Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rootkit trojans or some malware infecting computer/s


  • Please log in to reply
20 replies to this topic

#1 strugglingwithtrojan

strugglingwithtrojan

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 11:15 AM

Hi there,

This is a little call out for help!

So my new housemate brought an infected computer to our place and asked me for some help.

He had a trojan installed on his computer: Trojan.MSIL.Agent or .mgv I believe. Since then I have tried to remove it but have come across a great deal of difficulty in trying to successfully remove it. Suspect processes continue to run and I can not find the source as adequately as I would like to in order to remove it!

After checking out his computer I thought I should also check my own given they were on the same network. I had realised that my desktop machine was asking for an .exe to run on startup but i routinely ignored it until I was typing on my laptop and then saw it automatically accept. I panicked and restarted the machine, then all sorts of strange things started to happen - the BIOS settings (boot order etc.) changed and it was shutting down every minute before the machine could even boot to windows. After a while my computer wouldn't boot at all. After re-freshing the Mobo RAM it started to boot again but I have been getting Core CPU temperature warnings. I have decided to buy new thermal compound and re-seat the CPU before looking into it anymore, as I don't want to overheat the processor.

After this I ran a scan on my laptop computer which is on the same router most of the time - Malware Bytes and the Sophos software on my laptop detected:

Mal/Medfos.A
CXmal/FakeAv-G
Exploit.Drop.GS

I have tried to remove them but they seem to be extremely stubborn and I am going slightly mad. I am halfway through a big project at Uni and this has started to become a hassle. I am going crazy and now don't trust any websites as I am seemingly getting re-directs and all sorts of weird stuff. Lots of spam emails posing as legitimate emails are also coming through to my inbox more frequently.

Is there a kind person out there who can help me get my computer/laptop/network free from these horrible things?!

Kind regards,

Luke

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 21 August 2012 - 11:41 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 01:07 PM

Thanks narenxp for your quick reply:


