Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Can't boot


  • Please log in to reply
5 replies to this topic

#1 razgriz2012

razgriz2012

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 19 September 2012 - 11:34 PM

Dear all, I having a problem with malware with my computer and after run combixfix and success, when PC restarted it can't boot with message

STOP: c0000135 The program can't start because %hs is missing from your computer.

My only access are through Windows RE,

I've attached the FRST.txt too

Mod Edit: Pasted FRST into post, removed attachment - Hamluis.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-09-2012
Ran by SYSTEM at 20-09-2012 12:12:43
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2473568 2010-11-11] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-03-17] (Lenovo)
HKLM\...\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8964000 2011-09-30] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5674912 2011-04-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2010-04-28] ()
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-12-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1484856 2011-01-17] (McAfee, Inc.)
HKLM-x32\...\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-03-17] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2010-12-04] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [224352 2010-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-10-23] (Apple Inc.)
HKLM-x32\...\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [1095560 2012-07-26] (Spigot, Inc.)
HKU\Erfan Fiqre\...\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h [1015808 2010-10-27] (Ares Development Group)
HKU\Erfan Fiqre\...\Run: [Facebook Update] "C:\Users\Erfan Fiqre\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-14] (Facebook Inc.)
HKU\Erfan Fiqre\...\Run: [Microsoft Virus Scanner] rundll32.exe C:\Users\Erfan Fiqre\2ieqbf.dll,Init [x]
HKU\Erfan Fiqre\...\Run: [5q79vh0cvc] C:\Users\Erfan Fiqre\5q79vh0cvc.exe [x]
Tcpip\Parameters: [DhcpNameServer] 200.1.37.80 10.2.21.76
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Erfan Fiqre\Start Menu\Programs\Startup\PowerReg Scheduler.exe ()

==================== Services (Whitelisted) ===================

2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [951584 2010-07-29] (Broadcom Corporation.)
2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
3 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [509416 2010-10-07] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [355440 2010-03-09] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [200056 2010-10-13] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [245352 2010-10-13] (McAfee, Inc.)
2 mfevtp; "C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe" [149032 2010-10-13] (McAfee, Inc.)
2 servicemgr; C:\Windows\System32\AKSIFDH.dll [6656 2009-07-13] (Oak Technology Inc.) ATTENTION! ====> ZeroAccess
2 sr_watchdog; C:\Windows\System32\ifxtcs.dll [6656 2009-07-13] (Oak Technology Inc.) ATTENTION! ====> ZeroAccess
2 xyndboqsrnzx; "C:\windows\TEMP\DAT13DD.tmp.exe" --SERVICE [x]

==================== Drivers (Whitelisted) =====================

3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [62800 2010-10-13] (McAfee, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75032 2010-10-13] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc.)
3 athr; C:\Windows\System32\DRIVERS\athrx.sys [x]
3 catchme; \??\C:\ComboFix\catchme.sys [x]
2 CLKMSVC10_3A60B698; [x]
2 CLKMSVC10_C3B3B687; [x]
2 DriverService; [x]
2 idealife Update Service; [x]
3 IGRS; [x]
2 IviRegMgr; [x]
3 mfeavfk01; [x]
2 nvUpdatusService; [x]
2 Oasis2Service; [x]
2 PCCarerServic; [x]
2 ReadyComm.DirectRouter; [x]
2 RichVideo; [x]
2 RtLedService; [x]
2 SoftwareService; [x]
2 Stereo Service; [x]

==================== NetSvcs (Whitelisted) ====================

NETSVC: servicemgr -> C:\Windows\system32\AKSIFDH.dll (Oak Technology Inc.) ATTENTION! ====> ZeroAccess
NETSVC: sr_watchdog -> C:\Windows\system32\ifxtcs.dll (Oak Technology Inc.) ATTENTION! ====> ZeroAccess

==================== One Month Created Files and Folders ========

2012-09-20 12:12 - 2012-09-20 12:12 - 00000000 ____D C:\FRST
2012-09-18 19:27 - 2012-09-18 19:27 - 00828143 ____A C:\ComboFix.txt
2012-09-18 19:03 - 2012-09-18 19:04 - 04753249 ____A (Swearware) C:\Users\Erfan Fiqre\Downloads\ComboFix (1).exe
2012-09-18 19:03 - 2012-09-18 19:03 - 04753249 ____R (Swearware) C:\Users\Erfan Fiqre\Downloads\ComboFix.exe
2012-09-18 18:35 - 2012-09-18 18:35 - 02473760 ____A (Lenovo Group ) C:\Users\Erfan Fiqre\Downloads\IN1CHP36WW5.exe
2012-09-18 18:35 - 2012-09-18 18:35 - 00000000 ____D C:\Intel
2012-09-18 18:12 - 2012-09-18 18:12 - 00000000 ____D C:\Users\All Users\Downloaded Installations
2012-09-18 18:10 - 2012-09-18 18:10 - 00000000 ____D C:\Program Files (x86)\YTD Toolbar
2012-09-18 18:10 - 2012-09-18 18:10 - 00000000 ____D C:\Program Files (x86)\Application Updater
2012-09-18 18:00 - 2012-09-18 18:00 - 14305584 ____A (Lenovo Group ) C:\Users\Erfan Fiqre\Downloads\caez26ww.exe
2012-09-18 17:59 - 2012-09-18 17:59 - 86374992 ____A (Lenovo Group ) C:\Users\Erfan Fiqre\Downloads\IN1WLN80WW5.exe
2012-09-18 17:58 - 2012-09-18 17:58 - 03859464 ____A (Igor Pavlov) C:\Users\Erfan Fiqre\Downloads\40cn33ww_64.exe
2012-08-29 03:26 - 2012-09-19 09:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-29 03:26 - 2012-08-29 03:26 - 00000000 ____D C:\Users\Erfan Fiqre\AppData\Roaming\Malwarebytes
2012-08-29 03:26 - 2012-08-29 03:26 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-08-28 22:27 - 2012-09-18 19:27 - 00000000 ____D C:\Qoobox
2012-08-28 22:27 - 2011-06-25 22:45 - 00256000 ____A C:\Windows\PEV.exe
2012-08-28 22:27 - 2010-11-07 09:20 - 00208896 ____A C:\Windows\MBR.exe
2012-08-28 22:27 - 2009-04-19 20:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-08-28 22:27 - 2000-08-30 16:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-08-28 22:27 - 2000-08-30 16:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-08-28 22:27 - 2000-08-30 16:00 - 00098816 ____A C:\Windows\sed.exe
2012-08-28 22:27 - 2000-08-30 16:00 - 00080412 ____A C:\Windows\grep.exe
2012-08-28 22:27 - 2000-08-30 16:00 - 00068096 ____A C:\Windows\zip.exe
2012-08-28 22:26 - 2012-09-18 19:26 - 00000000 ____D C:\Windows\erdnt
2012-08-23 17:37 - 2012-07-06 11:58 - 00552448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-08-23 17:31 - 2012-07-18 09:31 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-23 17:31 - 2012-07-04 14:04 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-23 17:31 - 2012-07-04 14:01 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-08-23 17:31 - 2012-07-04 14:01 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-08-23 17:31 - 2012-07-04 13:26 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-23 17:31 - 2012-07-04 13:23 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-08-23 17:31 - 2012-05-13 21:20 - 00956416 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-23 17:21 - 2012-08-28 16:32 - 00000000 ____D C:\Users\All Users\7531CCA9FEEB22CB02E9114B4F147CE7
2012-08-21 20:58 - 2012-08-21 20:58 - 00000000 ____D C:\Program Files (x86)\Warcraft III

==================== 3 Months Modified Files ==================

2012-09-19 19:58 - 2011-06-03 10:34 - 148126479 ____A C:\Windows\System32\PsBoot.log
2012-09-19 19:56 - 2011-06-03 10:34 - 00000000 ____A C:\Windows\System32\defragLog.log
2012-09-19 19:56 - 2011-03-17 22:37 - 00475513 ____A C:\Windows\System32\fastboot.set
2012-09-18 19:39 - 2011-03-17 21:53 - 01746830 ____A C:\Windows\WindowsUpdate.log
2012-09-18 19:38 - 2011-04-17 05:32 - 01601483 ____A C:\FaceProv.log
2012-09-18 19:30 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-09-18 19:30 - 2009-07-13 20:45 - 00013632 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-09-18 19:27 - 2012-09-18 19:27 - 00828143 ____A C:\ComboFix.txt
2012-09-18 19:25 - 2011-03-17 22:26 - 00001828 ____A C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2012-09-18 19:23 - 2011-04-18 00:02 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-09-18 19:23 - 2009-07-13 18:34 - 00000215 ____A C:\Windows\system.ini
2012-09-18 19:22 - 2011-04-18 23:21 - 00011478 ____A C:\Windows\PFRO.log
2012-09-18 19:22 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-09-18 19:22 - 2009-07-13 20:51 - 00115266 ____A C:\Windows\setupact.log
2012-09-18 19:20 - 2009-07-13 18:34 - 67108864 ____A C:\Windows\System32\config\software.bak
2012-09-18 19:20 - 2009-07-13 18:34 - 19398656 ____A C:\Windows\System32\config\system.bak
2012-09-18 19:20 - 2009-07-13 18:34 - 01048576 ____A C:\Windows\System32\config\default.bak
2012-09-18 19:20 - 2009-07-13 18:34 - 00262144 ____A C:\Windows\System32\config\security.bak
2012-09-18 19:20 - 2009-07-13 18:34 - 00262144 ____A C:\Windows\System32\config\sam.bak
2012-09-18 19:04 - 2012-09-18 19:03 - 04753249 ____A (Swearware) C:\Users\Erfan Fiqre\Downloads\ComboFix (1).exe
2012-09-18 19:03 - 2012-09-18 19:03 - 04753249 ____R (Swearware) C:\Users\Erfan Fiqre\Downloads\ComboFix.exe
2012-09-18 18:35 - 2012-09-18 18:35 - 02473760 ____A (Lenovo Group ) C:\Users\Erfan Fiqre\Downloads\IN1CHP36WW5.exe
2012-09-18 18:02 - 2011-06-03 04:29 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001UA.job
2012-09-18 18:02 - 2011-06-03 04:29 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001Core.job
2012-09-18 18:00 - 2012-09-18 18:00 - 14305584 ____A (Lenovo Group ) C:\Users\Erfan Fiqre\Downloads\caez26ww.exe
2012-09-18 17:59 - 2012-09-18 17:59 - 86374992 ____A (Lenovo Group ) C:\Users\Erfan Fiqre\Downloads\IN1WLN80WW5.exe
2012-09-18 17:58 - 2012-09-18 17:58 - 03859464 ____A (Igor Pavlov) C:\Users\Erfan Fiqre\Downloads\40cn33ww_64.exe
2012-09-18 17:53 - 2009-07-13 21:13 - 00727310 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-28 22:20 - 2009-07-13 20:51 - 00113118 ____A C:\Windows\setupact(47).log
2012-08-28 17:53 - 2011-04-18 00:02 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-28 16:22 - 2011-11-09 04:45 - 00000952 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001UA.job
2012-08-28 16:22 - 2011-11-09 04:45 - 00000930 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001Core.job
2012-08-24 02:35 - 2009-07-13 20:45 - 00319592 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-23 17:37 - 2012-07-03 02:17 - 00000597 ____A C:\Windows\System32\MRT.INI
2012-08-23 17:34 - 2012-07-03 02:14 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-08-04 21:47 - 2012-08-04 21:47 - 00041300 ____A C:\Users\Erfan Fiqre\Downloads\android - tvxq.htm
2012-08-02 23:27 - 2009-07-13 21:08 - 00032654 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-18 09:31 - 2012-08-23 17:31 - 03146752 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-14 10:14 - 2009-07-13 18:34 - 00000502 ____A C:\Windows\win.ini
2012-07-10 23:32 - 2012-07-10 23:32 - 00001046 ____A C:\Users\Public\Desktop\YTD Video Downloader.lnk
2012-07-06 11:58 - 2012-08-23 17:37 - 00552448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2012-07-04 14:04 - 2012-08-23 17:31 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-07-04 14:01 - 2012-08-23 17:31 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\browser.dll
2012-07-04 14:01 - 2012-08-23 17:31 - 00058880 ____A (Microsoft Corporation) C:\Windows\System32\browcli.dll
2012-07-04 13:26 - 2012-08-23 17:31 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-07-04 13:23 - 2012-08-23 17:31 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2012-06-29 07:00 - 2012-06-29 07:00 - 00001845 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-06-29 06:59 - 2012-06-29 06:55 - 39401336 ____A (Apple Inc.) C:\Users\Erfan Fiqre\Downloads\QuickTimeInstaller.exe


ZeroAccess:
C:\Windows\assembly\temp
C:\Windows\assembly\temp\L
C:\Windows\assembly\temp\U
C:\Windows\assembly\temp\L\00000004.@
C:\Windows\assembly\temp\L\1afb2d56
C:\Windows\assembly\temp\L\201d3dde
C:\Windows\assembly\temp\L\55490ac4

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 4077.86 MB
Available physical RAM: 3374.24 MB
Total Pagefile: 4076.01 MB
Available Pagefile: 3367.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:552.22 GB) (Free:413.2 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.75 GB) NTFS
3 Drive f: (W7SP1_PROFESSIONAL) (CDROM) (Total:3.12 GB) (Free:0 GB) UDF
4 Drive g: () (Removable) (Total:3.75 GB) (Free:0.23 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 596 GB 1024 KB
Disk 1 Online 3853 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 200 MB 1024 KB
Partition 2 Primary 552 GB 201 MB
Partition 0 Extended 28 GB 552 GB
Partition 4 Logical 28 GB 552 GB
Partition 3 OEM 14 GB 581 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y NTFS Partition 200 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 552 GB Healthy

=========================================================

Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D LENOVO NTFS Partition 28 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 12
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 LENOVO_PART NTFS Partition 14 GB Healthy Hidden

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3852 MB 1504 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT32 Removable 3852 MB Healthy

=========================================================

Last Boot: 2012-07-21 03:24

==================== End Of Log =============================

[attachment=130314:FRST.txt]

Edited by hamluis, 20 September 2012 - 05:45 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 razgriz2012

razgriz2012
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 20 September 2012 - 11:56 AM

Thank you hamluis for moving to the correct thread :D

Edited by razgriz2012, 20 September 2012 - 11:59 AM.


#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:29 PM

Posted 20 September 2012 - 01:37 PM

Download the enclosed file: [attachment=130338:fixlist.txt]
Save it next to FRST in the USB drive.
Run FRST as you did before, except that this time around click on the Fix button and wait.
The tool will make a log in the flashdrive (Fixlog.txt) please post it in your next reply.

Attempt to boot in Normal Mode. If successful, follow these steps:

:step1:

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


:step2:

Posted Image Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

:step3:

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • OTL should now start. Change the following settings
    • Change Drivers to All
    • Change Standard Registry to All
    • Under File Scans, change File age to 30
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt (first run only). These are saved in the same location as OTL.
    • Please post the contents of the OTL.txt file and attach the Extras.Txt, if any, in your next reply.

