Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by ZeroAccess Virus


  • Please log in to reply
15 replies to this topic

#1 Chae

Chae

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 08:07 AM

Hi,

I think I'm infected by one or more virusses. I'm not an expert but spending some time on google have led me to believe that I may be infected by Win64.ZeroAccess.a.

The virus may have been on my laptop (a Lenovo Thinkpad running Windows 7) for a while. I noticed strange behaviour from my McAfee antivirus: On Access Scan is disabled and I cannot enable it. When I try to access the console I get the following error: "The ordinal 1112 could not be located in the dynamic link library WSOCK32.dll.". I have also noticed that I cannot enable the Windows Firewall, I get the following error when I try to do so: "Windows Firewall can't change some of your settings. Error code 0x80070424."

I haven't found any self-help guide about how to remove this virus. Any help much appreciated!

thx

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 08:15 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 08:51 AM

Here's the output:

1) TDSSkiller

14:18:33.0110 2532 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:18:33.0394 2532 ============================================================
14:18:33.0394 2532 Current date / time: 2012/11/02 14:18:33.0394
14:18:33.0394 2532 SystemInfo:
14:18:33.0394 2532
14:18:33.0394 2532 OS Version: 6.1.7601 ServicePack: 1.0
14:18:33.0394 2532 Product type: Workstation
14:18:33.0394 2532 ComputerName: THINK-THOMASD
14:18:33.0395 2532 UserName: TD
14:18:33.0395 2532 Windows directory: C:\Windows
14:18:33.0395 2532 System windows directory: C:\Windows
14:18:33.0395 2532 Running under WOW64
14:18:33.0395 2532 Processor architecture: Intel x64
14:18:33.0395 2532 Number of processors: 4
14:18:33.0395 2532 Page size: 0x1000
14:18:33.0395 2532 Boot type: Normal boot
14:18:33.0395 2532 ============================================================
14:18:33.0559 2532 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:18:33.0564 2532 ============================================================
14:18:33.0564 2532 \Device\Harddisk0\DR0:
14:18:33.0564 2532 MBR partitions:
14:18:33.0564 2532 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
14:18:33.0564 2532 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x10880800
14:18:33.0564 2532 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10AD9000, BlocksNum 0x1F40000
14:18:33.0564 2532 ============================================================
14:18:33.0566 2532 C: <-> \Device\Harddisk0\DR0\Partition2
14:18:33.0567 2532 Q: <-> \Device\Harddisk0\DR0\Partition3
14:18:33.0567 2532 ============================================================
14:18:33.0567 2532 Initialize success
14:18:33.0567 2532 ============================================================
14:18:57.0382 6840 ============================================================
14:18:57.0382 6840 Scan started
14:18:57.0382 6840 Mode: Manual; TDLFS;
14:18:57.0382 6840 ============================================================
14:18:57.0528 6840 ================ Scan system memory ========================
14:18:57.0528 6840 System memory - ok
14:18:57.0528 6840 ================ Scan services =============================
14:18:57.0600 6840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:18:57.0602 6840 1394ohci - ok
14:18:57.0611 6840 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
14:18:57.0612 6840 5U877 - ok
14:18:57.0620 6840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:18:57.0622 6840 ACPI - ok
14:18:57.0626 6840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:18:57.0627 6840 AcpiPmi - ok
14:18:57.0635 6840 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
14:18:57.0636 6840 AcPrfMgrSvc - ok
14:18:57.0640 6840 [ 58F7D09BACA61B019227AF0D07564739 ] ACSSCR C:\Windows\system32\DRIVERS\a38usb.sys
14:18:57.0640 6840 ACSSCR - ok
14:18:57.0646 6840 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
14:18:57.0648 6840 AcSvc - ok
14:18:57.0682 6840 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:18:57.0683 6840 AdobeFlashPlayerUpdateSvc - ok
14:18:57.0693 6840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:18:57.0695 6840 adp94xx - ok
14:18:57.0703 6840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:18:57.0705 6840 adpahci - ok
14:18:57.0710 6840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:18:57.0711 6840 adpu320 - ok
14:18:57.0716 6840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:18:57.0717 6840 AeLookupSvc - ok
14:18:57.0726 6840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:18:57.0729 6840 AFD - ok
14:18:57.0732 6840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:18:57.0733 6840 agp440 - ok
14:18:57.0736 6840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:18:57.0737 6840 ALG - ok
14:18:57.0740 6840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:18:57.0740 6840 aliide - ok
14:18:57.0744 6840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:18:57.0745 6840 amdide - ok
14:18:57.0749 6840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:18:57.0749 6840 AmdK8 - ok
14:18:57.0753 6840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:18:57.0754 6840 AmdPPM - ok
14:18:57.0758 6840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:18:57.0759 6840 amdsata - ok
14:18:57.0764 6840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:18:57.0765 6840 amdsbs - ok
14:18:57.0768 6840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:18:57.0769 6840 amdxata - ok
14:18:57.0772 6840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:18:57.0773 6840 AppID - ok
14:18:57.0776 6840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:18:57.0776 6840 AppIDSvc - ok
14:18:57.0780 6840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:18:57.0780 6840 Appinfo - ok
14:18:57.0786 6840 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:18:57.0787 6840 Apple Mobile Device - ok
14:18:57.0792 6840 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:18:57.0793 6840 AppMgmt - ok
14:18:57.0796 6840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:18:57.0797 6840 arc - ok
14:18:57.0801 6840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:18:57.0801 6840 arcsas - ok
14:18:57.0805 6840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:18:57.0806 6840 AsyncMac - ok
14:18:57.0809 6840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:18:57.0809 6840 atapi - ok
14:18:57.0822 6840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:18:57.0826 6840 AudioEndpointBuilder - ok
14:18:57.0837 6840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:18:57.0840 6840 AudioSrv - ok
14:18:57.0847 6840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:18:57.0847 6840 AxInstSV - ok
14:18:57.0857 6840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:18:57.0859 6840 b06bdrv - ok
14:18:57.0866 6840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:18:57.0867 6840 b57nd60a - ok
14:18:57.0874 6840 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
14:18:57.0875 6840 BBSvc - ok
14:18:57.0879 6840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:18:57.0880 6840 BDESVC - ok
14:18:57.0884 6840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:18:57.0884 6840 Beep - ok
14:18:57.0899 6840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:18:57.0904 6840 BITS - ok
14:18:57.0909 6840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:18:57.0910 6840 blbdrive - ok
14:18:57.0919 6840 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:18:57.0921 6840 Bonjour Service - ok
14:18:57.0925 6840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:18:57.0926 6840 bowser - ok
14:18:57.0930 6840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:18:57.0930 6840 BrFiltLo - ok
14:18:57.0933 6840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:18:57.0933 6840 BrFiltUp - ok
14:18:57.0938 6840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:18:57.0939 6840 Browser - ok
14:18:57.0945 6840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:18:57.0946 6840 Brserid - ok
14:18:57.0950 6840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:18:57.0950 6840 BrSerWdm - ok
14:18:57.0953 6840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:18:57.0954 6840 BrUsbMdm - ok
14:18:57.0957 6840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:18:57.0957 6840 BrUsbSer - ok
14:18:57.0961 6840 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:18:57.0961 6840 BthEnum - ok
14:18:57.0964 6840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:18:57.0965 6840 BTHMODEM - ok
14:18:57.0970 6840 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:18:57.0971 6840 BthPan - ok
14:18:57.0980 6840 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:18:57.0983 6840 BTHPORT - ok
14:18:57.0988 6840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:18:57.0989 6840 bthserv - ok
14:18:57.0992 6840 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:18:57.0993 6840 BTHUSB - ok
14:18:58.0002 6840 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
14:18:58.0004 6840 BTWAMPFL - ok
14:18:58.0010 6840 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:18:58.0011 6840 btwaudio - ok
14:18:58.0016 6840 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:18:58.0017 6840 btwavdt - ok
14:18:58.0034 6840 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
14:18:58.0039 6840 btwdins - ok
14:18:58.0042 6840 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:18:58.0043 6840 btwl2cap - ok
14:18:58.0047 6840 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:18:58.0047 6840 btwrchid - ok
14:18:58.0051 6840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:18:58.0052 6840 cdfs - ok
14:18:58.0057 6840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:18:58.0057 6840 cdrom - ok
14:18:58.0062 6840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:18:58.0062 6840 CertPropSvc - ok
14:18:58.0067 6840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:18:58.0068 6840 circlass - ok
14:18:58.0075 6840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:18:58.0077 6840 CLFS - ok
14:18:58.0085 6840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:18:58.0086 6840 clr_optimization_v2.0.50727_32 - ok
14:18:58.0094 6840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:18:58.0094 6840 clr_optimization_v2.0.50727_64 - ok
14:18:58.0104 6840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:18:58.0104 6840 clr_optimization_v4.0.30319_32 - ok
14:18:58.0115 6840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:18:58.0116 6840 clr_optimization_v4.0.30319_64 - ok
14:18:58.0119 6840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:18:58.0119 6840 CmBatt - ok
14:18:58.0123 6840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:18:58.0123 6840 cmdide - ok
14:18:58.0133 6840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:18:58.0135 6840 CNG - ok
14:18:58.0157 6840 [ DB6F09464C57606892BF6D2458483417 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:18:58.0166 6840 CnxtHdAudService - ok
14:18:58.0171 6840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:18:58.0171 6840 Compbatt - ok
14:18:58.0175 6840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:18:58.0175 6840 CompositeBus - ok
14:18:58.0178 6840 COMSysApp - ok
14:18:58.0182 6840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:18:58.0182 6840 crcdisk - ok
14:18:58.0189 6840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:18:58.0190 6840 CryptSvc - ok
14:18:58.0199 6840 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:18:58.0202 6840 CSC - ok
14:18:58.0213 6840 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:18:58.0216 6840 CscService - ok
14:18:58.0220 6840 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
14:18:58.0220 6840 ctxusbm - ok
14:18:58.0225 6840 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
14:18:58.0226 6840 CxAudMsg - ok
14:18:58.0238 6840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:18:58.0241 6840 DcomLaunch - ok
14:18:58.0248 6840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:18:58.0250 6840 defragsvc - ok
14:18:58.0253 6840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:18:58.0254 6840 DfsC - ok
14:18:58.0261 6840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:18:58.0262 6840 Dhcp - ok
14:18:58.0265 6840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:18:58.0266 6840 discache - ok
14:18:58.0270 6840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:18:58.0271 6840 Disk - ok
14:18:58.0275 6840 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:18:58.0275 6840 dmvsc - ok
14:18:58.0280 6840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:18:58.0281 6840 Dnscache - ok
14:18:58.0287 6840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:18:58.0289 6840 dot3svc - ok
14:18:58.0299 6840 [ E6987F7818154791A6937BCC6655599B ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
14:18:58.0301 6840 DozeSvc - ok
14:18:58.0306 6840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:18:58.0308 6840 DPS - ok
14:18:58.0311 6840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:18:58.0312 6840 drmkaud - ok
14:18:58.0315 6840 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
14:18:58.0315 6840 dsNcAdpt - ok
14:18:58.0328 6840 [ 824C188936FDC1B20FB32192B57CDEBA ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
14:18:58.0331 6840 dsNcService - ok
14:18:58.0345 6840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:18:58.0350 6840 DXGKrnl - ok
14:18:58.0354 6840 [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
14:18:58.0354 6840 DzHDD64 - ok
14:18:58.0361 6840 [ 426A0AE0B9F4F1CF4BA6FAF4EE28E5B0 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
14:18:58.0363 6840 e1cexpress - ok
14:18:58.0367 6840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:18:58.0368 6840 EapHost - ok
14:18:58.0407 6840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:18:58.0424 6840 ebdrv - ok
14:18:58.0428 6840 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
14:18:58.0428 6840 ecnssndis - ok
14:18:58.0432 6840 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
14:18:58.0432 6840 ecnssndisfltr - ok
14:18:58.0435 6840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:18:58.0436 6840 EFS - ok
14:18:58.0449 6840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:18:58.0452 6840 ehRecvr - ok
14:18:58.0456 6840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:18:58.0457 6840 ehSched - ok
14:18:58.0467 6840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:18:58.0469 6840 elxstor - ok
14:18:58.0473 6840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:18:58.0473 6840 ErrDev - ok
14:18:58.0484 6840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:18:58.0486 6840 EventSystem - ok
14:18:58.0508 6840 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:18:58.0516 6840 EvtEng - ok
14:18:58.0522 6840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:18:58.0523 6840 exfat - ok
14:18:58.0528 6840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:18:58.0529 6840 fastfat - ok
14:18:58.0542 6840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:18:58.0545 6840 Fax - ok
14:18:58.0549 6840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:18:58.0549 6840 fdc - ok
14:18:58.0553 6840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:18:58.0554 6840 fdPHost - ok
14:18:58.0557 6840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:18:58.0558 6840 FDResPub - ok
14:18:58.0561 6840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:18:58.0562 6840 FileInfo - ok
14:18:58.0569 6840 [ AD9D3401E1B0949DBC3E59871BC4422F ] FileOpenManagerSvc C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
14:18:58.0571 6840 FileOpenManagerSvc - ok
14:18:58.0575 6840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:18:58.0575 6840 Filetrace - ok
14:18:58.0578 6840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:18:58.0579 6840 flpydisk - ok
14:18:58.0585 6840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:18:58.0586 6840 FltMgr - ok
14:18:58.0604 6840 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:18:58.0609 6840 FontCache - ok
14:18:58.0615 6840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:18:58.0615 6840 FontCache3.0.0.0 - ok
14:18:58.0619 6840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:18:58.0619 6840 FsDepends - ok
14:18:58.0622 6840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:18:58.0623 6840 Fs_Rec - ok
14:18:58.0628 6840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:18:58.0629 6840 fvevol - ok
14:18:58.0635 6840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:18:58.0636 6840 gagp30kx - ok
14:18:58.0639 6840 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:18:58.0639 6840 GEARAspiWDM - ok
14:18:58.0653 6840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:18:58.0656 6840 gpsvc - ok
14:18:58.0661 6840 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:18:58.0662 6840 gupdate - ok
14:18:58.0666 6840 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:18:58.0667 6840 gupdatem - ok
14:18:58.0671 6840 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:18:58.0673 6840 gusvc - ok
14:18:58.0676 6840 [ BA207B48AA3D9D73FD4856400F852458 ] hcmon C:\Windows\system32\drivers\hcmon.sys
14:18:58.0677 6840 hcmon - ok
14:18:58.0680 6840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:18:58.0681 6840 hcw85cir - ok
14:18:58.0688 6840 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:18:58.0689 6840 HdAudAddService - ok
14:18:58.0694 6840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:18:58.0695 6840 HDAudBus - ok
14:18:58.0698 6840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:18:58.0698 6840 HidBatt - ok
14:18:58.0702 6840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:18:58.0703 6840 HidBth - ok
14:18:58.0707 6840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:18:58.0707 6840 HidIr - ok
14:18:58.0710 6840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:18:58.0711 6840 hidserv - ok
14:18:58.0715 6840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:18:58.0716 6840 HidUsb - ok
14:18:58.0720 6840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:18:58.0721 6840 hkmsvc - ok
14:18:58.0726 6840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:18:58.0727 6840 HomeGroupListener - ok
14:18:58.0732 6840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:18:58.0734 6840 HomeGroupProvider - ok
14:18:58.0738 6840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:18:58.0738 6840 HpSAMD - ok
14:18:58.0751 6840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:18:58.0755 6840 HTTP - ok
14:18:58.0758 6840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:18:58.0758 6840 hwpolicy - ok
14:18:58.0762 6840 [ 9149907FF8681AD6475607EEBF62DD2F ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
14:18:58.0763 6840 HyperW7Svc - ok
14:18:58.0767 6840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:18:58.0768 6840 i8042prt - ok
14:18:58.0778 6840 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
14:18:58.0780 6840 iaStor - ok
14:18:58.0788 6840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:18:58.0790 6840 iaStorV - ok
14:18:58.0794 6840 [ A9BD44426A69079240767FE4AEE0EA71 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
14:18:58.0795 6840 IBMPMDRV - ok