03:07:11.0139 4976 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
03:07:12.0199 4976 ============================================================
03:07:12.0199 4976 Current date / time: 2012/08/22 03:07:12.0199
03:07:12.0199 4976 SystemInfo:
03:07:12.0199 4976
03:07:12.0199 4976 OS Version: 6.1.7601 ServicePack: 1.0
03:07:12.0199 4976 Product type: Workstation
03:07:12.0199 4976 ComputerName: R9HXIK4
03:07:12.0199 4976 UserName: LRoe
03:07:12.0199 4976 Windows directory: C:\Windows
03:07:12.0199 4976 System windows directory: C:\Windows
03:07:12.0199 4976 Running under WOW64
03:07:12.0199 4976 Processor architecture: Intel x64
03:07:12.0199 4976 Number of processors: 4
03:07:12.0199 4976 Page size: 0x1000
03:07:12.0199 4976 Boot type: Normal boot
03:07:12.0199 4976 ============================================================
03:07:38.0674 4976 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
03:07:38.0689 4976 ============================================================
03:07:38.0689 4976 \Device\Harddisk0\DR0:
03:07:38.0689 4976 MBR partitions:
03:07:38.0689 4976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE6F70B
03:07:38.0689 4976 ============================================================
03:07:38.0689 4976 C: <-> \Device\Harddisk0\DR0\Partition1
03:07:38.0689 4976 ============================================================
03:07:38.0689 4976 Initialize success
03:07:38.0689 4976 ============================================================
03:08:01.0450 7608 ============================================================
03:08:01.0450 7608 Scan started
03:08:01.0450 7608 Mode: Manual;
03:08:01.0450 7608 ============================================================
03:08:01.0684 7608 ================ Scan system memory ========================
03:08:01.0684 7608 System memory - ok
03:08:01.0684 7608 ================ Scan services =============================
03:08:01.0746 7608 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:08:01.0777 7608 1394ohci - ok
03:08:01.0793 7608 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
03:08:01.0824 7608 5U877 - ok
03:08:01.0840 7608 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
03:08:01.0840 7608 a2acc - ok
03:08:01.0902 7608 [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
03:08:01.0949 7608 a2AntiMalware - ok
03:08:01.0964 7608 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
03:08:01.0996 7608 A2DDA - ok
03:08:01.0996 7608 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
03:08:02.0011 7608 a2injectiondriver - ok
03:08:02.0011 7608 [ E41D79682A209F72F4F578CFD4A53952 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
03:08:02.0011 7608 a2util - ok
03:08:02.0027 7608 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:08:02.0042 7608 ACPI - ok
03:08:02.0042 7608 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:08:02.0089 7608 AcpiPmi - ok
03:08:02.0105 7608 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
03:08:02.0152 7608 adp94xx - ok
03:08:02.0167 7608 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
03:08:02.0214 7608 adpahci - ok
03:08:02.0230 7608 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
03:08:02.0276 7608 adpu320 - ok
03:08:02.0292 7608 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:08:02.0292 7608 AeLookupSvc - ok
03:08:02.0308 7608 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
03:08:02.0323 7608 AFD - ok
03:08:02.0323 7608 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
03:08:02.0354 7608 agp440 - ok
03:08:02.0370 7608 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
03:08:02.0432 7608 ALG - ok
03:08:02.0432 7608 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
03:08:02.0479 7608 aliide - ok
03:08:02.0479 7608 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
03:08:02.0526 7608 amdide - ok
03:08:02.0526 7608 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
03:08:02.0557 7608 AmdK8 - ok
03:08:02.0573 7608 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
03:08:02.0604 7608 AmdPPM - ok
03:08:02.0604 7608 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:08:02.0635 7608 amdsata - ok
03:08:02.0651 7608 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
03:08:02.0698 7608 amdsbs - ok
03:08:02.0698 7608 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:08:02.0698 7608 amdxata - ok
03:08:02.0713 7608 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
03:08:02.0744 7608 AppID - ok
03:08:02.0744 7608 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:08:02.0776 7608 AppIDSvc - ok
03:08:02.0776 7608 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
03:08:02.0791 7608 Appinfo - ok
03:08:02.0791 7608 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:08:02.0807 7608 Apple Mobile Device - ok
03:08:02.0807 7608 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
03:08:02.0854 7608 AppMgmt - ok
03:08:02.0854 7608 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
03:08:02.0885 7608 arc - ok
03:08:02.0900 7608 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
03:08:02.0932 7608 arcsas - ok
03:08:02.0963 7608 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:08:02.0994 7608 aspnet_state - ok
03:08:02.0994 7608 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:08:02.0994 7608 AsyncMac - ok
03:08:03.0010 7608 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
03:08:03.0010 7608 atapi - ok
03:08:03.0025 7608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:08:03.0088 7608 AudioEndpointBuilder - ok
03:08:03.0103 7608 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:08:03.0119 7608 AudioSrv - ok
03:08:03.0134 7608 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:08:03.0150 7608 AxInstSV - ok
03:08:03.0166 7608 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
03:08:03.0212 7608 b06bdrv - ok
03:08:03.0228 7608 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:08:03.0259 7608 b57nd60a - ok
03:08:03.0275 7608 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:08:03.0306 7608 BDESVC - ok
03:08:03.0306 7608 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:08:03.0337 7608 Beep - ok
03:08:03.0353 7608 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
03:08:03.0368 7608 BFE - ok
03:08:03.0400 7608 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
03:08:03.0415 7608 BITS - ok
03:08:03.0415 7608 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:08:03.0446 7608 blbdrive - ok
03:08:03.0462 7608 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
03:08:03.0478 7608 Bonjour Service - ok
03:08:03.0478 7608 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:08:03.0478 7608 bowser - ok
03:08:03.0493 7608 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
03:08:03.0509 7608 BrFiltLo - ok
03:08:03.0524 7608 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
03:08:03.0556 7608 BrFiltUp - ok
03:08:03.0556 7608 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
03:08:03.0571 7608 Browser - ok
03:08:03.0587 7608 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:08:03.0618 7608 Brserid - ok
03:08:03.0634 7608 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:08:03.0649 7608 BrSerWdm - ok
03:08:03.0665 7608 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:08:03.0680 7608 BrUsbMdm - ok
03:08:03.0696 7608 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:08:03.0727 7608 BrUsbSer - ok
03:08:03.0727 7608 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
03:08:03.0758 7608 BthEnum - ok
03:08:03.0758 7608 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
03:08:03.0805 7608 BTHMODEM - ok
03:08:03.0805 7608 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
03:08:03.0836 7608 BthPan - ok
03:08:03.0852 7608 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
03:08:03.0899 7608 BTHPORT - ok
03:08:03.0899 7608 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
03:08:03.0914 7608 bthserv - ok
03:08:03.0914 7608 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
03:08:03.0946 7608 BTHUSB - ok
03:08:03.0961 7608 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:08:03.0992 7608 cdfs - ok
03:08:03.0992 7608 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:08:04.0039 7608 cdrom - ok
03:08:04.0039 7608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
03:08:04.0070 7608 CertPropSvc - ok
03:08:04.0086 7608 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
03:08:04.0102 7608 circlass - ok
03:08:04.0117 7608 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
03:08:04.0133 7608 CLFS - ok
03:08:04.0133 7608 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:08:04.0273 7608 clr_optimization_v2.0.50727_32 - ok
03:08:04.0273 7608 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:08:04.0336 7608 clr_optimization_v2.0.50727_64 - ok
03:08:04.0351 7608 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:08:04.0351 7608 clr_optimization_v4.0.30319_32 - ok
03:08:04.0367 7608 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:08:04.0367 7608 clr_optimization_v4.0.30319_64 - ok
03:08:04.0382 7608 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:08:04.0414 7608 CmBatt - ok
03:08:04.0414 7608 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:08:04.0445 7608 cmdide - ok
03:08:04.0476 7608 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
03:08:04.0476 7608 CNG - ok
03:08:04.0523 7608 [ 8DE541B4CFA281A204BAA3EA2109809E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
03:08:04.0601 7608 CnxtHdAudService - ok
03:08:04.0601 7608 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
03:08:04.0601 7608 Compbatt - ok
03:08:04.0616 7608 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
03:08:04.0648 7608 CompositeBus - ok
03:08:04.0648 7608 COMSysApp - ok
03:08:04.0663 7608 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
03:08:04.0694 7608 crcdisk - ok
03:08:04.0710 7608 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:08:04.0710 7608 CryptSvc - ok
03:08:04.0726 7608 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
03:08:04.0772 7608 CSC - ok
03:08:04.0788 7608 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
03:08:04.0804 7608 CscService - ok
03:08:04.0819 7608 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
03:08:04.0819 7608 CxAudMsg - ok
03:08:04.0835 7608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:08:04.0850 7608 DcomLaunch - ok
03:08:04.0866 7608 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
03:08:04.0897 7608 defragsvc - ok
03:08:04.0913 7608 [ 178A6E9A0DCE42959FC5AD129F60CBA9 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
03:08:04.0944 7608 dfmirage - ok
03:08:04.0944 7608 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:08:04.0975 7608 DfsC - ok
03:08:04.0991 7608 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
03:08:04.0991 7608 Dhcp - ok
03:08:05.0006 7608 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
03:08:05.0006 7608 discache - ok
03:08:05.0022 7608 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
03:08:05.0022 7608 Disk - ok
03:08:05.0022 7608 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
03:08:05.0053 7608 dmvsc - ok
03:08:05.0069 7608 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:08:05.0069 7608 Dnscache - ok
03:08:05.0084 7608 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
03:08:05.0116 7608 dot3svc - ok
03:08:05.0147 7608 [ 277247B79DA2230D0C3AEB83E6CD8CA7 ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
03:08:05.0194 7608 DozeSvc - ok
03:08:05.0209 7608 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
03:08:05.0209 7608 DPS - ok
03:08:05.0209 7608 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:08:05.0240 7608 drmkaud - ok
03:08:05.0272 7608 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:08:05.0334 7608 DXGKrnl - ok
03:08:05.0334 7608 [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
03:08:05.0334 7608 DzHDD64 - ok
03:08:05.0350 7608 [ 471612D324D8682B98B267BD091D2219 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
03:08:05.0396 7608 e1cexpress - ok
03:08:05.0396 7608 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:08:05.0396 7608 EapHost - ok
03:08:05.0474 7608 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
03:08:05.0568 7608 ebdrv - ok
03:08:05.0584 7608 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
03:08:05.0615 7608 EFS - ok
03:08:05.0630 7608 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:08:05.0677 7608 ehRecvr - ok
03:08:05.0693 7608 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
03:08:05.0724 7608 ehSched - ok
03:08:05.0755 7608 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
03:08:05.0802 7608 elxstor - ok
03:08:05.0818 7608 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:08:05.0849 7608 ErrDev - ok
03:08:05.0864 7608 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
03:08:05.0880 7608 EventSystem - ok
03:08:05.0880 7608 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
03:08:05.0927 7608 exfat - ok
03:08:05.0927 7608 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:08:05.0958 7608 fastfat - ok
03:08:05.0989 7608 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
03:08:06.0005 7608 Fax - ok
03:08:06.0005 7608 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
03:08:06.0036 7608 fdc - ok
03:08:06.0036 7608 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:08:06.0036 7608 fdPHost - ok
03:08:06.0052 7608 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:08:06.0052 7608 FDResPub - ok
03:08:06.0067 7608 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:08:06.0067 7608 FileInfo - ok
03:08:06.0067 7608 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:08:06.0098 7608 Filetrace - ok
03:08:06.0114 7608 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
03:08:06.0130 7608 flpydisk - ok
03:08:06.0145 7608 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:08:06.0145 7608 FltMgr - ok
03:08:06.0192 7608 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
03:08:06.0208 7608 FontCache - ok
03:08:06.0208 7608 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:08:06.0223 7608 FontCache3.0.0.0 - ok
03:08:06.0223 7608 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:08:06.0254 7608 FsDepends - ok
03:08:06.0254 7608 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:08:06.0270 7608 Fs_Rec - ok
03:08:06.0270 7608 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:08:06.0286 7608 fvevol - ok
03:08:06.0286 7608 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
03:08:06.0317 7608 gagp30kx - ok
03:08:06.0332 7608 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:08:06.0348 7608 GEARAspiWDM - ok
03:08:06.0379 7608 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
03:08:06.0426 7608 gpsvc - ok
03:08:06.0442 7608 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:08:06.0457 7608 hcw85cir - ok
03:08:06.0473 7608 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:08:06.0520 7608 HdAudAddService - ok
03:08:06.0520 7608 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:08:06.0535 7608 HDAudBus - ok
03:08:06.0535 7608 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
03:08:06.0566 7608 HidBatt - ok
03:08:06.0566 7608 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
03:08:06.0598 7608 HidBth - ok
03:08:06.0613 7608 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
03:08:06.0644 7608 HidIr - ok
03:08:06.0644 7608 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
03:08:06.0644 7608 hidserv - ok
03:08:06.0660 7608 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
03:08:06.0691 7608 HidUsb - ok
03:08:06.0691 7608 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:08:06.0785 7608 hkmsvc - ok
03:08:06.0785 7608 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:08:06.0878 7608 HomeGroupListener - ok
03:08:06.0894 7608 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:08:06.0910 7608 HomeGroupProvider - ok
03:08:06.0910 7608 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:08:06.0941 7608 HpSAMD - ok
03:08:06.0972 7608 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:08:06.0972 7608 HTTP - ok
03:08:06.0988 7608 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:08:06.0988 7608 hwpolicy - ok
03:08:07.0003 7608 [ E935C8099F9196BF19224D9EE4808612 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
03:08:07.0034 7608 HyperW7Svc - ok
03:08:07.0050 7608 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
03:08:07.0066 7608 i8042prt - ok
03:08:07.0097 7608 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
03:08:07.0097 7608 iaStor - ok
03:08:07.0112 7608 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:08:07.0159 7608 iaStorV - ok
03:08:07.0175 7608 [ 2151176DB657AEFF9B873D23380C3F5B ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
03:08:07.0206 7608 IBMPMDRV - ok
03:08:07.0206 7608 [ C76A67AED080538D420550C903696788 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
03:08:07.0206 7608 IBMPMSVC - ok
03:08:07.0237 7608 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:08:07.0487 7608 idsvc - ok
03:08:07.0721 7608 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
03:08:07.0986 7608 igfx - ok
03:08:07.0986 7608 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
03:08:08.0017 7608 iirsp - ok
03:08:08.0048 7608 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
03:08:08.0064 7608 IKEEXT - ok
03:08:08.0080 7608 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
03:08:08.0111 7608 intelide - ok
03:08:08.0111 7608 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:08:08.0126 7608 intelppm - ok
03:08:08.0126 7608 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:08:08.0126 7608 IPBusEnum - ok
03:08:08.0142 7608 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:08:08.0189 7608 IpFilterDriver - ok
03:08:08.0204 7608 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:08:08.0220 7608 iphlpsvc - ok
03:08:08.0220 7608 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:08:08.0251 7608 IPMIDRV - ok
03:08:08.0267 7608 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:08:08.0282 7608 IPNAT - ok
03:08:08.0314 7608 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
03:08:08.0329 7608 iPod Service - ok
03:08:08.0329 7608 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:08:08.0360 7608 IRENUM - ok
03:08:08.0376 7608 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:08:08.0407 7608 isapnp - ok
03:08:08.0407 7608 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:08:08.0454 7608 iScsiPrt - ok
03:08:08.0470 7608 [ 6FAF199FDFFDD2376973143C3E012765 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
03:08:08.0470 7608 jhi_service - ok
03:08:08.0485 7608 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:08:08.0516 7608 kbdclass - ok
03:08:08.0516 7608 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
03:08:08.0548 7608 kbdhid - ok
03:08:08.0563 7608 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
03:08:08.0563 7608 KeyIso - ok
03:08:08.0579 7608 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:08:08.0579 7608 KSecDD - ok
03:08:08.0594 7608 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:08:08.0594 7608 KSecPkg - ok
03:08:08.0594 7608 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:08:08.0626 7608 ksthunk - ok
03:08:08.0641 7608 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
03:08:08.0672 7608 KtmRm - ok
03:08:08.0688 7608 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
03:08:08.0704 7608 LanmanServer - ok
03:08:08.0719 7608 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:08:08.0719 7608 LanmanWorkstation - ok
03:08:08.0735 7608 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
03:08:08.0750 7608 LENOVO.MICMUTE - ok
03:08:08.0750 7608 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
03:08:08.0782 7608 lenovo.smi - ok
03:08:08.0782 7608 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
03:08:08.0782 7608 Lenovo.VIRTSCRLSVC - ok
03:08:08.0797 7608 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:08:08.0797 7608 lltdio - ok
03:08:08.0813 7608 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:08:08.0906 7608 lltdsvc - ok
03:08:08.0922 7608 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:08:08.0922 7608 lmhosts - ok
03:08:08.0938 7608 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
03:08:08.0938 7608 LMS - ok
03:08:08.0953 7608 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
03:08:08.0984 7608 LSI_FC - ok
03:08:09.0000 7608 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
03:08:09.0031 7608 LSI_SAS - ok
03:08:09.0047 7608 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
03:08:09.0078 7608 LSI_SAS2 - ok
03:08:09.0078 7608 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
03:08:09.0109 7608 LSI_SCSI - ok
03:08:09.0125 7608 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
03:08:09.0156 7608 luafv - ok
03:08:09.0172 7608 [ 4AFC70C86111AE0A4C0DF68041EB8570 ] ManageEngine AssetExplorer Agent C:\Program Files (x86)\ManageEngine\AssetExplorer\bin\agentmonitor.exe
03:08:09.0172 7608 ManageEngine AssetExplorer Agent - ok
03:08:09.0172 7608 ManageEngine AssetExplorer RemoteControl - ok
03:08:09.0187 7608 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
03:08:09.0187 7608 MBAMProtector - ok
03:08:09.0218 7608 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
03:08:09.0218 7608 MBAMService - ok
03:08:09.0234 7608 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:08:09.0328 7608 Mcx2Svc - ok
03:08:09.0328 7608 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
03:08:09.0359 7608 megasas - ok
03:08:09.0374 7608 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
03:08:09.0421 7608 MegaSR - ok
03:08:09.0421 7608 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
03:08:09.0452 7608 MEIx64 - ok
03:08:09.0468 7608 Microsoft SharePoint Workspace Audit Service - ok
03:08:09.0468 7608 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
03:08:09.0499 7608 MMCSS - ok
03:08:09.0515 7608 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:08:09.0546 7608 Modem - ok
03:08:09.0546 7608 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:08:09.0546 7608 monitor - ok
03:08:09.0562 7608 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:08:09.0593 7608 mouclass - ok
03:08:09.0593 7608 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:08:09.0624 7608 mouhid - ok
03:08:09.0640 7608 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:08:09.0640 7608 mountmgr - ok
03:08:09.0655 7608 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
03:08:09.0686 7608 mpio - ok
03:08:09.0702 7608 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:08:09.0702 7608 mpsdrv - ok
03:08:09.0733 7608 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:08:09.0749 7608 MpsSvc - ok
03:08:09.0764 7608 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:08:09.0811 7608 MRxDAV - ok
03:08:09.0811 7608 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:08:09.0827 7608 mrxsmb - ok
03:08:09.0842 7608 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:08:09.0842 7608 mrxsmb10 - ok
03:08:09.0858 7608 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:08:09.0858 7608 mrxsmb20 - ok
03:08:09.0858 7608 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
03:08:09.0858 7608 msahci - ok
03:08:09.0874 7608 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:08:09.0905 7608 msdsm - ok
03:08:09.0920 7608 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
03:08:09.0967 7608 MSDTC - ok
03:08:09.0983 7608 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:08:10.0014 7608 Msfs - ok
03:08:10.0014 7608 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:08:10.0045 7608 mshidkmdf - ok
03:08:10.0061 7608 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:08:10.0061 7608 msisadrv - ok
03:08:10.0076 7608 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:08:10.0201 7608 MSiSCSI - ok
03:08:10.0201 7608 msiserver - ok
03:08:10.0217 7608 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:08:10.0248 7608 MSKSSRV - ok
03:08:10.0248 7608 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:08:10.0279 7608 MSPCLOCK - ok
03:08:10.0279 7608 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:08:10.0310 7608 MSPQM - ok
03:08:10.0326 7608 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:08:10.0326 7608 MsRPC - ok
03:08:10.0342 7608 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
03:08:10.0342 7608 mssmbios - ok
03:08:10.0357 7608 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:08:10.0373 7608 MSTEE - ok
03:08:10.0388 7608 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:08:10.0404 7608 MTConfig - ok
03:08:10.0420 7608 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:08:10.0420 7608 Mup - ok
03:08:10.0435 7608 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
03:08:10.0451 7608 napagent - ok
03:08:10.0466 7608 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:08:10.0466 7608 NativeWifiP - ok
03:08:10.0498 7608 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:08:10.0513 7608 NDIS - ok
03:08:10.0529 7608 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:08:10.0544 7608 NdisCap - ok
03:08:10.0560 7608 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:08:10.0591 7608 NdisTapi - ok
03:08:10.0591 7608 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:08:10.0591 7608 Ndisuio - ok
03:08:10.0607 7608 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:08:10.0638 7608 NdisWan - ok
03:08:10.0654 7608 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:08:10.0669 7608 NDProxy - ok
03:08:10.0685 7608 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
03:08:10.0685 7608 Net Driver HPZ12 - ok
03:08:10.0700 7608 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:08:10.0716 7608 NetBIOS - ok
03:08:10.0732 7608 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:08:10.0747 7608 NetBT - ok
03:08:10.0747 7608 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
03:08:10.0747 7608 Netlogon - ok
03:08:10.0778 7608 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
03:08:10.0778 7608 Netman - ok
03:08:10.0794 7608 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:08:11.0012 7608 NetMsmqActivator - ok
03:08:11.0012 7608 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:08:11.0028 7608 NetPipeActivator - ok
03:08:11.0044 7608 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
03:08:11.0059 7608 netprofm - ok
03:08:11.0059 7608 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:08:11.0059 7608 NetTcpActivator - ok
03:08:11.0075 7608 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:08:11.0075 7608 NetTcpPortSharing - ok
03:08:11.0262 7608 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
03:08:11.0449 7608 NETwNs64 - ok
03:08:11.0465 7608 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
03:08:11.0496 7608 nfrd960 - ok
03:08:11.0512 7608 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:08:11.0512 7608 NlaSvc - ok
03:08:11.0527 7608 [ 9111C1BEA2A3DA7A555928DF97E84155 ] Novell Identity Store C:\Program Files (x86)\Novell\CASA\bin\micasad.exe
03:08:11.0527 7608 Novell Identity Store - ok
03:08:11.0543 7608 [ 7160ADFE685F2A4985AA8B93BE07C446 ] Novell ZENworks Agent Service C:\Program Files (x86)\Novell\ZENworks\bin\ZenworksWindowsService.exe
03:08:11.0543 7608 Novell ZENworks Agent Service - ok
03:08:11.0558 7608 [ E77F6AEB3BE8BD218C60BBFB6E3D1DAA ] Novell ZENworks Image-Safe Data Service C:\Program Files (x86)\Novell\ZENworks\bin\preboot\novell-zisdservice.exe
03:08:11.0558 7608 Novell ZENworks Image-Safe Data Service - ok
03:08:11.0558 7608 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:08:11.0590 7608 Npfs - ok
03:08:11.0605 7608 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:08:11.0605 7608 nsi - ok
03:08:11.0605 7608 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:08:11.0621 7608 nsiproxy - ok
03:08:11.0652 7608 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:08:11.0683 7608 Ntfs - ok
03:08:11.0699 7608 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
03:08:11.0730 7608 Null - ok
03:08:11.0730 7608 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
03:08:11.0761 7608 nusb3hub - ok
03:08:11.0777 7608 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
03:08:11.0808 7608 nusb3xhc - ok
03:08:11.0824 7608 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
03:08:11.0855 7608 NVHDA - ok
03:08:12.0120 7608 [ 7C7E6935E986C5237A883D2B82C654E2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:08:12.0588 7608 nvlddmkm - ok
03:08:12.0604 7608 [ EE58A22403C31A23731DD2AD2CB707C8 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
03:08:12.0604 7608 nvpciflt - ok
03:08:12.0619 7608 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:08:12.0650 7608 nvraid - ok
03:08:12.0666 7608 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:08:12.0697 7608 nvstor - ok
03:08:12.0728 7608 [ E62E113D487958CBC5137AF65922DE4C ] NVSvc C:\Windows\system32\nvvsvc.exe
03:08:12.0744 7608 NVSvc - ok
03:08:12.0791 7608 [ 31D61EC056FAB73A911D9987099575E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
03:08:13.0664 7608 nvUpdatusService - ok
03:08:13.0680 7608 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:08:13.0711 7608 nv_agp - ok
03:08:13.0758 7608 [ 9AC076C176153F4276D3A584A9B2714C ] nzwinvnc C:\Program Files (x86)\Novell\ZENworks\bin\nzrWinVNC.exe
03:08:13.0789 7608 nzwinvnc - ok
03:08:13.0805 7608 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:08:13.0820 7608 ohci1394 - ok
03:08:13.0836 7608 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:08:13.0883 7608 ose - ok
03:08:13.0992 7608 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:08:14.0569 7608 osppsvc - ok
03:08:14.0600 7608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:08:14.0600 7608 p2pimsvc - ok
03:08:14.0616 7608 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:08:14.0663 7608 p2psvc - ok
03:08:14.0663 7608 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
03:08:14.0694 7608 Parport - ok
03:08:14.0710 7608 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:08:14.0710 7608 partmgr - ok
03:08:14.0710 7608 [ 3B0440DEFFC695234DADE777D48AA2CF ] pbfilter C:\Program Files\Bot Revolt - Botnet Protection\pbfilter.sys
03:08:14.0756 7608 pbfilter - ok
03:08:14.0772 7608 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:08:14.0772 7608 PcaSvc - ok
03:08:14.0788 7608 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
03:08:14.0788 7608 pci - ok
03:08:14.0803 7608 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
03:08:14.0834 7608 pciide - ok
03:08:14.0850 7608 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
03:08:14.0881 7608 pcmcia - ok
03:08:14.0897 7608 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:08:14.0897 7608 pcw - ok
03:08:14.0912 7608 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:08:14.0928 7608 PEAUTH - ok
03:08:14.0959 7608 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
03:08:14.0990 7608 PeerDistSvc - ok
03:08:15.0022 7608 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:08:15.0053 7608 PerfHost - ok
03:08:15.0068 7608 [ 52C9F4359AF4A25969B882AECC6F3BDA ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
03:08:15.0084 7608 PHCORE - ok
03:08:15.0131 7608 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
03:08:15.0193 7608 pla - ok
03:08:15.0209 7608 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:08:15.0240 7608 PlugPlay - ok
03:08:15.0256 7608 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
03:08:15.0256 7608 Pml Driver HPZ12 - ok
03:08:15.0271 7608 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:08:15.0287 7608 PNRPAutoReg - ok
03:08:15.0302 7608 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:08:15.0318 7608 PNRPsvc - ok
03:08:15.0334 7608 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:08:15.0349 7608 PolicyAgent - ok
03:08:15.0365 7608 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
03:08:15.0365 7608 Power - ok
03:08:15.0380 7608 [ 836FE79DE8767D77136B6491A3D61089 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
03:08:15.0412 7608 Power Manager DBC Service - ok
03:08:15.0427 7608 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:08:15.0443 7608 PptpMiniport - ok
03:08:15.0458 7608 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
03:08:15.0505 7608 Processor - ok
03:08:15.0505 7608 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
03:08:15.0552 7608 ProfSvc - ok
03:08:15.0552 7608 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:08:15.0568 7608 ProtectedStorage - ok
03:08:15.0568 7608 [ B8035AF9CC0CCBA9A09AC0A0D9801797 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
03:08:15.0599 7608 psadd - ok
03:08:15.0614 7608 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:08:15.0614 7608 Psched - ok
03:08:15.0630 7608 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
03:08:15.0630 7608 PSI_SVC_2 - ok
03:08:15.0630 7608 [ 576444157F1CB25AE2057EED586D4889 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
03:08:15.0708 7608 PwmEWSvc - ok
03:08:15.0724 7608 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
03:08:15.0724 7608 PxHlpa64 - ok
03:08:15.0770 7608 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
03:08:15.0848 7608 ql2300 - ok
03:08:15.0864 7608 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
03:08:15.0895 7608 ql40xx - ok
03:08:15.0911 7608 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
03:08:15.0942 7608 QWAVE - ok
03:08:15.0958 7608 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:08:15.0958 7608 QWAVEdrv - ok
03:08:15.0973 7608 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:08:15.0989 7608 RasAcd - ok
03:08:16.0004 7608 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:08:16.0036 7608 RasAgileVpn - ok
03:08:16.0036 7608 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
03:08:16.0192 7608 RasAuto - ok
03:08:16.0192 7608 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:08:16.0223 7608 Rasl2tp - ok
03:08:16.0238 7608 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
03:08:16.0285 7608 RasMan - ok
03:08:16.0285 7608 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:08:16.0316 7608 RasPppoe - ok
03:08:16.0332 7608 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:08:16.0363 7608 RasSstp - ok
03:08:16.0379 7608 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:08:16.0410 7608 rdbss - ok
03:08:16.0426 7608 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:08:16.0457 7608 rdpbus - ok
03:08:16.0457 7608 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:08:16.0457 7608 RDPCDD - ok
03:08:16.0472 7608 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
03:08:16.0504 7608 RDPDR - ok
03:08:16.0519 7608 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:08:16.0519 7608 RDPENCDD - ok
03:08:16.0535 7608 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:08:16.0535 7608 RDPREFMP - ok
03:08:16.0550 7608 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:08:16.0582 7608 RDPWD - ok
03:08:16.0582 7608 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:08:16.0597 7608 rdyboost - ok
03:08:16.0613 7608 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:08:16.0644 7608 RemoteAccess - ok
03:08:16.0644 7608 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:08:16.0691 7608 RemoteRegistry - ok
03:08:16.0691 7608 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
03:08:16.0722 7608 RFCOMM - ok
03:08:16.0738 7608 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
03:08:16.0753 7608 risdxc - ok
03:08:16.0769 7608 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:08:16.0800 7608 RpcEptMapper - ok
03:08:16.0816 7608 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
03:08:16.0831 7608 RpcLocator - ok
03:08:16.0862 7608 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
03:08:16.0862 7608 RpcSs - ok
03:08:16.0878 7608 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:08:16.0878 7608 rspndr - ok
03:08:16.0894 7608 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
03:08:16.0925 7608 s3cap - ok
03:08:16.0940 7608 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
03:08:16.0940 7608 SamSs - ok
03:08:16.0940 7608 SAService - ok
03:08:16.0972 7608 [ ECC98E6458D8250F834C42BB5928B1D2 ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
03:08:16.0972 7608 SAVAdminService - ok
03:08:16.0987 7608 [ 2192AE4D310ADB821B38595150F5A384 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
03:08:17.0018 7608 SAVOnAccess - ok
03:08:17.0018 7608 [ B8A272D4E91EFB366E16BEA0FA42D7EE ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
03:08:17.0034 7608 SAVService - ok
03:08:17.0034 7608 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:08:17.0065 7608 sbp2port - ok
03:08:17.0081 7608 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:08:17.0112 7608 SCardSvr - ok
03:08:17.0128 7608 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:08:17.0159 7608 scfilter - ok
03:08:17.0190 7608 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
03:08:17.0206 7608 Schedule - ok
03:08:17.0221 7608 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:08:17.0221 7608 SCPolicySvc - ok
03:08:17.0221 7608 [ 7D67AEABEB597C602EDB5B3AE316E96A ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
03:08:17.0252 7608 sdcfilter - ok
03:08:17.0268 7608 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:08:17.0299 7608 SDRSVC - ok
03:08:17.0315 7608 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:08:17.0315 7608 secdrv - ok
03:08:17.0330 7608 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
03:08:17.0362 7608 seclogon - ok
03:08:17.0362 7608 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
03:08:17.0362 7608 SENS - ok
03:08:17.0377 7608 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:08:17.0408 7608 SensrSvc - ok
03:08:17.0408 7608 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:08:17.0440 7608 Serenum - ok
03:08:17.0455 7608 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:08:17.0471 7608 Serial - ok
03:08:17.0486 7608 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
03:08:17.0518 7608 sermouse - ok
03:08:17.0533 7608 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
03:08:17.0564 7608 SessionEnv - ok
