 WfpLwf - ok
13:47:14.0997 5604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:47:14.0998 5604 WIMMount - ok
13:47:15.0179 5604 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
13:47:15.0181 5604 WinUsb - ok
13:47:15.0343 5604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:47:15.0345 5604 WmiAcpi - ok
13:47:15.0555 5604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:47:15.0556 5604 ws2ifsl - ok
13:47:15.0615 5604 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:47:15.0618 5604 WudfPf - ok
13:47:15.0773 5604 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:47:15.0777 5604 WUDFRd - ok
13:47:15.0824 5604 MBR (0x1B8) (39bac4e76ee90d4cdf8135bcaee9a347) \Device\Harddisk0\DR0
13:47:15.0840 5604 \Device\Harddisk0\DR0 - ok
13:47:15.0846 5604 Boot (0x1200) (bb2159b262439ce8c78a44ae700336b1) \Device\Harddisk0\DR0\Partition0
13:47:15.0847 5604 \Device\Harddisk0\DR0\Partition0 - ok
13:47:15.0862 5604 Boot (0x1200) (6cd47183032485cdbdaa7e9309bd615e) \Device\Harddisk0\DR0\Partition1
13:47:15.0864 5604 \Device\Harddisk0\DR0\Partition1 - ok
13:47:15.0895 5604 Boot (0x1200) (e357ea6a286525067852ba9978939cd0) \Device\Harddisk0\DR0\Partition2
13:47:15.0897 5604 \Device\Harddisk0\DR0\Partition2 - ok
13:47:15.0898 5604 ============================================================
13:47:15.0898 5604 Scan finished
13:47:15.0898 5604 ============================================================
13:47:15.0916 8008 Detected object count: 0
13:47:15.0916 8008 Actual detected object count: 0

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 27 October 2011 - 02:16 PM

ZoneAlarm seemed to have blocked proper connection to internet. After removing it the connection was fully restored.

I would like to give it a couple of days to make sure. Then I can recommend another firewall. Please make sure Windows firewall is enabled and inform me about the condition of your computer after two days.

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 31 October 2011 - 02:18 AM

How is the condition of the computer and is there any issues with Shockwave Flash?

#14 The Wren

The Wren
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:52 AM

Posted 31 October 2011 - 10:56 AM

farbar,

In the past few days, I have not seen further crashes or signs of instability, so I see no reason to keep this thread open. I am still interested in hearing recommendations for firewall programs, antivirus, etc.

Thank you again for helping me with this.

-- The Wren

Edited by The Wren, 31 October 2011 - 12:34 PM.


#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,722 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:05:52 PM

Posted 31 October 2011 - 02:01 PM

Hi The Warn,

Glad to hear the issue is not happening any more and you are most welcome.

You have MSE and I find it a good antivirus. Here are two other good free ones:

Avira
Avast

Note that only one antivirus with real-time protection should be installed.

This is a lighter firewall:
Comodo Firewall

Other Recommendations:
  • I recommend using Site Advisor for safe surfing. It is a free extension both for Internet Explorer and Firefox. When you search a site it gives you an indication of how safe a site is.
  • I recommend installing this small application for safe surfing: Javacoolsİ SpywareBlaster
    SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
  • Download and install it.
  • Update it manually by clicking on Updates in the left pane and then Check for Updates.
  • Then enable all the protections by clicking on Protection Status on the left pane. Then click on Enable All Protection.
  • The free version doesn't have an automatic update. Update it once in two or three weeks and enable all protection again.
Happy Surfing.:)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users