14:18:58.0798 6840 [ 57D4A3ED5497DB0C5A53E680A9BDD1C6 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
14:18:58.0799 6840 IBMPMSVC - ok
14:18:58.0812 6840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:18:58.0815 6840 idsvc - ok
14:18:58.0955 6840 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:18:59.0008 6840 igfx - ok
14:18:59.0017 6840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:18:59.0017 6840 iirsp - ok
14:18:59.0031 6840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:18:59.0035 6840 IKEEXT - ok
14:18:59.0044 6840 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:18:59.0045 6840 IntcDAud - ok
14:18:59.0048 6840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:18:59.0049 6840 intelide - ok
14:18:59.0052 6840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:18:59.0053 6840 intelppm - ok
14:18:59.0058 6840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:18:59.0059 6840 IPBusEnum - ok
14:18:59.0062 6840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:18:59.0063 6840 IpFilterDriver - ok
14:18:59.0066 6840 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:18:59.0067 6840 IPMIDRV - ok
14:18:59.0071 6840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:18:59.0072 6840 IPNAT - ok
14:18:59.0085 6840 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:18:59.0088 6840 iPod Service - ok
14:18:59.0091 6840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:18:59.0092 6840 IRENUM - ok
14:18:59.0095 6840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:18:59.0096 6840 isapnp - ok
14:18:59.0103 6840 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:18:59.0104 6840 iScsiPrt - ok
14:18:59.0110 6840 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
14:18:59.0111 6840 jhi_service - ok
14:18:59.0114 6840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:18:59.0115 6840 kbdclass - ok
14:18:59.0119 6840 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:18:59.0119 6840 kbdhid - ok
14:18:59.0122 6840 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:18:59.0124 6840 KeyIso - ok
14:18:59.0128 6840 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:18:59.0128 6840 KSecDD - ok
14:18:59.0133 6840 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:18:59.0134 6840 KSecPkg - ok
14:18:59.0139 6840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:18:59.0139 6840 ksthunk - ok
14:18:59.0146 6840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:18:59.0148 6840 KtmRm - ok
14:18:59.0152 6840 [ 0FEF994D890C92D8F23442BC52D4FEA9 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
14:18:59.0153 6840 l36wgps - ok
14:18:59.0159 6840 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:18:59.0161 6840 LanmanServer - ok
14:18:59.0165 6840 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:18:59.0166 6840 LanmanWorkstation - ok
14:18:59.0171 6840 [ 1EF45F1BD62B8F4C19458326A3E91930 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
14:18:59.0171 6840 LENOVO.CAMMUTE - ok
14:18:59.0175 6840 [ FCE735941DA27929DBFC1918F286FFD8 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
14:18:59.0175 6840 LENOVO.MICMUTE - ok
14:18:59.0179 6840 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
14:18:59.0180 6840 lenovo.smi - ok
14:18:59.0183 6840 [ 448BE3E001004A55E8A959C57E17F6D8 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
14:18:59.0184 6840 LENOVO.TPKNRSVC - ok
14:18:59.0187 6840 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
14:18:59.0188 6840 Lenovo.VIRTSCRLSVC - ok
14:18:59.0191 6840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:18:59.0191 6840 lltdio - ok
14:18:59.0198 6840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:18:59.0200 6840 lltdsvc - ok
14:18:59.0203 6840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:18:59.0204 6840 lmhosts - ok
14:18:59.0212 6840 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:18:59.0214 6840 LMS - ok
14:18:59.0220 6840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:18:59.0221 6840 LSI_FC - ok
14:18:59.0225 6840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:18:59.0226 6840 LSI_SAS - ok
14:18:59.0229 6840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:18:59.0230 6840 LSI_SAS2 - ok
14:18:59.0234 6840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:18:59.0234 6840 LSI_SCSI - ok
14:18:59.0239 6840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:18:59.0239 6840 luafv - ok
14:18:59.0248 6840 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
14:18:59.0250 6840 Mbm3CBus - ok
14:18:59.0259 6840 [ DB6FA599AA79324E287C4EAF6020DA37 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
14:18:59.0261 6840 Mbm3DevMt - ok
14:18:59.0264 6840 [ 2F71EDB697752D409B9983F0E1D88F70 ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
14:18:59.0264 6840 Mbm3mdfl - ok
14:18:59.0273 6840 [ 21B412A36DE3CCFE4E13383B88CFC90C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
14:18:59.0275 6840 Mbm3Mdm - ok
14:18:59.0280 6840 [ 4A6DD3C84AA2FDDA86EFAA527D8AB7B6 ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
14:18:59.0281 6840 McAfeeEngineService - ok
14:18:59.0285 6840 [ C341D64C9F3B39CB56F9712335C33717 ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
14:18:59.0286 6840 McAfeeFramework - ok
14:18:59.0294 6840 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
14:18:59.0295 6840 McComponentHostService - ok
14:18:59.0300 6840 [ 39244B1D160FEC32EE4A7EA2635986C8 ] McShield C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
14:18:59.0301 6840 McShield - ok
14:18:59.0304 6840 [ 9DF3A434657512B31549F8D20AFFAD5F ] McTaskManager C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
14:18:59.0305 6840 McTaskManager - ok
14:18:59.0309 6840 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:18:59.0309 6840 Mcx2Svc - ok
14:18:59.0313 6840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:18:59.0313 6840 megasas - ok
14:18:59.0320 6840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:18:59.0321 6840 MegaSR - ok
14:18:59.0325 6840 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:18:59.0325 6840 MEIx64 - ok
14:18:59.0329 6840 [ 4DEA3F2DC347DEA7CB4535680C0E03F1 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
14:18:59.0330 6840 mfeapfk - ok
14:18:59.0334 6840 [ E555FED8762CBEE0A91C47450F81654E ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
14:18:59.0334 6840 mfeavfk - ok
14:18:59.0343 6840 [ F3CE7173922B89CFA909695A489A0E9E ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
14:18:59.0345 6840 mfehidk - ok
14:18:59.0349 6840 [ A4F8465B956571AB296EB70C167754DB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
14:18:59.0350 6840 mferkdet - ok
14:18:59.0353 6840 [ 4339AEE8F042ECB4292CD36D84A7CC2F ] mfetdik C:\Windows\system32\drivers\mfetdik.sys
14:18:59.0354 6840 mfetdik - ok
14:18:59.0357 6840 [ DBEB6C9C637703C51356F5A1C932FF51 ] mfevtp C:\Windows\system32\mfevtps.exe
14:18:59.0358 6840 mfevtp - ok
14:18:59.0367 6840 Microsoft SharePoint Workspace Audit Service - ok
14:18:59.0370 6840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:18:59.0371 6840 MMCSS - ok
14:18:59.0374 6840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:18:59.0375 6840 Modem - ok
14:18:59.0380 6840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:18:59.0380 6840 monitor - ok
14:18:59.0384 6840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:18:59.0385 6840 mouclass - ok
14:18:59.0389 6840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
14:18:59.0389 6840 mouhid - ok
14:18:59.0393 6840 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:18:59.0393 6840 mountmgr - ok
14:18:59.0398 6840 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:18:59.0399 6840 MozillaMaintenance - ok
14:18:59.0404 6840 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:18:59.0405 6840 mpio - ok
14:18:59.0409 6840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:18:59.0409 6840 mpsdrv - ok
14:18:59.0415 6840 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:18:59.0416 6840 MRxDAV - ok
14:18:59.0423 6840 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:18:59.0424 6840 mrxsmb - ok
14:18:59.0430 6840 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:18:59.0431 6840 mrxsmb10 - ok
14:18:59.0435 6840 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:18:59.0436 6840 mrxsmb20 - ok
14:18:59.0441 6840 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:18:59.0441 6840 msahci - ok
14:18:59.0445 6840 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:18:59.0446 6840 msdsm - ok
14:18:59.0450 6840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:18:59.0452 6840 MSDTC - ok
14:18:59.0458 6840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:18:59.0458 6840 Msfs - ok
14:18:59.0461 6840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:18:59.0462 6840 mshidkmdf - ok
14:18:59.0464 6840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:18:59.0465 6840 msisadrv - ok
14:18:59.0470 6840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:18:59.0471 6840 MSiSCSI - ok
14:18:59.0473 6840 msiserver - ok
14:18:59.0477 6840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:18:59.0478 6840 MSKSSRV - ok
14:18:59.0481 6840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:18:59.0482 6840 MSPCLOCK - ok
14:18:59.0484 6840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:18:59.0485 6840 MSPQM - ok
14:18:59.0492 6840 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:18:59.0494 6840 MsRPC - ok
14:18:59.0498 6840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:18:59.0499 6840 mssmbios - ok
14:18:59.0502 6840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:18:59.0503 6840 MSTEE - ok
14:18:59.0506 6840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:18:59.0506 6840 MTConfig - ok
14:18:59.0510 6840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:18:59.0510 6840 Mup - ok
14:18:59.0519 6840 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:18:59.0522 6840 napagent - ok
14:18:59.0529 6840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:18:59.0530 6840 NativeWifiP - ok
14:18:59.0544 6840 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:18:59.0548 6840 NDIS - ok
14:18:59.0552 6840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:18:59.0552 6840 NdisCap - ok
14:18:59.0555 6840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:18:59.0556 6840 NdisTapi - ok
14:18:59.0559 6840 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:18:59.0559 6840 Ndisuio - ok
14:18:59.0565 6840 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:59.0566 6840 NdisWan - ok
14:18:59.0570 6840 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:18:59.0570 6840 NDProxy - ok
14:18:59.0574 6840 [ 057F3685EE5C2A1DABF52F1F1CE9ED13 ] NEOFLTR_7112_21827 C:\Windows\system32\Drivers\NEOFLTR_7112_21827.SYS
14:18:59.0575 6840 NEOFLTR_7112_21827 - ok
14:18:59.0578 6840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:18:59.0579 6840 NetBIOS - ok
14:18:59.0585 6840 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:18:59.0587 6840 NetBT - ok
14:18:59.0590 6840 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:18:59.0591 6840 Netlogon - ok
14:18:59.0597 6840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:18:59.0600 6840 Netman - ok
14:18:59.0608 6840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:18:59.0611 6840 netprofm - ok
14:18:59.0615 6840 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:18:59.0615 6840 NetTcpPortSharing - ok
14:18:59.0701 6840 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
14:18:59.0734 6840 NETwNs64 - ok
14:18:59.0741 6840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:18:59.0741 6840 nfrd960 - ok
14:18:59.0748 6840 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:18:59.0750 6840 NlaSvc - ok
14:18:59.0753 6840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:18:59.0754 6840 Npfs - ok
14:18:59.0757 6840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:18:59.0758 6840 nsi - ok
14:18:59.0761 6840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:18:59.0761 6840 nsiproxy - ok
14:18:59.0782 6840 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:18:59.0789 6840 Ntfs - ok
14:18:59.0792 6840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:18:59.0793 6840 Null - ok
14:18:59.0797 6840 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
14:18:59.0797 6840 nusb3hub - ok
14:18:59.0802 6840 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
14:18:59.0804 6840 nusb3xhc - ok
14:18:59.0808 6840 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:18:59.0809 6840 nvraid - ok
14:18:59.0814 6840 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:18:59.0815 6840 nvstor - ok
14:18:59.0819 6840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:18:59.0820 6840 nv_agp - ok
14:18:59.0825 6840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:18:59.0825 6840 ohci1394 - ok
14:18:59.0830 6840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:18:59.0831 6840 ose - ok
14:18:59.0885 6840 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:18:59.0905 6840 osppsvc - ok
14:18:59.0915 6840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:18:59.0917 6840 p2pimsvc - ok
14:18:59.0927 6840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:18:59.0929 6840 p2psvc - ok
14:18:59.0933 6840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:18:59.0933 6840 Parport - ok
14:18:59.0937 6840 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:18:59.0938 6840 partmgr - ok
14:18:59.0943 6840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:18:59.0945 6840 PcaSvc - ok
14:18:59.0949 6840 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:18:59.0950 6840 pci - ok
14:18:59.0953 6840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:18:59.0954 6840 pciide - ok
14:18:59.0959 6840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:18:59.0960 6840 pcmcia - ok
14:18:59.0964 6840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:18:59.0965 6840 pcw - ok
14:18:59.0975 6840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:18:59.0978 6840 PEAUTH - ok
14:18:59.0997 6840 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:19:00.0003 6840 PeerDistSvc - ok
14:19:00.0030 6840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:19:00.0031 6840 PerfHost - ok
14:19:00.0037 6840 [ 18EEA095AF22AC5FA16FC27FB98C82D3 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
14:19:00.0038 6840 PHCORE - ok
14:19:00.0056 6840 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:19:00.0062 6840 pla - ok
14:19:00.0073 6840 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:19:00.0075 6840 PlugPlay - ok
14:19:00.0078 6840 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
14:19:00.0079 6840 pmxdrv - ok
14:19:00.0082 6840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:19:00.0083 6840 PNRPAutoReg - ok
14:19:00.0090 6840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:19:00.0092 6840 PNRPsvc - ok
14:19:00.0102 6840 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:19:00.0105 6840 PolicyAgent - ok
14:19:00.0112 6840 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
14:19:00.0113 6840 Power - ok
14:19:00.0118 6840 [ AF7186CF9909BEF0D86097175175178F ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
14:19:00.0118 6840 Power Manager DBC Service - ok
14:19:00.0122 6840 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:19:00.0123 6840 PptpMiniport - ok
14:19:00.0128 6840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:19:00.0128 6840 Processor - ok
14:19:00.0134 6840 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:19:00.0136 6840 ProfSvc - ok
14:19:00.0139 6840 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:19:00.0140 6840 ProtectedStorage - ok
14:19:00.0143 6840 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
14:19:00.0143 6840 psadd - ok
14:19:00.0149 6840 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:19:00.0150 6840 Psched - ok
14:19:00.0170 6840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:19:00.0176 6840 ql2300 - ok
14:19:00.0181 6840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:19:00.0182 6840 ql40xx - ok
14:19:00.0188 6840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:19:00.0189 6840 QWAVE - ok
14:19:00.0193 6840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:19:00.0193 6840 QWAVEdrv - ok
14:19:00.0196 6840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:19:00.0197 6840 RasAcd - ok
14:19:00.0200 6840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:19:00.0201 6840 RasAgileVpn - ok
14:19:00.0205 6840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:19:00.0206 6840 RasAuto - ok
14:19:00.0210 6840 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:19:00.0211 6840 Rasl2tp - ok
14:19:00.0218 6840 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:19:00.0220 6840 RasMan - ok
14:19:00.0224 6840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:19:00.0225 6840 RasPppoe - ok
14:19:00.0229 6840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:19:00.0230 6840 RasSstp - ok
14:19:00.0236 6840 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:19:00.0238 6840 rdbss - ok
14:19:00.0241 6840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:19:00.0241 6840 rdpbus - ok
14:19:00.0244 6840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:19:00.0245 6840 RDPCDD - ok
14:19:00.0252 6840 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:19:00.0253 6840 RDPDR - ok
14:19:00.0255 6840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:19:00.0256 6840 RDPENCDD - ok
14:19:00.0260 6840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:19:00.0260 6840 RDPREFMP - ok
14:19:00.0266 6840 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:19:00.0267 6840 RDPWD - ok
14:19:00.0272 6840 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:19:00.0273 6840 rdyboost - ok
14:19:00.0286 6840 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:19:00.0290 6840 RegSrvc - ok
14:19:00.0294 6840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:19:00.0295 6840 RemoteAccess - ok
14:19:00.0300 6840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:19:00.0301 6840 RemoteRegistry - ok
14:19:00.0306 6840 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:19:00.0307 6840 RFCOMM - ok
14:19:00.0311 6840 [ 819FE65AE1C0312B535B7AA54D30CFDA ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
14:19:00.0312 6840 risdxc - ok
14:19:00.0315 6840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:19:00.0316 6840 RpcEptMapper - ok
14:19:00.0319 6840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:19:00.0320 6840 RpcLocator - ok
14:19:00.0330 6840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:19:00.0332 6840 RpcSs - ok
14:19:00.0336 6840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:19:00.0336 6840 rspndr - ok
14:19:00.0339 6840 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:19:00.0340 6840 s3cap - ok
14:19:00.0343 6840 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:19:00.0344 6840 SamSs - ok
14:19:00.0346 6840 SAService - ok
14:19:00.0352 6840 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:19:00.0352 6840 sbp2port - ok
14:19:00.0358 6840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:19:00.0359 6840 SCardSvr - ok
14:19:00.0362 6840 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:19:00.0363 6840 scfilter - ok
14:19:00.0377 6840 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:19:00.0382 6840 Schedule - ok