Edited by JSntgRvr, 20 September 2012 - 01:44 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 razgriz2012

razgriz2012
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 21 September 2012 - 09:31 AM

Thank you JSntgRvr, it solved the problem! Anyway as requested

1.TDSS Killer

21:52:39.0744 4732 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:52:40.0262 4732 ============================================================
21:52:40.0262 4732 Current date / time: 2012/09/21 21:52:40.0262
21:52:40.0262 4732 SystemInfo:
21:52:40.0262 4732
21:52:40.0262 4732 OS Version: 6.1.7600 ServicePack: 0.0
21:52:40.0262 4732 Product type: Workstation
21:52:40.0263 4732 ComputerName: ERFANFIQRE-PC
21:52:40.0263 4732 UserName: Erfan Fiqre
21:52:40.0263 4732 Windows directory: C:\windows
21:52:40.0263 4732 System windows directory: C:\windows
21:52:40.0263 4732 Running under WOW64
21:52:40.0263 4732 Processor architecture: Intel x64
21:52:40.0263 4732 Number of processors: 4
21:52:40.0263 4732 Page size: 0x1000
21:52:40.0263 4732 Boot type: Normal boot
21:52:40.0263 4732 ============================================================
21:52:41.0212 4732 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:52:41.0222 4732 ============================================================
21:52:41.0222 4732 \Device\Harddisk0\DR0:
21:52:41.0222 4732 MBR partitions:
21:52:41.0222 4732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
21:52:41.0222 4732 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x45073000
21:52:41.0252 4732 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x450D8000, BlocksNum 0x39FD800
21:52:41.0252 4732 ============================================================
21:52:41.0321 4732 C: <-> \Device\Harddisk0\DR0\Partition2
21:52:41.0373 4732 D: <-> \Device\Harddisk0\DR0\Partition3
21:52:41.0374 4732 ============================================================
21:52:41.0374 4732 Initialize success
21:52:41.0374 4732 ============================================================
21:52:49.0249 5564 ============================================================
21:52:49.0250 5564 Scan started
21:52:49.0250 5564 Mode: Manual; SigCheck;
21:52:49.0250 5564 ============================================================
21:52:56.0281 5564 ================ Scan system memory ========================
21:52:56.0281 5564 System memory - ok
21:52:56.0281 5564 ================ Scan services =============================
21:52:56.0602 5564 [ 0F348233BD4D326FA513CAFB85A9306D ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
21:52:56.0835 5564 1394ohci - ok
21:52:56.0904 5564 [ B17FC92E0CBCE7C0C3F657B866EC7704 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
21:52:56.0944 5564 ACPI - ok
21:52:56.0999 5564 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
21:52:57.0115 5564 AcpiPmi - ok
21:52:57.0206 5564 [ 5BBFF8B826EC38D32C26334E079C7EFC ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
21:52:57.0247 5564 ACPIVPC - ok
21:52:57.0400 5564 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:52:57.0451 5564 AdobeARMservice - ok
21:52:57.0576 5564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:52:57.0643 5564 adp94xx - ok
21:52:57.0689 5564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:52:57.0707 5564 adpahci - ok
21:52:57.0783 5564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:52:57.0820 5564 adpu320 - ok
21:52:57.0841 5564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:52:58.0179 5564 AeLookupSvc - ok
21:52:58.0264 5564 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
21:52:58.0416 5564 AFD - ok
21:52:58.0535 5564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
21:52:58.0567 5564 agp440 - ok
21:52:58.0597 5564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:52:58.0653 5564 ALG - ok
21:52:58.0701 5564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
21:52:58.0726 5564 aliide - ok
21:52:58.0775 5564 [ 47E3D462E6D25A0AAD55EFC9718BA9F0 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:52:59.0286 5564 AMD External Events Utility - ok
21:52:59.0356 5564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
21:52:59.0406 5564 amdide - ok
21:52:59.0437 5564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:52:59.0540 5564 AmdK8 - ok
21:53:00.0127 5564 [ E094036D5D309EB8E61DB03F0372DC3E ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
21:53:00.0338 5564 amdkmdag - ok
21:53:00.0416 5564 [ 3C8352F3E32749829C84835B1CF32752 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:53:00.0484 5564 amdkmdap - ok
21:53:00.0522 5564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:53:00.0576 5564 AmdPPM - ok
21:53:00.0633 5564 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:53:00.0666 5564 amdsata - ok
21:53:00.0719 5564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:53:00.0789 5564 amdsbs - ok
21:53:00.0847 5564 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
21:53:00.0861 5564 amdxata - ok
21:53:00.0924 5564 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
21:53:00.0996 5564 AppID - ok
21:53:01.0053 5564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:53:01.0160 5564 AppIDSvc - ok
21:53:01.0266 5564 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
21:53:01.0380 5564 Appinfo - ok
21:53:01.0588 5564 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:53:01.0615 5564 Apple Mobile Device - ok
21:53:01.0904 5564 [ 0805ECF10476A091999E4D59D0DB71A2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
21:53:01.0957 5564 Application Updater - ok
21:53:02.0048 5564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:53:02.0108 5564 arc - ok
21:53:02.0162 5564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:53:02.0202 5564 arcsas - ok
21:53:02.0227 5564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:53:02.0293 5564 AsyncMac - ok
21:53:02.0384 5564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
21:53:02.0408 5564 atapi - ok
21:53:02.0518 5564 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
21:53:02.0543 5564 AtiHDAudioService - ok
21:53:02.0636 5564 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:53:02.0755 5564 AudioEndpointBuilder - ok
21:53:02.0836 5564 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
21:53:02.0905 5564 AudioSrv - ok
21:53:02.0969 5564 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
21:53:03.0185 5564 AxInstSV - ok
21:53:03.0287 5564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:53:03.0397 5564 b06bdrv - ok
21:53:03.0529 5564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:53:03.0589 5564 b57nd60a - ok
21:53:04.0105 5564 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:53:04.0147 5564 BBSvc - ok
21:53:04.0297 5564 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:53:04.0338 5564 BBUpdate - ok
21:53:04.0393 5564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:53:04.0551 5564 BDESVC - ok
21:53:04.0618 5564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:53:04.0742 5564 Beep - ok
21:53:04.0864 5564 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
21:53:04.0981 5564 BFE - ok
21:53:05.0086 5564 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\system32\qmgr.dll
21:53:05.0235 5564 BITS - ok
21:53:05.0274 5564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:53:05.0341 5564 blbdrive - ok
21:53:05.0518 5564 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:53:05.0576 5564 Bonjour Service - ok
21:53:05.0659 5564 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:53:05.0980 5564 bowser - ok
21:53:06.0019 5564 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
21:53:06.0032 5564 BPntDrv - ok
21:53:06.0091 5564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:53:06.0218 5564 BrFiltLo - ok
21:53:06.0239 5564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:53:06.0265 5564 BrFiltUp - ok
21:53:06.0360 5564 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:53:06.0486 5564 BridgeMP - ok
21:53:06.0570 5564 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
21:53:06.0665 5564 Browser - ok
21:53:06.0731 5564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:53:06.0802 5564 Brserid - ok
21:53:06.0895 5564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:53:06.0969 5564 BrSerWdm - ok
21:53:07.0023 5564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:53:07.0073 5564 BrUsbMdm - ok
21:53:07.0125 5564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:53:07.0187 5564 BrUsbSer - ok
21:53:07.0266 5564 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
21:53:07.0351 5564 BthEnum - ok
21:53:07.0409 5564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:53:07.0468 5564 BTHMODEM - ok
21:53:07.0583 5564 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:53:07.0640 5564 BthPan - ok
21:53:07.0726 5564 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
21:53:07.0773 5564 BTHPORT - ok
21:53:07.0855 5564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:53:07.0952 5564 bthserv - ok
21:53:07.0988 5564 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
21:53:08.0082 5564 BTHUSB - ok
21:53:08.0167 5564 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
21:53:08.0213 5564 btwampfl - ok
21:53:08.0256 5564 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
21:53:08.0273 5564 btwaudio - ok
21:53:08.0318 5564 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
21:53:08.0335 5564 btwavdt - ok
21:53:08.0518 5564 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
21:53:08.0579 5564 btwdins - ok
21:53:08.0800 5564 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
21:53:08.0854 5564 btwl2cap - ok
21:53:08.0925 5564 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
21:53:08.0952 5564 btwrchid - ok
21:53:09.0053 5564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:53:09.0190 5564 cdfs - ok
21:53:09.0291 5564 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:53:09.0368 5564 cdrom - ok
21:53:09.0433 5564 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
21:53:09.0554 5564 CertPropSvc - ok
21:53:09.0613 5564 [ E02C9CDB15F13DE4EB2FF67660E62317 ] cfwids C:\windows\system32\drivers\cfwids.sys
21:53:09.0646 5564 cfwids - ok
21:53:09.0704 5564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:53:09.0755 5564 circlass - ok
21:53:09.0806 5564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:53:09.0829 5564 CLFS - ok
21:53:09.0946 5564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:53:09.0994 5564 clr_optimization_v2.0.50727_32 - ok
21:53:10.0070 5564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:53:10.0104 5564 clr_optimization_v2.0.50727_64 - ok
21:53:10.0223 5564 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:53:10.0257 5564 clr_optimization_v4.0.30319_32 - ok
21:53:10.0363 5564 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:53:10.0391 5564 clr_optimization_v4.0.30319_64 - ok
21:53:10.0466 5564 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
21:53:10.0513 5564 clwvd - ok
21:53:10.0550 5564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:53:10.0592 5564 CmBatt - ok
21:53:10.0619 5564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
21:53:10.0658 5564 cmdide - ok
21:53:10.0738 5564 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
21:53:10.0836 5564 CNG - ok
21:53:10.0954 5564 [ A9078365CCE6DDF02DD9E5A3591DF1F5 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:53:10.0997 5564 CnxtHdAudService - ok
21:53:11.0072 5564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:53:11.0106 5564 Compbatt - ok
21:53:11.0175 5564 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
21:53:11.0246 5564 CompositeBus - ok
21:53:11.0293 5564 COMSysApp - ok
21:53:11.0345 5564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:53:11.0375 5564 crcdisk - ok
21:53:11.0431 5564 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\windows\system32\cryptsvc.dll
21:53:11.0461 5564 CryptSvc - ok
21:53:11.0599 5564 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:53:11.0985 5564 cvhsvc - ok
21:53:12.0087 5564 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
21:53:12.0197 5564 DcomLaunch - ok
21:53:12.0255 5564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:53:12.0366 5564 defragsvc - ok
21:53:12.0420 5564 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:53:12.0491 5564 DfsC - ok
21:53:12.0570 5564 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
21:53:12.0593 5564 dg_ssudbus - ok
21:53:12.0676 5564 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
21:53:12.0803 5564 Dhcp - ok
21:53:12.0848 5564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:53:12.0908 5564 discache - ok
21:53:12.0981 5564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:53:13.0010 5564 Disk - ok
21:53:13.0050 5564 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
21:53:13.0146 5564 Dnscache - ok
21:53:13.0203 5564 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
21:53:13.0337 5564 dot3svc - ok
21:53:13.0395 5564 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
21:53:13.0503 5564 DPS - ok
21:53:13.0572 5564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:53:13.0604 5564 drmkaud - ok
21:53:13.0704 5564 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\windows\system32\DRIVERS\dsNcAdpt.sys
21:53:13.0815 5564 dsNcAdpt - ok
21:53:14.0363 5564 [ B9974848860B96A096615C85C0961463 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
21:53:14.0415 5564 dsNcService - ok
21:53:14.0559 5564 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:53:14.0607 5564 DXGKrnl - ok
21:53:14.0655 5564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:53:14.0742 5564 EapHost - ok
21:53:14.0958 5564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:53:15.0156 5564 ebdrv - ok
21:53:15.0200 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
21:53:15.0355 5564 EFS - ok
21:53:15.0519 5564 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:53:15.0629 5564 ehRecvr - ok
21:53:15.0802 5564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:53:15.0926 5564 ehSched - ok
21:53:15.0980 5564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:53:16.0007 5564 elxstor - ok
21:53:16.0024 5564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
21:53:16.0118 5564 ErrDev - ok
21:53:16.0281 5564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:53:16.0372 5564 EventSystem - ok
21:53:16.0536 5564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:53:16.0607 5564 exfat - ok
21:53:16.0623 5564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:53:16.0692 5564 fastfat - ok
21:53:16.0801 5564 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
21:53:16.0899 5564 Fax - ok
21:53:16.0955 5564 [ 3191ACA33088EE2481044FC0DB736442 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
21:53:16.0985 5564 fbfmon - ok
21:53:17.0058 5564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:53:17.0134 5564 fdc - ok
21:53:17.0245 5564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:53:17.0332 5564 fdPHost - ok
21:53:17.0401 5564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:53:17.0566 5564 FDResPub - ok
21:53:17.0603 5564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:53:17.0621 5564 FileInfo - ok
21:53:17.0646 5564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:53:17.0719 5564 Filetrace - ok
21:53:17.0768 5564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:53:17.0820 5564 flpydisk - ok
21:53:17.0867 5564 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:53:17.0884 5564 FltMgr - ok
21:53:18.0029 5564 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
21:53:18.0163 5564 FontCache - ok
21:53:18.0234 5564 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:53:18.0260 5564 FontCache3.0.0.0 - ok
21:53:18.0296 5564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:53:18.0308 5564 FsDepends - ok
21:53:18.0357 5564 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:53:18.0405 5564 Fs_Rec - ok
21:53:18.0468 5564 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:53:18.0497 5564 fvevol - ok
21:53:18.0570 5564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:53:18.0606 5564 gagp30kx - ok
21:53:18.0676 5564 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:53:18.0692 5564 GEARAspiWDM - ok
21:53:18.0776 5564 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
21:53:18.0846 5564 gpsvc - ok
21:53:19.0041 5564 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:53:19.0067 5564 gupdate - ok
21:53:19.0119 5564 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:53:19.0148 5564 gupdatem - ok
21:53:19.0274 5564 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:53:19.0356 5564 gusvc - ok
21:53:19.0394 5564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:53:19.0512 5564 hcw85cir - ok
21:53:19.0555 5564 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:53:20.0069 5564 HdAudAddService - ok
21:53:20.0161 5564 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:53:20.0209 5564 HDAudBus - ok
21:53:20.0291 5564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:53:20.0384 5564 HidBatt - ok
21:53:20.0403 5564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:53:20.0442 5564 HidBth - ok
21:53:20.0537 5564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:53:20.0585 5564 HidIr - ok
21:53:20.0607 5564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:53:20.0754 5564 hidserv - ok
21:53:20.0832 5564 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:53:20.0855 5564 HidUsb - ok
21:53:20.0909 5564 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
21:53:20.0982 5564 hkmsvc - ok
21:53:21.0024 5564 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:53:21.0105 5564 HomeGroupListener - ok
21:53:21.0160 5564 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:53:21.0216 5564 HomeGroupProvider - ok
21:53:21.0346 5564 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
21:53:21.0394 5564 HpSAMD - ok
21:53:21.0475 5564 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:53:21.0536 5564 HTTP - ok
21:53:21.0561 5564 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:53:21.0571 5564 hwpolicy - ok
21:53:21.0617 5564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:53:21.0654 5564 i8042prt - ok
21:53:21.0854 5564 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:53:21.0889 5564 iaStor - ok
21:53:21.0996 5564 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:53:22.0025 5564 IAStorDataMgrSvc - ok
21:53:22.0086 5564 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:53:22.0146 5564 iaStorV - ok
21:53:22.0323 5564 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:53:22.0420 5564 idsvc - ok
21:53:23.0267 5564 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:53:23.0562 5564 igfx - ok
21:53:23.0610 5564 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:53:23.0623 5564 iirsp - ok
21:53:23.0813 5564 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
21:53:23.0948 5564 IKEEXT - ok
21:53:23.0972 5564 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
21:53:23.0982 5564 intelide - ok
21:53:24.0009 5564 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:53:24.0065 5564 intelppm - ok
21:53:24.0103 5564 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:53:24.0219 5564 IPBusEnum - ok
21:53:24.0269 5564 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:53:24.0379 5564 IpFilterDriver - ok
21:53:24.0562 5564 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:53:24.0641 5564 iphlpsvc - ok
21:53:24.0662 5564 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
21:53:24.0696 5564 IPMIDRV - ok
21:53:24.0762 5564 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:53:24.0852 5564 IPNAT - ok
21:53:24.0941 5564 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:53:24.0988 5564 iPod Service - ok
21:53:25.0025 5564 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:53:25.0093 5564 IRENUM - ok
21:53:25.0124 5564 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
21:53:25.0142 5564 isapnp - ok
21:53:25.0159 5564 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
21:53:25.0179 5564 iScsiPrt - ok
21:53:25.0247 5564 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
21:53:25.0292 5564 k57nd60a - ok
21:53:25.0344 5564 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:53:25.0370 5564 kbdclass - ok
21:53:25.0432 5564 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:53:25.0485 5564 kbdhid - ok
21:53:25.0556 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
21:53:25.0598 5564 KeyIso - ok