03:08:17.0580 7608 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:08:17.0596 7608 sffdisk - ok
03:08:17.0611 7608 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:08:17.0658 7608 sffp_mmc - ok
03:08:17.0658 7608 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:08:17.0689 7608 sffp_sd - ok
03:08:17.0705 7608 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
03:08:17.0720 7608 sfloppy - ok
03:08:17.0736 7608 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:08:18.0625 7608 SharedAccess - ok
03:08:18.0641 7608 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:08:18.0656 7608 ShellHWDetection - ok
03:08:18.0672 7608 [ C3F190562FE82EFDA7CCEF305EBAD3E3 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
03:08:18.0672 7608 Shockprf - ok
03:08:18.0672 7608 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
03:08:18.0703 7608 SiSRaid2 - ok
03:08:18.0719 7608 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
03:08:18.0750 7608 SiSRaid4 - ok
03:08:18.0750 7608 [ D335450B591CA26F421D7F975399DDC3 ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys
03:08:18.0781 7608 SMARTMouseFilterx64 - ok
03:08:18.0797 7608 [ CE70BFC09969B480627D0ED8DD7B3943 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
03:08:18.0812 7608 SMARTVHidMiniVistaAmd64 - ok
03:08:18.0828 7608 [ 9EB228E604FA70636E5A3C7C2A2FE304 ] SMARTVTabletPCx64 C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys
03:08:18.0859 7608 SMARTVTabletPCx64 - ok
03:08:18.0859 7608 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:08:18.0890 7608 Smb - ok
03:08:18.0906 7608 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:08:18.0906 7608 SNMPTRAP - ok
03:08:18.0922 7608 [ 1DD15CBAE4AA7B2F5166D0C2700AEF94 ] Sophos Agent C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
03:08:18.0937 7608 Sophos Agent - ok
03:08:18.0953 7608 [ 6067896DB061A2169688980ADA2DDC30 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
03:08:18.0953 7608 Sophos AutoUpdate Service - ok
03:08:18.0968 7608 [ 65F816D7534D25623DA909911FF7E7D8 ] Sophos Message Router C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
03:08:18.0984 7608 Sophos Message Router - ok
03:08:19.0000 7608 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
03:08:19.0000 7608 Sophos Web Control Service - ok
03:08:19.0015 7608 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
03:08:19.0046 7608 SophosBootDriver - ok
03:08:19.0046 7608 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:08:19.0062 7608 spldr - ok
03:08:19.0078 7608 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
03:08:19.0093 7608 Spooler - ok
03:08:19.0156 7608 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
03:08:19.0218 7608 sppsvc - ok
03:08:19.0218 7608 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:08:19.0249 7608 sppuinotify - ok
03:08:19.0265 7608 [ D2AEEB5C15B4B256DC4EC2CE8219B090 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
03:08:19.0280 7608 SROSVC - ok
03:08:19.0296 7608 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
03:08:19.0312 7608 srv - ok
03:08:19.0327 7608 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:08:19.0327 7608 srv2 - ok
03:08:19.0343 7608 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:08:19.0343 7608 srvnet - ok
03:08:19.0358 7608 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:08:19.0358 7608 SSDPSRV - ok
03:08:19.0374 7608 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:08:19.0374 7608 SstpSvc - ok
03:08:19.0390 7608 [ 88C1BEE3CBE1B46A58730FDD0484BD3A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:08:19.0405 7608 Stereo Service - ok
03:08:19.0405 7608 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
03:08:19.0452 7608 stexstor - ok
03:08:19.0468 7608 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
03:08:19.0483 7608 stisvc - ok
03:08:19.0483 7608 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
03:08:19.0483 7608 storflt - ok
03:08:19.0499 7608 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
03:08:19.0530 7608 StorSvc - ok
03:08:19.0530 7608 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
03:08:19.0561 7608 storvsc - ok
03:08:19.0561 7608 [ 6EA2F517373771CAC5188E82617C9C0B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
03:08:19.0561 7608 SUService - ok
03:08:19.0577 7608 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
03:08:19.0592 7608 swenum - ok
03:08:19.0624 7608 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
03:08:19.0624 7608 SwitchBoard - ok
03:08:19.0686 7608 [ 4F1B0BDB039A0719DA55FB490114DF0F ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
03:08:19.0733 7608 swi_service - ok
03:08:19.0780 7608 [ F31244E493863CA1EDC856E4F24284B5 ] swi_update_64 C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
03:08:19.0811 7608 swi_update_64 - ok
03:08:19.0826 7608 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
03:08:19.0873 7608 swprv - ok
03:08:19.0889 7608 [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
03:08:19.0920 7608 SynTP - ok
03:08:19.0967 7608 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
03:08:19.0998 7608 SysMain - ok
03:08:20.0014 7608 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:08:20.0029 7608 TabletInputService - ok
03:08:20.0045 7608 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
03:08:20.0092 7608 TapiSrv - ok
03:08:20.0107 7608 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
03:08:20.0107 7608 TBS - ok
03:08:20.0154 7608 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:08:20.0185 7608 Tcpip - ok
03:08:20.0232 7608 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:08:20.0263 7608 TCPIP6 - ok
03:08:20.0279 7608 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:08:20.0279 7608 tcpipreg - ok
03:08:20.0294 7608 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:08:20.0310 7608 TDPIPE - ok
03:08:20.0326 7608 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:08:20.0357 7608 TDTCP - ok
03:08:20.0357 7608 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:08:20.0388 7608 tdx - ok
03:08:20.0450 7608 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
03:08:20.0497 7608 TeamViewer7 - ok
03:08:20.0513 7608 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
03:08:20.0544 7608 TermDD - ok
03:08:20.0560 7608 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
03:08:20.0606 7608 TermService - ok
03:08:20.0622 7608 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
03:08:20.0653 7608 Themes - ok
03:08:20.0653 7608 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
03:08:20.0653 7608 THREADORDER - ok
03:08:20.0669 7608 [ 1BB77ECCBFA3675B1EE8D6D6D37A1E1E ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
03:08:20.0669 7608 TPDIGIMN - ok
03:08:20.0684 7608 [ 88F81D810FF16AC65B02643DAF308D4F ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
03:08:20.0716 7608 TPHDEXLGSVC - ok
03:08:20.0731 7608 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
03:08:20.0731 7608 TPHKLOAD - ok
03:08:20.0747 7608 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
03:08:20.0747 7608 TPHKSVC - ok
03:08:20.0747 7608 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
03:08:20.0778 7608 TPM - ok
03:08:20.0794 7608 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
03:08:20.0809 7608 TPPWRIF - ok
03:08:20.0825 7608 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
03:08:20.0825 7608 TrkWks - ok
03:08:20.0840 7608 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:08:20.0840 7608 TrustedInstaller - ok
03:08:20.0856 7608 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:08:20.0887 7608 tssecsrv - ok
03:08:20.0903 7608 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:08:20.0934 7608 TsUsbFlt - ok
03:08:20.0934 7608 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
03:08:20.0965 7608 TsUsbGD - ok
03:08:20.0965 7608 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:08:20.0996 7608 tunnel - ok
03:08:21.0012 7608 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
03:08:21.0043 7608 uagp35 - ok
03:08:21.0059 7608 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:08:21.0090 7608 udfs - ok
03:08:21.0106 7608 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:08:21.0137 7608 UI0Detect - ok
03:08:21.0152 7608 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
03:08:21.0152 7608 UleadBurningHelper - ok
03:08:21.0152 7608 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:08:21.0184 7608 uliagpkx - ok
03:08:21.0199 7608 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
03:08:21.0230 7608 umbus - ok
03:08:21.0230 7608 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
03:08:21.0262 7608 UmPass - ok
03:08:21.0277 7608 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
03:08:21.0308 7608 UmRdpService - ok
03:08:21.0371 7608 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
03:08:21.0402 7608 UNS - ok
03:08:21.0433 7608 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
03:08:21.0605 7608 upnphost - ok
03:08:21.0605 7608 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
03:08:21.0636 7608 USBAAPL64 - ok
03:08:21.0652 7608 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:08:21.0667 7608 usbccgp - ok
03:08:21.0683 7608 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:08:21.0714 7608 usbcir - ok
03:08:21.0730 7608 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
03:08:21.0761 7608 usbehci - ok
03:08:21.0761 7608 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:08:21.0808 7608 usbhub - ok
03:08:21.0823 7608 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
03:08:21.0839 7608 usbohci - ok
03:08:21.0854 7608 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:08:21.0870 7608 usbprint - ok
03:08:21.0886 7608 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:08:21.0917 7608 USBSTOR - ok
03:08:21.0917 7608 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:08:21.0948 7608 usbuhci - ok
03:08:21.0964 7608 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
03:08:21.0979 7608 usbvideo - ok
03:08:21.0995 7608 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
03:08:22.0026 7608 UxSms - ok
03:08:22.0026 7608 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
03:08:22.0042 7608 VaultSvc - ok
03:08:22.0042 7608 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:08:22.0042 7608 vdrvroot - ok
03:08:22.0057 7608 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
03:08:22.0120 7608 vds - ok
03:08:22.0120 7608 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:08:22.0151 7608 vga - ok
03:08:22.0166 7608 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
03:08:22.0182 7608 VgaSave - ok
03:08:22.0198 7608 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:08:22.0244 7608 vhdmp - ok
03:08:22.0244 7608 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
03:08:22.0276 7608 viaide - ok
03:08:22.0291 7608 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
03:08:22.0338 7608 vmbus - ok
03:08:22.0338 7608 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
03:08:22.0369 7608 VMBusHID - ok
03:08:22.0385 7608 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:08:22.0385 7608 volmgr - ok
03:08:22.0400 7608 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:08:22.0400 7608 volmgrx - ok
03:08:22.0416 7608 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:08:22.0432 7608 volsnap - ok
03:08:22.0447 7608 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
03:08:22.0478 7608 vsmraid - ok
03:08:22.0510 7608 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
03:08:22.0572 7608 VSS - ok
03:08:22.0588 7608 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:08:22.0619 7608 vwifibus - ok
03:08:22.0634 7608 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:08:22.0666 7608 vwififlt - ok
03:08:22.0666 7608 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
03:08:22.0697 7608 vwifimp - ok
03:08:22.0712 7608 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
03:08:22.0728 7608 W32Time - ok
03:08:22.0728 7608 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
03:08:22.0759 7608 WacomPen - ok
03:08:22.0775 7608 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:08:22.0806 7608 WANARP - ok
03:08:22.0806 7608 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:08:22.0806 7608 Wanarpv6 - ok
03:08:22.0837 7608 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
03:08:23.0336 7608 WatAdminSvc - ok
03:08:23.0383 7608 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
03:08:23.0446 7608 wbengine - ok
03:08:23.0461 7608 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:08:23.0492 7608 WbioSrvc - ok
03:08:23.0508 7608 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:08:23.0555 7608 wcncsvc - ok
03:08:23.0555 7608 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:08:23.0586 7608 WcsPlugInService - ok
03:08:23.0602 7608 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
03:08:23.0633 7608 Wd - ok
03:08:23.0648 7608 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:08:23.0664 7608 Wdf01000 - ok
03:08:23.0664 7608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:08:23.0680 7608 WdiServiceHost - ok
03:08:23.0680 7608 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:08:23.0695 7608 WdiSystemHost - ok
03:08:23.0695 7608 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
03:08:23.0742 7608 WebClient - ok
03:08:23.0758 7608 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:08:23.0789 7608 Wecsvc - ok
03:08:23.0804 7608 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:08:23.0804 7608 wercplsupport - ok
03:08:23.0820 7608 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:08:23.0851 7608 WerSvc - ok
03:08:23.0851 7608 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:08:23.0882 7608 WfpLwf - ok
03:08:23.0882 7608 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:08:23.0914 7608 WIMMount - ok
03:08:23.0929 7608 WinDefend - ok
03:08:23.0945 7608 WinHttpAutoProxySvc - ok
03:08:23.0960 7608 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:08:23.0960 7608 Winmgmt - ok
03:08:24.0007 7608 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
03:08:24.0085 7608 WinRM - ok
03:08:24.0101 7608 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:08:24.0132 7608 WinUsb - ok
03:08:24.0163 7608 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
03:08:24.0179 7608 Wlansvc - ok
03:08:24.0179 7608 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
03:08:24.0226 7608 wlcrasvc - ok
03:08:24.0288 7608 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:08:24.0319 7608 wlidsvc - ok
03:08:24.0335 7608 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
03:08:24.0335 7608 WmiAcpi - ok
03:08:24.0350 7608 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:08:24.0382 7608 wmiApSrv - ok
03:08:24.0397 7608 WMPNetworkSvc - ok
03:08:24.0397 7608 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:08:24.0428 7608 WPCSvc - ok
03:08:24.0444 7608 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:08:24.0444 7608 WPDBusEnum - ok
03:08:24.0460 7608 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:08:24.0475 7608 ws2ifsl - ok
03:08:24.0491 7608 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
03:08:24.0491 7608 wscsvc - ok
03:08:24.0506 7608 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
03:08:24.0538 7608 WSDPrintDevice - ok
03:08:24.0538 7608 WSearch - ok
03:08:24.0600 7608 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
03:08:24.0631 7608 wuauserv - ok
03:08:24.0647 7608 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:08:24.0678 7608 WudfPf - ok
03:08:24.0694 7608 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:08:24.0725 7608 WUDFRd - ok
03:08:24.0740 7608 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:08:24.0787 7608 wudfsvc - ok
03:08:24.0803 7608 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
03:08:24.0834 7608 WwanSvc - ok
03:08:24.0865 7608 [ CDFCF126B7D88839CB124DDC6A538601 ] ZENPreAgent C:\Windows\novell\zenworks\bin\ZENPreAgent.exe
03:08:25.0115 7608 ZENPreAgent - ok
03:08:25.0115 7608 [ E6AAC10856A89C6B29FF0EA9DDB0E852 ] zesdac C:\Windows\system32\DRIVERS\zesdac.sys
03:08:25.0115 7608 zesdac - ok
03:08:25.0130 7608 [ 780F3318406D45B735AFC985040DFEBC ] ZesDisk C:\Windows\system32\DRIVERS\ZesDisk.sys
03:08:25.0162 7608 ZesDisk - ok
03:08:25.0177 7608 [ D05CA02BD7188D7F5F1B530C725069D2 ] zesds C:\Windows\system32\DRIVERS\ZesDS.sys
03:08:25.0208 7608 zesds - ok
03:08:25.0224 7608 [ D34EC670A008581DA64A5BA74CB409F4 ] zesdt C:\Windows\system32\DRIVERS\ZesDT.sys
03:08:25.0255 7608 zesdt - ok
03:08:25.0255 7608 [ F354D4AB25F6A6CDDE11F3A822FCF038 ] zesfsfd C:\Windows\system32\DRIVERS\ZESFSFD.sys
03:08:25.0255 7608 zesfsfd - ok
03:08:25.0271 7608 [ 00F58DF1AE9D785D069D23D6C3AB992C ] ZESFW C:\Windows\system32\DRIVERS\ZESFW.sys
03:08:25.0302 7608 ZESFW - ok
03:08:25.0318 7608 [ 3A78F14A381FED0C2917C23A7EEA28C9 ] zesocc C:\Windows\system32\DRIVERS\ZesOCC.sys
03:08:25.0364 7608 zesocc - ok
03:08:25.0380 7608 [ 21A074B2055A37A914DE8DF7EAD563F5 ] ZESService C:\Program Files (x86)\Novell\ZENworks\esm\ZESService.exe
03:08:25.0380 7608 ZESService - ok
03:08:25.0380 7608 [ 4A84734FAB44D563611B1792A5D576B0 ] zestdi C:\Windows\system32\DRIVERS\zestdi.sys
03:08:25.0396 7608 zestdi - ok
03:08:25.0396 7608 [ 968A58D8AD49554BDC1B6F063A6EB826 ] ZESWIFI C:\Windows\system32\DRIVERS\ZESWIFI.sys
03:08:25.0427 7608 ZESWIFI - ok
03:08:25.0442 7608 ================ Scan global ===============================
03:08:25.0458 7608 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:08:25.0489 7608 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
03:08:25.0536 7608 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
03:08:25.0552 7608 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:08:25.0583 7608 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:08:25.0598 7608 [Global] - ok
03:08:25.0598 7608 ================ Scan MBR ==================================
03:08:25.0598 7608 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:08:25.0708 7608 \Device\Harddisk0\DR0 - ok
03:08:25.0708 7608 ================ Scan VBR ==================================
03:08:25.0723 7608 [ 6A37A1B2FC740CCBF1811C544FE76678 ] \Device\Harddisk0\DR0\Partition1
03:08:25.0723 7608 \Device\Harddisk0\DR0\Partition1 - ok
03:08:25.0723 7608 ============================================================
03:08:25.0723 7608 Scan finished
03:08:25.0723 7608 ============================================================
03:08:25.0739 8236 Detected object count: 0
03:08:25.0739 8236 Actual detected object count: 0
03:34:36.0232 9148 ============================================================
03:34:36.0232 9148 Scan started
03:34:36.0232 9148 Mode: Manual;
03:34:36.0232 9148 ============================================================
03:34:37.0340 9148 ================ Scan system memory ========================
03:34:37.0340 9148 System memory - ok
03:34:37.0340 9148 ================ Scan services =============================
03:34:37.0465 9148 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:34:37.0465 9148 1394ohci - ok
03:34:37.0496 9148 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
03:34:37.0496 9148 5U877 - ok
03:34:37.0543 9148 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
03:34:37.0543 9148 a2acc - ok
03:34:37.0652 9148 [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
03:34:37.0699 9148 a2AntiMalware - ok
03:34:37.0714 9148 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
03:34:37.0714 9148 A2DDA - ok
03:34:37.0730 9148 Scan interrupted by user!
03:34:37.0730 9148 ================ Scan global ===============================
03:34:37.0730 9148 Scan interrupted by user!
03:34:37.0730 9148 ================ Scan MBR ==================================
03:34:37.0730 9148 Scan interrupted by user!
03:34:37.0730 9148 ================ Scan VBR ==================================
03:34:37.0730 9148 Scan interrupted by user!
03:34:37.0730 9148 ============================================================
03:34:37.0730 9148 Scan finished
03:34:37.0730 9148 ============================================================
03:34:37.0746 1668 Detected object count: 0
03:34:37.0746 1668 Actual detected object count: 0
03:34:57.0636 9208 ============================================================
03:34:57.0636 9208 Scan started
03:34:57.0636 9208 Mode: Manual; TDLFS;
03:34:57.0636 9208 ============================================================
03:34:58.0650 9208 ================ Scan system memory ========================
03:34:58.0650 9208 System memory - ok
03:34:58.0650 9208 ================ Scan services =============================
03:34:58.0868 9208 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
03:34:58.0868 9208 1394ohci - ok
03:34:58.0899 9208 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
03:34:58.0899 9208 5U877 - ok
03:34:58.0930 9208 [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
03:34:58.0930 9208 a2acc - ok
03:34:59.0024 9208 [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
03:34:59.0071 9208 a2AntiMalware - ok
03:34:59.0086 9208 [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
03:34:59.0086 9208 A2DDA - ok
03:34:59.0118 9208 [ 3D55CE53128C81E06CD6B024C3B9FAC3 ] a2injectiondriver C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
03:34:59.0118 9208 a2injectiondriver - ok
03:34:59.0133 9208 [ E41D79682A209F72F4F578CFD4A53952 ] a2util C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
03:34:59.0133 9208 a2util - ok
03:34:59.0164 9208 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
03:34:59.0164 9208 ACPI - ok
03:34:59.0180 9208 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
03:34:59.0180 9208 AcpiPmi - ok
03:34:59.0227 9208 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
03:34:59.0242 9208 adp94xx - ok
03:34:59.0258 9208 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
03:34:59.0274 9208 adpahci - ok
03:34:59.0289 9208 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
03:34:59.0289 9208 adpu320 - ok
03:34:59.0305 9208 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
03:34:59.0320 9208 AeLookupSvc - ok
03:34:59.0352 9208 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
03:34:59.0367 9208 AFD - ok
03:34:59.0383 9208 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
03:34:59.0383 9208 agp440 - ok
03:34:59.0398 9208 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
03:34:59.0398 9208 ALG - ok
03:34:59.0414 9208 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
03:34:59.0414 9208 aliide - ok
03:34:59.0430 9208 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
03:34:59.0430 9208 amdide - ok
03:34:59.0445 9208 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
03:34:59.0445 9208 AmdK8 - ok
03:34:59.0461 9208 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
03:34:59.0461 9208 AmdPPM - ok
03:34:59.0476 9208 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
03:34:59.0476 9208 amdsata - ok
03:34:59.0508 9208 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
03:34:59.0508 9208 amdsbs - ok
03:34:59.0539 9208 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
03:34:59.0539 9208 amdxata - ok
03:34:59.0586 9208 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
03:34:59.0586 9208 AppID - ok
03:34:59.0601 9208 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
03:34:59.0601 9208 AppIDSvc - ok
03:34:59.0617 9208 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
03:34:59.0617 9208 Appinfo - ok
03:34:59.0679 9208 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
03:34:59.0679 9208 Apple Mobile Device - ok
03:34:59.0726 9208 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
03:34:59.0726 9208 AppMgmt - ok
03:34:59.0742 9208 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
03:34:59.0742 9208 arc - ok
03:34:59.0757 9208 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
03:34:59.0757 9208 arcsas - ok
03:34:59.0851 9208 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
03:34:59.0851 9208 aspnet_state - ok
03:34:59.0866 9208 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
03:34:59.0866 9208 AsyncMac - ok
03:34:59.0882 9208 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
03:34:59.0882 9208 atapi - ok
03:34:59.0913 9208 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
03:34:59.0929 9208 AudioEndpointBuilder - ok
03:34:59.0960 9208 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
03:34:59.0960 9208 AudioSrv - ok
03:34:59.0976 9208 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
03:34:59.0976 9208 AxInstSV - ok
03:35:00.0007 9208 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
03:35:00.0007 9208 b06bdrv - ok
03:35:00.0038 9208 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
03:35:00.0038 9208 b57nd60a - ok
03:35:00.0100 9208 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
03:35:00.0100 9208 BDESVC - ok
03:35:00.0147 9208 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
03:35:00.0147 9208 Beep - ok
03:35:00.0178 9208 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
03:35:00.0178 9208 BFE - ok
03:35:00.0241 9208 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
03:35:00.0256 9208 BITS - ok
03:35:00.0272 9208 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
03:35:00.0272 9208 blbdrive - ok
03:35:00.0303 9208 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
03:35:00.0303 9208 Bonjour Service - ok
03:35:00.0319 9208 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
03:35:00.0319 9208 bowser - ok
03:35:00.0350 9208 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
03:35:00.0350 9208 BrFiltLo - ok
03:35:00.0397 9208 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
03:35:00.0397 9208 BrFiltUp - ok
03:35:00.0412 9208 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
03:35:00.0428 9208 Browser - ok
03:35:00.0475 9208 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
03:35:00.0475 9208 Brserid - ok
03:35:00.0506 9208 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
03:35:00.0506 9208 BrSerWdm - ok
03:35:00.0522 9208 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
03:35:00.0522 9208 BrUsbMdm - ok
03:35:00.0537 9208 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
03:35:00.0537 9208 BrUsbSer - ok
03:35:00.0631 9208 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
03:35:00.0631 9208 BthEnum - ok
03:35:00.0662 9208 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
03:35:00.0662 9208 BTHMODEM - ok
03:35:00.0693 9208 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
03:35:00.0693 9208 BthPan - ok
03:35:00.0724 9208 [ 64C198198501F7560EE41D8D1EFA7952 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
03:35:00.0740 9208 BTHPORT - ok
03:35:00.0756 9208 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
03:35:00.0756 9208 bthserv - ok
03:35:00.0771 9208 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
03:35:00.0771 9208 BTHUSB - ok
03:35:00.0802 9208 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
03:35:00.0802 9208 cdfs - ok
03:35:00.0834 9208 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
03:35:00.0834 9208 cdrom - ok
03:35:00.0849 9208 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
03:35:00.0849 9208 CertPropSvc - ok
03:35:00.0865 9208 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
03:35:00.0865 9208 circlass - ok
03:35:00.0880 9208 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
03:35:00.0896 9208 CLFS - ok
03:35:00.0912 9208 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:35:00.0912 9208 clr_optimization_v2.0.50727_32 - ok
03:35:00.0927 9208 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
03:35:00.0927 9208 clr_optimization_v2.0.50727_64 - ok
03:35:00.0943 9208 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:35:00.0958 9208 clr_optimization_v4.0.30319_32 - ok
03:35:00.0974 9208 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
03:35:00.0974 9208 clr_optimization_v4.0.30319_64 - ok
03:35:00.0990 9208 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
03:35:00.0990 9208 CmBatt - ok
03:35:01.0005 9208 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
03:35:01.0005 9208 cmdide - ok
03:35:01.0021 9208 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
03:35:01.0036 9208 CNG - ok
03:35:01.0083 9208 [ 8DE541B4CFA281A204BAA3EA2109809E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
03:35:01.0099 9208 CnxtHdAudService - ok
03:35:01.0114 9208 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
03:35:01.0114 9208 Compbatt - ok
03:35:01.0130 9208 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
03:35:01.0130 9208 CompositeBus - ok
03:35:01.0146 9208 COMSysApp - ok
03:35:01.0161 9208 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
03:35:01.0161 9208 crcdisk - ok
03:35:01.0192 9208 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
03:35:01.0192 9208 CryptSvc - ok
03:35:01.0224 9208 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
03:35:01.0239 9208 CSC - ok
03:35:01.0270 9208 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
03:35:01.0270 9208 CscService - ok
03:35:01.0286 9208 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
03:35:01.0302 9208 CxAudMsg - ok
03:35:01.0317 9208 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
03:35:01.0333 9208 DcomLaunch - ok
03:35:01.0348 9208 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
03:35:01.0364 9208 defragsvc - ok
03:35:01.0380 9208 [ 178A6E9A0DCE42959FC5AD129F60CBA9 ] dfmirage C:\Windows\system32\DRIVERS\dfmirage.sys
03:35:01.0380 9208 dfmirage - ok
03:35:01.0395 9208 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
03:35:01.0395 9208 DfsC - ok
03:35:01.0411 9208 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
03:35:01.0426 9208 Dhcp - ok
03:35:01.0426 9208 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
03:35:01.0442 9208 discache - ok
03:35:01.0458 9208 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
03:35:01.0458 9208 Disk - ok
03:35:01.0473 9208 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
03:35:01.0473 9208 dmvsc - ok
03:35:01.0489 9208 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
03:35:01.0489 9208 Dnscache - ok
03:35:01.0504 9208 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
03:35:01.0520 9208 dot3svc - ok
03:35:01.0536 9208 [ 277247B79DA2230D0C3AEB83E6CD8CA7 ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
03:35:01.0551 9208 DozeSvc - ok
03:35:01.0567 9208 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
03:35:01.0567 9208 DPS - ok
03:35:01.0582 9208 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
03:35:01.0582 9208 drmkaud - ok
03:35:01.0645 9208 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
03:35:01.0660 9208 DXGKrnl - ok
03:35:01.0676 9208 [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
03:35:01.0676 9208 DzHDD64 - ok
03:35:01.0692 9208 [ 471612D324D8682B98B267BD091D2219 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
03:35:01.0707 9208 e1cexpress - ok
03:35:01.0723 9208 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
03:35:01.0723 9208 EapHost - ok
03:35:01.0801 9208 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
03:35:01.0848 9208 ebdrv - ok
03:35:01.0863 9208 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
03:35:01.0863 9208 EFS - ok
03:35:01.0926 9208 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
03:35:01.0941 9208 ehRecvr - ok
03:35:01.0957 9208 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
03:35:01.0957 9208 ehSched - ok
03:35:01.0972 9208 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
03:35:01.0988 9208 elxstor - ok
03:35:02.0019 9208 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
03:35:02.0019 9208 ErrDev - ok
03:35:02.0050 9208 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
03:35:02.0050 9208 EventSystem - ok
03:35:02.0066 9208 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
03:35:02.0082 9208 exfat - ok
03:35:02.0097 9208 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
03:35:02.0097 9208 fastfat - ok
03:35:02.0144 9208 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
03:35:02.0160 9208 Fax - ok
03:35:02.0175 9208 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
03:35:02.0175 9208 fdc - ok
03:35:02.0175 9208 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
03:35:02.0191 9208 fdPHost - ok
03:35:02.0206 9208 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
03:35:02.0206 9208 FDResPub - ok
03:35:02.0222 9208 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
03:35:02.0222 9208 FileInfo - ok
03:35:02.0238 9208 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
03:35:02.0238 9208 Filetrace - ok
03:35:02.0238 9208 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
03:35:02.0253 9208 flpydisk - ok
03:35:02.0269 9208 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
03:35:02.0269 9208 FltMgr - ok
03:35:02.0300 9208 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
03:35:02.0331 9208 FontCache - ok
03:35:02.0347 9208 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
03:35:02.0347 9208 FontCache3.0.0.0 - ok
03:35:02.0362 9208 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
03:35:02.0362 9208 FsDepends - ok
03:35:02.0394 9208 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
03:35:02.0409 9208 Fs_Rec - ok
03:35:02.0425 9208 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
03:35:02.0425 9208 fvevol - ok
03:35:02.0440 9208 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
03:35:02.0440 9208 gagp30kx - ok
03:35:02.0456 9208 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
03:35:02.0456 9208 GEARAspiWDM - ok
03:35:02.0487 9208 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
03:35:02.0487 9208 gpsvc - ok
03:35:02.0503 9208 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
03:35:02.0503 9208 hcw85cir - ok
03:35:02.0534 9208 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
03:35:02.0534 9208 HdAudAddService - ok
03:35:02.0550 9208 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
03:35:02.0550 9208 HDAudBus - ok
03:35:02.0596 9208 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
03:35:02.0596 9208 HidBatt - ok
03:35:02.0612 9208 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
03:35:02.0612 9208 HidBth - ok
03:35:02.0612 9208 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
03:35:02.0628 9208 HidIr - ok
03:35:02.0628 9208 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
03:35:02.0643 9208 hidserv - ok
03:35:02.0674 9208 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
03:35:02.0674 9208 HidUsb - ok
03:35:02.0690 9208 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
03:35:02.0690 9208 hkmsvc - ok
03:35:02.0721 9208 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
03:35:02.0721 9208 HomeGroupListener - ok
03:35:02.0737 9208 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
03:35:02.0752 9208 HomeGroupProvider - ok
03:35:02.0768 9208 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
03:35:02.0784 9208 HpSAMD - ok
03:35:02.0830 9208 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
03:35:02.0846 9208 HTTP - ok
03:35:02.0862 9208 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
03:35:02.0862 9208 hwpolicy - ok
03:35:02.0877 9208 [ E935C8099F9196BF19224D9EE4808612 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
03:35:02.0877 9208 HyperW7Svc - ok
03:35:02.0893 9208 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
03:35:02.0893 9208 i8042prt - ok
03:35:02.0940 9208 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
03:35:02.0955 9208 iaStor - ok
03:35:02.0971 9208 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
03:35:02.0986 9208 iaStorV - ok
03:35:03.0018 9208 [ 2151176DB657AEFF9B873D23380C3F5B ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
03:35:03.0018 9208 IBMPMDRV - ok
03:35:03.0033 9208 [ C76A67AED080538D420550C903696788 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
03:35:03.0033 9208 IBMPMSVC - ok
03:35:03.0064 9208 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
03:35:03.0080 9208 idsvc - ok
03:35:03.0439 9208 [ 978D876A581D57E0DE6437674EB0014D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
03:35:03.0626 9208 igfx - ok
03:35:03.0657 9208 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
03:35:03.0657 9208 iirsp - ok
03:35:03.0720 9208 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
03:35:03.0735 9208 IKEEXT - ok
03:35:03.0782 9208 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
03:35:03.0782 9208 intelide - ok
03:35:03.0798 9208 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
03:35:03.0798 9208 intelppm - ok
03:35:03.0829 9208 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
03:35:03.0829 9208 IPBusEnum - ok
03:35:03.0876 9208 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:35:03.0876 9208 IpFilterDriver - ok
03:35:03.0922 9208 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
03:35:03.0938 9208 iphlpsvc - ok
03:35:03.0954 9208 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
03:35:03.0954 9208 IPMIDRV - ok
03:35:03.0969 9208 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
03:35:03.0969 9208 IPNAT - ok
03:35:04.0063 9208 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
03:35:04.0078 9208 iPod Service - ok
03:35:04.0094 9208 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
03:35:04.0094 9208 IRENUM - ok
03:35:04.0141 9208 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
03:35:04.0141 9208 isapnp - ok
03:35:04.0188 9208 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
03:35:04.0188 9208 iScsiPrt - ok
03:35:04.0219 9208 [ 6FAF199FDFFDD2376973143C3E012765 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
03:35:04.0219 9208 jhi_service - ok
03:35:04.0234 9208 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
03:35:04.0234 9208 kbdclass - ok
03:35:04.0250 9208 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
03:35:04.0250 9208 kbdhid - ok
03:35:04.0250 9208 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
03:35:04.0266 9208 KeyIso - ok
03:35:04.0281 9208 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
03:35:04.0281 9208 KSecDD - ok
03:35:04.0297 9208 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
03:35:04.0297 9208 KSecPkg - ok
03:35:04.0312 9208 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