14:19:00.0386 6840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:19:00.0387 6840 SCPolicySvc - ok
14:19:00.0395 6840 [ 2753FCEC7CC62D83201404EEFA00774D ] SCTCleanupService C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SCTCleanupService.exe
14:19:00.0396 6840 SCTCleanupService - ok
14:19:00.0402 6840 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:19:00.0404 6840 SDRSVC - ok
14:19:00.0409 6840 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
14:19:00.0411 6840 SeaPort - ok
14:19:00.0415 6840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:19:00.0415 6840 secdrv - ok
14:19:00.0418 6840 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:19:00.0419 6840 seclogon - ok
14:19:00.0423 6840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:19:00.0424 6840 SENS - ok
14:19:00.0427 6840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:19:00.0428 6840 SensrSvc - ok
14:19:00.0432 6840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:19:00.0432 6840 Serenum - ok
14:19:00.0436 6840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:19:00.0436 6840 Serial - ok
14:19:00.0439 6840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:19:00.0440 6840 sermouse - ok
14:19:00.0448 6840 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:19:00.0449 6840 SessionEnv - ok
14:19:00.0453 6840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:19:00.0453 6840 sffdisk - ok
14:19:00.0456 6840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:19:00.0456 6840 sffp_mmc - ok
14:19:00.0459 6840 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:19:00.0460 6840 sffp_sd - ok
14:19:00.0463 6840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:19:00.0463 6840 sfloppy - ok
14:19:00.0472 6840 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:19:00.0474 6840 ShellHWDetection - ok
14:19:00.0478 6840 [ 380B52126E62C6C2D3C8BA805AADFDC7 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
14:19:00.0479 6840 Shockprf - ok
14:19:00.0483 6840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:19:00.0483 6840 SiSRaid2 - ok
14:19:00.0487 6840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:19:00.0488 6840 SiSRaid4 - ok
14:19:00.0493 6840 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:19:00.0494 6840 SkypeUpdate - ok
14:19:00.0498 6840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:19:00.0499 6840 Smb - ok
14:19:00.0502 6840 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
14:19:00.0502 6840 smihlp - ok
14:19:00.0510 6840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:19:00.0511 6840 SNMPTRAP - ok
14:19:00.0514 6840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:19:00.0514 6840 spldr - ok
14:19:00.0524 6840 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:19:00.0527 6840 Spooler - ok
14:19:00.0565 6840 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:19:00.0580 6840 sppsvc - ok
14:19:00.0585 6840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:19:00.0586 6840 sppuinotify - ok
14:19:00.0597 6840 [ 47118A04B1D4DCCCE3A1CDA3C10095B9 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
14:19:00.0599 6840 SROSVC - ok
14:19:00.0608 6840 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:19:00.0611 6840 srv - ok
14:19:00.0619 6840 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:19:00.0621 6840 srv2 - ok
14:19:00.0626 6840 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:19:00.0627 6840 srvnet - ok
14:19:00.0635 6840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:19:00.0636 6840 SSDPSRV - ok
14:19:00.0640 6840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:19:00.0641 6840 SstpSvc - ok
14:19:00.0644 6840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:19:00.0645 6840 stexstor - ok
14:19:00.0656 6840 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:19:00.0659 6840 stisvc - ok
14:19:00.0663 6840 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:19:00.0663 6840 storflt - ok
14:19:00.0666 6840 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:19:00.0667 6840 StorSvc - ok
14:19:00.0671 6840 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:19:00.0672 6840 storvsc - ok
14:19:00.0676 6840 [ E8029EB9B0D962675EAE956AF0F1FD87 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
14:19:00.0677 6840 SUService - ok
14:19:00.0680 6840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:19:00.0680 6840 swenum - ok
14:19:00.0683 6840 [ 2B15EEB42F5578E931D1FE0426020602 ] SWIX64 C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys
14:19:00.0684 6840 SWIX64 - ok
14:19:00.0692 6840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:19:00.0695 6840 swprv - ok
14:19:00.0718 6840 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:19:00.0724 6840 SynTP - ok
14:19:00.0746 6840 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:19:00.0754 6840 SysMain - ok
14:19:00.0758 6840 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:19:00.0759 6840 TabletInputService - ok
14:19:00.0766 6840 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:19:00.0768 6840 TapiSrv - ok
14:19:00.0772 6840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:19:00.0774 6840 TBS - ok
14:19:00.0798 6840 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:19:00.0806 6840 Tcpip - ok
14:19:00.0830 6840 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:19:00.0837 6840 TCPIP6 - ok
14:19:00.0842 6840 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:19:00.0843 6840 tcpipreg - ok
14:19:00.0847 6840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:19:00.0848 6840 TDPIPE - ok
14:19:00.0851 6840 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:19:00.0851 6840 TDTCP - ok
14:19:00.0857 6840 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:19:00.0857 6840 tdx - ok
14:19:00.0892 6840 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
14:19:00.0904 6840 TeamViewer7 - ok
14:19:00.0908 6840 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:19:00.0908 6840 TermDD - ok
14:19:00.0920 6840 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:19:00.0924 6840 TermService - ok
14:19:00.0927 6840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:19:00.0928 6840 Themes - ok
14:19:00.0932 6840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:19:00.0933 6840 THREADORDER - ok
14:19:00.0937 6840 [ 5523C729F1ED31B63C88490AF3D220FA ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
14:19:00.0938 6840 TPDIGIMN - ok
14:19:00.0942 6840 [ ECB098A3404ACB8A05F0673DC086BB43 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
14:19:00.0943 6840 TPHDEXLGSVC - ok
14:19:00.0948 6840 [ 63626012E44CAAA162677B57B6DCB542 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
14:19:00.0948 6840 TPHKLOAD - ok
14:19:00.0951 6840 [ 9E6E4A9789F76593CC5A6A5AF8FC5929 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
14:19:00.0952 6840 TPHKSVC - ok
14:19:00.0956 6840 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
14:19:00.0957 6840 TPM - ok
14:19:00.0960 6840 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
14:19:00.0961 6840 TPPWRIF - ok
14:19:00.0965 6840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:19:00.0966 6840 TrkWks - ok
14:19:00.0971 6840 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:19:00.0972 6840 TrustedInstaller - ok
14:19:00.0978 6840 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:19:00.0978 6840 tssecsrv - ok
14:19:00.0981 6840 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:19:00.0982 6840 TsUsbFlt - ok
14:19:00.0985 6840 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:19:00.0986 6840 TsUsbGD - ok
14:19:00.0990 6840 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:19:00.0991 6840 tunnel - ok
14:19:00.0995 6840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:19:00.0996 6840 uagp35 - ok
14:19:01.0002 6840 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:19:01.0004 6840 udfs - ok
14:19:01.0013 6840 [ 215462AE7E6A897D675E84DD1E3B3B56 ] ufad-ws60 C:\Program Files\VMware\VMware View\Client\Local Mode\vmware-ufad.exe
14:19:01.0015 6840 ufad-ws60 - ok
14:19:01.0021 6840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:19:01.0022 6840 UI0Detect - ok
14:19:01.0025 6840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:19:01.0026 6840 uliagpkx - ok
14:19:01.0029 6840 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:19:01.0030 6840 umbus - ok
14:19:01.0033 6840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:19:01.0034 6840 UmPass - ok
14:19:01.0040 6840 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:19:01.0041 6840 UmRdpService - ok
14:19:01.0071 6840 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:19:01.0082 6840 UNS - ok
14:19:01.0089 6840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:19:01.0092 6840 upnphost - ok
14:19:01.0096 6840 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
14:19:01.0097 6840 USBAAPL64 - ok
14:19:01.0101 6840 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:19:01.0102 6840 usbccgp - ok
14:19:01.0106 6840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:19:01.0106 6840 usbcir - ok
14:19:01.0110 6840 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:19:01.0111 6840 usbehci - ok
14:19:01.0118 6840 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:19:01.0120 6840 usbhub - ok
14:19:01.0123 6840 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:19:01.0124 6840 usbohci - ok
14:19:01.0127 6840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:19:01.0128 6840 usbprint - ok
14:19:01.0131 6840 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:19:01.0132 6840 USBSTOR - ok
14:19:01.0136 6840 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:19:01.0137 6840 usbuhci - ok
14:19:01.0142 6840 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:19:01.0143 6840 usbvideo - ok
14:19:01.0147 6840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:19:01.0148 6840 UxSms - ok
14:19:01.0151 6840 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:19:01.0152 6840 VaultSvc - ok
14:19:01.0156 6840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:19:01.0156 6840 vdrvroot - ok
14:19:01.0167 6840 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:19:01.0170 6840 vds - ok
14:19:01.0173 6840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:19:01.0174 6840 vga - ok
14:19:01.0177 6840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:19:01.0178 6840 VgaSave - ok
14:19:01.0183 6840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:19:01.0184 6840 vhdmp - ok
14:19:01.0187 6840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:19:01.0188 6840 viaide - ok
14:19:01.0192 6840 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
14:19:01.0193 6840 VIPAppService - ok
14:19:01.0197 6840 [ B42E66036C79F61D3A6F9812239E8B85 ] VMAuthdService C:\Program Files\VMware\VMware View\Client\Local Mode\vmware-authd.exe
14:19:01.0198 6840 VMAuthdService - ok
14:19:01.0204 6840 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:19:01.0205 6840 vmbus - ok
14:19:01.0210 6840 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:19:01.0211 6840 VMBusHID - ok
14:19:01.0215 6840 [ 39B32126D2BB21004D360F2943A96152 ] vmci C:\Windows\system32\drivers\vmci.sys
14:19:01.0215 6840 vmci - ok
14:19:01.0220 6840 [ 1AF6462718E5AB0ED55014A6EF3790EF ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
14:19:01.0220 6840 vmkbd - ok
14:19:01.0223 6840 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:19:01.0224 6840 VMnetAdapter - ok
14:19:01.0227 6840 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:19:01.0228 6840 VMnetBridge - ok
14:19:01.0230 6840 VMnetDHCP - ok
14:19:01.0235 6840 [ 38D7EBFC35C9D59DB777211946047343 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
14:19:01.0236 6840 VMnetuserif - ok
14:19:01.0247 6840 [ F22098DBDD13C1221C274496B3E18DA7 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
14:19:01.0249 6840 VMUSBArbService - ok
14:19:01.0253 6840 VMware NAT Service - ok
14:19:01.0258 6840 [ 1C1111810F0FCD958A6DFE3F869AD80D ] vmwvusb C:\Windows\system32\Drivers\vmwvusb.sys
14:19:01.0258 6840 vmwvusb - ok
14:19:01.0262 6840 [ 31854DC0A3B69CB145835EFBCA24E50C ] vmx86 C:\Windows\system32\drivers\vmx86.sys
14:19:01.0263 6840 vmx86 - ok
14:19:01.0266 6840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:19:01.0267 6840 volmgr - ok
14:19:01.0273 6840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:19:01.0276 6840 volmgrx - ok
14:19:01.0282 6840 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:19:01.0284 6840 volsnap - ok
14:19:01.0289 6840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:19:01.0289 6840 vsmraid - ok
14:19:01.0308 6840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:19:01.0316 6840 VSS - ok
14:19:01.0351 6840 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 C:\Program Files\VMware\VMware View\Client\Local Mode\vstor2-ws60.sys
14:19:01.0351 6840 vstor2-ws60 - ok
14:19:01.0355 6840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:19:01.0356 6840 vwifibus - ok
14:19:01.0362 6840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:19:01.0362 6840 vwififlt - ok
14:19:01.0370 6840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:19:01.0372 6840 W32Time - ok
14:19:01.0378 6840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:19:01.0379 6840 WacomPen - ok
14:19:01.0383 6840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:19:01.0383 6840 WANARP - ok
14:19:01.0387 6840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:19:01.0387 6840 Wanarpv6 - ok
14:19:01.0407 6840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:19:01.0412 6840 WatAdminSvc - ok
14:19:01.0433 6840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:19:01.0440 6840 wbengine - ok
14:19:01.0446 6840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:19:01.0448 6840 WbioSrvc - ok
14:19:01.0455 6840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:19:01.0458 6840 wcncsvc - ok
14:19:01.0461 6840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:19:01.0462 6840 WcsPlugInService - ok
14:19:01.0466 6840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:19:01.0466 6840 Wd - ok
14:19:01.0477 6840 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:19:01.0481 6840 Wdf01000 - ok
14:19:01.0514 6840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:19:01.0516 6840 WdiServiceHost - ok
14:19:01.0520 6840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:19:01.0521 6840 WdiSystemHost - ok
14:19:01.0528 6840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:19:01.0530 6840 WebClient - ok
14:19:01.0536 6840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:19:01.0538 6840 Wecsvc - ok
14:19:01.0542 6840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:19:01.0544 6840 wercplsupport - ok
14:19:01.0548 6840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:19:01.0550 6840 WerSvc - ok
14:19:01.0553 6840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:19:01.0553 6840 WfpLwf - ok
14:19:01.0556 6840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:19:01.0557 6840 WIMMount - ok
14:19:01.0561 6840 WinHttpAutoProxySvc - ok
14:19:01.0573 6840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:19:01.0575 6840 Winmgmt - ok
14:19:01.0600 6840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:19:01.0609 6840 WinRM - ok
14:19:01.0615 6840 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
14:19:01.0616 6840 WinUsb - ok
14:19:01.0631 6840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:19:01.0636 6840 Wlansvc - ok
14:19:01.0641 6840 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:19:01.0642 6840 wlcrasvc - ok
14:19:01.0668 6840 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:19:01.0677 6840 wlidsvc - ok
14:19:01.0682 6840 WMCoreService - ok
14:19:01.0686 6840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:19:01.0687 6840 WmiAcpi - ok
14:19:01.0693 6840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:19:01.0694 6840 wmiApSrv - ok
14:19:01.0697 6840 WMPNetworkSvc - ok
14:19:01.0702 6840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:19:01.0703 6840 WPCSvc - ok
14:19:01.0707 6840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:19:01.0708 6840 WPDBusEnum - ok
14:19:01.0712 6840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:19:01.0712 6840 ws2ifsl - ok
14:19:01.0714 6840 WSearch - ok
14:19:01.0728 6840 [ 3CF81F104137457A7F32C274709635BE ] wsnm C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
14:19:01.0730 6840 wsnm - ok
14:19:01.0746 6840 [ AFD194F6C3FAF4D29493AD2DF28B46BF ] wsnm_usbctrl C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
14:19:01.0751 6840 wsnm_usbctrl - ok
14:19:01.0778 6840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:19:01.0789 6840 wuauserv - ok
14:19:01.0794 6840 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:19:01.0795 6840 WudfPf - ok
14:19:01.0800 6840 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:19:01.0801 6840 WUDFRd - ok
14:19:01.0806 6840 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:19:01.0807 6840 wudfsvc - ok
14:19:01.0812 6840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:19:01.0814 6840 WwanSvc - ok
14:19:01.0820 6840 [ DDA7CD9F319AA76385F24BB2BD320044 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
14:19:01.0822 6840 WwanUsbServ - ok
14:19:01.0833 6840 ================ Scan global ===============================
14:19:01.0835 6840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:19:01.0840 6840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:19:01.0847 6840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:19:01.0850 6840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:19:01.0857 6840 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
14:19:01.0859 6840 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
14:19:01.0859 6840 C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
14:19:01.0860 6840 ================ Scan MBR ==================================
14:19:01.0862 6840 [ C6805E24642393A06493D40A91C061CB ] \Device\Harddisk0\DR0
14:19:02.0009 6840 \Device\Harddisk0\DR0 - ok
14:19:02.0009 6840 ================ Scan VBR ==================================
14:19:02.0011 6840 [ D53BC473EBDF245E88E2202CA5A0AA8F ] \Device\Harddisk0\DR0\Partition1
14:19:02.0012 6840 \Device\Harddisk0\DR0\Partition1 - ok
14:19:02.0014 6840 [ EB618404C8C11B7C109DD801217898E6 ] \Device\Harddisk0\DR0\Partition2
14:19:02.0015 6840 \Device\Harddisk0\DR0\Partition2 - ok
14:19:02.0017 6840 [ B28BD36C28A49DA960299FC18770BB7B ] \Device\Harddisk0\DR0\Partition3
14:19:02.0018 6840 \Device\Harddisk0\DR0\Partition3 - ok
14:19:02.0018 6840 ============================================================
14:19:02.0018 6840 Scan finished
14:19:02.0018 6840 ============================================================
14:19:02.0025 1376 Detected object count: 1
14:19:02.0025 1376 Actual detected object count: 1
14:19:41.0944 1376 C:\Windows\system32\services.exe - copied to quarantine
14:19:42.0091 1376 C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
14:19:42.0091 1376 C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
14:19:43.0028 1376 Backup copy not found, trying to cure infected file..
14:19:43.0028 1376 C:\Windows\system32\services.exe - Cure failed (FFFFFFFF)
14:19:43.0028 1376 C:\Windows\system32\services.exe - processing error
14:19:43.0028 1376 C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure
14:19:50.0258 6816 Deinitialize success

2) aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-02 14:20:36
-----------------------------
14:20:36.670 OS Version: Windows x64 6.1.7601 Service Pack 1
14:20:36.670 Number of processors: 4 586 0x2A07
14:20:36.670 ComputerName: THINK-THOMASD UserName: TD
14:20:36.904 Initialize success
14:21:20.295 AVAST engine defs: 12110200
14:22:00.013 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:22:00.013 Disk 0 Vendor: INTEL_SS 4PC1 Size: 152627MB BusType: 3
14:22:00.013 Disk 0 MBR read successfully
14:22:00.013 Disk 0 MBR scan
14:22:00.013 Disk 0 unknown MBR code
14:22:00.013 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1200 MB offset 2048
14:22:00.013 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 135425 MB offset 2459648
14:22:00.013 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 16000 MB offset 279810048
14:22:00.029 Disk 0 scanning C:\Windows\system32\drivers
14:22:02.899 Service scanning
14:22:11.043 Modules scanning
14:22:11.058 Disk 0 trace - called modules:
14:22:11.058 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
14:22:11.058 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005759060]
14:22:11.058 3 CLASSPNP.SYS[fffff88001b4c43f] -> nt!IofCallDriver -> [0xfffffa8003c6be40]
14:22:11.058 5 ACPI.sys[fffff88000f687a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8003c6a050]
14:22:11.323 AVAST engine scan C:\Windows
14:22:11.823 AVAST engine scan C:\Windows\system32
14:22:36.689 File: C:\Windows\system32\services.exe **INFECTED** Win32:Sirefef-ZT [Trj]
14:22:46.143 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:22:46.720 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
14:23:16.048 AVAST engine scan C:\Windows\system32\drivers
14:23:19.542 AVAST engine scan C:\Users\TD
14:23:34.409 Disk 0 MBR has been saved successfully to "C:\Users\TD\Desktop\MBR.dat"
14:23:34.425 The log file has been saved successfully to "C:\Users\TD\Desktop\aswMBR.txt"