21:53:26.0080 5564 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:53:26.0582 5564 KSecDD - ok
21:53:26.0625 5564 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:53:26.0654 5564 KSecPkg - ok
21:53:26.0714 5564 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:53:26.0778 5564 ksthunk - ok
21:53:26.0885 5564 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:53:27.0214 5564 KtmRm - ok
21:53:27.0318 5564 [ 95CA93FC12BE372BB952669F37FFF9C5 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
21:53:27.0343 5564 L1C - ok
21:53:27.0404 5564 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
21:53:27.0553 5564 LanmanServer - ok
21:53:27.0728 5564 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:53:28.0109 5564 LanmanWorkstation - ok
21:53:28.0154 5564 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
21:53:28.0205 5564 LHDmgr - ok
21:53:28.0250 5564 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:53:28.0365 5564 lltdio - ok
21:53:28.0418 5564 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:53:28.0499 5564 lltdsvc - ok
21:53:28.0580 5564 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:53:28.0641 5564 lmhosts - ok
21:53:28.0706 5564 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:53:28.0749 5564 LMS - ok
21:53:28.0795 5564 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:53:28.0839 5564 LSI_FC - ok
21:53:28.0903 5564 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:53:28.0949 5564 LSI_SAS - ok
21:53:29.0006 5564 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:53:29.0061 5564 LSI_SAS2 - ok
21:53:29.0107 5564 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:53:29.0126 5564 LSI_SCSI - ok
21:53:29.0170 5564 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:53:29.0257 5564 luafv - ok
21:53:29.0391 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:53:29.0422 5564 McAfee SiteAdvisor Service - ok
21:53:29.0576 5564 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
21:53:29.0619 5564 McComponentHostService - ok
21:53:30.0182 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:53:30.0226 5564 McMPFSvc - ok
21:53:30.0326 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:53:30.0369 5564 mcmscsvc - ok
21:53:30.0577 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:53:30.0625 5564 McNaiAnn - ok
21:53:30.0681 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:53:30.0725 5564 McNASvc - ok
21:53:30.0884 5564 [ 3809B77EB1734CD5FB317425F188ABC1 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
21:53:30.0916 5564 McODS - ok
21:53:30.0945 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:53:30.0969 5564 McOobeSv - ok
21:53:30.0975 5564 [ 458A013DF72EAAB91877FA03533E2C8B ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:53:30.0991 5564 McProxy - ok
21:53:31.0087 5564 [ 461EABB62F1827B965F508092160EDDC ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:53:31.0128 5564 McShield - ok
21:53:31.0205 5564 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:53:31.0263 5564 Mcx2Svc - ok
21:53:31.0288 5564 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:53:31.0304 5564 megasas - ok
21:53:31.0342 5564 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:53:31.0374 5564 MegaSR - ok
21:53:31.0422 5564 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:53:31.0449 5564 MEIx64 - ok
21:53:31.0462 5564 [ C1556CA9695FCD6BBD23D75D402FD43D ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys
21:53:31.0478 5564 mfeapfk - ok
21:53:31.0519 5564 [ 8857EE8B49F3338FC1FAD476BFCCA146 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
21:53:31.0530 5564 mfeavfk - ok
21:53:31.0597 5564 mfeavfk01 - ok
21:53:31.0921 5564 [ DD92E94E265864306377F091B100D0D0 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:53:31.0945 5564 mfefire - ok
21:53:32.0240 5564 [ 19C44295F6BF085C83352D48397F7870 ] mfefirek C:\windows\system32\drivers\mfefirek.sys
21:53:32.0290 5564 mfefirek - ok
21:53:32.0324 5564 [ 5F915E20AB56121C41C6BF9A91A83BDA ] mfehidk C:\windows\system32\drivers\mfehidk.sys
21:53:32.0380 5564 mfehidk - ok
21:53:32.0437 5564 [ 23AE332E32FF615CA5E5224C8D91AF11 ] mfenlfk C:\windows\system32\DRIVERS\mfenlfk.sys
21:53:32.0468 5564 mfenlfk - ok
21:53:32.0493 5564 [ 9C7A9273E345F8D653394B5C542BF86A ] mferkdet C:\windows\system32\drivers\mferkdet.sys
21:53:32.0504 5564 mferkdet - ok
21:53:32.0535 5564 [ AECD0C9ABDFDC61BE31163B624C4170F ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
21:53:32.0546 5564 mfevtp - ok
21:53:32.0569 5564 [ 3140B2C56D7119BA314F68FC785683F0 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys
21:53:32.0583 5564 mfewfpk - ok
21:53:32.0627 5564 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:53:32.0721 5564 MMCSS - ok
21:53:32.0737 5564 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:53:32.0835 5564 Modem - ok
21:53:32.0924 5564 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:53:32.0990 5564 monitor - ok
21:53:33.0072 5564 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:53:33.0101 5564 mouclass - ok
21:53:33.0178 5564 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:53:33.0246 5564 mouhid - ok
21:53:33.0309 5564 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:53:33.0334 5564 mountmgr - ok
21:53:33.0365 5564 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
21:53:33.0403 5564 mpio - ok
21:53:33.0425 5564 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:53:33.0468 5564 mpsdrv - ok
21:53:33.0511 5564 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:53:33.0583 5564 MRxDAV - ok
21:53:33.0863 5564 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:53:33.0964 5564 mrxsmb - ok
21:53:34.0028 5564 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:53:34.0099 5564 mrxsmb10 - ok
21:53:34.0159 5564 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:53:34.0171 5564 mrxsmb20 - ok
21:53:34.0195 5564 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
21:53:34.0326 5564 msahci - ok
21:53:34.0346 5564 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
21:53:34.0360 5564 msdsm - ok
21:53:34.0374 5564 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:53:34.0390 5564 MSDTC - ok
21:53:34.0449 5564 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:53:34.0513 5564 Msfs - ok
21:53:34.0598 5564 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:53:34.0675 5564 mshidkmdf - ok
21:53:34.0685 5564 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
21:53:34.0712 5564 msisadrv - ok
21:53:34.0793 5564 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:53:34.0903 5564 MSiSCSI - ok
21:53:34.0906 5564 msiserver - ok
21:53:34.0943 5564 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:53:35.0033 5564 MSKSSRV - ok
21:53:35.0103 5564 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:53:35.0196 5564 MSPCLOCK - ok
21:53:35.0261 5564 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:53:35.0380 5564 MSPQM - ok
21:53:35.0443 5564 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:53:35.0473 5564 MsRPC - ok
21:53:35.0489 5564 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
21:53:35.0499 5564 mssmbios - ok
21:53:35.0595 5564 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:53:35.0832 5564 MSTEE - ok
21:53:35.0928 5564 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:53:35.0970 5564 MTConfig - ok
21:53:36.0025 5564 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:53:36.0049 5564 Mup - ok
21:53:36.0123 5564 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
21:53:36.0236 5564 napagent - ok
21:53:36.0310 5564 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:53:36.0386 5564 NativeWifiP - ok
21:53:36.0455 5564 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
21:53:36.0505 5564 NDIS - ok
21:53:36.0603 5564 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:53:36.0678 5564 NdisCap - ok
21:53:36.0755 5564 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:53:36.0855 5564 NdisTapi - ok
21:53:36.0891 5564 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:53:36.0967 5564 Ndisuio - ok
21:53:37.0007 5564 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:53:37.0038 5564 NdisWan - ok
21:53:37.0123 5564 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:53:37.0221 5564 NDProxy - ok
21:53:37.0298 5564 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:53:37.0394 5564 NetBIOS - ok
21:53:37.0437 5564 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:53:37.0523 5564 NetBT - ok
21:53:37.0580 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
21:53:37.0592 5564 Netlogon - ok
21:53:38.0147 5564 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:53:38.0230 5564 Netman - ok
21:53:38.0266 5564 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:53:38.0450 5564 netprofm - ok
21:53:38.0493 5564 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:53:38.0521 5564 NetTcpPortSharing - ok
21:53:38.0989 5564 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
21:53:39.0215 5564 netw5v64 - ok
21:53:39.0280 5564 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:53:39.0310 5564 nfrd960 - ok
21:53:39.0371 5564 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
21:53:39.0451 5564 NlaSvc - ok
21:53:39.0479 5564 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:53:39.0587 5564 Npfs - ok
21:53:40.0015 5564 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:53:40.0163 5564 nsi - ok
21:53:40.0195 5564 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:53:40.0274 5564 nsiproxy - ok
21:53:40.0448 5564 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:53:40.0535 5564 Ntfs - ok
21:53:40.0601 5564 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:53:40.0663 5564 Null - ok
21:53:40.0718 5564 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
21:53:40.0752 5564 nvraid - ok
21:53:40.0871 5564 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
21:53:40.0920 5564 nvstor - ok
21:53:40.0938 5564 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
21:53:40.0952 5564 nv_agp - ok
21:53:41.0083 5564 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:53:41.0117 5564 odserv - ok
21:53:41.0147 5564 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
21:53:41.0212 5564 ohci1394 - ok
21:53:41.0328 5564 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:53:41.0356 5564 ose - ok
21:53:41.0909 5564 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:53:42.0153 5564 osppsvc - ok
21:53:42.0222 5564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:53:42.0389 5564 p2pimsvc - ok
21:53:42.0474 5564 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:53:42.0494 5564 p2psvc - ok
21:53:42.0521 5564 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:53:42.0605 5564 Parport - ok
21:53:42.0651 5564 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
21:53:42.0696 5564 partmgr - ok
21:53:42.0760 5564 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:53:42.0863 5564 PcaSvc - ok
21:53:42.0904 5564 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
21:53:42.0938 5564 pci - ok
21:53:42.0963 5564 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
21:53:42.0976 5564 pciide - ok
21:53:42.0993 5564 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:53:43.0009 5564 pcmcia - ok
21:53:43.0043 5564 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:53:43.0085 5564 pcw - ok
21:53:43.0157 5564 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:53:43.0240 5564 PEAUTH - ok
21:53:43.0416 5564 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:53:43.0474 5564 PerfHost - ok
21:53:43.0605 5564 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
21:53:44.0199 5564 pla - ok
21:53:44.0266 5564 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:53:44.0332 5564 PlugPlay - ok
21:53:44.0387 5564 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:53:44.0598 5564 PNRPAutoReg - ok
21:53:44.0632 5564 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:53:44.0658 5564 PNRPsvc - ok
21:53:44.0707 5564 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:53:44.0819 5564 PolicyAgent - ok
21:53:44.0866 5564 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:53:44.0964 5564 Power - ok
21:53:45.0027 5564 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:53:45.0138 5564 PptpMiniport - ok
21:53:45.0168 5564 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:53:45.0261 5564 Processor - ok
21:53:45.0315 5564 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
21:53:45.0419 5564 ProfSvc - ok
21:53:45.0458 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
21:53:45.0472 5564 ProtectedStorage - ok
21:53:45.0567 5564 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:53:45.0626 5564 Psched - ok
21:53:46.0187 5564 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:53:46.0239 5564 ql2300 - ok
21:53:46.0262 5564 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:53:46.0274 5564 ql40xx - ok
21:53:46.0317 5564 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:53:46.0335 5564 QWAVE - ok
21:53:46.0339 5564 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:53:46.0354 5564 QWAVEdrv - ok
21:53:46.0403 5564 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:53:46.0496 5564 RasAcd - ok
21:53:46.0558 5564 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:53:46.0645 5564 RasAgileVpn - ok
21:53:46.0820 5564 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:53:46.0952 5564 RasAuto - ok
21:53:46.0976 5564 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:53:47.0033 5564 Rasl2tp - ok
21:53:47.0082 5564 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
21:53:47.0240 5564 RasMan - ok
21:53:47.0319 5564 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:53:47.0452 5564 RasPppoe - ok
21:53:47.0502 5564 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:53:47.0596 5564 RasSstp - ok
21:53:47.0622 5564 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:53:47.0672 5564 rdbss - ok
21:53:48.0098 5564 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:53:48.0223 5564 rdpbus - ok
21:53:48.0274 5564 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:53:48.0328 5564 RDPCDD - ok
21:53:48.0346 5564 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:53:48.0375 5564 RDPENCDD - ok
21:53:48.0412 5564 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:53:48.0486 5564 RDPREFMP - ok
21:53:48.0524 5564 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:53:48.0575 5564 RDPWD - ok
21:53:48.0975 5564 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:53:49.0003 5564 rdyboost - ok
21:53:49.0059 5564 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:53:49.0153 5564 RemoteAccess - ok
21:53:49.0194 5564 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:53:49.0319 5564 RemoteRegistry - ok
21:53:49.0383 5564 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
21:53:49.0460 5564 RFCOMM - ok
21:53:49.0509 5564 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:53:49.0598 5564 RpcEptMapper - ok
21:53:49.0882 5564 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:53:49.0928 5564 RpcLocator - ok
21:53:49.0989 5564 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
21:53:50.0054 5564 RpcSs - ok
21:53:50.0090 5564 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:53:50.0173 5564 rspndr - ok
21:53:50.0234 5564 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
21:53:50.0269 5564 RSUSBVSTOR - ok
21:53:50.0303 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
21:53:50.0320 5564 SamSs - ok
21:53:50.0360 5564 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
21:53:50.0376 5564 sbp2port - ok
21:53:50.0431 5564 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:53:50.0488 5564 SCardSvr - ok
21:53:50.0523 5564 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:53:50.0580 5564 scfilter - ok
21:53:50.0731 5564 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
21:53:50.0883 5564 Schedule - ok
21:53:50.0916 5564 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
21:53:50.0976 5564 SCPolicySvc - ok
21:53:51.0033 5564 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:53:51.0118 5564 SDRSVC - ok
21:53:51.0170 5564 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:53:51.0256 5564 secdrv - ok
21:53:51.0311 5564 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
21:53:51.0449 5564 seclogon - ok
21:53:51.0485 5564 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:53:51.0540 5564 SENS - ok
21:53:51.0567 5564 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:53:52.0187 5564 SensrSvc - ok
21:53:52.0242 5564 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:53:52.0304 5564 Serenum - ok
21:53:52.0371 5564 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:53:52.0440 5564 Serial - ok
21:53:52.0458 5564 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:53:52.0471 5564 sermouse - ok
21:53:52.0546 5564 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
21:53:52.0578 5564 SessionEnv - ok
21:53:52.0636 5564 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
21:53:52.0711 5564 sffdisk - ok
21:53:52.0750 5564 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
21:53:52.0781 5564 sffp_mmc - ok
21:53:52.0805 5564 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
21:53:52.0842 5564 sffp_sd - ok
21:53:52.0881 5564 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:53:52.0954 5564 sfloppy - ok
21:53:53.0022 5564 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:53:53.0047 5564 Sftfs - ok
21:53:53.0155 5564 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:53:53.0194 5564 sftlist - ok
21:53:53.0278 5564 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:53:53.0301 5564 Sftplay - ok
21:53:53.0321 5564 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:53:53.0330 5564 Sftredir - ok
21:53:53.0374 5564 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:53:53.0409 5564 Sftvol - ok
21:53:53.0569 5564 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:53:53.0640 5564 sftvsa - ok
21:53:53.0820 5564 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:53:53.0916 5564 SharedAccess - ok
21:53:54.0187 5564 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:53:54.0232 5564 ShellHWDetection - ok
21:53:54.0324 5564 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:53:54.0340 5564 SiSRaid2 - ok
21:53:54.0370 5564 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:53:54.0401 5564 SiSRaid4 - ok
21:53:54.0484 5564 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:53:54.0541 5564 Smb - ok
21:53:54.0607 5564 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:53:54.0668 5564 SNMPTRAP - ok
21:53:54.0728 5564 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:53:54.0795 5564 spldr - ok
21:53:55.0069 5564 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\windows\System32\spoolsv.exe
21:53:55.0196 5564 Spooler - ok
21:53:55.0625 5564 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
21:53:56.0601 5564 sppsvc - ok
21:53:56.0647 5564 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:53:56.0732 5564 sppuinotify - ok
21:53:56.0826 5564 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
21:53:56.0898 5564 srv - ok
21:53:56.0945 5564 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:53:57.0004 5564 srv2 - ok
21:53:57.0032 5564 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:53:57.0087 5564 srvnet - ok
21:53:57.0172 5564 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:53:57.0296 5564 SSDPSRV - ok
21:53:57.0358 5564 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:53:57.0473 5564 SstpSvc - ok
21:53:57.0563 5564 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
21:53:57.0610 5564 ssudmdm - ok
21:53:58.0043 5564 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:53:58.0073 5564 stexstor - ok
21:53:58.0266 5564 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
21:53:58.0340 5564 stisvc - ok
21:53:58.0367 5564 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
21:53:58.0376 5564 swenum - ok
21:53:58.0450 5564 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:53:58.0560 5564 swprv - ok
21:53:58.0809 5564 [ EBEADA6A9A8CCA0BAAE79EE720BD0156 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:53:58.0854 5564 SynTP - ok
21:53:59.0007 5564 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
21:53:59.0124 5564 SysMain - ok
21:53:59.0168 5564 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
21:53:59.0218 5564 TabletInputService - ok
21:53:59.0238 5564 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