03:35:04.0312 9208 ksthunk - ok
03:35:04.0328 9208 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
03:35:04.0344 9208 KtmRm - ok
03:35:04.0359 9208 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
03:35:04.0359 9208 LanmanServer - ok
03:35:04.0375 9208 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
03:35:04.0390 9208 LanmanWorkstation - ok
03:35:04.0406 9208 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
03:35:04.0406 9208 LENOVO.MICMUTE - ok
03:35:04.0422 9208 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
03:35:04.0422 9208 lenovo.smi - ok
03:35:04.0437 9208 [ F7DE50781DC4D162C1005EB30D98F931 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
03:35:04.0437 9208 Lenovo.VIRTSCRLSVC - ok
03:35:04.0453 9208 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
03:35:04.0453 9208 lltdio - ok
03:35:04.0468 9208 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
03:35:04.0484 9208 lltdsvc - ok
03:35:04.0500 9208 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
03:35:04.0500 9208 lmhosts - ok
03:35:04.0515 9208 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
03:35:04.0515 9208 LMS - ok
03:35:04.0546 9208 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
03:35:04.0546 9208 LSI_FC - ok
03:35:04.0562 9208 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
03:35:04.0562 9208 LSI_SAS - ok
03:35:04.0578 9208 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
03:35:04.0578 9208 LSI_SAS2 - ok
03:35:04.0593 9208 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
03:35:04.0593 9208 LSI_SCSI - ok
03:35:04.0593 9208 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
03:35:04.0609 9208 luafv - ok
03:35:04.0624 9208 [ 4AFC70C86111AE0A4C0DF68041EB8570 ] ManageEngine AssetExplorer Agent C:\Program Files (x86)\ManageEngine\AssetExplorer\bin\agentmonitor.exe
03:35:04.0640 9208 ManageEngine AssetExplorer Agent - ok
03:35:04.0640 9208 ManageEngine AssetExplorer RemoteControl - ok
03:35:04.0656 9208 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
03:35:04.0656 9208 MBAMProtector - ok
03:35:04.0687 9208 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
03:35:04.0702 9208 MBAMService - ok
03:35:04.0702 9208 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
03:35:04.0718 9208 Mcx2Svc - ok
03:35:04.0718 9208 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
03:35:04.0718 9208 megasas - ok
03:35:04.0749 9208 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
03:35:04.0749 9208 MegaSR - ok
03:35:04.0765 9208 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
03:35:04.0765 9208 MEIx64 - ok
03:35:04.0780 9208 Microsoft SharePoint Workspace Audit Service - ok
03:35:04.0796 9208 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
03:35:04.0796 9208 MMCSS - ok
03:35:04.0812 9208 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
03:35:04.0812 9208 Modem - ok
03:35:04.0812 9208 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
03:35:04.0812 9208 monitor - ok
03:35:04.0827 9208 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
03:35:04.0827 9208 mouclass - ok
03:35:04.0843 9208 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
03:35:04.0843 9208 mouhid - ok
03:35:04.0858 9208 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
03:35:04.0858 9208 mountmgr - ok
03:35:04.0890 9208 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
03:35:04.0890 9208 mpio - ok
03:35:04.0905 9208 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
03:35:04.0905 9208 mpsdrv - ok
03:35:04.0936 9208 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
03:35:04.0952 9208 MpsSvc - ok
03:35:04.0952 9208 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
03:35:04.0968 9208 MRxDAV - ok
03:35:04.0983 9208 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
03:35:04.0983 9208 mrxsmb - ok
03:35:04.0999 9208 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:35:04.0999 9208 mrxsmb10 - ok
03:35:05.0014 9208 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:35:05.0014 9208 mrxsmb20 - ok
03:35:05.0030 9208 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
03:35:05.0030 9208 msahci - ok
03:35:05.0046 9208 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
03:35:05.0046 9208 msdsm - ok
03:35:05.0061 9208 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
03:35:05.0077 9208 MSDTC - ok
03:35:05.0092 9208 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
03:35:05.0092 9208 Msfs - ok
03:35:05.0108 9208 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
03:35:05.0108 9208 mshidkmdf - ok
03:35:05.0124 9208 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
03:35:05.0124 9208 msisadrv - ok
03:35:05.0139 9208 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
03:35:05.0139 9208 MSiSCSI - ok
03:35:05.0170 9208 msiserver - ok
03:35:05.0170 9208 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
03:35:05.0170 9208 MSKSSRV - ok
03:35:05.0186 9208 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
03:35:05.0186 9208 MSPCLOCK - ok
03:35:05.0202 9208 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
03:35:05.0202 9208 MSPQM - ok
03:35:05.0217 9208 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
03:35:05.0233 9208 MsRPC - ok
03:35:05.0248 9208 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
03:35:05.0248 9208 mssmbios - ok
03:35:05.0264 9208 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
03:35:05.0264 9208 MSTEE - ok
03:35:05.0280 9208 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
03:35:05.0280 9208 MTConfig - ok
03:35:05.0295 9208 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
03:35:05.0295 9208 Mup - ok
03:35:05.0311 9208 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
03:35:05.0326 9208 napagent - ok
03:35:05.0342 9208 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
03:35:05.0358 9208 NativeWifiP - ok
03:35:05.0389 9208 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
03:35:05.0404 9208 NDIS - ok
03:35:05.0420 9208 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
03:35:05.0420 9208 NdisCap - ok
03:35:05.0436 9208 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
03:35:05.0436 9208 NdisTapi - ok
03:35:05.0451 9208 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
03:35:05.0451 9208 Ndisuio - ok
03:35:05.0467 9208 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
03:35:05.0467 9208 NdisWan - ok
03:35:05.0482 9208 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
03:35:05.0482 9208 NDProxy - ok
03:35:05.0498 9208 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
03:35:05.0498 9208 Net Driver HPZ12 - ok
03:35:05.0514 9208 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
03:35:05.0514 9208 NetBIOS - ok
03:35:05.0529 9208 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
03:35:05.0545 9208 NetBT - ok
03:35:05.0545 9208 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
03:35:05.0560 9208 Netlogon - ok
03:35:05.0576 9208 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
03:35:05.0576 9208 Netman - ok
03:35:05.0592 9208 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:35:05.0607 9208 NetMsmqActivator - ok
03:35:05.0607 9208 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:35:05.0607 9208 NetPipeActivator - ok
03:35:05.0638 9208 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
03:35:05.0654 9208 netprofm - ok
03:35:05.0654 9208 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:35:05.0654 9208 NetTcpActivator - ok
03:35:05.0670 9208 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
03:35:05.0685 9208 NetTcpPortSharing - ok
03:35:05.0872 9208 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
03:35:06.0013 9208 NETwNs64 - ok
03:35:06.0044 9208 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
03:35:06.0044 9208 nfrd960 - ok
03:35:06.0075 9208 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
03:35:06.0091 9208 NlaSvc - ok
03:35:06.0106 9208 [ 9111C1BEA2A3DA7A555928DF97E84155 ] Novell Identity Store C:\Program Files (x86)\Novell\CASA\bin\micasad.exe
03:35:06.0106 9208 Novell Identity Store - ok
03:35:06.0122 9208 [ 7160ADFE685F2A4985AA8B93BE07C446 ] Novell ZENworks Agent Service C:\Program Files (x86)\Novell\ZENworks\bin\ZenworksWindowsService.exe
03:35:06.0122 9208 Novell ZENworks Agent Service - ok
03:35:06.0138 9208 [ E77F6AEB3BE8BD218C60BBFB6E3D1DAA ] Novell ZENworks Image-Safe Data Service C:\Program Files (x86)\Novell\ZENworks\bin\preboot\novell-zisdservice.exe
03:35:06.0138 9208 Novell ZENworks Image-Safe Data Service - ok
03:35:06.0169 9208 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
03:35:06.0184 9208 Npfs - ok
03:35:06.0184 9208 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
03:35:06.0200 9208 nsi - ok
03:35:06.0200 9208 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
03:35:06.0216 9208 nsiproxy - ok
03:35:06.0262 9208 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
03:35:06.0294 9208 Ntfs - ok
03:35:06.0294 9208 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
03:35:06.0294 9208 Null - ok
03:35:06.0309 9208 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
03:35:06.0325 9208 nusb3hub - ok
03:35:06.0340 9208 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
03:35:06.0340 9208 nusb3xhc - ok
03:35:06.0387 9208 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
03:35:06.0387 9208 NVHDA - ok
03:35:06.0730 9208 [ 7C7E6935E986C5237A883D2B82C654E2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:35:06.0933 9208 nvlddmkm - ok
03:35:06.0964 9208 [ EE58A22403C31A23731DD2AD2CB707C8 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
03:35:06.0964 9208 nvpciflt - ok
03:35:06.0980 9208 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
03:35:06.0980 9208 nvraid - ok
03:35:06.0996 9208 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
03:35:06.0996 9208 nvstor - ok
03:35:07.0058 9208 [ E62E113D487958CBC5137AF65922DE4C ] NVSvc C:\Windows\system32\nvvsvc.exe
03:35:07.0074 9208 NVSvc - ok
03:35:07.0136 9208 [ 31D61EC056FAB73A911D9987099575E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
03:35:07.0167 9208 nvUpdatusService - ok
03:35:07.0183 9208 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
03:35:07.0183 9208 nv_agp - ok
03:35:07.0245 9208 [ 9AC076C176153F4276D3A584A9B2714C ] nzwinvnc C:\Program Files (x86)\Novell\ZENworks\bin\nzrWinVNC.exe
03:35:07.0261 9208 nzwinvnc - ok
03:35:07.0276 9208 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
03:35:07.0276 9208 ohci1394 - ok
03:35:07.0308 9208 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:35:07.0308 9208 ose - ok
03:35:07.0464 9208 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
03:35:07.0526 9208 osppsvc - ok
03:35:07.0573 9208 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
03:35:07.0588 9208 p2pimsvc - ok
03:35:07.0604 9208 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
03:35:07.0620 9208 p2psvc - ok
03:35:07.0651 9208 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
03:35:07.0651 9208 Parport - ok
03:35:07.0666 9208 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
03:35:07.0666 9208 partmgr - ok
03:35:07.0666 9208 [ 3B0440DEFFC695234DADE777D48AA2CF ] pbfilter C:\Program Files\Bot Revolt - Botnet Protection\pbfilter.sys
03:35:07.0666 9208 pbfilter - ok
03:35:07.0698 9208 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
03:35:07.0698 9208 PcaSvc - ok
03:35:07.0713 9208 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
03:35:07.0713 9208 pci - ok
03:35:07.0729 9208 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
03:35:07.0729 9208 pciide - ok
03:35:07.0744 9208 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
03:35:07.0760 9208 pcmcia - ok
03:35:07.0760 9208 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
03:35:07.0776 9208 pcw - ok
03:35:07.0807 9208 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
03:35:07.0822 9208 PEAUTH - ok
03:35:07.0869 9208 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
03:35:07.0900 9208 PeerDistSvc - ok
03:35:07.0932 9208 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
03:35:07.0932 9208 PerfHost - ok
03:35:07.0994 9208 [ 52C9F4359AF4A25969B882AECC6F3BDA ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
03:35:07.0994 9208 PHCORE - ok
03:35:08.0056 9208 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
03:35:08.0088 9208 pla - ok
03:35:08.0119 9208 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
03:35:08.0134 9208 PlugPlay - ok
03:35:08.0150 9208 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
03:35:08.0150 9208 Pml Driver HPZ12 - ok
03:35:08.0166 9208 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
03:35:08.0181 9208 PNRPAutoReg - ok
03:35:08.0197 9208 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
03:35:08.0212 9208 PNRPsvc - ok
03:35:08.0244 9208 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
03:35:08.0259 9208 PolicyAgent - ok
03:35:08.0275 9208 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
03:35:08.0290 9208 Power - ok
03:35:08.0306 9208 [ 836FE79DE8767D77136B6491A3D61089 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
03:35:08.0306 9208 Power Manager DBC Service - ok
03:35:08.0322 9208 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
03:35:08.0322 9208 PptpMiniport - ok
03:35:08.0337 9208 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
03:35:08.0337 9208 Processor - ok
03:35:08.0353 9208 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
03:35:08.0368 9208 ProfSvc - ok
03:35:08.0368 9208 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
03:35:08.0384 9208 ProtectedStorage - ok
03:35:08.0400 9208 [ B8035AF9CC0CCBA9A09AC0A0D9801797 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
03:35:08.0400 9208 psadd - ok
03:35:08.0415 9208 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
03:35:08.0415 9208 Psched - ok
03:35:08.0431 9208 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
03:35:08.0431 9208 PSI_SVC_2 - ok
03:35:08.0446 9208 [ 576444157F1CB25AE2057EED586D4889 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
03:35:08.0462 9208 PwmEWSvc - ok
03:35:08.0462 9208 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
03:35:08.0462 9208 PxHlpa64 - ok
03:35:08.0509 9208 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
03:35:08.0540 9208 ql2300 - ok
03:35:08.0556 9208 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
03:35:08.0556 9208 ql40xx - ok
03:35:08.0571 9208 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
03:35:08.0587 9208 QWAVE - ok
03:35:08.0587 9208 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
03:35:08.0602 9208 QWAVEdrv - ok
03:35:08.0602 9208 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
03:35:08.0602 9208 RasAcd - ok
03:35:08.0618 9208 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
03:35:08.0634 9208 RasAgileVpn - ok
03:35:08.0634 9208 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
03:35:08.0649 9208 RasAuto - ok
03:35:08.0680 9208 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
03:35:08.0680 9208 Rasl2tp - ok
03:35:08.0696 9208 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
03:35:08.0712 9208 RasMan - ok
03:35:08.0727 9208 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
03:35:08.0727 9208 RasPppoe - ok
03:35:08.0774 9208 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
03:35:08.0774 9208 RasSstp - ok
03:35:08.0790 9208 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
03:35:08.0790 9208 rdbss - ok
03:35:08.0836 9208 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
03:35:08.0836 9208 rdpbus - ok
03:35:08.0852 9208 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
03:35:08.0852 9208 RDPCDD - ok
03:35:08.0883 9208 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
03:35:08.0883 9208 RDPDR - ok
03:35:08.0899 9208 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
03:35:08.0899 9208 RDPENCDD - ok
03:35:08.0914 9208 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
03:35:08.0914 9208 RDPREFMP - ok
03:35:08.0946 9208 [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
03:35:08.0946 9208 RDPWD - ok
03:35:08.0961 9208 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
03:35:08.0961 9208 rdyboost - ok
03:35:09.0008 9208 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
03:35:09.0008 9208 RemoteAccess - ok
03:35:09.0055 9208 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
03:35:09.0070 9208 RemoteRegistry - ok
03:35:09.0102 9208 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
03:35:09.0102 9208 RFCOMM - ok
03:35:09.0117 9208 [ 5A227511ED22DDFEDF7EF7323C8F7D2F ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
03:35:09.0117 9208 risdxc - ok
03:35:09.0133 9208 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
03:35:09.0133 9208 RpcEptMapper - ok
03:35:09.0148 9208 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
03:35:09.0148 9208 RpcLocator - ok
03:35:09.0180 9208 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
03:35:09.0195 9208 RpcSs - ok
03:35:09.0211 9208 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
03:35:09.0211 9208 rspndr - ok
03:35:09.0226 9208 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
03:35:09.0226 9208 s3cap - ok
03:35:09.0242 9208 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
03:35:09.0242 9208 SamSs - ok
03:35:09.0258 9208 SAService - ok
03:35:09.0289 9208 [ ECC98E6458D8250F834C42BB5928B1D2 ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
03:35:09.0289 9208 SAVAdminService - ok
03:35:09.0320 9208 [ 2192AE4D310ADB821B38595150F5A384 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
03:35:09.0320 9208 SAVOnAccess - ok
03:35:09.0336 9208 [ B8A272D4E91EFB366E16BEA0FA42D7EE ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
03:35:09.0336 9208 SAVService - ok
03:35:09.0351 9208 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
03:35:09.0351 9208 sbp2port - ok
03:35:09.0367 9208 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
03:35:09.0382 9208 SCardSvr - ok
03:35:09.0398 9208 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
03:35:09.0398 9208 scfilter - ok
03:35:09.0445 9208 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
03:35:09.0460 9208 Schedule - ok
03:35:09.0492 9208 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
03:35:09.0492 9208 SCPolicySvc - ok
03:35:09.0523 9208 [ 7D67AEABEB597C602EDB5B3AE316E96A ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
03:35:09.0523 9208 sdcfilter - ok
03:35:09.0554 9208 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
03:35:09.0554 9208 SDRSVC - ok
03:35:09.0570 9208 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
03:35:09.0570 9208 secdrv - ok
03:35:09.0585 9208 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
03:35:09.0601 9208 seclogon - ok
03:35:09.0632 9208 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
03:35:09.0632 9208 SENS - ok
03:35:09.0648 9208 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
03:35:09.0648 9208 SensrSvc - ok
03:35:09.0663 9208 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
03:35:09.0663 9208 Serenum - ok
03:35:09.0679 9208 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
03:35:09.0694 9208 Serial - ok
03:35:09.0694 9208 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
03:35:09.0694 9208 sermouse - ok
03:35:09.0741 9208 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
03:35:09.0757 9208 SessionEnv - ok
03:35:09.0772 9208 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
03:35:09.0772 9208 sffdisk - ok
03:35:09.0788 9208 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
03:35:09.0788 9208 sffp_mmc - ok
03:35:09.0804 9208 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
03:35:09.0804 9208 sffp_sd - ok
03:35:09.0819 9208 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
03:35:09.0819 9208 sfloppy - ok
03:35:09.0835 9208 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
03:35:09.0850 9208 SharedAccess - ok
03:35:09.0866 9208 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
03:35:09.0882 9208 ShellHWDetection - ok
03:35:09.0897 9208 [ C3F190562FE82EFDA7CCEF305EBAD3E3 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
03:35:09.0897 9208 Shockprf - ok
03:35:09.0913 9208 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
03:35:09.0913 9208 SiSRaid2 - ok
03:35:09.0960 9208 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
03:35:09.0960 9208 SiSRaid4 - ok
03:35:09.0975 9208 [ D335450B591CA26F421D7F975399DDC3 ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys
03:35:09.0975 9208 SMARTMouseFilterx64 - ok
03:35:10.0022 9208 [ CE70BFC09969B480627D0ED8DD7B3943 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
03:35:10.0022 9208 SMARTVHidMiniVistaAmd64 - ok
03:35:10.0038 9208 [ 9EB228E604FA70636E5A3C7C2A2FE304 ] SMARTVTabletPCx64 C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys
03:35:10.0038 9208 SMARTVTabletPCx64 - ok
03:35:10.0053 9208 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
03:35:10.0053 9208 Smb - ok
03:35:10.0084 9208 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
03:35:10.0100 9208 SNMPTRAP - ok
03:35:10.0116 9208 [ 1DD15CBAE4AA7B2F5166D0C2700AEF94 ] Sophos Agent C:\Program Files (x86)\Sophos\Remote Management System\ManagementAgentNT.exe
03:35:10.0116 9208 Sophos Agent - ok
03:35:10.0131 9208 [ 6067896DB061A2169688980ADA2DDC30 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
03:35:10.0131 9208 Sophos AutoUpdate Service - ok
03:35:10.0162 9208 [ 65F816D7534D25623DA909911FF7E7D8 ] Sophos Message Router C:\Program Files (x86)\Sophos\Remote Management System\RouterNT.exe
03:35:10.0178 9208 Sophos Message Router - ok
03:35:10.0194 9208 [ BD03374253F79CE7A716A870DC85BD84 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
03:35:10.0209 9208 Sophos Web Control Service - ok
03:35:10.0256 9208 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
03:35:10.0256 9208 SophosBootDriver - ok
03:35:10.0303 9208 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
03:35:10.0303 9208 spldr - ok
03:35:10.0396 9208 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
03:35:10.0412 9208 Spooler - ok
03:35:10.0537 9208 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
03:35:10.0599 9208 sppsvc - ok
03:35:10.0615 9208 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
03:35:10.0615 9208 sppuinotify - ok
03:35:10.0662 9208 [ D2AEEB5C15B4B256DC4EC2CE8219B090 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
03:35:10.0677 9208 SROSVC - ok
03:35:10.0693 9208 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
03:35:10.0708 9208 srv - ok
03:35:10.0786 9208 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
03:35:10.0786 9208 srv2 - ok
03:35:10.0818 9208 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
03:35:10.0818 9208 srvnet - ok
03:35:10.0849 9208 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
03:35:10.0864 9208 SSDPSRV - ok
03:35:10.0880 9208 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
03:35:10.0880 9208 SstpSvc - ok
03:35:10.0911 9208 [ 88C1BEE3CBE1B46A58730FDD0484BD3A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
03:35:10.0927 9208 Stereo Service - ok
03:35:10.0927 9208 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
03:35:10.0942 9208 stexstor - ok
03:35:10.0974 9208 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
03:35:10.0989 9208 stisvc - ok
03:35:11.0005 9208 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
03:35:11.0005 9208 storflt - ok
03:35:11.0036 9208 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
03:35:11.0036 9208 StorSvc - ok
03:35:11.0052 9208 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
03:35:11.0052 9208 storvsc - ok
03:35:11.0083 9208 [ 6EA2F517373771CAC5188E82617C9C0B ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
03:35:11.0083 9208 SUService - ok
03:35:11.0098 9208 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
03:35:11.0098 9208 swenum - ok
03:35:11.0130 9208 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
03:35:11.0145 9208 SwitchBoard - ok
03:35:11.0223 9208 [ 4F1B0BDB039A0719DA55FB490114DF0F ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
03:35:11.0270 9208 swi_service - ok
03:35:11.0332 9208 [ F31244E493863CA1EDC856E4F24284B5 ] swi_update_64 C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
03:35:11.0364 9208 swi_update_64 - ok
03:35:11.0395 9208 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
03:35:11.0410 9208 swprv - ok
03:35:11.0426 9208 [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
03:35:11.0442 9208 SynTP - ok
03:35:11.0488 9208 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
03:35:11.0520 9208 SysMain - ok
03:35:11.0535 9208 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
03:35:11.0535 9208 TabletInputService - ok
03:35:11.0551 9208 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
03:35:11.0566 9208 TapiSrv - ok
03:35:11.0582 9208 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
03:35:11.0582 9208 TBS - ok
03:35:11.0644 9208 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
03:35:11.0676 9208 Tcpip - ok
03:35:11.0722 9208 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
03:35:11.0754 9208 TCPIP6 - ok
03:35:11.0785 9208 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
03:35:11.0800 9208 tcpipreg - ok
03:35:11.0816 9208 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
03:35:11.0816 9208 TDPIPE - ok
03:35:11.0832 9208 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
03:35:11.0832 9208 TDTCP - ok
03:35:11.0847 9208 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
03:35:11.0847 9208 tdx - ok
03:35:11.0925 9208 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
03:35:11.0972 9208 TeamViewer7 - ok
03:35:11.0988 9208 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
03:35:11.0988 9208 TermDD - ok
03:35:12.0019 9208 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
03:35:12.0034 9208 TermService - ok
03:35:12.0050 9208 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
03:35:12.0050 9208 Themes - ok
03:35:12.0066 9208 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
03:35:12.0066 9208 THREADORDER - ok
03:35:12.0081 9208 [ 1BB77ECCBFA3675B1EE8D6D6D37A1E1E ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
03:35:12.0081 9208 TPDIGIMN - ok
03:35:12.0097 9208 [ 88F81D810FF16AC65B02643DAF308D4F ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
03:35:12.0112 9208 TPHDEXLGSVC - ok
03:35:12.0112 9208 [ 83415782D47F8064FCAFEA308ABB2246 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
03:35:12.0128 9208 TPHKLOAD - ok
03:35:12.0128 9208 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
03:35:12.0144 9208 TPHKSVC - ok
03:35:12.0144 9208 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
03:35:12.0159 9208 TPM - ok
03:35:12.0159 9208 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
03:35:12.0175 9208 TPPWRIF - ok
03:35:12.0175 9208 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
03:35:12.0190 9208 TrkWks - ok
03:35:12.0206 9208 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
03:35:12.0206 9208 TrustedInstaller - ok
03:35:12.0237 9208 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
03:35:12.0237 9208 tssecsrv - ok
03:35:12.0253 9208 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
03:35:12.0253 9208 TsUsbFlt - ok
03:35:12.0268 9208 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
03:35:12.0268 9208 TsUsbGD - ok
03:35:12.0284 9208 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
03:35:12.0284 9208 tunnel - ok
03:35:12.0300 9208 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
03:35:12.0300 9208 uagp35 - ok
03:35:12.0315 9208 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
03:35:12.0331 9208 udfs - ok
03:35:12.0346 9208 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
03:35:12.0362 9208 UI0Detect - ok
03:35:12.0393 9208 [ BE788A747457E6916586C410EC0111E7 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
03:35:12.0393 9208 UleadBurningHelper - ok
03:35:12.0409 9208 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
03:35:12.0409 9208 uliagpkx - ok
03:35:12.0424 9208 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
03:35:12.0424 9208 umbus - ok
03:35:12.0424 9208 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
03:35:12.0440 9208 UmPass - ok
03:35:12.0456 9208 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
03:35:12.0456 9208 UmRdpService - ok
03:35:12.0534 9208 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
03:35:12.0580 9208 UNS - ok
03:35:12.0596 9208 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
03:35:12.0612 9208 upnphost - ok
03:35:12.0612 9208 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
03:35:12.0627 9208 USBAAPL64 - ok
03:35:12.0627 9208 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
03:35:12.0643 9208 usbccgp - ok
03:35:12.0643 9208 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
03:35:12.0658 9208 usbcir - ok
03:35:12.0658 9208 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
03:35:12.0658 9208 usbehci - ok
03:35:12.0690 9208 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
03:35:12.0690 9208 usbhub - ok
03:35:12.0721 9208 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
03:35:12.0736 9208 usbohci - ok
03:35:12.0736 9208 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
03:35:12.0752 9208 usbprint - ok
03:35:12.0768 9208 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:35:12.0768 9208 USBSTOR - ok
03:35:12.0768 9208 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
03:35:12.0783 9208 usbuhci - ok
03:35:12.0799 9208 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
03:35:12.0799 9208 usbvideo - ok
03:35:12.0814 9208 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
03:35:12.0830 9208 UxSms - ok
03:35:12.0830 9208 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
03:35:12.0846 9208 VaultSvc - ok
03:35:12.0846 9208 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
03:35:12.0861 9208 vdrvroot - ok
03:35:12.0877 9208 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
03:35:12.0892 9208 vds - ok
03:35:12.0908 9208 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
03:35:12.0908 9208 vga - ok
03:35:12.0924 9208 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
03:35:12.0924 9208 VgaSave - ok
03:35:12.0939 9208 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
03:35:12.0939 9208 vhdmp - ok
03:35:12.0955 9208 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
03:35:12.0955 9208 viaide - ok
03:35:12.0970 9208 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
03:35:12.0970 9208 vmbus - ok
03:35:12.0986 9208 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
03:35:12.0986 9208 VMBusHID - ok
03:35:13.0002 9208 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
03:35:13.0002 9208 volmgr - ok
03:35:13.0017 9208 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
03:35:13.0033 9208 volmgrx - ok
03:35:13.0048 9208 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
03:35:13.0048 9208 volsnap - ok
03:35:13.0064 9208 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
03:35:13.0064 9208 vsmraid - ok
03:35:13.0189 9208 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
03:35:13.0220 9208 VSS - ok
03:35:13.0236 9208 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
03:35:13.0236 9208 vwifibus - ok
03:35:13.0251 9208 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
03:35:13.0251 9208 vwififlt - ok
03:35:13.0267 9208 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
03:35:13.0267 9208 vwifimp - ok
03:35:13.0314 9208 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
03:35:13.0329 9208 W32Time - ok
03:35:13.0360 9208 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
03:35:13.0360 9208 WacomPen - ok
03:35:13.0376 9208 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
03:35:13.0376 9208 WANARP - ok
03:35:13.0392 9208 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
03:35:13.0392 9208 Wanarpv6 - ok
03:35:13.0438 9208 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
03:35:13.0454 9208 WatAdminSvc - ok
03:35:13.0501 9208 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
03:35:13.0532 9208 wbengine - ok
03:35:13.0548 9208 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
03:35:13.0563 9208 WbioSrvc - ok
03:35:13.0594 9208 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
03:35:13.0610 9208 wcncsvc - ok
03:35:13.0657 9208 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
03:35:13.0672 9208 WcsPlugInService - ok
03:35:13.0688 9208 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
03:35:13.0688 9208 Wd - ok
03:35:13.0719 9208 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
03:35:13.0719 9208 Wdf01000 - ok
03:35:13.0766 9208 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
03:35:13.0782 9208 WdiServiceHost - ok
03:35:13.0797 9208 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
03:35:13.0813 9208 WdiSystemHost - ok
03:35:13.0828 9208 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
03:35:13.0828 9208 WebClient - ok
03:35:13.0860 9208 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
03:35:13.0860 9208 Wecsvc - ok
03:35:13.0875 9208 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
03:35:13.0891 9208 wercplsupport - ok
03:35:13.0906 9208 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
03:35:13.0906 9208 WerSvc - ok
03:35:13.0922 9208 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
03:35:13.0922 9208 WfpLwf - ok
03:35:13.0938 9208 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
03:35:13.0938 9208 WIMMount - ok
03:35:13.0938 9208 WinDefend - ok
03:35:13.0969 9208 WinHttpAutoProxySvc - ok
03:35:14.0000 9208 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
03:35:14.0000 9208 Winmgmt - ok
03:35:14.0062 9208 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
03:35:14.0094 9208 WinRM - ok
03:35:14.0125 9208 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
03:35:14.0125 9208 WinUsb - ok
03:35:14.0156 9208 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
03:35:14.0172 9208 Wlansvc - ok
03:35:14.0218 9208 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
03:35:14.0218 9208 wlcrasvc - ok
03:35:14.0328 9208 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:35:14.0359 9208 wlidsvc - ok
03:35:14.0374 9208 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
03:35:14.0374 9208 WmiAcpi - ok
03:35:14.0406 9208 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
03:35:14.0406 9208 wmiApSrv - ok
03:35:14.0452 9208 WMPNetworkSvc - ok
03:35:14.0484 9208 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
03:35:14.0484 9208 WPCSvc - ok
03:35:14.0499 9208 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
03:35:14.0515 9208 WPDBusEnum - ok
03:35:14.0515 9208 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
03:35:14.0515 9208 ws2ifsl - ok
03:35:14.0530 9208 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
03:35:14.0546 9208 wscsvc - ok
03:35:14.0562 9208 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
03:35:14.0562 9208 WSDPrintDevice - ok
03:35:14.0577 9208 WSearch - ok
03:35:14.0640 9208 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
03:35:14.0686 9208 wuauserv - ok
03:35:14.0733 9208 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
03:35:14.0733 9208 WudfPf - ok
03:35:14.0796 9208 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
03:35:14.0796 9208 WUDFRd - ok
03:35:14.0842 9208 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
03:35:14.0842 9208 wudfsvc - ok
03:35:14.0858 9208 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
03:35:14.0874 9208 WwanSvc - ok
03:35:14.0920 9208 [ CDFCF126B7D88839CB124DDC6A538601 ] ZENPreAgent C:\Windows\novell\zenworks\bin\ZENPreAgent.exe
03:35:14.0920 9208 ZENPreAgent - ok
03:35:14.0936 9208 [ E6AAC10856A89C6B29FF0EA9DDB0E852 ] zesdac C:\Windows\system32\DRIVERS\zesdac.sys
03:35:14.0936 9208 zesdac - ok
03:35:14.0952 9208 [ 780F3318406D45B735AFC985040DFEBC ] ZesDisk C:\Windows\system32\DRIVERS\ZesDisk.sys
03:35:14.0952 9208 ZesDisk - ok
03:35:14.0983 9208 [ D05CA02BD7188D7F5F1B530C725069D2 ] zesds C:\Windows\system32\DRIVERS\ZesDS.sys
03:35:14.0983 9208 zesds - ok
03:35:14.0998 9208 [ D34EC670A008581DA64A5BA74CB409F4 ] zesdt C:\Windows\system32\DRIVERS\ZesDT.sys
03:35:14.0998 9208 zesdt - ok
03:35:15.0014 9208 [ F354D4AB25F6A6CDDE11F3A822FCF038 ] zesfsfd C:\Windows\system32\DRIVERS\ZESFSFD.sys
03:35:15.0014 9208 zesfsfd - ok
03:35:15.0030 9208 [ 00F58DF1AE9D785D069D23D6C3AB992C ] ZESFW C:\Windows\system32\DRIVERS\ZESFW.sys
03:35:15.0030 9208 ZESFW - ok
03:35:15.0045 9208 [ 3A78F14A381FED0C2917C23A7EEA28C9 ] zesocc C:\Windows\system32\DRIVERS\ZesOCC.sys
03:35:15.0061 9208 zesocc - ok
03:35:15.0076 9208 [ 21A074B2055A37A914DE8DF7EAD563F5 ] ZESService C:\Program Files (x86)\Novell\ZENworks\esm\ZESService.exe
03:35:15.0076 9208 ZESService - ok
03:35:15.0139 9208 [ 4A84734FAB44D563611B1792A5D576B0 ] zestdi C:\Windows\system32\DRIVERS\zestdi.sys
03:35:15.0139 9208 zestdi - ok
03:35:15.0154 9208 [ 968A58D8AD49554BDC1B6F063A6EB826 ] ZESWIFI C:\Windows\system32\DRIVERS\ZESWIFI.sys
03:35:15.0154 9208 ZESWIFI - ok
03:35:15.0201 9208 ================ Scan global ===============================
03:35:15.0201 9208 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
03:35:15.0217 9208 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
03:35:15.0232 9208 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
03:35:15.0248 9208 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
03:35:15.0264 9208 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
03:35:15.0279 9208 [Global] - ok
03:35:15.0279 9208 ================ Scan MBR ==================================
03:35:15.0279 9208 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
03:35:15.0997 9208 \Device\Harddisk0\DR0 - ok
03:35:16.0012 9208 ================ Scan VBR ==================================
03:35:16.0028 9208 [ 6A37A1B2FC740CCBF1811C544FE76678 ] \Device\Harddisk0\DR0\Partition1
03:35:16.0028 9208 \Device\Harddisk0\DR0\Partition1 - ok
03:35:16.0028 9208 ============================================================
03:35:16.0028 9208 Scan finished
03:35:16.0028 9208 ============================================================
03:35:16.0059 8720 Detected object count: 0
03:35:16.0059 8720 Actual detected object count: 0





aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 03:08:35
-----------------------------
03:08:35.480 OS Version: Windows x64 6.1.7601 Service Pack 1
03:08:35.480 Number of processors: 4 586 0x2A07
03:08:35.480 ComputerName: R9HXIK4 UserName: LRoe
03:08:36.712 Initialize success
03:14:33.478 AVAST engine defs: 12082100
03:14:50.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
03:14:50.935 Disk 0 Vendor: SAMSUNG_ AXM0 Size: 122104MB BusType: 3
03:14:50.950 Disk 0 MBR read successfully
03:14:50.966 Disk 0 MBR scan
03:14:50.981 Disk 0 Windows 7 default MBR code
03:14:50.981 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122078 MB offset 2048
03:14:51.013 Disk 0 scanning C:\Windows\system32\drivers
03:15:08.594 Service scanning
03:16:00.200 Modules scanning
03:16:00.215 Disk 0 trace - called modules:
03:16:00.231 ntoskrnl.exe CLASSPNP.SYS disk.sys zesdac.sys ACPI.sys iaStor.sys hal.dll
03:16:00.246 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009fef060]
03:16:00.262 3 CLASSPNP.SYS[fffff88001a5a43f] -> nt!IofCallDriver -> [0xfffffa8009e48d70]
03:16:00.278 5 zesdac.sys[fffff88001d18131] -> nt!IofCallDriver -> [0xfffffa8007af9e40]
03:16:00.293 7 ACPI.sys[fffff88000f0f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007afd050]
03:16:00.683 AVAST engine scan C:\Windows
03:16:02.945 AVAST engine scan C:\Windows\system32
03:27:53.340 AVAST engine scan C:\Windows\system32\drivers
03:28:22.210 AVAST engine scan C:\Users\lroe
03:34:19.159 Disk 0 MBR has been saved successfully to "C:\Users\lroe\Documents\Anti-Malware\Reports\MBR.dat"
03:34:19.175 The log file has been saved successfully to "C:\Users\lroe\Documents\Anti-Malware\Reports\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-22 03:08:35
-----------------------------
03:08:35.480 OS Version: Windows x64 6.1.7601 Service Pack 1
03:08:35.480 Number of processors: 4 586 0x2A07
03:08:35.480 ComputerName: R9HXIK4 UserName: LRoe
03:08:36.712 Initialize success
03:14:33.478 AVAST engine defs: 12082100
03:14:50.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
03:14:50.935 Disk 0 Vendor: SAMSUNG_ AXM0 Size: 122104MB BusType: 3
03:14:50.950 Disk 0 MBR read successfully
03:14:50.966 Disk 0 MBR scan
03:14:50.981 Disk 0 Windows 7 default MBR code
03:14:50.981 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 122078 MB offset 2048
03:14:51.013 Disk 0 scanning C:\Windows\system32\drivers
03:15:08.594 Service scanning
03:16:00.200 Modules scanning
03:16:00.215 Disk 0 trace - called modules:
03:16:00.231 ntoskrnl.exe CLASSPNP.SYS disk.sys zesdac.sys ACPI.sys iaStor.sys hal.dll
03:16:00.246 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009fef060]
03:16:00.262 3 CLASSPNP.SYS[fffff88001a5a43f] -> nt!IofCallDriver -> [0xfffffa8009e48d70]
03:16:00.278 5 zesdac.sys[fffff88001d18131] -> nt!IofCallDriver -> [0xfffffa8007af9e40]
03:16:00.293 7 ACPI.sys[fffff88000f0f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007afd050]
03:16:00.683 AVAST engine scan C:\Windows
03:16:02.945 AVAST engine scan C:\Windows\system32
03:27:53.340 AVAST engine scan C:\Windows\system32\drivers
03:28:22.210 AVAST engine scan C:\Users\lroe
03:34:19.159 Disk 0 MBR has been saved successfully to "C:\Users\lroe\Documents\Anti-Malware\Reports\MBR.dat"
03:34:19.175 The log file has been saved successfully to "C:\Users\lroe\Documents\Anti-Malware\Reports\aswMBR.txt"
03:35:41.737 AVAST engine scan C:\ProgramData
03:39:29.634 Scan finished successfully
03:40:36.077 Disk 0 MBR has been saved successfully to "C:\Users\lroe\Documents\Anti-Malware\Reports\MBR.dat"
03:40:36.113 The log file has been saved successfully to "C:\Users\lroe\Documents\Anti-Malware\Reports\aswMBR.txt"