3) ESET

C:\TDSSKiller_Quarantine\02.11.2012_14.18.33\zasubsys0000\file0000\tsk0000.dta Win64/Patched.A.Gen trojan deleted - quarantined
C:\TDSSKiller_Quarantine\02.11.2012_14.18.33\zasubsys0000\zafs0000\tsk0000.dta Win32/Sirefef.EZ trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.11.2012_14.18.33\zasubsys0000\zafs0000\tsk0001.dta Win64/Sirefef.W trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 09:26 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 10:16 AM

Here's the requested output:

1)Malwarebytes

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.02.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
TD :: THINK-THOMASD [administrator]

02/11/2012 15:47:00
mbam-log-2012-11-02 (15-47-00).txt

Scan type: Full scan (C:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 331806
Time elapsed: 9 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

2)Mini toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by TD (administrator) on 02-11-2012 at 15:57:55
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
Intel® 82579LM Gigabit Network Connection = Local Area Connection (Media disconnected)
F5521gw Mobile Broadband Driver = Mobile Broadband Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=??3 subinterface=ethernet_6 mtu=1477
add address name="VMware Network Adapter VMnet1" address=192.168.209.1 mask=255.255.255.0
add address name="VMware Network Adapter VMnet8" address=192.168.30.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : THINK-ThomasD
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physical Address. . . . . . . . . : 00-FF-B0-7B-5B-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Mobile Broadband adapter Mobile Broadband Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : F5521gw Mobile Broadband Driver
Physical Address. . . . . . . . . : 02-80-37-EC-02-00
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : A0-88-B4-98-67-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4075:4edc:c761:369d%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 02 November 2012 11:56:03
Lease Expires . . . . . . . . . . : 02 November 2012 17:56:04
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 379619508
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B0-53-63-F0-DE-F1-72-6D-2C
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : F0-DE-F1-72-6D-2C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fd1a:710a:4f00:da26%19(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.209.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 520114262
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B0-53-63-F0-DE-F1-72-6D-2C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::15d2:88f9:6178:f4b0%21(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.30.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 553668694
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B0-53-63-F0-DE-F1-72-6D-2C
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B03AA914-1093-4ABA-B24C-DADE4E797BE8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{60D839D4-FBF0-4B86-85FC-4E36EEEF76F2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{587B7FE4-341A-4101-BA6C-4F30087B76BF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D9C71213-91EA-4CA4-835F-678A694D886A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A53ED6B8-A729-4FEA-BB68-59C114728B6A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Pinging google.com [173.194.34.98] with 32 bytes of data:
Reply from 173.194.34.98: bytes=32 time=99ms TTL=56
Reply from 173.194.34.98: bytes=32 time=133ms TTL=56

Ping statistics for 173.194.34.98:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 99ms, Maximum = 133ms, Average = 116ms

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=407ms TTL=50
Reply from 98.139.183.24: bytes=32 time=724ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 407ms, Maximum = 724ms, Average = 565ms