21:53:59.0293 5564 TapiSrv - ok
21:53:59.0340 5564 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:53:59.0370 5564 TBS - ok
21:53:59.0549 5564 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:53:59.0652 5564 Tcpip - ok
21:54:00.0055 5564 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:54:00.0089 5564 TCPIP6 - ok
21:54:00.0153 5564 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:54:00.0218 5564 tcpipreg - ok
21:54:00.0253 5564 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:54:00.0329 5564 TDPIPE - ok
21:54:00.0362 5564 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:54:00.0473 5564 TDTCP - ok
21:54:00.0517 5564 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:54:00.0624 5564 tdx - ok
21:54:00.0730 5564 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
21:54:00.0766 5564 TermDD - ok
21:54:00.0840 5564 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
21:54:00.0893 5564 TermService - ok
21:54:00.0954 5564 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:54:01.0039 5564 Themes - ok
21:54:01.0072 5564 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:54:01.0155 5564 THREADORDER - ok
21:54:01.0184 5564 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:54:01.0303 5564 TrkWks - ok
21:54:01.0383 5564 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:54:01.0455 5564 TrustedInstaller - ok
21:54:01.0481 5564 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:54:01.0539 5564 tssecsrv - ok
21:54:01.0608 5564 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:54:02.0166 5564 tunnel - ok
21:54:02.0214 5564 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:54:02.0225 5564 uagp35 - ok
21:54:02.0270 5564 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:54:02.0358 5564 udfs - ok
21:54:02.0415 5564 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:54:02.0497 5564 UI0Detect - ok
21:54:02.0547 5564 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
21:54:02.0588 5564 uliagpkx - ok
21:54:02.0645 5564 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:54:02.0715 5564 umbus - ok
21:54:02.0751 5564 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:54:02.0766 5564 UmPass - ok
21:54:03.0043 5564 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:54:03.0108 5564 UNS - ok
21:54:03.0168 5564 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:54:03.0253 5564 upnphost - ok
21:54:03.0301 5564 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:54:03.0407 5564 USBAAPL64 - ok
21:54:03.0432 5564 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:54:03.0459 5564 usbccgp - ok
21:54:03.0504 5564 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
21:54:03.0584 5564 usbcir - ok
21:54:03.0607 5564 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:54:03.0632 5564 usbehci - ok
21:54:04.0646 5564 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:54:04.0710 5564 usbhub - ok
21:54:04.0746 5564 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:54:04.0802 5564 usbohci - ok
21:54:04.0877 5564 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:54:04.0969 5564 usbprint - ok
21:54:05.0027 5564 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:54:05.0073 5564 usbscan - ok
21:54:05.0115 5564 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:54:05.0201 5564 USBSTOR - ok
21:54:05.0241 5564 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:54:05.0320 5564 usbuhci - ok
21:54:05.0418 5564 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:54:05.0524 5564 usbvideo - ok
21:54:05.0579 5564 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:54:05.0638 5564 UxSms - ok
21:54:06.0005 5564 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
21:54:06.0039 5564 VaultSvc - ok
21:54:06.0080 5564 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
21:54:06.0125 5564 vdrvroot - ok
21:54:06.0203 5564 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
21:54:06.0251 5564 vds - ok
21:54:06.0315 5564 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:54:06.0332 5564 vga - ok
21:54:06.0356 5564 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:54:06.0385 5564 VgaSave - ok
21:54:06.0409 5564 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
21:54:06.0422 5564 vhdmp - ok
21:54:06.0444 5564 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
21:54:06.0455 5564 viaide - ok
21:54:06.0475 5564 [ 5CB80AFA98111FC6ED6E8702A0D7AC5B ] vm2uvcflt C:\windows\system32\Drivers\vm2uvcflt.sys
21:54:06.0484 5564 vm2uvcflt - ok
21:54:06.0526 5564 [ AE855ED728655EF0A14A1EC272DED5CD ] vm332avs C:\windows\system32\Drivers\vm332avs.sys
21:54:06.0539 5564 vm332avs - ok
21:54:06.0565 5564 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
21:54:06.0577 5564 volmgr - ok
21:54:06.0619 5564 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:54:06.0634 5564 volmgrx - ok
21:54:06.0710 5564 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
21:54:06.0770 5564 volsnap - ok
21:54:06.0822 5564 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:54:06.0863 5564 vsmraid - ok
21:54:07.0047 5564 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
21:54:07.0157 5564 VSS - ok
21:54:07.0190 5564 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:54:07.0238 5564 vwifibus - ok
21:54:07.0307 5564 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:54:07.0373 5564 vwififlt - ok
21:54:07.0417 5564 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:54:07.0485 5564 vwifimp - ok
21:54:07.0546 5564 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:54:07.0639 5564 W32Time - ok
21:54:07.0988 5564 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:54:08.0017 5564 WacomPen - ok
21:54:08.0086 5564 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:54:08.0202 5564 WANARP - ok
21:54:08.0241 5564 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:54:08.0281 5564 Wanarpv6 - ok
21:54:08.0494 5564 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:54:08.0593 5564 WatAdminSvc - ok
21:54:08.0724 5564 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
21:54:08.0822 5564 wbengine - ok
21:54:08.0853 5564 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:54:08.0874 5564 WbioSrvc - ok
21:54:08.0927 5564 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
21:54:09.0067 5564 wcncsvc - ok
21:54:09.0112 5564 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:54:09.0210 5564 WcsPlugInService - ok
21:54:09.0255 5564 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:54:09.0280 5564 Wd - ok
21:54:09.0324 5564 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:54:09.0356 5564 Wdf01000 - ok
21:54:09.0391 5564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:54:09.0492 5564 WdiServiceHost - ok
21:54:09.0524 5564 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:54:09.0550 5564 WdiSystemHost - ok
21:54:09.0603 5564 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
21:54:10.0263 5564 WebClient - ok
21:54:10.0294 5564 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:54:10.0376 5564 Wecsvc - ok
21:54:10.0417 5564 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:54:10.0562 5564 wercplsupport - ok
21:54:10.0628 5564 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:54:10.0722 5564 WerSvc - ok
21:54:10.0783 5564 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:54:10.0847 5564 WfpLwf - ok
21:54:10.0857 5564 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:54:10.0868 5564 WIMMount - ok
21:54:10.0957 5564 WinDefend - ok
21:54:10.0977 5564 WinHttpAutoProxySvc - ok
21:54:11.0071 5564 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:54:11.0137 5564 Winmgmt - ok
21:54:11.0263 5564 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
21:54:11.0437 5564 WinRM - ok
21:54:11.0553 5564 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:54:11.0625 5564 WinUsb - ok
21:54:11.0978 5564 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:54:12.0066 5564 Wlansvc - ok
21:54:12.0111 5564 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:54:12.0131 5564 wlcrasvc - ok
21:54:12.0317 5564 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:54:12.0361 5564 wlidsvc - ok
21:54:12.0403 5564 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
21:54:12.0434 5564 WmiAcpi - ok
21:54:12.0482 5564 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:54:12.0558 5564 wmiApSrv - ok
21:54:12.0607 5564 WMPNetworkSvc - ok
21:54:12.0653 5564 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:54:12.0759 5564 WPCSvc - ok
21:54:12.0810 5564 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:54:12.0887 5564 WPDBusEnum - ok
21:54:12.0926 5564 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:54:13.0066 5564 ws2ifsl - ok
21:54:13.0189 5564 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
21:54:13.0279 5564 wscsvc - ok
21:54:13.0291 5564 WSearch - ok
21:54:13.0353 5564 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
21:54:13.0386 5564 wsvd - ok
21:54:13.0535 5564 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:54:13.0642 5564 wuauserv - ok
21:54:13.0803 5564 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:54:13.0866 5564 WudfPf - ok
21:54:13.0902 5564 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:54:13.0963 5564 WUDFRd - ok
21:54:14.0036 5564 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:54:14.0135 5564 wudfsvc - ok
21:54:14.0162 5564 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:54:14.0203 5564 WwanSvc - ok
21:54:14.0368 5564 ================ Scan global ===============================
21:54:14.0420 5564 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:54:14.0479 5564 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\windows\system32\winsrv.dll
21:54:14.0495 5564 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\windows\system32\winsrv.dll
21:54:14.0520 5564 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:54:14.0566 5564 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:54:14.0574 5564 [Global] - ok
21:54:14.0575 5564 ================ Scan MBR ==================================
21:54:14.0609 5564 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:54:14.0967 5564 \Device\Harddisk0\DR0 - ok
21:54:14.0968 5564 ================ Scan VBR ==================================
21:54:14.0996 5564 [ 7D920B3C37327507EF9A7B8B64F481D6 ] \Device\Harddisk0\DR0\Partition1
21:54:14.0999 5564 \Device\Harddisk0\DR0\Partition1 - ok
21:54:15.0024 5564 [ 509D615E5C752685A6CCF5A56DE509F9 ] \Device\Harddisk0\DR0\Partition2
21:54:15.0028 5564 \Device\Harddisk0\DR0\Partition2 - ok
21:54:15.0080 5564 [ F36381FD101982A1E536B4CE1A90470F ] \Device\Harddisk0\DR0\Partition3
21:54:15.0083 5564 \Device\Harddisk0\DR0\Partition3 - ok
21:54:15.0084 5564 ============================================================
21:54:15.0084 5564 Scan finished
21:54:15.0084 5564 ============================================================
21:54:15.0104 5528 Detected object count: 0
21:54:15.0104 5528 Actual detected object count: 0
21:54:34.0505 2604 ============================================================
21:54:34.0505 2604 Scan started
21:54:34.0505 2604 Mode: Manual; SigCheck; TDLFS;
21:54:34.0505 2604 ============================================================
21:54:40.0954 2604 ================ Scan system memory ========================
21:54:40.0954 2604 System memory - ok
21:54:40.0954 2604 ================ Scan services =============================
21:54:41.0209 2604 [ 0F348233BD4D326FA513CAFB85A9306D ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
21:54:41.0230 2604 1394ohci - ok
21:54:41.0278 2604 [ B17FC92E0CBCE7C0C3F657B866EC7704 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
21:54:41.0295 2604 ACPI - ok
21:54:41.0342 2604 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
21:54:41.0366 2604 AcpiPmi - ok
21:54:41.0404 2604 [ 5BBFF8B826EC38D32C26334E079C7EFC ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
21:54:41.0414 2604 ACPIVPC - ok
21:54:41.0598 2604 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:54:41.0843 2604 AdobeARMservice - ok
21:54:41.0903 2604 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
21:54:41.0919 2604 adp94xx - ok
21:54:41.0953 2604 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
21:54:41.0980 2604 adpahci - ok
21:54:42.0024 2604 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
21:54:42.0037 2604 adpu320 - ok
21:54:42.0072 2604 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:54:42.0131 2604 AeLookupSvc - ok
21:54:42.0173 2604 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
21:54:42.0214 2604 AFD - ok
21:54:42.0255 2604 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
21:54:42.0292 2604 agp440 - ok
21:54:42.0329 2604 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:54:42.0354 2604 ALG - ok
21:54:42.0388 2604 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
21:54:42.0400 2604 aliide - ok
21:54:42.0439 2604 [ 47E3D462E6D25A0AAD55EFC9718BA9F0 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:54:42.0456 2604 AMD External Events Utility - ok
21:54:42.0487 2604 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
21:54:42.0517 2604 amdide - ok
21:54:42.0535 2604 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
21:54:42.0560 2604 AmdK8 - ok
21:54:43.0101 2604 [ E094036D5D309EB8E61DB03F0372DC3E ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
21:54:43.0177 2604 amdkmdag - ok
21:54:43.0213 2604 [ 3C8352F3E32749829C84835B1CF32752 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:54:43.0226 2604 amdkmdap - ok
21:54:43.0253 2604 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
21:54:43.0314 2604 AmdPPM - ok
21:54:43.0342 2604 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:54:43.0355 2604 amdsata - ok
21:54:43.0384 2604 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
21:54:43.0414 2604 amdsbs - ok
21:54:43.0445 2604 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
21:54:43.0475 2604 amdxata - ok
21:54:43.0522 2604 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
21:54:43.0553 2604 AppID - ok
21:54:43.0574 2604 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:54:43.0603 2604 AppIDSvc - ok
21:54:43.0608 2604 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
21:54:43.0623 2604 Appinfo - ok
21:54:43.0887 2604 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:54:43.0928 2604 Apple Mobile Device - ok
21:54:43.0987 2604 [ 0805ECF10476A091999E4D59D0DB71A2 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
21:54:44.0022 2604 Application Updater - ok
21:54:44.0035 2604 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
21:54:44.0045 2604 arc - ok
21:54:44.0082 2604 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
21:54:44.0093 2604 arcsas - ok
21:54:44.0103 2604 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:54:44.0132 2604 AsyncMac - ok
21:54:44.0172 2604 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
21:54:44.0198 2604 atapi - ok
21:54:44.0237 2604 [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
21:54:44.0249 2604 AtiHDAudioService - ok
21:54:44.0320 2604 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:54:44.0394 2604 AudioEndpointBuilder - ok
21:54:44.0428 2604 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
21:54:44.0480 2604 AudioSrv - ok
21:54:44.0557 2604 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
21:54:44.0608 2604 AxInstSV - ok
21:54:44.0719 2604 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
21:54:44.0752 2604 b06bdrv - ok
21:54:44.0781 2604 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:54:44.0817 2604 b57nd60a - ok
21:54:44.0970 2604 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
21:54:45.0004 2604 BBSvc - ok
21:54:45.0217 2604 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
21:54:45.0279 2604 BBUpdate - ok
21:54:45.0346 2604 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:54:45.0394 2604 BDESVC - ok
21:54:45.0449 2604 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:54:45.0516 2604 Beep - ok
21:54:45.0606 2604 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
21:54:45.0654 2604 BFE - ok
21:54:45.0740 2604 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\system32\qmgr.dll
21:54:45.0791 2604 BITS - ok
21:54:45.0828 2604 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:54:45.0840 2604 blbdrive - ok
21:54:45.0984 2604 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:54:46.0014 2604 Bonjour Service - ok
21:54:46.0034 2604 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:54:46.0089 2604 bowser - ok
21:54:46.0128 2604 [ AAA4F992F879977A000FE8B8C730CD2C ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
21:54:46.0138 2604 BPntDrv - ok
21:54:46.0190 2604 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
21:54:46.0240 2604 BrFiltLo - ok
21:54:46.0259 2604 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
21:54:46.0274 2604 BrFiltUp - ok
21:54:46.0302 2604 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:54:46.0334 2604 BridgeMP - ok
21:54:46.0390 2604 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
21:54:46.0421 2604 Browser - ok
21:54:46.0438 2604 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:54:46.0454 2604 Brserid - ok
21:54:46.0504 2604 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:54:46.0560 2604 BrSerWdm - ok
21:54:46.0588 2604 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:54:46.0604 2604 BrUsbMdm - ok
21:54:46.0645 2604 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:54:46.0691 2604 BrUsbSer - ok
21:54:46.0730 2604 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
21:54:46.0751 2604 BthEnum - ok
21:54:46.0808 2604 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
21:54:46.0834 2604 BTHMODEM - ok
21:54:46.0847 2604 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:54:46.0861 2604 BthPan - ok
21:54:46.0937 2604 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
21:54:46.0967 2604 BTHPORT - ok
21:54:47.0008 2604 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:54:47.0068 2604 bthserv - ok
21:54:47.0108 2604 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
21:54:47.0120 2604 BTHUSB - ok
21:54:47.0152 2604 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
21:54:47.0175 2604 btwampfl - ok
21:54:47.0198 2604 [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
21:54:47.0249 2604 btwaudio - ok
21:54:47.0695 2604 [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
21:54:47.0729 2604 btwavdt - ok
21:54:47.0939 2604 [ 692F8648D7686D91E34A65AC698019D8 ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
21:54:47.0984 2604 btwdins - ok
21:54:48.0287 2604 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
21:54:48.0316 2604 btwl2cap - ok
21:54:48.0346 2604 [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
21:54:48.0387 2604 btwrchid - ok
21:54:48.0417 2604 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:54:48.0459 2604 cdfs - ok
21:54:48.0521 2604 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:54:48.0542 2604 cdrom - ok
21:54:48.0577 2604 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
21:54:48.0630 2604 CertPropSvc - ok
21:54:48.0689 2604 [ E02C9CDB15F13DE4EB2FF67660E62317 ] cfwids C:\windows\system32\drivers\cfwids.sys
21:54:48.0734 2604 cfwids - ok
21:54:48.0768 2604 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
21:54:48.0791 2604 circlass - ok
21:54:48.0851 2604 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:54:48.0883 2604 CLFS - ok
21:54:49.0011 2604 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:54:49.0038 2604 clr_optimization_v2.0.50727_32 - ok
21:54:49.0112 2604 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:54:49.0138 2604 clr_optimization_v2.0.50727_64 - ok
21:54:49.0199 2604 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:54:49.0247 2604 clr_optimization_v4.0.30319_32 - ok
21:54:49.0317 2604 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:54:49.0337 2604 clr_optimization_v4.0.30319_64 - ok
21:54:49.0376 2604 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
21:54:49.0390 2604 clwvd - ok
21:54:49.0403 2604 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:54:49.0439 2604 CmBatt - ok
21:54:49.0473 2604 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
21:54:49.0501 2604 cmdide - ok
21:54:49.0555 2604 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
21:54:49.0586 2604 CNG - ok
21:54:49.0691 2604 [ A9078365CCE6DDF02DD9E5A3591DF1F5 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:54:49.0728 2604 CnxtHdAudService - ok