And i'll post the ESET one once it has finished.

Does there seem to be anything out of the ordinary?

#4 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 08:21 PM

Seems to be ok. ESET didn't find anything

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=395b6c227181f04c8965b2b27ddac041
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-22 12:59:20
# local_time=2012-08-22 10:59:20 (+1000, AUS Eastern Standard Time)
# country="Australia"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 18364 97204771 0 0
# compatibility_mode=8192 67108863 100 0 4027 4027 0 0
# compatibility_mode=8449 16775165 50 97 18450 12008646 0 0
# scanned=340350
# found=0
# cleaned=0
# scan_time=25840

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 21 August 2012 - 08:26 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 08:32 PM

I re-scanned TDSSKiller and it showed this (the end of the log):


11:27:53.0571 6432 ============================================================
11:27:53.0571 6432 Scan finished
11:27:53.0571 6432 ============================================================
11:27:53.0602 8496 Detected object count: 13
11:27:53.0602 8496 Actual detected object count: 13
11:29:12.0026 8496 ManageEngine AssetExplorer Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0026 8496 ManageEngine AssetExplorer Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0041 8496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0041 8496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0041 8496 Novell Identity Store ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0041 8496 Novell Identity Store ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0041 8496 Novell ZENworks Agent Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0041 8496 Novell ZENworks Agent Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0057 8496 Novell ZENworks Image-Safe Data Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0057 8496 Novell ZENworks Image-Safe Data Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0057 8496 nzwinvnc ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0057 8496 nzwinvnc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0072 8496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0072 8496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0072 8496 Sophos Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0072 8496 Sophos Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0072 8496 Sophos Message Router ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0072 8496 Sophos Message Router ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0088 8496 SUService ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0088 8496 SUService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0088 8496 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0088 8496 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0088 8496 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0088 8496 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:29:12.0104 8496 ZENPreAgent ( UnsignedFile.Multi.Generic ) - skipped by user
11:29:12.0104 8496 ZENPreAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 21 August 2012 - 08:33 PM

Ignore them

#8 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 08:54 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by LRoe (administrator) on 22-08-2012 at 11:46:16
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.autoconfig_url", "http://www.usyd.edu.au/proxy.pac"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Ultimate-N 6300 AGN = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 3 (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : R9HX1K4
Primary Dns Suffix . . . . . . . : sacs.nsw.edu.au
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sacs.nsw.edu.au