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
18...00 ff b0 7b 5b 06 ......Juniper Network Connect Virtual Adapter
16...02 80 37 ec 02 00 ......F5521gw Mobile Broadband Driver
15...a0 88 b4 98 67 10 ......Intel® Centrino® Advanced-N 6205
13...f0 de f1 72 6d 2c ......Intel® 82579LM Gigabit Network Connection
19...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
21...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
192.168.30.0 255.255.255.0 On-link 192.168.30.1 276
192.168.30.1 255.255.255.255 On-link 192.168.30.1 276
192.168.30.255 255.255.255.255 On-link 192.168.30.1 276
192.168.209.0 255.255.255.0 On-link 192.168.209.1 276
192.168.209.1 255.255.255.255 On-link 192.168.209.1 276
192.168.209.255 255.255.255.255 On-link 192.168.209.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.209.1 276
224.0.0.0 240.0.0.0 On-link 192.168.30.1 276
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.209.1 276
255.255.255.255 255.255.255.255 On-link 192.168.30.1 276
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
19 276 fe80::/64 On-link
21 276 fe80::/64 On-link
15 281 fe80::/64 On-link
21 276 fe80::15d2:88f9:6178:f4b0/128
On-link
15 281 fe80::4075:4edc:c761:369d/128
On-link
19 276 fe80::fd1a:710a:4f00:da26/128
On-link
1 306 ff00::/8 On-link
19 276 ff00::/8 On-link
21 276 ff00::/8 On-link
15 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 C:\Program Files\VMware\VMware View\Client\Local Mode\vsocklib.dll [346736] (VMware, Inc.)
Catalog9 13 C:\Program Files\VMware\VMware View\Client\Local Mode\vsocklib.dll [346736] (VMware, Inc.)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog9 12 C:\Program Files\VMware\VMware View\Client\Local Mode\x64\vsocklib.dll [446576] (VMware, Inc.)
x64-Catalog9 13 C:\Program Files\VMware\VMware View\Client\Local Mode\x64\vsocklib.dll [446576] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/02/2012 02:24:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/02/2012 02:24:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/02/2012 02:24:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/02/2012 02:24:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/02/2012 02:24:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/02/2012 11:56:15 AM) (Source: Application Error) (User: )
Description: Faulting application name: McShield.exe, version: 14.1.0.447, time stamp: 0x48c165a0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17932, time stamp: 0x503285c2
Exception code: 0x000006be
Fault offset: 0x000000000000caed
Faulting process id: 0xcd8
Faulting application start time: 0xMcShield.exe0
Faulting application path: McShield.exe1
Faulting module path: McShield.exe2
Report Id: McShield.exe3

Error: (11/02/2012 11:56:13 AM) (Source: McLogEvent) (User: NT AUTHORITY)NT AUTHORITY
Description: Exception in McShield.Exe!

Exception details follow :

VSCORE.14.1.0.447
Exception Code : 0X00000000000006BE
Exception Address : 0X000007FEFDE7CAED
Exception Parameters : 0

More information :
Exception in initialisation : progress = 53.

Error: (11/02/2012 11:56:13 AM) (Source: Application Error) (User: )
Description: Faulting application name: mfeann.exe, version: 14.1.0.447, time stamp: 0x48c1655a
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x0000000000027665
Faulting process id: 0xd30
Faulting application start time: 0xmfeann.exe0
Faulting application path: mfeann.exe1
Faulting module path: mfeann.exe2
Report Id: mfeann.exe3

Error: (11/02/2012 11:55:58 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2012 11:32:33 AM) (Source: Application Error) (User: )
Description: Faulting application name: McShield.exe, version: 14.1.0.447, time stamp: 0x48c165a0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17932, time stamp: 0x503285c2
Exception code: 0x000006be
Fault offset: 0x000000000000caed
Faulting process id: 0xca4
Faulting application start time: 0xMcShield.exe0
Faulting application path: McShield.exe1
Faulting module path: McShield.exe2
Report Id: McShield.exe3


System errors:
=============
Error: (11/02/2012 11:58:24 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (11/02/2012 11:58:24 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (11/02/2012 11:58:19 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/02/2012 11:56:15 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly. It has done this 1 time(s).

Error: (11/02/2012 11:56:14 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/02/2012 11:56:14 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/02/2012 11:56:14 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/02/2012 11:56:14 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/02/2012 11:56:02 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (11/02/2012 11:34:32 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.


Microsoft Office Sessions:
=========================
Error: (11/02/2012 02:24:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\TD\Desktop\esetsmartinstaller_enu.exe

Error: (11/02/2012 02:24:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\TD\Desktop\esetsmartinstaller_enu.exe

Error: (11/02/2012 02:24:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\TD\Desktop\esetsmartinstaller_enu.exe

Error: (11/02/2012 02:24:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\TD\Desktop\esetsmartinstaller_enu.exe

Error: (11/02/2012 02:24:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\TD\Downloads\esetsmartinstaller_enu.exe

Error: (11/02/2012 11:56:15 AM) (Source: Application Error)(User: )
Description: McShield.exe14.1.0.44748c165a0KERNELBASE.dll6.1.7601.17932503285c2000006be000000000000caedcd801cdb8e8a3be283cC:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exeC:\Windows\system32\KERNELBASE.dlleb86fe33-24db-11e2-a1e8-028037ec0200

Error: (11/02/2012 11:56:13 AM) (Source: McLogEvent)(User: NT AUTHORITY)NT AUTHORITY
Description: VSCORE.14.1.0.447
Exception Code : 0X00000000000006BE
Exception Address : 0X000007FEFDE7CAED
Exception Parameters : 0

More information :
Exception in initialisation : progress = 53.

Error: (11/02/2012 11:56:13 AM) (Source: Application Error)(User: )
Description: mfeann.exe14.1.0.44748c1655antdll.dll6.1.7601.177254ec4aa8ec00000050000000000027665d3001cdb8e8a3c2bc1dC:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\mfeann.exeC:\Windows\SYSTEM32\ntdll.dllea66f7b2-24db-11e2-a1e8-028037ec0200

Error: (11/02/2012 11:55:58 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/02/2012 11:32:33 AM) (Source: Application Error)(User: )
Description: McShield.exe14.1.0.44748c165a0KERNELBASE.dll6.1.7601.17932503285c2000006be000000000000caedca401cdb8e554621d84C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exeC:\Windows\system32\KERNELBASE.dll9bf5aacd-24d8-11e2-a5a5-028037ec0200


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 9.5.2 (Version: 9.5.2)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Belgium e-ID middleware 4.0.4 (build 7251) (Version: 4.0.7251)
Bing Bar (Version: 7.0.610.0)
BitTorrent (Version: 7.7.0.27987)
Bonjour (Version: 3.0.0.10)
Broadcom InConcert Maestro (Version: 1.0.1.1500)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Conexant 20672 SmartAudio HD (Version: 8.32.23.0)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Create Recovery Media (Version: 1.20.0.00)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (Version: 1.00)
Dropbox (Version: 1.4.7)
EMC SourceOne Offline Access (Version: 6.62.1019)
ESET Online Scanner v3
FileOpen Client (x64) (Version: 3.0.47.900)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (Version: 1.1.0.1147)
Integrated Camera TWAIN (Version: 1.0.11.1223)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Identity Protection Technology 1.1.2.0 (Version: 1.1.2.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2321)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Juniper Networks Network Connect 6.5.0 (Version: 6.5.0.17087)
Juniper Networks Secure Application Manager (Version: 7.1.12.21827)
Juniper Networks, Inc. Setup Client (Version: 7.1.10.21853)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Auto Scroll Utility (Version: 1.00)
Lenovo Mobile Broadband Activation (Version: 4.0.0014.00)
Lenovo Registration (Version: 1.0.2)
Lenovo Screen Reading Optimizer (Version: 1.06)
Lenovo System Interface Driver (Version: 1.05)
Lenovo ThinkVantage Toolbox (Version: 6.0.5849.23)
Lenovo User Guide (Version: 1.0.0008.00)
Lenovo Warranty Information (Version: 1.0.0005.00)
Lenovo Welcome (Version: 2.02.003.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
McAfee Agent (Version: 4.0.0.1345)
McAfee Security Scan Plus (Version: 3.0.207.4)
McAfee VirusScan Enterprise (Version: 8.7.0)
Mesh Runtime (Version: 15.4.5722.2)
Message Center Plus (Version: 2.0.0012.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mobile Broadband Drivers (Version: 6.3.3.6)
Mozilla Firefox 16.0.2 (x86 nl) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
On Screen Display (Version: 6.23.01)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
RapidBoot (Version: 1.00)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
RICOH_Media_Driver_v2.13.18.02 (Version: 2.13.18.02)
Skype™ 5.10 (Version: 5.10.116)
Sophos Virus Removal Tool (Version: 2.2)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (Version: 0.6.4)
SugarSync Manager (Version: 1.9.80.99361)
System Update (Version: 4.00.0048)
TeamViewer 7 (Version: 7.0.14563)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.1500)
ThinkPad FullScreen Magnifier (Version: 2.23)
ThinkPad Power Management Driver (Version: 1.62.00.00)
ThinkPad Power Manager (Version: 3.48)
ThinkPad UltraNav Driver (Version: 15.3.6.0)
ThinkPad UltraNav Utility (Version: 2.13.0)
ThinkVantage Access Connections (Version: 5.83)
ThinkVantage Active Protection System (Version: 1.74)
ThinkVantage AutoLock (Version: 1.01)
ThinkVantage Communications Utility (Version: 2.06)
ThinkVantage Fingerprint Software (Version: 5.9.4.6882)
ThinkVantage GPS (Version: 2.71)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VIP Access (Version: 2.0.5.13)
VitalSource Bookshelf (Version: 5.05.0032)
VLC media player 2.0.2 (Version: 2.0.2)
VMware View Client (Version: 4.6.0.366101)
Windows Driver Package - Fedict SmartCard (10/04/2011 4.0.0.5) (Version: 10/04/2011 4.0.0.5)
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (Version: 12/21/2010 11.8.84.0)
Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (Version: 10/19/2010 7.0.0.1144)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (Version: 09/10/2010 9.2.0.1011)
Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) (Version: 10/04/2010 9.2.0.1015)
Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) (Version: 09/16/2010 9.2.0.1013)
Windows Driver Package - Lenovo 1.62.00.00 (01/19/2011 1.62.00.00) (Version: 01/19/2011 1.62.00.00)
Windows Driver Package - Synaptics (SynTP) Mouse (05/05/2011 15.3.6.0) (Version: 05/05/2011 15.3.6.0)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (Version: 15.4.5722.2)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3983.23 MB
Available physical RAM: 1902.9 MB
Total Pagefile: 7964.66 MB
Available Pagefile: 6064.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.16 MB

========================= Partitions: =====================================

1 Drive c: (Windows7_OS) (Fixed) (Total:132.25 GB) (Free:54.33 GB) NTFS
2 Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:0 GB) NTFS

========================= Users: ========================================

User accounts for \\THINK-THOMASD

__vmware_user__ Administrator Guest
TD

========================= Restore Points ==================================

27-09-2012 19:56:20 Windows Update
03-10-2012 10:33:32 Windows Backup
03-10-2012 10:54:28 Windows Update
07-10-2012 20:51:04 Windows Backup
10-10-2012 23:27:05 Installed iTunes
11-10-2012 00:21:04 Windows Update
15-10-2012 19:57:53 Windows Backup
22-10-2012 18:14:00 Windows Backup
29-10-2012 19:43:15 Windows Backup
02-11-2012 10:38:22 Installed Sophos Virus Removal Tool.