21:54:49.0759 2604 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
21:54:49.0806 2604 Compbatt - ok
21:54:49.0839 2604 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
21:54:49.0876 2604 CompositeBus - ok
21:54:49.0883 2604 COMSysApp - ok
21:54:49.0910 2604 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
21:54:49.0921 2604 crcdisk - ok
21:54:49.0997 2604 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\windows\system32\cryptsvc.dll
21:54:50.0028 2604 CryptSvc - ok
21:54:50.0138 2604 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:54:50.0172 2604 cvhsvc - ok
21:54:50.0214 2604 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
21:54:50.0248 2604 DcomLaunch - ok
21:54:50.0297 2604 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:54:50.0328 2604 defragsvc - ok
21:54:50.0352 2604 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:54:50.0364 2604 DfsC - ok
21:54:50.0400 2604 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
21:54:50.0410 2604 dg_ssudbus - ok
21:54:50.0459 2604 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
21:54:50.0476 2604 Dhcp - ok
21:54:50.0511 2604 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:54:50.0541 2604 discache - ok
21:54:50.0578 2604 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
21:54:50.0589 2604 Disk - ok
21:54:50.0624 2604 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
21:54:50.0638 2604 Dnscache - ok
21:54:50.0680 2604 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
21:54:50.0739 2604 dot3svc - ok
21:54:50.0758 2604 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
21:54:50.0808 2604 DPS - ok
21:54:50.0847 2604 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:54:50.0923 2604 drmkaud - ok
21:54:50.0957 2604 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\windows\system32\DRIVERS\dsNcAdpt.sys
21:54:51.0008 2604 dsNcAdpt - ok
21:54:51.0104 2604 [ B9974848860B96A096615C85C0961463 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
21:54:51.0133 2604 dsNcService - ok
21:54:51.0225 2604 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:54:51.0271 2604 DXGKrnl - ok
21:54:51.0352 2604 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:54:51.0416 2604 EapHost - ok
21:54:51.0613 2604 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
21:54:51.0913 2604 ebdrv - ok
21:54:52.0053 2604 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
21:54:52.0089 2604 EFS - ok
21:54:52.0194 2604 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:54:52.0243 2604 ehRecvr - ok
21:54:52.0299 2604 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:54:52.0334 2604 ehSched - ok
21:54:52.0392 2604 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
21:54:52.0425 2604 elxstor - ok
21:54:52.0455 2604 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
21:54:52.0510 2604 ErrDev - ok
21:54:52.0554 2604 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:54:52.0604 2604 EventSystem - ok
21:54:52.0643 2604 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:54:52.0729 2604 exfat - ok
21:54:52.0765 2604 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:54:52.0795 2604 fastfat - ok
21:54:52.0854 2604 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
21:54:52.0892 2604 Fax - ok
21:54:52.0919 2604 [ 3191ACA33088EE2481044FC0DB736442 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
21:54:52.0928 2604 fbfmon - ok
21:54:52.0955 2604 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
21:54:52.0967 2604 fdc - ok
21:54:53.0020 2604 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:54:53.0095 2604 fdPHost - ok
21:54:53.0143 2604 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:54:53.0216 2604 FDResPub - ok
21:54:53.0401 2604 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:54:53.0436 2604 FileInfo - ok
21:54:53.0455 2604 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:54:53.0503 2604 Filetrace - ok
21:54:53.0521 2604 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
21:54:53.0532 2604 flpydisk - ok
21:54:53.0574 2604 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:54:53.0626 2604 FltMgr - ok
21:54:53.0748 2604 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
21:54:53.0791 2604 FontCache - ok
21:54:53.0865 2604 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:54:53.0890 2604 FontCache3.0.0.0 - ok
21:54:53.0937 2604 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:54:53.0985 2604 FsDepends - ok
21:54:54.0021 2604 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:54:54.0100 2604 Fs_Rec - ok
21:54:54.0166 2604 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:54:54.0200 2604 fvevol - ok
21:54:54.0234 2604 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
21:54:54.0288 2604 gagp30kx - ok
21:54:54.0362 2604 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:54:54.0417 2604 GEARAspiWDM - ok
21:54:54.0540 2604 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
21:54:54.0592 2604 gpsvc - ok
21:54:54.0649 2604 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:54.0681 2604 gupdate - ok
21:54:54.0689 2604 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:54:54.0704 2604 gupdatem - ok
21:54:54.0747 2604 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:54:54.0759 2604 gusvc - ok
21:54:54.0858 2604 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:54:54.0888 2604 hcw85cir - ok
21:54:54.0965 2604 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:54:55.0030 2604 HdAudAddService - ok
21:54:55.0069 2604 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:54:55.0112 2604 HDAudBus - ok
21:54:55.0155 2604 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
21:54:55.0166 2604 HidBatt - ok
21:54:55.0177 2604 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
21:54:55.0239 2604 HidBth - ok
21:54:55.0267 2604 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
21:54:55.0297 2604 HidIr - ok
21:54:55.0349 2604 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
21:54:55.0405 2604 hidserv - ok
21:54:55.0429 2604 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
21:54:55.0440 2604 HidUsb - ok
21:54:55.0484 2604 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
21:54:55.0552 2604 hkmsvc - ok
21:54:55.0651 2604 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:54:55.0686 2604 HomeGroupListener - ok
21:54:55.0924 2604 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:54:55.0959 2604 HomeGroupProvider - ok
21:54:55.0998 2604 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
21:54:56.0011 2604 HpSAMD - ok
21:54:56.0039 2604 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:54:56.0079 2604 HTTP - ok
21:54:56.0103 2604 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:54:56.0113 2604 hwpolicy - ok
21:54:56.0125 2604 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:54:56.0137 2604 i8042prt - ok
21:54:56.0240 2604 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:54:56.0267 2604 iaStor - ok
21:54:56.0349 2604 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:54:56.0377 2604 IAStorDataMgrSvc - ok
21:54:56.0416 2604 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:54:56.0440 2604 iaStorV - ok
21:54:56.0599 2604 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:54:56.0643 2604 idsvc - ok
21:54:57.0111 2604 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:54:57.0177 2604 igfx - ok
21:54:57.0218 2604 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
21:54:57.0247 2604 iirsp - ok
21:54:57.0355 2604 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
21:54:57.0433 2604 IKEEXT - ok
21:54:57.0470 2604 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
21:54:57.0479 2604 intelide - ok
21:54:57.0496 2604 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:54:57.0508 2604 intelppm - ok
21:54:57.0535 2604 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:54:57.0608 2604 IPBusEnum - ok
21:54:58.0301 2604 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:54:58.0358 2604 IpFilterDriver - ok
21:54:59.0205 2604 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:54:59.0259 2604 iphlpsvc - ok
21:54:59.0272 2604 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
21:54:59.0284 2604 IPMIDRV - ok
21:54:59.0303 2604 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:54:59.0390 2604 IPNAT - ok
21:54:59.0496 2604 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:54:59.0560 2604 iPod Service - ok
21:54:59.0579 2604 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:54:59.0596 2604 IRENUM - ok
21:54:59.0889 2604 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
21:54:59.0949 2604 isapnp - ok
21:55:00.0003 2604 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
21:55:00.0050 2604 iScsiPrt - ok
21:55:00.0088 2604 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
21:55:00.0102 2604 k57nd60a - ok
21:55:00.0130 2604 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:55:00.0141 2604 kbdclass - ok
21:55:00.0242 2604 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
21:55:00.0278 2604 kbdhid - ok
21:55:00.0321 2604 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
21:55:00.0369 2604 KeyIso - ok
21:55:00.0388 2604 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:55:00.0401 2604 KSecDD - ok
21:55:00.0519 2604 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:55:00.0548 2604 KSecPkg - ok
21:55:00.0568 2604 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:55:00.0596 2604 ksthunk - ok
21:55:00.0661 2604 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:55:00.0710 2604 KtmRm - ok
21:55:00.0761 2604 [ 95CA93FC12BE372BB952669F37FFF9C5 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
21:55:00.0802 2604 L1C - ok
21:55:00.0882 2604 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
21:55:00.0912 2604 LanmanServer - ok
21:55:00.0936 2604 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:55:00.0971 2604 LanmanWorkstation - ok
21:55:00.0986 2604 [ BE166935083F9C38EDFDC21B9A7A679B ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
21:55:00.0995 2604 LHDmgr - ok
21:55:01.0037 2604 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:55:01.0066 2604 lltdio - ok
21:55:01.0092 2604 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:55:01.0135 2604 lltdsvc - ok
21:55:01.0156 2604 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:55:01.0186 2604 lmhosts - ok
21:55:01.0215 2604 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:55:01.0227 2604 LMS - ok
21:55:01.0282 2604 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
21:55:01.0293 2604 LSI_FC - ok
21:55:01.0323 2604 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
21:55:01.0383 2604 LSI_SAS - ok
21:55:01.0437 2604 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
21:55:01.0449 2604 LSI_SAS2 - ok
21:55:01.0528 2604 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
21:55:01.0552 2604 LSI_SCSI - ok
21:55:01.0590 2604 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:55:01.0620 2604 luafv - ok
21:55:02.0945 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:55:02.0989 2604 McAfee SiteAdvisor Service - ok
21:55:03.0096 2604 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
21:55:03.0129 2604 McComponentHostService - ok
21:55:03.0153 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
21:55:03.0175 2604 McMPFSvc - ok
21:55:03.0181 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:55:03.0196 2604 mcmscsvc - ok
21:55:03.0242 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:55:03.0281 2604 McNaiAnn - ok
21:55:03.0289 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:55:03.0308 2604 McNASvc - ok
21:55:03.0481 2604 [ 3809B77EB1734CD5FB317425F188ABC1 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
21:55:03.0518 2604 McODS - ok
21:55:03.0553 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:55:03.0569 2604 McOobeSv - ok
21:55:03.0575 2604 [ 458A013DF72EAAB91877FA03533E2C8B ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
21:55:03.0588 2604 McProxy - ok
21:55:03.0762 2604 [ 461EABB62F1827B965F508092160EDDC ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:55:03.0792 2604 McShield - ok
21:55:03.0879 2604 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:55:03.0904 2604 Mcx2Svc - ok
21:55:03.0985 2604 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
21:55:04.0005 2604 megasas - ok
21:55:04.0038 2604 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
21:55:04.0050 2604 MegaSR - ok
21:55:04.0085 2604 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:55:04.0115 2604 MEIx64 - ok
21:55:04.0136 2604 [ C1556CA9695FCD6BBD23D75D402FD43D ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys
21:55:04.0147 2604 mfeapfk - ok
21:55:04.0181 2604 [ 8857EE8B49F3338FC1FAD476BFCCA146 ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
21:55:04.0192 2604 mfeavfk - ok
21:55:04.0195 2604 mfeavfk01 - ok
21:55:04.0244 2604 [ DD92E94E265864306377F091B100D0D0 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:55:04.0255 2604 mfefire - ok
21:55:04.0288 2604 [ 19C44295F6BF085C83352D48397F7870 ] mfefirek C:\windows\system32\drivers\mfefirek.sys
21:55:04.0303 2604 mfefirek - ok
21:55:04.0343 2604 [ 5F915E20AB56121C41C6BF9A91A83BDA ] mfehidk C:\windows\system32\drivers\mfehidk.sys
21:55:04.0359 2604 mfehidk - ok
21:55:04.0411 2604 [ 23AE332E32FF615CA5E5224C8D91AF11 ] mfenlfk C:\windows\system32\DRIVERS\mfenlfk.sys
21:55:04.0430 2604 mfenlfk - ok
21:55:04.0438 2604 [ 9C7A9273E345F8D653394B5C542BF86A ] mferkdet C:\windows\system32\drivers\mferkdet.sys
21:55:04.0454 2604 mferkdet - ok
21:55:04.0499 2604 [ AECD0C9ABDFDC61BE31163B624C4170F ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
21:55:04.0511 2604 mfevtp - ok
21:55:04.0533 2604 [ 3140B2C56D7119BA314F68FC785683F0 ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys
21:55:04.0548 2604 mfewfpk - ok
21:55:04.0567 2604 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:55:04.0602 2604 MMCSS - ok
21:55:04.0611 2604 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:55:04.0640 2604 Modem - ok
21:55:04.0732 2604 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:55:04.0776 2604 monitor - ok
21:55:04.0813 2604 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:55:04.0825 2604 mouclass - ok
21:55:04.0876 2604 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:55:04.0906 2604 mouhid - ok
21:55:04.0928 2604 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:55:04.0950 2604 mountmgr - ok
21:55:05.0095 2604 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
21:55:05.0108 2604 mpio - ok
21:55:05.0155 2604 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:55:05.0260 2604 mpsdrv - ok
21:55:05.0308 2604 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:55:05.0324 2604 MRxDAV - ok
21:55:05.0392 2604 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:55:05.0404 2604 mrxsmb - ok
21:55:05.0472 2604 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:55:05.0525 2604 mrxsmb10 - ok
21:55:06.0157 2604 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:55:06.0193 2604 mrxsmb20 - ok
21:55:06.0248 2604 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\windows\system32\DRIVERS\msahci.sys
21:55:06.0336 2604 msahci - ok
21:55:06.0387 2604 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
21:55:06.0427 2604 msdsm - ok
21:55:06.0438 2604 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:55:06.0451 2604 MSDTC - ok
21:55:06.0479 2604 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:55:06.0508 2604 Msfs - ok
21:55:06.0550 2604 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:55:06.0592 2604 mshidkmdf - ok
21:55:06.0616 2604 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
21:55:06.0626 2604 msisadrv - ok
21:55:06.0723 2604 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:55:06.0769 2604 MSiSCSI - ok
21:55:06.0772 2604 msiserver - ok
21:55:06.0796 2604 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:55:06.0825 2604 MSKSSRV - ok
21:55:06.0889 2604 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:55:06.0959 2604 MSPCLOCK - ok
21:55:06.0980 2604 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:55:07.0009 2604 MSPQM - ok
21:55:07.0047 2604 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:55:07.0061 2604 MsRPC - ok
21:55:07.0086 2604 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
21:55:07.0096 2604 mssmbios - ok
21:55:07.0114 2604 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:55:07.0143 2604 MSTEE - ok
21:55:07.0158 2604 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
21:55:07.0197 2604 MTConfig - ok
21:55:07.0255 2604 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:55:07.0286 2604 Mup - ok
21:55:07.0409 2604 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
21:55:07.0495 2604 napagent - ok
21:55:08.0030 2604 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:55:08.0069 2604 NativeWifiP - ok
21:55:08.0160 2604 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
21:55:08.0228 2604 NDIS - ok
21:55:08.0266 2604 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:55:08.0295 2604 NdisCap - ok
21:55:08.0341 2604 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:55:08.0410 2604 NdisTapi - ok
21:55:08.0455 2604 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:55:08.0484 2604 Ndisuio - ok
21:55:08.0572 2604 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:55:08.0627 2604 NdisWan - ok
21:55:08.0642 2604 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:55:08.0672 2604 NDProxy - ok
21:55:08.0740 2604 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:55:08.0839 2604 NetBIOS - ok
21:55:08.0868 2604 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:55:08.0905 2604 NetBT - ok
21:55:08.0921 2604 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
21:55:08.0943 2604 Netlogon - ok
21:55:09.0033 2604 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:55:09.0080 2604 Netman - ok
21:55:09.0118 2604 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:55:09.0151 2604 netprofm - ok
21:55:09.0258 2604 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:55:09.0291 2604 NetTcpPortSharing - ok
21:55:10.0151 2604 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
21:55:10.0214 2604 netw5v64 - ok
21:55:10.0299 2604 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
21:55:10.0348 2604 nfrd960 - ok
21:55:10.0401 2604 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
21:55:10.0442 2604 NlaSvc - ok
21:55:10.0465 2604 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:55:10.0495 2604 Npfs - ok
21:55:10.0545 2604 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:55:10.0618 2604 nsi - ok
21:55:10.0703 2604 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:55:10.0750 2604 nsiproxy - ok
21:55:10.0943 2604 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:55:10.0981 2604 Ntfs - ok
21:55:11.0020 2604 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:55:11.0061 2604 Null - ok
21:55:11.0750 2604 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
21:55:12.0111 2604 nvraid - ok
21:55:12.0478 2604 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
21:55:12.0510 2604 nvstor - ok
21:55:12.0535 2604 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
21:55:12.0546 2604 nv_agp - ok
21:55:13.0242 2604 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:55:13.0266 2604 odserv - ok
21:55:13.0288 2604 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
21:55:13.0301 2604 ohci1394 - ok
21:55:13.0368 2604 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:55:13.0386 2604 ose - ok
21:55:13.0694 2604 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:55:13.0768 2604 osppsvc - ok
21:55:14.0288 2604 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:55:14.0326 2604 p2pimsvc - ok
21:55:14.0360 2604 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:55:14.0386 2604 p2psvc - ok
21:55:14.0441 2604 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
21:55:14.0512 2604 Parport - ok
21:55:14.0582 2604 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
21:55:14.0617 2604 partmgr - ok
21:55:14.0680 2604 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:55:14.0725 2604 PcaSvc - ok
21:55:14.0769 2604 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
21:55:14.0802 2604 pci - ok
21:55:14.0849 2604 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
21:55:14.0865 2604 pciide - ok
21:55:14.0902 2604 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