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 24-77-03-25-D9-9C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::64db:bae0:b35b:dc35%12(Preferred)
IPv4 Address. . . . . . . . . . . : 172.20.10.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.240
Lease Obtained. . . . . . . . . . : Wednesday, 22 August 2012 11:15:00 AM
Lease Expires . . . . . . . . . . : Thursday, 23 August 2012 11:00:36 AM
Default Gateway . . . . . . . . . : 172.20.10.1
DHCP Server . . . . . . . . . . . : 172.20.10.1
DHCPv6 IAID . . . . . . . . . . . : 304379651
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7A-1F-AD-F0-DE-F1-A8-0C-87
DNS Servers . . . . . . . . . . . : 10.4.81.103
10.4.182.20
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : sacs.nsw.edu.au
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-A8-0C-F6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2AFD8977-FB4E-40B8-A4C2-C95257337C0A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.sacs.nsw.edu.au:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3c33:68e1:8761:e8b2(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c33:68e1:8761:e8b2%21(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.4.81.103

Name: google.com
Addresses: 2404:6800:4006:802::1007
74.125.237.78
74.125.237.72
74.125.237.64
74.125.237.66
74.125.237.70
74.125.237.67
74.125.237.71
74.125.237.68
74.125.237.69
74.125.237.65
74.125.237.73


Pinging google.com [74.125.237.33] with 32 bytes of data:
Reply from 74.125.237.33: bytes=32 time=58ms TTL=54
Reply from 74.125.237.33: bytes=32 time=274ms TTL=53

Ping statistics for 74.125.237.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 274ms, Average = 166ms
Server: UnKnown
Address: 10.4.81.103

DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=769ms TTL=49
Reply from 72.30.38.140: bytes=32 time=880ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 769ms, Maximum = 880ms, Average = 824ms
Server: UnKnown
Address: 10.4.81.103

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=16ms TTL=128
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 6ms, Maximum = 16ms, Average = 11ms
===========================================================================
Interface List
12...24 77 03 25 d9 9c ......Intel® Centrino® Ultimate-N 6300 AGN
11...f0 de f1 a8 0c f6 ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.20.10.1 172.20.10.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.20.10.0 255.255.255.240 On-link 172.20.10.5 281
172.20.10.5 255.255.255.255 On-link 172.20.10.5 281
172.20.10.15 255.255.255.255 On-link 172.20.10.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.20.10.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.20.10.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
21 58 ::/0 On-link
1 306 ::1/128 On-link
21 58 2001::/32 On-link
21 306 2001:0:9d38:953c:3c33:68e1:8761:e8b2/128
On-link
12 281 fe80::/64 On-link
21 306 fe80::/64 On-link
21 306 fe80::3c33:68e1:8761:e8b2/128
On-link
12 281 fe80::64db:bae0:b35b:dc35/128
On-link
1 306 ff00::/8 On-link
21 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/22/2012 11:20:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 11:18:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 11:18:03 AM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(78:a3:e4:8e:30:d5@fe80::7aa3:e4ff:fe8e:30d5._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (08/22/2012 03:41:33 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 03:41:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/22/2012 03:31:03 AM) (Source: Bonjour Service) (User: )
Description: Client application bug: DNSServiceResolve(78:a3:e4:8e:30:d5@fe80::7aa3:e4ff:fe8e:30d5._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (08/22/2012 03:23:18 AM) (Source: Novell.Zenworks.Logger) (User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found

Error: (08/22/2012 03:22:27 AM) (Source: Novell.Zenworks.Logger) (User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found

Error: (08/22/2012 03:20:41 AM) (Source: Novell.Zenworks.Logger) (User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found

Error: (08/22/2012 03:18:55 AM) (Source: Novell.Zenworks.Logger) (User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found


System errors:
=============
Error: (08/22/2012 10:44:53 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain STAFF due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (08/22/2012 10:44:47 AM) (Source: DCOM) (User: )
Description: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}

Error: (08/22/2012 05:38:46 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (08/22/2012 04:47:03 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (08/22/2012 03:04:31 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (08/22/2012 03:04:31 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
Logon failure: the user has not been granted the requested logon type at this computer.

Service: nvUpdatusService
Domain and account: .\UpdatusUser

This service account does not have the required user right "Log on as a service."

User Action

Assign "Log on as a service" to the service account on this computer. You can use Local Security Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears to be removed, check with your domain administrator to find out if a Group Policy object associated with this node might be removing the right.

Error: (08/22/2012 03:03:31 AM) (Source: Microsoft-Windows-GroupPolicy) (User: STAFF)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (08/22/2012 03:03:28 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (08/22/2012 03:02:00 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following:
a) Name Resolution failure on the current domain controller.
B) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).

Error: (08/22/2012 03:01:58 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain STAFF due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.


Microsoft Office Sessions:
=========================
Error: (08/22/2012 11:20:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (08/22/2012 11:18:05 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\lroe\Downloads\esetsmartinstaller_enu.exe

Error: (08/22/2012 11:18:03 AM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(78:a3:e4:8e:30:d5@fe80::7aa3:e4ff:fe8e:30d5._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (08/22/2012 03:41:33 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\lroe\Downloads\esetsmartinstaller_enu.exe

Error: (08/22/2012 03:41:28 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\lroe\Downloads\esetsmartinstaller_enu.exe

Error: (08/22/2012 03:31:03 AM) (Source: Bonjour Service)(User: )
Description: Client application bug: DNSServiceResolve(78:a3:e4:8e:30:d5@fe80::7aa3:e4ff:fe8e:30d5._apple-mobdev._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (08/22/2012 03:23:18 AM) (Source: Novell.Zenworks.Logger)(User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found

Error: (08/22/2012 03:22:27 AM) (Source: Novell.Zenworks.Logger)(User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found

Error: (08/22/2012 03:20:41 AM) (Source: Novell.Zenworks.Logger)(User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found

Error: (08/22/2012 03:18:55 AM) (Source: Novell.Zenworks.Logger)(User: )
Description: Category: BundleManager
GenericActions.LaunchWinError: Error launching "\\altiris\Exclaimer\ExSync.exe ". Windows error: The network path was not found


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.1)
Action Handler Resources (Version: 11.1.0.10525)
actions-langs (Version: 11.1.0.10525)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.0.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe CS55 (Version: 1.2.0000)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Audacity (Version: 1.2.6)
auth-satellite-server-langs (Version: 11.1.0.10465)
Bonjour (Version: 3.0.0.10)
bundle-langs (Version: 11.1.0.10525)
Burn.Now 4.5 (Version: 4.5.0)
CASA (Version: 1.7.1727)
ClickView Player (Version: 2.1.0.9)
Conexant 20672 SmartAudio HD (Version: 8.32.23.2)
content-distribution-point-langs (Version: 11.1.0.10465)
Corel Burn.Now Lenovo Edition (Version: 4.5.0)
Corel DVD MovieFactory 7 (Version: 7.0.0)
Corel DVD MovieFactory Lenovo Edition (Version: 7.0.0)
Corel WinDVD (Version: 10.0.5.828)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dexpot (Version: 1.5.99)
Direct DiscRecorder (Version: 1.00.0000)
Emsisoft Anti-Malware (Version: 6.6)
ESET Online Scanner v3
FileMaker Pro 11 Advanced (Version: 11.0.3.0)
Google Chrome (Version: 21.0.1180.83)
Google Earth (Version: 6.0.0.1735)
Google SketchUp 8 (Version: 3.0.4811)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Identity Protection Technology 1.0.74.0 (Version: 1.0.74.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2538)
inventory-langs (Version: 11.1.0.10525)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Auto Scroll Utility (Version: 1.11)
Lenovo Patch Utility (Version: 1.0.1.1)
Lenovo Patch Utility 64 bit (Version: 1.2.0.1)
Lenovo Screen Reading Optimizer (Version: 1.10)
Lenovo SimpleTap (Version: 2.1.0003.00)
Lenovo System Interface Driver (Version: 1.05)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
ManageEngine AssetExplorer Agent (Version: 1.0.5)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Project MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio 2010 (Version: 14.0.6029.1000)
Microsoft Office Visio MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Project 2010 Service Pack 1 (SP1)
Microsoft Project Professional 2010 (Version: 14.0.6029.1000)
Microsoft Redistributable Files (x64) (Version: 9.0)
Microsoft Redistributable Files (x86) (Version: 9.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visio 2010 Service Pack 1 (SP1)
Microsoft Visio Premium 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
novell-zenworks-patch-management-agent (Version: 11.1.0.25)
Novell CASA Authentication Token Client (x64) (Version: 1.7.1712)
Novell ZENworks (Version: 11.1.0.10447)
Novell ZENworks Adaptive Agent Help (Version: 11.1.0.10447)
Novell ZENworks Endpoint Security Agent (Version: 11.1.0.087)
Novell ZENworks Image-Safe Data Service (Version: 11.1.0.10568)
Novell ZENworks Remote Management (Version: 11.1.0.10525)
NVIDIA 3D Vision Driver 275.93 (Version: 275.93)
NVIDIA Control Panel 275.93 (Version: 275.93)
NVIDIA Graphics Driver 275.93 (Version: 275.93)
NVIDIA HD Audio Driver 1.2.23.3 (Version: 1.2.23.3)
NVIDIA Install Application (Version: 2.275.82.0)
NVIDIA Optimus 1.3.12 (Version: 1.3.12)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.7593)
NVIDIA Update Components (Version: 1.3.12)
On Screen Display (Version: 6.60.03)
patch-langs (Version: 11.1.0.10525)
PDF Settings CS5 (Version: 10.0)
policy-langs (Version: 11.1.0.10525)
Policy Action Handler Resources (Version: 11.1.0.10525)
Policy Handler Resources (Version: 11.1.0.10525)
primary-agent-langs (Version: 11.1.0.10465)
R-Studio 5.4 (Version: 5.4.134580)
R for Windows 2.15.0 (Version: 2.15.0)
RapidBoot (Version: 1.11)
remotemanagement-langs (Version: 11.1.0.10525)
RStudio (Version: 0.95.265)
Sibelius 6 (Version: 6.0.0)
Skype™ 5.5 (Version: 5.5.124)
SM-Marks 2 (Version: 1.00.0000)
SMART Common Platform (Version: 10.8.159.0)
SMART Education Software 2011 (Version: 10.8.205.0)
SMART Notebook (Version: 10.8.364.0)
SMART Product Drivers (Version: 10.8.212.0)
Sophos Anti-Virus (Version: 10.0.6)
Sophos AutoUpdate (Version: 2.7.1)
Sophos Remote Management System (Version: 3.4.0)
Spotify (Version: 0.8.4.124.ga3559d86)
status-collection-point-langs (Version: 11.1.0.10525)
System Update (Version: 4.01.0015)
TeamViewer 7 (Version: 7.0.13989)
ThinkPad FullScreen Magnifier (Version: 2.40)
ThinkPad Power Management Driver (Version: 1.64.00.00)
ThinkPad Power Manager (Version: 3.64)
ThinkPad UltraNav Driver (Version: 15.3.27.1)
ThinkVantage Active Protection System (Version: 1.75)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
usermanagement-langs-x86_64 (Version: 11.1.0.10465)
VLC media player 1.1.11 (Version: 1.1.11)
windows-desktop-langs-x86_64 (Version: 11.1.0.10525)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinProxy-langs (Version: 11.1.0.10525)
zencore-agent-langs (Version: 11.1.0.10465)
zennotifyicon-langs (Version: 11.1.0.10465)
ZENworks Action Handlers (Version: 11.1.0.10525)
ZENworks Action Utilities (Version: 11.1.0.10525)
ZENworks Actions (Version: 11.1.0.10525)
ZENworks Agent Authentication Satellite Module (Version: 11.1.0.10447)
ZENworks Agent Bundle Management (Version: 11.1.0.11255)
ZENworks Agent Core Modules (Version: 11.1.0.10942)
ZENworks Agent Inventory Management (Version: 11.1.0.10525)
ZENworks Agent Patch Management (Version: 11.1.0.10525)
ZENworks Agent Policy Management (Version: 11.1.0.10525)
ZENworks Agent System Update Module (Version: 11.1.0.10447)
ZENworks Agent WinProxy Module (Version: 11.1.0.10525)
ZENworks Content Distribution Point (Version: 11.1.0.10447)
ZENworks DLU Policy Handler (Version: 11.1.0.10525)
ZENworks Extensions Libraries (Version: 11.1.0.10525)
ZENworks Group Policy Handler (Version: 11.1.0.10525)
ZENworks Image-Safe Data Agent (Version: 11.1.0.10568)
ZENworks Image Management (Version: 11.1.0.10525)
ZENworks Imaging Server (Version: 11.1.0.10525)
ZENworks Information Icon (Version: 11.1.0.10447)
ZENworks Launcher Policy Handler (Version: 11.1.0.10525)
ZENworks Policy Handlers (Version: 11.1.0.10525)
ZENworks Policy Libraries (Version: 11.1.0.10525)
ZENworks Primary Agent (Version: 11.1.0.11256)
ZENworks Status Collection Point (Version: 11.1.0.10525)
ZENworks Uninstaller (Version: 11.1.0.10525)
ZENworks User Management (Version: 11.1.0.10447)
ZENworks Version Information (Version: 11.1.0.10447)
ZENworks Windows UI (Version: 11.1.0.10525)

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 8074.23 MB
Available physical RAM: 4395.25 MB
Total Pagefile: 16146.66 MB
Available Pagefile: 11916.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.36 MB

========================= Partitions: =====================================

1 Drive c: (WINDOWS) (Fixed) (Total:119.22 GB) (Free:20.8 GB) NTFS

========================= Users: ========================================

User accounts for \\R9HXIK4

Administrator Guest SophosSAUR9HX1K30
UpdatusUser


**** End of log ****

#9 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 08:57 PM

Farbar Service Scanner Version: 06-08-2012
Ran by LRoe (administrator) on 22-08-2012 at 11:55:33
Running from "C:\Users\lroe\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

#10 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 09:10 PM

And here is the AdwCleaner log

# AdwCleaner v1.801 - Logfile created 08/22/2012 at 11:58:47
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : LRoe - R9HX1K3
# Boot Mode : Normal
# Running from : C:\Users\lroe\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\lroe\AppData\Roaming\Mozilla\Firefox\Profiles\vl9usqxd.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\lroe\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [1011 octets] - [22/08/2012 11:58:47]

########## EOF - C:\AdwCleaner[S1].txt - [1139 octets] ##########

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 21 August 2012 - 09:13 PM

Malwarebytes log?


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#12 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 09:23 PM

Malware Bytes couldn't find anything.