**** End of log ****

3) FSS

Farbar Service Scanner Version: 27-10-2012
Ran by TD (administrator) on 02-11-2012 at 15:59:54
Running from "C:\Users\TD\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

4) AdwCleaner

# AdwCleaner v2.006 - Logfile created 11/02/2012 at 16:00:44
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : TD - THINK-THOMASD
# Boot Mode : Normal
# Running from : C:\Users\TD\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\TD\AppData\Local\Ilivid Player

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (nl)

Profile name : default
File : C:\Users\TD\AppData\Roaming\Mozilla\Firefox\Profiles\uiehy28k.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [933 octets] - [02/11/2012 16:00:44]

########## EOF - C:\AdwCleaner[S1].txt - [992 octets] ##########


5) JRT

Junkware Removal Tool (JRT) by Thisisu
Version: 2.4.5 (11.02.2012)
OS: Windows 7 Professional x64
Ran by TD on 02/11/2012 at 16:03:30.32
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 02/11/2012 at 16:12:54.81
End of Report

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 10:25 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 10:36 AM

1) new FSS log:

Farbar Service Scanner Version: 27-10-2012
Ran by TD (administrator) on 02-11-2012 at 16:30:01
Running from "C:\Users\TD\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

2) RKill

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/02/2012 04:31:25 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\vmnat.exe (PID: 3052) [WD-HEUR]

1 proccess terminated!

Possibly Patched Files.

* C:\Windows\system32\services.exe

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\TD\Desktop\rkill\rkill-11-02-2012-04-32-02.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* C:\Windows\System32\services.exe [NoSig]
+-> C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe : 328,704 : 07/14/2009 00:39 AM : 24acb7e5be595468e3b9aa488b9b4fcb [Pos Repl]

Checking HOSTS File:

* No issues found.

Program finished at: 11/02/2012 04:32:16 PM
Execution time: 0 hours(s), 0 minute(s), and 50 seconds(s)

3) Autoruns

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AcWin7Hlpr" "Access Connections Toolbar Enabler Module" "Lenovo" "c:\program files (x86)\lenovo\access connections\actbenabler.exe"
+ "ALCKRESI.EXE" "ThinkVantage AutoLock Resident module" "Lenovo Group Limited" "c:\program files\lenovo\autolock\alckresi.exe"
+ "ForteConfig" "FMAPP Application" "" "c:\program files\conexant\forteconfig\fmapp.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "LENOVO.TPKNRRES" "Microphone volume control module" "Lenovo Group Limited" "c:\program files\lenovo\communications utility\tpknrres.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "SmartAudio" "SmartAudio Control Panel application" "Conexant systems, Inc." "c:\program files\conexant\saii\saiicpl.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
+ "TpShocks" "ThinkVantage Active Protection System" "Lenovo." "c:\windows\system32\tpshocks.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe"
+ "beid" "" "" "File not found: C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe"
+ "ConnectionCenter" "Citrix online plug-in Connection Center" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\concentr.exe"
+ "IMSS" "PIcon startup utility" "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\imss\piconstartup.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Lenovo Registration" "Lenovo Registration" "Lenovo, Inc." "c:\program files (x86)\lenovo registration\lenovoreg.exe"
+ "McAfeeUpdaterUI" "Common User Interface" "McAfee, Inc." "c:\program files (x86)\mcafee\common framework\udaterui.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "PWMTRV" "ThinkPad Power Manager Background Monitor and Tray Battery Gauge" "Lenovo Group Limited" "c:\program files (x86)\thinkpad\utilities\pwmtr64v.dll"
+ "RotateImage" "RCIMGDIR" "Ricoh co.,Ltd." "c:\program files (x86)\integrated camera driver\x64\rcimgdir.exe"
+ "ShStatEXE" "VirusScan tray icon" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\shstat.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "VMware hqtray" "" "" "File not found: C:\Program Files\VMware\VMware View\Client\Local Mode\hqtray.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\thinkpad\bluetooth software\bttray.exe"
+ "McAfee Security Scan Plus.lnk" "McAfee Security Scanner Scheduler" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.207\ssscheduler.exe"
"C:\Users\TD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropbox.exe"
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SugarSync" "SugarSync Manager" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncmanager.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "SugarSync" "SugarSync Explorer Shell Extensions" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\x64\shext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\shext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\x64\shext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\shext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\thinkpad\bluetooth software\btncopy.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "SugarSync" "SugarSync Explorer Shell Extensions" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll"
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\x64\shext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "VirusScan" "Shell Extension" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\shext.dll"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "SugarSyncBackedUp" "SugarSync Explorer Shell Extensions" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll"
+ "SugarSyncPending" "SugarSync Explorer Shell Extensions" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll"
+ "SugarSyncRoot" "SugarSync Explorer Shell Extensions" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll"
+ "SugarSyncShared" "SugarSync Explorer Shell Extensions" "SugarSync, Inc." "c:\program files (x86)\sugarsync\sugarsyncshellext_x64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\users\td\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\x64\scriptsn.dll"
+ "Symantec VIP Access Add-On" "Symantec VIP Access Add-On" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\64bit\vipaddonforie64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "scriptproxy" "VSCore Script Scanner" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\scriptsn.dll"
+ "Symantec VIP Access Add-On" "Symantec VIP Access Add-On" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\vipaddonforie.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\thinkpad\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\thinkpad\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\Lenovo\SROptimizer" "Lenovo Screen Reading Optimizer Resident Module" "Lenovo Group Limited" "c:\program files (x86)\lenovo\screen reading optimizer\srorest.exe"
+ "\MCP" "Message Center Plus Launcher" "" "c:\program files (x86)\lenovo\message center plus\mcplaunch.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\PCDEventLauncher" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\pc-doctor\sessionchecker.exe"
+ "\PCDoctorBackgroundMonitorTask" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\pc-doctor\uaclauncher.exe"
+ "\PMTask" "ThinkPad Power Manager Idle Task" "Lenovo Group Limited" "c:\program files (x86)\thinkpad\utilities\pwmidtsv.exe"
+ "\SystemToolsDailyTest" "PC-Doctor Module" "PC-Doctor, Inc." "c:\program files\pc-doctor\uaclauncher.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AcPrfMgrSvc" "ThinkVantage Access Connections Profile Manager Service" "Lenovo" "c:\program files (x86)\lenovo\access connections\acprfmgrsvc.exe"
+ "AcSvc" "ThinkVantage Access Connections Main Service" "Lenovo" "c:\program files (x86)\lenovo\access connections\acsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\thinkpad\bluetooth software\btwdins.exe"
+ "CxAudMsg" "Monitors audio device events and forward them to subscribing application. If this service is stop. the aduio effects will not function properly." "Conexant Systems Inc." "c:\windows\system32\cxaudmsg64.exe"
+ "DozeSvc" "Doze Mode Service Program" "Lenovo." "c:\program files (x86)\thinkpad\utilities\dzsvc64.exe"
+ "dsNcService" "Manages secure network connections" "Juniper Networks" "c:\program files (x86)\juniper networks\common files\dsncservice.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FileOpenManagerSvc" "FileOpen client manager" "FileOpen Systems Inc." "c:\programdata\fileopen\services\fileopenmanagersvc64.exe"
+ "gupdate" "Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Zorgt ervoor dat u altijd beschikt over de nieuwste Google-software. Als deze service wordt uitgeschakeld of afgebroken, wordt uw Google-software niet bijgewerkt. Hierdoor kunnen beveiligingsrisico's mogelijk niet worden verholpen of kunnen bepaalde functies niet werken. Deze service verwijdert zichzelf wanneer er geen Google-software is waarvoor de service wordt gebruikt." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HyperW7Svc" "HyperW7 Service" "Lenovo Group Limited" "c:\program files\lenovo\rapidboot\hyperw7svc64.exe"
+ "IBMPMSVC" "ThinkPad Power Management Service" "Lenovo." "c:\windows\system32\ibmpmsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "jhi_service" "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology" "Intel Corporation" "c:\program files (x86)\intel\services\ipt\jhi_service.exe"
+ "LENOVO.CAMMUTE" "Camera Mute Control Service for ThinkPad" "Lenovo Group Limited" "c:\program files\lenovo\communications utility\cammute.exe"
+ "LENOVO.MICMUTE" "Microphone Mute Controll Service for ThinkPad" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\micmute.exe"
+ "LENOVO.TPKNRSVC" "Microphone volume control service" "Lenovo Group Limited" "c:\program files\lenovo\communications utility\tpknrsvc.exe"
+ "Lenovo.VIRTSCRLSVC" "Auto Scroll Start Service" "Lenovo Group Limited" "c:\program files\lenovo\virtscrl\lvvsst.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "McAfeeEngineService" "McAfee Engine-service" "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\x64\engineserver.exe"
+ "McAfeeFramework" "Framework voor gedeelde componenten voor McAfee-producten" "McAfee, Inc." "c:\program files (x86)\mcafee\common framework\frameworkservice.exe"
+ "McComponentHostService" "McAfee Security Scan Component Host Service" "McAfee, Inc." "c:\program files (x86)\mcafee security scan\3.0.207\mcchsvc.exe"
+ "McShield" "McAfee-functies voor het beveiligen van uw computer met Scannen bij toegang." "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\x64\mcshield.exe"
+ "McTaskManager" "McAfee-functies voor het plannen van scan- en bijwerkactiviteiten." "McAfee, Inc." "c:\program files (x86)\mcafee\virusscan enterprise\vstskmgr.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe"
+ "MozillaMaintenance" "De Mozilla Maintenance Service zorgt ervoor dat u de nieuwste en meest veilige versie van Mozilla Firefox op uw computer hebt. Het actueel houden van Firefox is zeer belangrijk voor uw online-veiligheid, en Mozilla raadt ten zeerste aan deze service ingeschakeld te houden." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "Power Manager DBC Service" "Power Manager Dynamic Brightness Control Service" "Lenovo" "c:\program files (x86)\thinkpad\utilities\pwmdbsvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SAService" "SmartAudio Helper service" "Conexant Systems, Inc." "c:\windows\syswow64\sasrv.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "SROSVC" "Lenovo Screen Reading Optimizer Service" "Lenovo Group Limited" "c:\program files (x86)\lenovo\screen reading optimizer\srosvc.exe"
+ "SUService" "ThinkVantage System Update" "Lenovo Group Limited" "c:\program files (x86)\lenovo\system update\suservice.exe"
+ "TeamViewer7" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version7\teamviewer_service.exe"
+ "TPHDEXLGSVC" "ThinkVantage Active Protection System - HDD Logger Module" "Lenovo." "c:\windows\system32\tphdexlg64.exe"
+ "TPHKLOAD" "ThinkPad Message Client Loader" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphkload.exe"
+ "TPHKSVC" "On screen display Fn+Fx handler" "Lenovo Group Limited" "c:\program files\lenovo\hotkey\tphksvc.exe"
+ "ufad-ws60" "VMware Agent Service" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\vmware-ufad.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "VIPAppService" "VIP Service" "Symantec Corporation" "c:\program files (x86)\symantec\vip access client\vipappservice.exe"
+ "VMAuthdService" "Authorization and authentication service for starting and accessing virtual machines" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\vmware-authd.exe"
+ "VMnetDHCP" "DHCP service for virtual networks." "VMware, Inc." "c:\windows\syswow64\vmnetdhcp.exe"
+ "VMUSBArbService" "VMware USB Arbitration Service" "VMware, Inc." "c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator.exe"
+ "VMware NAT Service" "Network address translation for virtual networks." "VMware, Inc." "c:\windows\syswow64\vmnat.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMCoreService" "Mobile Broadband Service" "Ericsson AB" "c:\program files (x86)\mobile broadband drivers\wmcore\mini_wmcore.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "wsnm" "Provides View Client services." "VMware, Inc." "c:\program files\vmware\vmware view\client\bin\wsnm.exe"
+ "wsnm_usbctrl" "Provides VMware View USB Control services." "VMware, Inc." "c:\program files\vmware\vmware view\client\bin\wsnm_usbctrl.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "5U877" "Ricoh USB Camera driver" "Ricoh co.,Ltd." "c:\windows\system32\drivers\5u877.sys"
+ "ACSSCR" "PCSC/CCID IFD Handler" "Advanced Card Systems Ltd" "c:\windows\system32\drivers\a38usb.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTWAMPFL" "btwampfl Bluetooth filter driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwampfl.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "CnxtHdAudService" "64-bit High Definition Audio Function Driver" "Conexant Systems Inc." "c:\windows\system32\drivers\chdrt64.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "dsNcAdpt" "dsNcAdapter" "Juniper Networks" "c:\windows\system32\drivers\dsncadpt.sys"
+ "DzHDD64" "Doze Mode Kernel Driver for HDD control" "Lenovo." "c:\windows\system32\drivers\dzhdd64.sys"
+ "e1cexpress" "Intel® Gigabit Adapter NDIS 6.x driver" "Intel Corporation" "c:\windows\system32\drivers\e1c62x64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "ecnssndis" "Ericsson WWAN Selective suspend Device Driver" "Ericsson AB" "c:\windows\system32\drivers\wwuss64.sys"
+ "ecnssndisfltr" "Ericsson WWAN Selective suspend Filter Driver" "Ericsson AB" "c:\windows\system32\drivers\wwussf64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcmon" "VMware USB Driver." "VMware, Inc." "c:\windows\system32\drivers\hcmon.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IBMPMDRV" "ThinkPad Power Management Driver" "Lenovo." "c:\windows\system32\drivers\ibmpmdrv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "l36wgps" " Mobile Broadband GPS Port" "Ericsson AB" "c:\windows\system32\drivers\l36wgps64.sys"
+ "lenovo.smi" "SMI Driver for Lenovo system" "Lenovo Group Limited" "c:\windows\system32\drivers\smiifx64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "Mbm3CBus" "F3607gw Mobile Broadband Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\mbm3cbus.sys"
+ "Mbm3DevMt" " Mobile Broadband Device Management Driver (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\mbm3devmt.sys"
+ "Mbm3mdfl" " Mobile Broadband Modem Port Filter" "MCCI Corporation" "c:\windows\system32\drivers\mbm3mdfl.sys"
+ "Mbm3Mdm" " Mobile Broadband Modem Port Driver" "MCCI Corporation" "c:\windows\system32\drivers\mbm3mdm.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfetdik" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfetdik.sys"
+ "NEOFLTR_7112_21827" "NetBIOS Redirector" "Juniper Networks" "c:\windows\system32\drivers\neofltr_7112_21827.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PCDSRVC{127174DC-C366ED8B-06020200}_0" "Kernel Driver" "PC-Doctor, Inc." "c:\program files\pc-doctor\pcdsrvc_x64.pkms"
+ "PHCORE" "RapidBoot Driver" "Lenovo Group Limited" "c:\program files\lenovo\rapidboot\phcore64.sys"
+ "pmxdrv" "" "" "c:\windows\system32\drivers\pmxdrv.sys"
+ "psadd" "SMBIOS Driver" "Lenovo (United States) Inc." "c:\windows\system32\drivers\psadd.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "risdxc" "RICOH PCIe SDXC/MMC Controller Driver" "REDC" "c:\windows\system32\drivers\risdxc64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Shockprf" "Shockproof Disk Driver" "Lenovo." "c:\windows\system32\drivers\apsx64.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "smihlp" "SMI helper driver" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\smihlp.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SWIX64" "System Information Detector" "Lenovo Group Limited" "c:\program files (x86)\lenovo\system update\tvsuhd64.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "TPDIGIMN" "APS Digitizer Activity Monitor" "Lenovo." "c:\windows\system32\drivers\apshm64.sys"
+ "TPPWRIF" "Power Manager" "Lenovo Group Limited" "c:\windows\system32\drivers\tppwr64v.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vmci" "VMware vmci Driver." "VMware, Inc." "c:\windows\system32\drivers\vmci.sys"
+ "vmkbd" "VMware Keyboard Driver." "VMware, Inc." "c:\windows\system32\drivers\vmkbd.sys"
+ "VMnetAdapter" "Driver for VMware's Virtual Ethernet Adapters Ver. 2" "VMware, Inc." "c:\windows\system32\drivers\vmnetadapter.sys"
+ "VMnetBridge" "VMware Bridge Protocol" "VMware, Inc." "c:\windows\system32\drivers\vmnetbridge.sys"
+ "VMnetuserif" "Allows VMware applications to use virtual networks." "VMware, Inc." "c:\windows\system32\drivers\vmnetuserif.sys"
+ "vmwvusb" "VMware View Generic USB Driver (32-bit)" "VMware, Inc." "c:\windows\system32\drivers\vmwvusb.sys"
+ "vmx86" "VMware Virtualization Driver." "VMware, Inc." "c:\windows\system32\drivers\vmx86.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "vstor2-ws60" "VMware Virtual Storage Volume Driver" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\vstor2-ws60.sys"
+ "WwanUsbServ" "Ericsson WWAN Wireless Module Device Driver" "Ericsson AB" "c:\windows\system32\drivers\wwanusbmp64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.VMnc" "VMware Movie decoder" "VMware, Inc." "c:\windows\syswow64\vmnc.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\thinkpad\bluetooth software\btwcp.dll"
+ "Provider Object" "Windows Vista and Windows 7 Credential Provider" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\provider.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "Provider Filter Object" "Windows Vista and Windows 7 Credential Provider" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\provider.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers" "" "" ""
+ "dsNcCredentialProvider" "Network Connect Credential Provider" "Juniper Networks" "c:\windows\system32\dsnccredprov.dll"
+ "dsNcSmartCardProvider" "Network Connect Smart Card Credential Provider" "Juniper Networks" "c:\windows\system32\dsncsmartcardprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
+ "psfus" "Logon stub" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\psqlpwd.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "VMCI sockets DGRAM" "VSockets Library" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\vsocklib.dll"
+ "VMCI sockets STREAM" "VSockets Library" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\vsocklib.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64" "" "" ""
+ "VMCI sockets DGRAM" "VSockets Library" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\x64\vsocklib.dll"
+ "VMCI sockets STREAM" "VSockets Library" "VMware, Inc." "c:\program files\vmware\vmware view\client\local mode\x64\vsocklib.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon64.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "ACGina" "" "" "File not found: ACGina"
+ "C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll" "Logon stub" "UPEK Inc." "c:\program files\thinkvantage fingerprint software\psqlpwd.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages" "" "" ""
+ "wsauth" "VMware View LSA Authentication Provider" "VMware, Inc." "c:\windows\system32\wsauth.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 12:46 PM