21:55:14.0923 2604 pcmcia - ok
21:55:14.0952 2604 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:55:14.0970 2604 pcw - ok
21:55:15.0044 2604 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:55:15.0106 2604 PEAUTH - ok
21:55:15.0270 2604 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:55:15.0337 2604 PerfHost - ok
21:55:15.0579 2604 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
21:55:15.0648 2604 pla - ok
21:55:15.0730 2604 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:55:15.0792 2604 PlugPlay - ok
21:55:16.0140 2604 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:55:16.0178 2604 PNRPAutoReg - ok
21:55:16.0242 2604 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:55:16.0278 2604 PNRPsvc - ok
21:55:16.0314 2604 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:55:16.0365 2604 PolicyAgent - ok
21:55:16.0395 2604 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:55:16.0426 2604 Power - ok
21:55:16.0468 2604 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:55:16.0555 2604 PptpMiniport - ok
21:55:16.0577 2604 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
21:55:16.0590 2604 Processor - ok
21:55:16.0647 2604 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
21:55:16.0689 2604 ProfSvc - ok
21:55:16.0723 2604 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
21:55:16.0744 2604 ProtectedStorage - ok
21:55:16.0820 2604 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:55:16.0907 2604 Psched - ok
21:55:17.0097 2604 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
21:55:17.0135 2604 ql2300 - ok
21:55:17.0160 2604 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
21:55:17.0171 2604 ql40xx - ok
21:55:17.0227 2604 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:55:17.0280 2604 QWAVE - ok
21:55:17.0286 2604 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:55:17.0301 2604 QWAVEdrv - ok
21:55:17.0346 2604 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:55:17.0437 2604 RasAcd - ok
21:55:17.0467 2604 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:55:17.0497 2604 RasAgileVpn - ok
21:55:17.0539 2604 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:55:17.0569 2604 RasAuto - ok
21:55:17.0596 2604 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:55:17.0627 2604 Rasl2tp - ok
21:55:18.0602 2604 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
21:55:18.0670 2604 RasMan - ok
21:55:18.0694 2604 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:55:18.0725 2604 RasPppoe - ok
21:55:18.0754 2604 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:55:18.0784 2604 RasSstp - ok
21:55:18.0842 2604 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:55:18.0887 2604 rdbss - ok
21:55:18.0917 2604 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
21:55:18.0931 2604 rdpbus - ok
21:55:18.0949 2604 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:55:18.0979 2604 RDPCDD - ok
21:55:18.0999 2604 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:55:19.0028 2604 RDPENCDD - ok
21:55:19.0042 2604 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:55:19.0071 2604 RDPREFMP - ok
21:55:19.0134 2604 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:55:19.0176 2604 RDPWD - ok
21:55:19.0215 2604 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:55:19.0236 2604 rdyboost - ok
21:55:19.0278 2604 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:55:19.0327 2604 RemoteAccess - ok
21:55:19.0368 2604 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:55:19.0402 2604 RemoteRegistry - ok
21:55:19.0423 2604 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
21:55:19.0438 2604 RFCOMM - ok
21:55:19.0494 2604 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:55:19.0565 2604 RpcEptMapper - ok
21:55:19.0601 2604 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:55:19.0630 2604 RpcLocator - ok
21:55:20.0044 2604 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
21:55:20.0111 2604 RpcSs - ok
21:55:20.0154 2604 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:55:20.0188 2604 rspndr - ok
21:55:20.0264 2604 [ E57FAC2CDB73F06586ED2ED310B80932 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
21:55:20.0306 2604 RSUSBVSTOR - ok
21:55:20.0334 2604 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
21:55:20.0351 2604 SamSs - ok
21:55:20.0368 2604 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
21:55:20.0381 2604 sbp2port - ok
21:55:20.0451 2604 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:55:20.0502 2604 SCardSvr - ok
21:55:20.0549 2604 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:55:20.0578 2604 scfilter - ok
21:55:20.0673 2604 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
21:55:20.0718 2604 Schedule - ok
21:55:20.0802 2604 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
21:55:20.0879 2604 SCPolicySvc - ok
21:55:20.0908 2604 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:55:20.0922 2604 SDRSVC - ok
21:55:20.0955 2604 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:55:20.0984 2604 secdrv - ok
21:55:21.0030 2604 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
21:55:21.0082 2604 seclogon - ok
21:55:21.0138 2604 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
21:55:21.0198 2604 SENS - ok
21:55:21.0264 2604 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:55:21.0295 2604 SensrSvc - ok
21:55:21.0317 2604 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
21:55:21.0329 2604 Serenum - ok
21:55:21.0369 2604 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
21:55:21.0403 2604 Serial - ok
21:55:21.0422 2604 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
21:55:21.0435 2604 sermouse - ok
21:55:21.0510 2604 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
21:55:21.0568 2604 SessionEnv - ok
21:55:21.0600 2604 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
21:55:21.0611 2604 sffdisk - ok
21:55:21.0658 2604 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
21:55:21.0669 2604 sffp_mmc - ok
21:55:21.0713 2604 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
21:55:21.0724 2604 sffp_sd - ok
21:55:21.0767 2604 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
21:55:21.0794 2604 sfloppy - ok
21:55:21.0990 2604 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:55:22.0039 2604 Sftfs - ok
21:55:22.0198 2604 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:55:22.0239 2604 sftlist - ok
21:55:22.0308 2604 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:55:22.0340 2604 Sftplay - ok
21:55:22.0352 2604 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:55:22.0363 2604 Sftredir - ok
21:55:22.0404 2604 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:55:22.0414 2604 Sftvol - ok
21:55:22.0522 2604 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:55:22.0543 2604 sftvsa - ok
21:55:22.0592 2604 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:55:22.0656 2604 SharedAccess - ok
21:55:22.0728 2604 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:55:22.0773 2604 ShellHWDetection - ok
21:55:22.0843 2604 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
21:55:22.0891 2604 SiSRaid2 - ok
21:55:22.0911 2604 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
21:55:22.0924 2604 SiSRaid4 - ok
21:55:22.0970 2604 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:55:23.0030 2604 Smb - ok
21:55:23.0071 2604 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:55:23.0106 2604 SNMPTRAP - ok
21:55:23.0136 2604 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:55:23.0147 2604 spldr - ok
21:55:23.0233 2604 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\windows\System32\spoolsv.exe
21:55:23.0273 2604 Spooler - ok
21:55:23.0478 2604 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
21:55:23.0528 2604 sppsvc - ok
21:55:23.0543 2604 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:55:23.0573 2604 sppuinotify - ok
21:55:24.0023 2604 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
21:55:24.0069 2604 srv - ok
21:55:24.0120 2604 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:55:24.0169 2604 srv2 - ok
21:55:24.0196 2604 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:55:24.0216 2604 srvnet - ok
21:55:24.0246 2604 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:55:24.0300 2604 SSDPSRV - ok
21:55:24.0310 2604 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:55:24.0341 2604 SstpSvc - ok
21:55:24.0391 2604 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
21:55:24.0415 2604 ssudmdm - ok
21:55:24.0451 2604 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
21:55:24.0487 2604 stexstor - ok
21:55:24.0536 2604 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
21:55:24.0568 2604 stisvc - ok
21:55:24.0597 2604 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
21:55:24.0607 2604 swenum - ok
21:55:24.0643 2604 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:55:24.0677 2604 swprv - ok
21:55:24.0817 2604 [ EBEADA6A9A8CCA0BAAE79EE720BD0156 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:55:24.0859 2604 SynTP - ok
21:55:24.0967 2604 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
21:55:25.0008 2604 SysMain - ok
21:55:25.0053 2604 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
21:55:25.0094 2604 TabletInputService - ok
21:55:25.0109 2604 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
21:55:25.0144 2604 TapiSrv - ok
21:55:25.0170 2604 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:55:25.0199 2604 TBS - ok
21:55:25.0398 2604 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:55:25.0440 2604 Tcpip - ok
21:55:25.0550 2604 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:55:25.0590 2604 TCPIP6 - ok
21:55:26.0006 2604 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:55:26.0061 2604 tcpipreg - ok
21:55:26.0083 2604 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:55:26.0095 2604 TDPIPE - ok
21:55:26.0137 2604 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:55:26.0163 2604 TDTCP - ok
21:55:26.0225 2604 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:55:26.0269 2604 tdx - ok
21:55:26.0304 2604 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
21:55:26.0314 2604 TermDD - ok
21:55:26.0401 2604 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
21:55:26.0449 2604 TermService - ok
21:55:26.0472 2604 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:55:26.0498 2604 Themes - ok
21:55:26.0536 2604 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:55:26.0568 2604 THREADORDER - ok
21:55:26.0591 2604 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:55:26.0636 2604 TrkWks - ok
21:55:26.0702 2604 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:55:26.0739 2604 TrustedInstaller - ok
21:55:26.0756 2604 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:55:26.0786 2604 tssecsrv - ok
21:55:26.0838 2604 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:55:26.0900 2604 tunnel - ok
21:55:26.0944 2604 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
21:55:26.0990 2604 uagp35 - ok
21:55:27.0011 2604 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:55:27.0047 2604 udfs - ok
21:55:27.0090 2604 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:55:27.0120 2604 UI0Detect - ok
21:55:27.0155 2604 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
21:55:27.0189 2604 uliagpkx - ok
21:55:27.0208 2604 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:55:27.0238 2604 umbus - ok
21:55:27.0270 2604 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:55:27.0282 2604 UmPass - ok
21:55:27.0501 2604 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:55:27.0548 2604 UNS - ok
21:55:27.0618 2604 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:55:27.0674 2604 upnphost - ok
21:55:27.0776 2604 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:55:27.0816 2604 USBAAPL64 - ok
21:55:27.0840 2604 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:55:27.0854 2604 usbccgp - ok
21:55:27.0900 2604 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
21:55:27.0942 2604 usbcir - ok
21:55:27.0971 2604 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:55:27.0984 2604 usbehci - ok
21:55:28.0031 2604 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:55:28.0065 2604 usbhub - ok
21:55:28.0098 2604 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:55:28.0115 2604 usbohci - ok
21:55:28.0162 2604 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:55:28.0182 2604 usbprint - ok
21:55:28.0211 2604 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
21:55:28.0232 2604 usbscan - ok
21:55:28.0267 2604 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:55:28.0299 2604 USBSTOR - ok
21:55:28.0359 2604 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:55:28.0393 2604 usbuhci - ok
21:55:28.0435 2604 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:55:28.0462 2604 usbvideo - ok
21:55:28.0519 2604 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:55:28.0599 2604 UxSms - ok
21:55:28.0623 2604 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
21:55:28.0634 2604 VaultSvc - ok
21:55:28.0676 2604 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
21:55:28.0686 2604 vdrvroot - ok
21:55:28.0776 2604 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
21:55:28.0812 2604 vds - ok
21:55:28.0855 2604 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:55:28.0869 2604 vga - ok
21:55:28.0908 2604 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:55:28.0972 2604 VgaSave - ok
21:55:29.0005 2604 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
21:55:29.0017 2604 vhdmp - ok
21:55:29.0040 2604 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
21:55:29.0065 2604 viaide - ok
21:55:29.0093 2604 [ 5CB80AFA98111FC6ED6E8702A0D7AC5B ] vm2uvcflt C:\windows\system32\Drivers\vm2uvcflt.sys
21:55:29.0103 2604 vm2uvcflt - ok
21:55:29.0122 2604 [ AE855ED728655EF0A14A1EC272DED5CD ] vm332avs C:\windows\system32\Drivers\vm332avs.sys
21:55:29.0134 2604 vm332avs - ok
21:55:29.0161 2604 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
21:55:29.0188 2604 volmgr - ok
21:55:29.0215 2604 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:55:29.0229 2604 volmgrx - ok
21:55:29.0259 2604 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\windows\system32\DRIVERS\volsnap.sys
21:55:29.0272 2604 volsnap - ok
21:55:29.0295 2604 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
21:55:29.0322 2604 vsmraid - ok
21:55:29.0465 2604 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
21:55:29.0501 2604 VSS - ok
21:55:29.0542 2604 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:55:29.0555 2604 vwifibus - ok
21:55:29.0602 2604 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:55:29.0617 2604 vwififlt - ok
21:55:29.0857 2604 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:55:29.0887 2604 vwifimp - ok
21:55:29.0972 2604 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:55:30.0010 2604 W32Time - ok
21:55:30.0039 2604 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
21:55:30.0050 2604 WacomPen - ok
21:55:30.0092 2604 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:55:30.0135 2604 WANARP - ok
21:55:30.0139 2604 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:55:30.0169 2604 Wanarpv6 - ok
21:55:30.0356 2604 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
21:55:30.0397 2604 WatAdminSvc - ok
21:55:30.0492 2604 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
21:55:30.0527 2604 wbengine - ok
21:55:30.0533 2604 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:55:30.0550 2604 WbioSrvc - ok
21:55:30.0575 2604 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
21:55:30.0590 2604 wcncsvc - ok
21:55:30.0629 2604 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:55:30.0642 2604 WcsPlugInService - ok
21:55:30.0662 2604 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
21:55:30.0672 2604 Wd - ok
21:55:30.0718 2604 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:55:30.0740 2604 Wdf01000 - ok
21:55:30.0753 2604 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:55:30.0770 2604 WdiServiceHost - ok
21:55:30.0774 2604 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:55:30.0791 2604 WdiSystemHost - ok
21:55:30.0867 2604 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
21:55:30.0905 2604 WebClient - ok
21:55:31.0003 2604 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:55:31.0076 2604 Wecsvc - ok
21:55:31.0108 2604 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:55:31.0138 2604 wercplsupport - ok
21:55:31.0143 2604 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:55:31.0173 2604 WerSvc - ok
21:55:31.0234 2604 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:55:31.0316 2604 WfpLwf - ok
21:55:31.0342 2604 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:55:31.0352 2604 WIMMount - ok
21:55:31.0375 2604 WinDefend - ok
21:55:31.0380 2604 WinHttpAutoProxySvc - ok
21:55:31.0479 2604 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:55:31.0536 2604 Winmgmt - ok
21:55:32.0312 2604 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
21:55:32.0369 2604 WinRM - ok
21:55:32.0405 2604 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:55:32.0419 2604 WinUsb - ok
21:55:32.0542 2604 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:55:32.0591 2604 Wlansvc - ok
21:55:32.0652 2604 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:55:32.0693 2604 wlcrasvc - ok
21:55:32.0856 2604 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:55:32.0896 2604 wlidsvc - ok
21:55:32.0977 2604 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
21:55:33.0010 2604 WmiAcpi - ok
21:55:33.0046 2604 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:55:33.0067 2604 wmiApSrv - ok
21:55:33.0103 2604 WMPNetworkSvc - ok
21:55:33.0161 2604 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:55:33.0200 2604 WPCSvc - ok
21:55:33.0236 2604 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:55:33.0281 2604 WPDBusEnum - ok
21:55:33.0323 2604 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:55:33.0357 2604 ws2ifsl - ok
21:55:33.0397 2604 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
21:55:33.0430 2604 wscsvc - ok
21:55:33.0434 2604 WSearch - ok
21:55:33.0517 2604 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
21:55:33.0547 2604 wsvd - ok
21:55:33.0712 2604 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:55:33.0766 2604 wuauserv - ok
21:55:33.0844 2604 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:55:33.0935 2604 WudfPf - ok
21:55:33.0987 2604 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:55:34.0045 2604 WUDFRd - ok
21:55:34.0110 2604 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:55:34.0161 2604 wudfsvc - ok
21:55:34.0181 2604 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:55:34.0199 2604 WwanSvc - ok
21:55:34.0218 2604 ================ Scan global ===============================
21:55:34.0260 2604 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:55:34.0331 2604 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\windows\system32\winsrv.dll
21:55:34.0346 2604 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\windows\system32\winsrv.dll
21:55:34.0383 2604 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:55:34.0430 2604 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:55:34.0438 2604 [Global] - ok
21:55:34.0439 2604 ================ Scan MBR ==================================
21:55:34.0472 2604 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:55:34.0906 2604 \Device\Harddisk0\DR0 - ok
21:55:34.0907 2604 ================ Scan VBR ==================================
21:55:34.0937 2604 [ 7D920B3C37327507EF9A7B8B64F481D6 ] \Device\Harddisk0\DR0\Partition1
21:55:34.0941 2604 \Device\Harddisk0\DR0\Partition1 - ok
21:55:34.0965 2604 [ 509D615E5C752685A6CCF5A56DE509F9 ] \Device\Harddisk0\DR0\Partition2
21:55:34.0968 2604 \Device\Harddisk0\DR0\Partition2 - ok
21:55:34.0999 2604 [ F36381FD101982A1E536B4CE1A90470F ] \Device\Harddisk0\DR0\Partition3
21:55:35.0003 2604 \Device\Harddisk0\DR0\Partition3 - ok
21:55:35.0004 2604 ============================================================
21:55:35.0004 2604 Scan finished
21:55:35.0004 2604 ============================================================
21:55:35.0019 0564 Detected object count: 0
21:55:35.0019 0564 Actual detected object count: 0
21:55:52.0700 4868 Deinitialize success