Rkill 2.3.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/22/2012 12:16:54 PM in x64 mode.
Windows Version: Windows 7 Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AdobeAAMUpdater-1.0" "Adobe Updater Startup Utility" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "ForteConfig" "FMAPP Application" "" "c:\program files\conexant\forteconfig\fmapp.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SmartAudio Control Panel application" "Conexant systems, Inc." "c:\program files\conexant\saii\saiicpl.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TpShocks" "ThinkVantage Active Protection System" "Lenovo." "c:\windows\system32\tpshocks.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Acrobat Assistant 8.0" "AcroTray" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrotray.exe"
+ "Adobe Acrobat Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\acrobat 10.0\acrobat\acrobat_sl.exe"
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "AdobeCS5.5ServiceManager" "Adobe CS5.5 Service Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "emsisoft anti-malware" "Background Guard" "Emsisoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2guard.exe"
+ "IMSS" "PIcon startup utility" "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\imss\piconstartup.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe"
+ "NalView" "ZENworks Application Launcher" "Novell, Inc." "c:\program files (x86)\novell\zenworks\bin\nalview.exe"
+ "PWMTRV" "ThinkPad Power Manager Background Monitor and Tray Battery Gauge" "Lenovo Group Limited" "c:\program files (x86)\thinkpad\utilities\pwmtr64v.dll"
+ "SMART Board Service" "SMART Board Service" "SMART Technologies" "c:\program files (x86)\smart technologies\education software\smartboardservice.exe"
+ "SMART Board Tools" "SMART Board Tools" "SMART Technologies ULC" "c:\program files (x86)\smart technologies\education software\smartboardtools.exe"
+ "Sophos AutoUpdate Monitor" "Sophos Endpoint Security and Control" "Sophos Limited" "c:\program files (x86)\sophos\autoupdate\almon.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "ZenNotifyIcon" "ZENworks Adaptive Agent" "Novell, Inc." "c:\program files (x86)\novell\zenworks\bin\zennotifyicon.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "" "" "File not found: C:\Program Files (x86)\ThinkPad\Bluetooth Software\BTTray.exe"
+ "SimpleTap.lnk" "SimpleTap" "Lenovo" "c:\program files\lenovo\simpletap\simpletap.exe"
"C:\Users\lroe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\lroe\appdata\local\google\update\googleupdate.exe"
+ "Spotify" "Spotify" "Spotify Ltd" "c:\users\lroe\appdata\roaming\spotify\spotify.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "ZENworks Adaptive Agent" "ZENworks Application Shell Extensions" "Novell, Inc." "c:\program files (x86)\novell\zenworks\bin\nalshell.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "SavShellExt" "Components for extending windows shell with SAV scan" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savshellextx64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "SavShellExt" "Components for extending windows shell with SAV scan" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "a-squared Anti-Malware Shell Extension x64" "Emsisoft Anti-Malware shell extension" "Emsiûoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2contmenu64.dll"
+ "Lenovo SimpleTap" "ShellExt" "Lenovo" "c:\program files\lenovo\simpletap\shellext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "a-squared Anti-Malware Shell Extension" "Emsisoft Anti-Malware shell extension" "Emsiûoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2contmenu.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SavShellExt" "Components for extending windows shell with SAV scan" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savshellextx64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "SavShellExt" "Components for extending windows shell with SAV scan" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "Lenovo SimpleTap" "ShellExt" "Lenovo" "c:\program files\lenovo\simpletap\shellext.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "a-squared Anti-Malware Shell Extension x64" "Emsisoft Anti-Malware shell extension" "Emsiûoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2contmenu64.dll"
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "SavShellExt" "Components for extending windows shell with SAV scan" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savshellextx64.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "a-squared Anti-Malware Shell Extension" "Emsisoft Anti-Malware shell extension" "Emsiûoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2contmenu.dll"
+ "Adobe.Acrobat.ContextMenu" "Adobe Acrobat Context Menu" "Adobe Systems Inc." "c:\program files (x86)\adobe\acrobat 10.0\acrobat elements\contextmenu.dll"
+ "SavShellExt" "Components for extending windows shell with SAV scan" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savshellext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "SMART Notebook Download Utility" "Notebook Download Plugin" "SMART Technologies ULC." "c:\program files (x86)\smart technologies\education software\win64\notebookplugin.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Conversion Toolbar Helper" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "ContributeBHO Class" "Contribute IE Plugin" "Adobe Systems, Inc." "c:\program files (x86)\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "SMART Notebook Download Utility" "Notebook Download Plugin" "SMART Technologies ULC." "c:\program files (x86)\smart technologies\education software\win32\notebookplugin.dll"
+ "SmartSelect Class" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Adobe PDF" "Adobe PDF Toolbar for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiefavclient.dll"
+ "Contribute Toolbar" "Contribute IE Plugin" "Adobe Systems, Inc." "c:\program files (x86)\adobe\adobe contribute cs5.1\plugins\ieplugin\contributeieplugin.dll"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2094611957-1476883194-1777090905-23723Core" "Google Installer" "Google Inc." "c:\users\lroe\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2094611957-1476883194-1777090905-23723UA" "Google Installer" "Google Inc." "c:\users\lroe\appdata\local\google\update\googleupdate.exe"
+ "\Lenovo\Lenovo Customer Feedback Program" "Lenovo.TVT.CustomerFeedback.Agent" "Lenovo" "c:\program files\lenovo\customer feedback program\lenovo.tvt.customerfeedback.agent.exe"
+ "\Lenovo\SROptimizer" "Lenovo Screen Reading Optimizer Resident Module" "Lenovo Group Limited" "c:\program files (x86)\lenovo\screen reading optimizer\srorest.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PMTask" "ThinkPad Power Manager Idle Task" "Lenovo Group Limited" "c:\program files (x86)\thinkpad\utilities\pwmidtsv.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "a2AntiMalware" "Scans the PC for unwanted software and provides protection from malicious code" "Emsisoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2service.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CxAudMsg" "Monitors audio device events and forward them to subscribing application. If this service is stop. the aduio effects will not function properly." "Conexant Systems Inc." "c:\windows\system32\cxaudmsg64.exe"
+ "DozeSvc" "Doze Mode Service Program" "Lenovo." "c:\program files (x86)\thinkpad\utilities\dzsvc64.exe"
+ "HyperW7Svc" "HyperW7 Service" "Lenovo Group Limited" "c:\program files\lenovo\rapidboot\hyperw7svc64.exe"
+ "IBMPMSVC" "ThinkPad Power Management Service" "Lenovo." "c:\windows\system32\ibmpmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "jhi_service" "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology" "Intel Corporation" "c:\program files (x86)\intel\services\ipt\jhi_service.exe"
+ "LENOVO.MICMUTE" "Microphone Mute Controll Service for ThinkPad" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\micmute.exe"
+ "Lenovo.VIRTSCRLSVC" "Auto Scroll Start Service" "Lenovo Group Limited" "c:\program files\lenovo\virtscrl\lvvsst.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "ManageEngine AssetExplorer Agent" "Monitor the Inventory changes for the AssetExplorer Software." "" "c:\program files (x86)\manageengine\assetexplorer\bin\agentmonitor.exe"
+ "ManageEngine AssetExplorer RemoteControl" "Remote desktop sharing of AssetExplorer Software." "" "c:\program files (x86)\manageengine\assetexplorer\remotecontrol\service.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll"
+ "Novell Identity Store" "Novell Identity Store is used by CASA (Common Authentication Service Adapter) to encypt and store credentials entered by users. These credentials can be used to authenticate to additional network services" "Novell, Inc" "c:\program files (x86)\novell\casa\bin\micasad.exe"
+ "Novell ZENworks Agent Service" "Novell ZENworks primary agent provides application management and policy related services for managed desktops and servers" "Novell, Inc." "c:\program files (x86)\novell\zenworks\bin\zenworkswindowsservice.exe"
+ "Novell ZENworks Image-Safe Data Service" "Synchronizes image-safe data with OS information" "" "c:\program files (x86)\novell\zenworks\bin\preboot\novell-zisdservice.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "nzwinvnc" "Allows people to remotely manage this device." "Novell, Inc." "c:\program files (x86)\novell\zenworks\bin\nzrwinvnc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll"
+ "Power Manager DBC Service" "Power Manager Dynamic Brightness Control Service" "Lenovo" "c:\program files (x86)\thinkpad\utilities\pwmdbsvc.exe"
+ "PSI_SVC_2" "This service provides Protexis licensing functionalty." "Protexis Inc." "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe"
+ "PwmEWSvc" "Power Manager Cisco EnergyWise Enabler" "Lenovo Group Limited" "c:\program files (x86)\thinkpad\utilities\pwmewsvc.exe"
+ "SAService" "SmartAudio Helper service" "Conexant Systems, Inc." "c:\windows\syswow64\sasrv.exe"
+ "SAVAdminService" "Provides information to Windows Security Center on whether Sophos Anti-Virus is up to date and whether on-access scanning is enabled." "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savadminservice.exe"
+ "SAVService" "Performs threat scanning and cleanup functions." "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\savservice.exe"
+ "Sophos Agent" "Management Agent for Sophos applications" "Sophos Limited" "c:\program files (x86)\sophos\remote management system\managementagentnt.exe"
+ "Sophos AutoUpdate Service" "Part of the updating system for Sophos components" "Sophos Limited" "c:\program files (x86)\sophos\autoupdate\alsvc.exe"
+ "Sophos Message Router" "Message router for Sophos applications" "Sophos Limited" "c:\program files (x86)\sophos\remote management system\routernt.exe"
+ "Sophos Web Control Service" "Manages Web Control policy." "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\web control\swc_service.exe"
+ "SROSVC" "Lenovo Screen Reading Optimizer Service" "Lenovo Group Limited" "c:\program files (x86)\lenovo\screen reading optimizer\srosvc.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "SUService" "ThinkVantage System Update" "Lenovo Group Limited" "c:\program files (x86)\lenovo\system update\suservice.exe"
+ "swi_service" "Protects against threats from malicious websites." "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\web intelligence\swi_service.exe"
+ "swi_update_64" "Reconfigure the Sophos Web Intelligence components." "Sophos Limited" "c:\programdata\sophos\web intelligence\swi_update_64.exe"
+ "SwitchBoard" "SwitchBoard Server (32 bit)" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\switchboard\switchboard.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "TPHDEXLGSVC" "ThinkVantage Active Protection System - HDD Logger Module" "Lenovo." "c:\windows\system32\tphdexlg64.exe"
+ "TPHKLOAD" "ThinkPad Message Client Loader" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphkload.exe"
+ "TPHKSVC" "On screen display Fn+Fx handler" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphksvc.exe"
+ "UleadBurningHelper" "ULCDRSvr" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\dvd\ulcdrsvr.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "ZENPreAgent" "Performs initial download and installation of modular ZENworks Adaptive Agent services" "" "c:\windows\novell\zenworks\bin\zenpreagent.exe"
+ "ZESService" "ZENworks Endpoint Security Service" "Novell, Inc." "c:\program files (x86)\novell\zenworks\esm\zesservice.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "5U877" "Ricoh USB Camera driver" "Ricoh co.,Ltd." "c:\windows\system32\drivers\5u877.sys"
+ "a2acc" "Emsisoft on-access minifilter" "Emsisoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2accx64.sys"
+ "A2DDA" "Emsisoft Direct Disk Access Support Driver" "Emsi Software GmbH" "c:\program files (x86)\emsisoft anti-malware\a2ddax64.sys"
+ "a2injectiondriver" "Emsisoft injection minifilter" "Emsisoft GmbH" "c:\program files (x86)\emsisoft anti-malware\a2dix64.sys"
+ "a2util" "Provides several additional functionality used by the a-squared Malware-IDS." "Emsi Software GmbH" "c:\program files (x86)\emsisoft anti-malware\a2util64.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "dfmirage" "Mirage Driver" "DemoForge, LLC" "c:\windows\system32\drivers\dfmirage.sys"
+ "DzHDD64" "Doze Mode Kernel Driver for HDD control" "Lenovo." "c:\windows\system32\drivers\dzhdd64.sys"
+ "e1cexpress" "Intel® Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1c62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IBMPMDRV" "ThinkPad Power Management Driver" "Lenovo." "c:\windows\system32\drivers\ibmpmdrv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "lenovo.smi" "SMI Driver for Lenovo system" "Lenovo Group Limited" "c:\windows\system32\drivers\smiifx64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 275.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvpciflt" "NVIDIA Windows Kernel Mode Driver, Version 275.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvpciflt.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PHCORE" "RapidBoot Driver" "Lenovo Group Limited" "c:\program files\lenovo\rapidboot\phcore64.sys"
+ "psadd" "SMBIOS Driver" "Lenovo Information Product(ShenZhen China) Inc." "c:\windows\system32\drivers\psadd.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "risdxc" "RICOH PCIe SDXC/MMC Controller Driver" "REDC" "c:\windows\system32\drivers\risdxc64.sys"
+ "SAVOnAccess" "SAV on-access mini-filter driver" "Sophos Limited" "c:\windows\system32\drivers\savonaccess.sys"
+ "sdcfilter" "Sophos CD-Rom Class filter driver" "Sophos Limited" "c:\windows\system32\drivers\sdcfilter.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Shockprf" "Shockproof Disk Driver" "Lenovo." "c:\windows\system32\drivers\apsx64.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SMARTMouseFilterx64" "Mouse Upper Filter Driver" "SMART Technologies ULC" "c:\windows\system32\drivers\smartmousefilterx64.sys"
+ "SMARTVHidMiniVistaAmd64" "Driver for SMART HID Device" "SMART Technologies ULC" "c:\windows\system32\drivers\smartvhidminivistaamd64.sys"
+ "SMARTVTabletPCx64" "Driver for SMART Virtual TabletPC HID Device" "SMART Technologies ULC" "c:\windows\system32\drivers\smartvtabletpcx64.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TPDIGIMN" "APS Digitizer Activity Monitor" "Lenovo." "c:\windows\system32\drivers\apshm64.sys"
+ "TPPWRIF" "Power Manager" "Lenovo Group Limited" "c:\windows\system32\drivers\tppwr64v.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "zesdac" "Novell ZESM Device Access Control Driver" "Novell, Inc" "c:\windows\system32\drivers\zesdac.sys"
+ "zesfsfd" "Provides Location-Aware File System Protection" "Novell, Inc" "c:\windows\system32\drivers\zesfsfd.sys"
+ "ZESFW" "Novell ZESM Firewall" "Novell, Inc" "c:\windows\system32\drivers\zesfw.sys"
+ "zestdi" "Novell ZESM Protocol Filter Filter Driver" "Novell, Inc" "c:\windows\system32\drivers\zestdi.sys"
+ "ZESWIFI" "Novell ZESM Wireless Network Filter" "Novell, Inc" "c:\windows\system32\drivers\zeswifi.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.dvacm" "Ulead DV Audio ACM Driver" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\vio\dvacm.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.mpegacm" "Ulead MPEG1 Layer2 Audio ACM Driver" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\mpegacm.acm"
+ "msacm.ulmp3acm" "Ulead MP3 codec engine" "Ulead systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulmp3acm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files (x86)\google\google earth\client\wavdest.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Dib Output" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\diboutput.ax"
+ "Dib Receive" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dibreceive.ax"
+ "DV ACM V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"
+ "DV V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"
+ "DV Video Source Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\dvsf.ax"
+ "GDCL WMV/WMA Parser" "DirectShow WMV/WMA Parser" "GDCL (www.gdcl.co.uk)" "c:\program files (x86)\clickview\clickview\wmfdemux.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.119684" "InterVideo Inc." "c:\program files (x86)\corel\corelwindvd2010\iviaudio.ax"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.119684" " InterVideo Inc." "c:\program files (x86)\corel\corelwindvd2010\ivivideo.ax"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Ulead AMR Audio Decoder" "MP4 AMR Audio Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uladamr.ax"
+ "Ulead Audio Dual Channel Filter" "Ulead Audio Dual Channel Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uaudiodcfilter.ax"
+ "Ulead DV Scene Detect" "" "" "C:\Program Files (x86)\Common Files\Ulead Systems\DVD\"
+ "Ulead DV SubTitle Filter" "DV SubTitle Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\dvtranssubtitle.ax"
+ "Ulead DV Writer" "ulDVWriter" "Corel" "c:\program files (x86)\common files\ulead systems\capture\uldvrite.ax"
+ "Ulead DVB Parser" "Ulead DVB Parser Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvbparser.ax"
+ "Ulead DVD Audio Decoder 2" "Audio Decoder" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax"
+ "Ulead DVD Navigator" "DVD Navigator filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\dvd\uleaddvdnavigator.ax"
+ "Ulead DVD Parser" "ulDVDParser" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdparser.ax"
+ "Ulead DVD Video decoder 2" "DVD Video Decoder with DxVA Support" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdvideo.ax"
+ "Ulead DVSD Push Source Filter" "Ulead DVSD Push Source Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvsdpushsource.ax"
+ "ULead File Source (Async.)" "Ulead Async Filter" "Ulead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulasync.ax"
+ "ULead File Writer" "File Dump Filter" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uldump.ax"
+ "Ulead H264 Decoder" "uldsh264" "uleadivi" "c:\program files (x86)\common files\ulead systems\mpeg\uldsh264.ax"
+ "ULead Infinite Pin Tee" "Ulead Infinite Tee Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uinftee.ax"
+ "Ulead MPEG Audio Decoder" "Audio Decoder" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax"
+ "Ulead MPEG Audio Encoder" "DS MPEG Audio Encoder" "Ulead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uleampeg.ax"
+ "Ulead MPEG Encoder" "MPEG Encoder and Muxer" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulesmpeg.ax"
+ "Ulead MPEG Muxer" "MPEG Muxer" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulmxmpeg.ax"
+ "Ulead MPEG Splitter" "ULead Mpeg I/II Splitter" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\ulspmpeg.ax"
+ "Ulead MPEG Transcoder" "ulMPGTrans" "Ulead com" "c:\program files (x86)\common files\ulead systems\mpeg\ulmpgtrans.ax"
+ "Ulead MPEG Video Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files (x86)\common files\ulead systems\mpeg\uldsmpeg.ax"
+ "Ulead MPEG-4 ASP Video Decoder" "MP4 ASP Video Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulaspvdmp4.ax"
+ "Ulead MPEG-4 Audio Decoder" "MP4 AAC Audio Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uladmp4.ax"
+ "Ulead MPEG-4 Encoder" "MP4 Encoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulmp4enc.ax"
+ "Ulead MPEG-4 Splitter" "MP4 Splitter Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulspmp4.ax"
+ "Ulead MPEG-4 Video Decoder" "MP4 Video Decoder Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulvdmp4.ax"
+ "Ulead Ogg Parser" "ulOggParserFilter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uloggparserfilter.ax"
+ "Ulead OggVorbis Decoder" "ulOggVorbisDecoderFilter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uloggvorbisdecoderfilter.ax"
+ "Ulead OggVorbis Encoder" "ulOggVorbisEncoderFilter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\uloggvorbisencoderfilter.ax"
+ "Ulead Push Source Filter" "Ulead Push Source Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulpushsource.ax"
+ "Ulead Sub-Picture Push Source Filter" "Ulead Sub-Picture Push Source Filter" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\mpeg\ulsubpicpushsource.ax"
+ "Ulead Video Deinterlace Filter" "" "Ulead Systems, Inc." "c:\program files (x86)\common files\ulead systems\filters\deinterlace.ax"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL" "Sophos Buffer Overrun Protection" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\sophos_detoured_x64.dll"
+ "C:\Windows\system32\nvinitx.dll" "NVIDIA shim initialization dll, Version 275.93 " "NVIDIA Corporation" "c:\windows\system32\nvinitx.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ " C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL" "Sophos Buffer Overrun Protection" "Sophos Limited" "c:\program files (x86)\sophos\sophos anti-virus\sophos_detoured.dll"
+ "C:\Windows\SysWOW64\nvinit.dll" "NVIDIA shim initialization dll, Version 275.93 " "NVIDIA Corporation" "c:\windows\syswow64\nvinit.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
+ "ZenCredentialProvider" "ZEN Credential Provider" "Novell, Inc." "c:\windows\system32\zencredentialprovider.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "ZenCredentialProvider" "ZEN Credential Provider" "Novell, Inc." "c:\windows\system32\zencredentialprovider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "LCredMgr" "" "" "c:\program files\novell\casa\bin\lcredmgr.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Adobe PDF Port Monitor" "Adobe PDF Port Monitor DLL" "Adobe Systems Inc" "c:\windows\system32\adobepdf.dll"
+ "HPPMOPJL" "Language Monitor for USB composite devices" "Hewlett-Packard Company" "c:\windows\system32\hppmopjl.dll"
+ "SMART Local Port" "SMART Notebook Document Writer Print Capture Port" "SMART Technologies ULC" "c:\windows\system32\smrtlocalmon.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages" "" "" ""
+ "ZenV1_0" "ZEN Authentication Package" "Novell, Inc." "c:\windows\system32\zenv1_0.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "LCredMgr" "LoginCapture Credential Provider" "" "c:\program files\novell\casa\bin\lcredmgr.dll"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 21 August 2012 - 09:24 PM

Any current issues?

#14 strugglingwithtrojan

strugglingwithtrojan
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 21 August 2012 - 09:27 PM

Firefox is still using 170,000K of memory with only one tab open. With more tabs this increases to 400,000 sometimes. What could be causing that?


I am also struggling to connect to my router - have not been able to since last night. I am about to try and connect to it directly to see what the problem is.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:10 PM

Posted 21 August 2012 - 09:42 PM

Firefox is still using 170,000K of memory with only one tab open. With more tabs this increases to 400,000 sometimes. What could be causing that?


No indication of malware.Reinstall firefox and see if it fixes high cpu usage.

I am also struggling to connect to my router - have not been able to since last night. I am about to try and connect to it directly to see what the problem is.


Reset the router and see if you can connect.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users