#5 razgriz2012

razgriz2012
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:29 AM

Posted 21 September 2012 - 09:32 AM

2. MBAM.log

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.21.06

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Erfan Fiqre :: ERFANFIQRE-PC [administrator]

21/9/2012 9:58:17 PM
mbam-log-2012-09-21 (21-58-17).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 200066
Time elapsed: 7 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Erfan Fiqre\AppData\Roaming\xjcoqtj3zbgifkkl2ipoixuimajltqfu2\svcnost.exe (Trojan.Zbot.Gen) -> Quarantined and deleted successfully.
C:\Windows\System32\bmlsjbis.dll (Trojan.Zbot.Gen) -> Quarantined and deleted successfully.
C:\Users\Erfan Fiqre\Downloads\etypesetup.exe (PUP.BundleInstaller.BI) -> Quarantined and deleted successfully.
C:\Users\Erfan Fiqre\Downloads\GinoPlayer_Setup.exe (PUP.Adware.Ginoplayer.ScamLotto) -> Quarantined and deleted successfully.

(end)







3.OLT.txt



OTL logfile created on: 9/21/2012 10:14:02 PM - Run 1
OTL by OldTimer - Version 3.2.65.1 Folder = C:\Users\Erfan Fiqre\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

3.98 Gb Total Physical Memory | 2.87 Gb Available Physical Memory | 72.00% Memory free
7.96 Gb Paging File | 6.64 Gb Available in Paging File | 83.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 552.22 Gb Total Space | 412.76 Gb Free Space | 74.74% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 26.75 Gb Free Space | 92.26% Space Free | Partition Type: NTFS
Drive E: | 3.12 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ERFANFIQRE-PC | User Name: Erfan Fiqre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/21 22:13:30 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Erfan Fiqre\Downloads\OTL.exe
PRC - [2012/07/28 04:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/26 19:52:04 | 001,095,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2012/07/26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2012/07/14 23:50:53 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Erfan Fiqre\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/03/18 14:28:27 | 000,329,056 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
PRC - [2010/12/05 09:39:24 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
PRC - [2010/11/06 07:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/10/27 17:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Program Files (x86)\Ares\Ares.exe
PRC - [2010/10/23 13:48:40 | 000,660,848 | ---- | M] (Juniper Networks) -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
PRC - [2010/01/19 18:44:40 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
PRC - [2010/01/15 20:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/30 10:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012/08/30 10:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012/08/30 10:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012/08/30 10:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012/08/30 10:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012/06/30 13:58:24 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ee5de3a253f8b78f3479d0a72c49c91d\IAStorUtil.ni.dll
MOD - [2012/06/30 03:21:14 | 012,433,920 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b42957105a54019695c747612057e506\System.Windows.Forms.ni.dll
MOD - [2012/06/30 03:21:07 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c551c18fb9fc04332cc11e3749b6932c\System.Drawing.ni.dll
MOD - [2012/05/30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/05/30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/05/26 07:36:56 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b8a98b2ffab14eecc66f9f1be5e5c996\System.Runtime.Remoting.ni.dll
MOD - [2012/05/26 07:36:02 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0a0980eb900d0dab6f9be8e706b021ff\System.Xml.ni.dll
MOD - [2012/05/26 07:35:58 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ee09ce56cb65c5eec8b74feb77f59560\System.Configuration.ni.dll
MOD - [2012/05/26 07:35:57 | 007,952,384 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\4b7f4b722ed65cb909f53d3c3ad57d90\System.ni.dll
MOD - [2012/05/26 07:35:45 | 011,491,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\cd0027074d0b08ed95ea5e89ce440b8c\mscorlib.ni.dll
MOD - [2011/03/18 14:28:26 | 000,013,664 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/12/03 02:13:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/13 22:28:54 | 000,245,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/10/13 22:28:54 | 000,200,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/10/13 22:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/07/30 03:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/28 04:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/26 19:40:56 | 000,794,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/12/21 10:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/21 10:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/06 07:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/23 13:48:40 | 000,660,848 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 20:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (All) ==========

DRV:64bit: - [2012/07/07 03:58:53 | 000,552,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthport.sys -- (BTHPORT)
DRV:64bit: - [2012/06/02 13:38:26 | 000,095,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2012/06/02 13:38:24 | 000,152,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2012/06/02 13:37:45 | 000,459,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2012/04/28 11:50:40 | 000,204,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
DRV:64bit: - [2012/04/25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/03/30 19:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
DRV:64bit: - [2012/03/30 19:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2012/03/17 15:55:58 | 000,075,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2012/03/01 14:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 00:24:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/02/16 00:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/02/15 12:46:59 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
DRV:64bit: - [2011/12/28 11:59:11 | 000,499,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/09 10:44:55 | 000,287,744 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2011/05/04 10:51:08 | 000,157,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2011/05/04 10:51:05 | 000,126,464 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2011/04/29 11:13:10 | 000,461,312 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2011/04/29 11:12:54 | 000,399,872 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2011/04/29 11:12:37 | 000,161,792 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2011/04/28 11:58:34 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BTHUSB.SYS -- (BTHUSB)
DRV:64bit: - [2011/04/27 10:57:40 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
DRV:64bit: - [2011/03/29 11:32:44 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2011/03/29 11:32:29 | 000,099,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
DRV:64bit: - [2011/03/29 11:32:16 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
DRV:64bit: - [2011/03/29 11:32:16 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
DRV:64bit: - [2011/03/29 11:32:13 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
DRV:64bit: - [2011/03/18 14:40:37 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2011/03/18 14:40:35 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2011/03/18 14:37:57 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2011/03/18 14:37:57 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011/03/18 05:38:00 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
DRV:64bit: - [2011/03/18 05:26:35 | 000,334,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2011/03/18 05:26:04 | 000,228,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2011/03/18 05:25:48 | 000,184,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
DRV:64bit: - [2011/03/11 14:23:06 | 001,657,216 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\windows\SysNative\drivers\ntfs.sys -- (Ntfs)
DRV:64bit: - [2011/03/11 14:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
DRV:64bit: - [2011/03/11 14:23:06 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
DRV:64bit: - [2011/03/11 14:23:00 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
DRV:64bit: - [2011/03/11 14:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/11 12:31:17 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
DRV:64bit: - [2011/02/23 13:15:06 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2011/01/26 14:53:10 | 000,982,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2010/12/05 09:39:44 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/12/03 05:26:44 | 001,566,848 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2010/12/03 02:38:22 | 008,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/12/03 01:38:22 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/11/20 00:20:58 | 000,234,960 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)
DRV:64bit: - [2010/11/17 20:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/12 09:59:22 | 001,400,368 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/11/06 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/23 13:24:40 | 000,032,768 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV:64bit: - [2010/10/21 14:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/10/20 08:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/13 22:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/10/13 22:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/10/13 22:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/10/13 22:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/09/22 06:04:54 | 000,015,056 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm2uvcflt.sys -- (vm2uvcflt)
DRV:64bit: - [2010/08/03 18:43:14 | 000,290,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/07/19 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/19 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/19 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/13 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/01 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/09/26 14:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/21 22:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009/07/14 09:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)
DRV:64bit: - [2009/07/14 09:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
DRV:64bit: - [2009/07/14 09:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
DRV:64bit: - [2009/07/14 09:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
DRV:64bit: - [2009/07/14 09:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
DRV:64bit: - [2009/07/14 09:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
DRV:64bit: - [2009/07/14 09:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
DRV:64bit: - [2009/07/14 09:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
DRV:64bit: - [2009/07/14 09:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
DRV:64bit: - [2009/07/14 09:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
DRV:64bit: - [2009/07/14 09:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
DRV:64bit: - [2009/07/14 09:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2009/07/14 09:48:27 | 000,224,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
DRV:64bit: - [2009/07/14 09:48:27 | 000,155,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
DRV:64bit: - [2009/07/14 09:48:27 | 000,140,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
DRV:64bit: - [2009/07/14 09:48:27 | 000,094,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2009/07/14 09:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2009/07/14 09:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
DRV:64bit: - [2009/07/14 09:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
DRV:64bit: - [2009/07/14 09:48:27 | 000,030,272 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
DRV:64bit: - [2009/07/14 09:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
DRV:64bit: - [2009/07/14 09:48:26 | 000,367,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2009/07/14 09:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
DRV:64bit: - [2009/07/14 09:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
DRV:64bit: - [2009/07/14 09:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
DRV:64bit: - [2009/07/14 09:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV:64bit: - [2009/07/14 09:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
DRV:64bit: - [2009/07/14 09:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
DRV:64bit: - [2009/07/14 09:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
DRV:64bit: - [2009/07/14 09:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
DRV:64bit: - [2009/07/14 09:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
DRV:64bit: - [2009/07/14 09:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
DRV:64bit: - [2009/07/14 09:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/14 09:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/14 09:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
DRV:64bit: - [2009/07/14 09:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 09:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
DRV:64bit: - [2009/07/14 09:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2009/07/14 09:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
DRV:64bit: - [2009/07/14 09:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
DRV:64bit: - [2009/07/14 09:47:47 | 000,290,368 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2009/07/14 09:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/14 09:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2009/07/14 09:45:55 | 000,363,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2009/07/14 09:45:55 | 000,294,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2009/07/14 09:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/14 09:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
DRV:64bit: - [2009/07/14 09:45:55 | 000,071,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
DRV:64bit: - [2009/07/14 09:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
DRV:64bit: - [2009/07/14 09:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
DRV:64bit: - [2009/07/14 09:45:55 | 000,062,544 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
DRV:64bit: - [2009/07/14 09:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 09:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
DRV:64bit: - [2009/07/14 09:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\spldr.sys -- (spldr)
DRV:64bit: - [2009/07/14 09:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
DRV:64bit: - [2009/07/14 09:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
DRV:64bit: - [2009/07/14 09:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
DRV:64bit: - [2009/07/14 09:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/14 09:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
DRV:64bit: - [2009/07/14 09:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
DRV:64bit: - [2009/07/14 09:45:45 | 000,183,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2009/07/14 09:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
DRV:64bit: - [2009/07/14 09:45:45 | 000,104,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
DRV:64bit: - [2009/07/14 09:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/14 09:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
DRV:64bit: - [2009/07/14 09:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
DRV:64bit: - [2009/07/14 09:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
DRV:64bit: - [2009/07/14 09:01:48 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (BridgeMP)
DRV:64bit: - [2009/07/14 09:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2009/07/14 08:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
DRV:64bit: - [2009/07/14 08:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
DRV:64bit: - [2009/07/14 08:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/14 08:16:41 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
DRV:64bit: - [2009/07/14 08:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/14 08:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
DRV:64bit: - [2009/07/14 08:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
DRV:64bit: - [2009/07/14 08:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
DRV:64bit: - [2009/07/14 08:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2009/07/14 08:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2009/07/14 08:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2009/07/14 08:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:64bit: - [2009/07/14 08:10:22 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
DRV:64bit: - [2009/07/14 08:10:22 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
DRV:64bit: - [2009/07/14 08:10:18 | 000,111,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2009/07/14 08:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2009/07/14 08:10:13 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2009/07/14 08:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2009/07/14 08:10:12 | 000,130,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2009/07/14 08:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2009/07/14 08:10:05 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
DRV:64bit: - [2009/07/14 08:10:04 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2009/07/14 08:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2009/07/14 08:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2009/07/14 08:09:49 | 000,044,544 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2009/07/14 08:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2009/07/14 08:09:42 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2009/07/14 08:09:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2009/07/14 08:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2009/07/14 08:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/14 08:09:25 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2009/07/14 08:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)
DRV:64bit: - [2009/07/14 08:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2009/07/14 08:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2009/07/14 08:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2009/07/14 08:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2009/07/14 08:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/14 08:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:64bit: - [2009/07/14 08:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2009/07/14 08:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/14 08:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/14 08:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/14 08:07:00 | 000,118,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthpan.sys -- (BthPan)
DRV:64bit: - [2009/07/14 08:06:56 | 000,158,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rfcomm.sys -- (RFCOMM)
DRV:64bit: - [2009/07/14 08:06:56 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
DRV:64bit: - [2009/07/14 08:06:53 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthenum.sys -- (BthEnum)
DRV:64bit: - [2009/07/14 08:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
DRV:64bit: - [2009/07/14 08:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
DRV:64bit: - [2009/07/14 08:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/14 08:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)
DRV:64bit: - [2009/07/14 08:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
DRV:64bit: - [2009/07/14 08:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
DRV:64bit: - [2009/07/14 08:06:28 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
DRV:64bit: - [2009/07/14 08:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/14 08:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
DRV:64bit: - [2009/07/14 08:06:22 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
DRV:64bit: - [2009/07/14 08:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
DRV:64bit: - [2009/07/14 08:06:13 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
DRV:64bit: - [2009/07/14 08:06:06 | 000,172,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2009/07/14 08:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/14 08:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/14 08:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
DRV:64bit: - [2009/07/14 08:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
DRV:64bit: - [2009/07/14 08:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
DRV:64bit: - [2009/07/14 08:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
DRV:64bit: - [2009/07/14 08:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
DRV:64bit: - [2009/07/14 08:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
DRV:64bit: - [2009/07/14 08:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
DRV:64bit: - [2009/07/14 08:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
DRV:64bit: - [2009/07/14 08:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/14 08:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
DRV:64bit: - [2009/07/14 08:00:20 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
DRV:64bit: - [2009/07/14 08:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
DRV:64bit: - [2009/07/14 08:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
DRV:64bit: - [2009/07/14 08:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2009/07/14 08:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2009/07/14 08:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2009/07/14 08:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2009/07/14 08:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2009/07/14 08:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/14 07:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/14 07:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/14 07:47:45 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
DRV:64bit: - [2009/07/14 07:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
DRV:64bit: - [2009/07/14 07:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
DRV:64bit: - [2009/07/14 07:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
DRV:64bit: - [2009/07/14 07:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/14 07:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
DRV:64bit: - [2009/07/14 07:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/14 07:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
DRV:64bit: - [2009/07/14 07:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/14 07:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
DRV:64bit: - [2009/07/14 07:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/14 07:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2009/07/14 07:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2009/07/14 07:24:10 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2009/07/14 07:23:57 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2009/07/14 07:23:37 | 000,327,168 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2009/07/14 07:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2009/07/14 07:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2009/07/14 07:22:20 | 000,751,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2009/07/14 07:21:29 | 000,259,072 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2009/07/14 07:21:15 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2009/07/14 07:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2009/07/14 07:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
DRV:64bit: - [2009/07/14 07:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2009/07/14 07:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2009/07/14 07:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2009/07/14 07:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2009/07/14 07:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2009/07/14 07:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
DRV:64bit: - [2009/07/14 07:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
DRV:64bit: - [2009/07/14 07:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/07/14 07:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
DRV:64bit: - [2009/06/11 04:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
DRV:64bit: - [2009/06/11 04:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV:64bit: - [2009/06/11 04:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV:64bit: - [2009/06/11 04:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
DRV:64bit: - [2009/06/11 04:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
DRV:64bit: - [2009/06/11 04:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\windows\SysNative\drivers\secdrv.sys -- (secdrv)
DRV:64bit: - [2009/06/11 04:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/11 04:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/11 04:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/pdfcreator1/{058ECE46-1259-47CF-905F-2B0905D957A4}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/pdfcreator1/{058ECE46-1259-47CF-905F-2B0905D957A4}
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {E4909DCE-C9D4-480F-846F-B0545B5C586B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=IPGTDF&PC=IPGTDF&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/pdfcreator1/{058ECE46-1259-47CF-905F-2B0905D957A4}?q={searchTerms}
IE - HKCU\..\SearchScopes\{A2366C97-31AA-4756-9B2E-22F321F6A066}: "URL" = http://www.baidu.com/baidu?tn=dealio_dg&wd={searchTerms}
IE - HKCU\..\SearchScopes\{E4909DCE-C9D4-480F-846F-B0545B5C586B}: "URL" = http://malaysia.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "百度"
FF - prefs.js..browser.search.selectedEngine: "百度"
FF - prefs.js..extensions.enabledAddons: wtxpcom@mybrowserbar.com:6.0
FF - prefs.js..extensions.enabledAddons: youtubedownloader@mybrowserbar.com:6.0
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:10.0.2
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&ilc=12&p="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Erfan Fiqre\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Erfan Fiqre\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Erfan Fiqre\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/09/19 10:41:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/29 23:00:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/03/10 18:21:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erfan Fiqre\AppData\Roaming\Mozilla\Extensions
[2011/06/03 22:51:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erfan Fiqre\AppData\Roaming\Mozilla\Firefox\extensions
[2011/06/03 22:51:48 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Erfan Fiqre\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/09/19 10:10:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Erfan Fiqre\AppData\Roaming\Mozilla\Firefox\Profiles\pj6dvev2.default\extensions
[2012/03/10 18:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/03/10 18:21:23 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/09/19 10:10:52 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
File not found (No name found) -- C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\FF
[2012/02/16 22:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/10/13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/02/16 18:42:53 | 000,001,394 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom.xml
[2012/02/16 18:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 18:42:53 | 000,001,131 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay.xml
[2012/02/16 18:42:53 | 000,002,364 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2012/02/16 18:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/02/16 18:42:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia.xml
[2012/02/16 18:42:53 | 000,001,096 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - homepage: http://1intra/Pages/Portal.aspx
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://1intra/Pages/Portal.aspx
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Erfan Fiqre\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: Gmail = C:\Users\Erfan Fiqre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/09/19 11:23:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110425224102.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120310191243.dll (McAfee, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\PDF Creator FileBulldog Toolbar\tbcore3.dll ()
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKCU..\Run: [ares] C:\Program Files (x86)\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Erfan Fiqre\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Ż - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://cn.zs.yahoo.com/start.htm?source=yzs_icon&btn=yassistnew File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://securevpn.tm.com.my/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E649F547-F920-4A2A-BD04-BC827319F3D1}: DhcpNameServer = 202.188.0.133 202.188.1.5
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8FFE68D-9D4D-464C-B394-43100681B797}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA3F9217-02B3-4F4D-BFB4-0092469BDABF}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/11/21 16:33:27 | 000,000,122 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (FbDefrag)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/21 22:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/09/21 21:57:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/21 21:57:44 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/09/21 21:52:34 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Erfan Fiqre\Desktop\tdsskiller (1).exe
[2012/09/21 21:41:52 | 000,000,000 | ---D | C] -- C:\77cd0f90af9dac237da0127d34f16e86
[2012/09/21 04:12:39 | 000,000,000 | ---D | C] -- C:\FRST
[2012/09/21 02:54:25 | 000,000,000 | -HSD | C] -- C:\Boot
[2012/09/19 11:27:52 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/09/19 11:23:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/19 10:35:09 | 000,000,000 | ---D | C] -- C:\Intel
[2012/09/19 10:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2012/09/19 10:11:37 | 000,000,000 | ---D | C] -- C:\Drivers
[2012/09/19 10:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTD Toolbar
[2012/09/19 10:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2012/09/19 10:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2012/08/29 19:26:14 | 000,000,000 | ---D | C] -- C:\Users\Erfan Fiqre\AppData\Roaming\Malwarebytes
[2012/08/29 19:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/29 19:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/29 14:27:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/29 14:27:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/29 14:27:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/29 14:27:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/29 14:26:58 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2012/08/29 14:22:31 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/08/24 09:31:30 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/24 09:31:30 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/24 09:31:30 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/24 09:31:07 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/08/24 09:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CCA9FEEB22CB02E9114B4F147CE7

========== Files - Modified Within 30 Days ==========

[2012/09/21 22:14:15 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
[2012/09/21 22:12:23 | 000,131,519 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2012/09/21 22:12:03 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/21 22:11:55 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/09/21 22:11:51 | 3206,959,104 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/21 22:02:19 | 000,000,932 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001UA.job
[2012/09/21 21:57:48 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/21 21:56:14 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/21 21:56:14 | 000,013,632 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/21 21:52:15 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Erfan Fiqre\Desktop\tdsskiller (1).exe
[2012/09/19 11:23:19 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/09/19 10:02:00 | 000,000,880 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001Core.job
[2012/09/19 09:53:12 | 000,727,310 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/09/19 09:53:12 | 000,629,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/09/19 09:53:12 | 000,111,212 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/29 09:53:51 | 000,000,908 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/29 08:22:41 | 000,000,952 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001UA.job
[2012/08/29 08:22:41 | 000,000,930 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-275896978-3790811924-1966285712-1001Core.job
[2012/08/24 18:35:13 | 000,319,592 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/24 09:37:06 | 000,000,597 | ---- | M] () -- C:\windows\SysNative\MRT.INI

========== Files Created - No Company Name ==========

[2012/09/21 21:57:48 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/29 14:27:31 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/29 14:27:31 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/29 14:27:31 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/29 14:27:31 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/29 14:27:31 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/02/23 18:59:54 | 000,000,000 | ---- | C] () -- C:\windows\PowerReg.dat
[2012/01/26 18:12:03 | 000,003,584 | ---- | C] () -- C:\Users\Erfan Fiqre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/24 13:21:49 | 000,735,230 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/08/05 18:55:36 | 000,074,752 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011/03/18 14:45:52 | 000,000,512 | ---- | C] () -- C:\windows\previous.bin
[2011/03/18 14:45:52 | 000,000,512 | ---- | C] () -- C:\windows\current.bin
[2011/03/18 14:28:32 | 002,086,240 | ---- | C] () -- C:\windows\SysWow64\LenovoVeriface.Interface.dll
[2011/03/18 14:28:32 | 001,500,512 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011/03/18 14:28:32 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011/03/18 14:28:32 | 000,472,416 | ---- | C] () -- C:\windows\SysWow64\Lenovo.VerifaceStub.dll
[2011/03/18 14:28:24 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011/03/18 14:20:42 | 000,001,823 | ---- | C] () -- C:\windows\vm332Rmv.ini
[2011/03/18 14:20:42 | 000,001,823 | ---- | C] () -- C:\windows\SysWow64\vm332Rmv.ini
[2011/03/18 14:17:22 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011/03/18 14:09:41 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/03/18 14:05:06 | 000,002,888 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2012/05/28 15:37:10 | 000,000,082 | ---- | M] () -- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KA6SSYX8\t.cxt.ms\lso.swf\u.sol
[2012/03/10 18:51:59 | 000,000,082 | ---- | M] () -- C:\Users\Erfan Fiqre\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WZ3999NX\t.cxt.ms\lso.swf\u.sol
[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:346465CA
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:63E350F9
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:FBE81670
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:E40EED9B
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:2AFE7797
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:25FBE882

< End of report >

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,446 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:06:29 PM

Posted 21 September 2012 - 03:19 PM

  • Please double-click OTL.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the quote below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    :OTL
    @Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:346465CA
    @Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:63E350F9
    @Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:FBE81670
    @Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:E40EED9B
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:2AFE7797
    @Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:25FBE882

    :files
    C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KA6SSYX8\t.cxt.ms\lso.swf\u.sol
    C:\Users\Erfan Fiqre\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\WZ3999NX\t.cxt.ms\lso.swf\u.sol
    C:\windows\assembly\Desktop.ini

    :Commands
    [EMPTYTEMP]
    [RESETHOSTS]
    [EMPTYJAVA]
    [REBOOT]

  • Return to OTL, right click in the "Custom Scans/Fixes" window and choose Paste.
  • Click the red Run Fix button.
  • The computer will restart
  • A report will be produced and saved in the C:\_OTL\MovedFiles folder. Open that report and post its contents in a reply.

How is the computer doing?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users