Now run RKILL given in previous instructions and post the new log

Edited by narenxp, 02 November 2012 - 06:43 PM.


#9 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 05:54 PM

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/02/2012 11:53:32 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\vmnat.exe (PID: 3056) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/02/2012 11:53:43 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 06:19 PM

.

Edited by narenxp, 02 November 2012 - 06:38 PM.


#11 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 06:31 PM

Rkill 2.4.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/03/2012 12:30:08 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/03/2012 12:30:16 AM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 06:44 PM

Run TDSSkiller again and post the new log

#13 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 06:49 PM

00:45:02.0463 2924 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:45:02.0822 2924 ============================================================
00:45:02.0822 2924 Current date / time: 2012/11/03 00:45:02.0822
00:45:02.0822 2924 SystemInfo:
00:45:02.0822 2924
00:45:02.0822 2924 OS Version: 6.1.7601 ServicePack: 1.0
00:45:02.0822 2924 Product type: Workstation
00:45:02.0822 2924 ComputerName: THINK-THOMASD
00:45:02.0822 2924 UserName: TD
00:45:02.0822 2924 Windows directory: C:\Windows
00:45:02.0822 2924 System windows directory: C:\Windows
00:45:02.0822 2924 Running under WOW64
00:45:02.0822 2924 Processor architecture: Intel x64
00:45:02.0822 2924 Number of processors: 4
00:45:02.0822 2924 Page size: 0x1000
00:45:02.0822 2924 Boot type: Normal boot
00:45:02.0822 2924 ============================================================
00:45:03.0165 2924 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:45:03.0165 2924 ============================================================
00:45:03.0165 2924 \Device\Harddisk0\DR0:
00:45:03.0165 2924 MBR partitions:
00:45:03.0165 2924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
00:45:03.0165 2924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x10880800
00:45:03.0165 2924 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10AD9000, BlocksNum 0x1F40000
00:45:03.0165 2924 ============================================================
00:45:03.0165 2924 C: <-> \Device\Harddisk0\DR0\Partition2
00:45:03.0165 2924 Q: <-> \Device\Harddisk0\DR0\Partition3
00:45:03.0165 2924 ============================================================
00:45:03.0165 2924 Initialize success
00:45:03.0165 2924 ============================================================
00:45:17.0595 3324 ============================================================
00:45:17.0595 3324 Scan started
00:45:17.0595 3324 Mode: Manual; TDLFS;
00:45:17.0595 3324 ============================================================
00:45:17.0657 3324 ================ Scan system memory ========================
00:45:17.0657 3324 System memory - ok
00:45:17.0657 3324 ================ Scan services =============================
00:45:17.0720 3324 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:45:17.0766 3324 1394ohci - ok
00:45:17.0766 3324 [ F4AF97702BAD85BFEF64B9A557F11B6F ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
00:45:17.0798 3324 5U877 - ok
00:45:17.0813 3324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:45:17.0813 3324 ACPI - ok
00:45:17.0813 3324 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:45:17.0844 3324 AcpiPmi - ok
00:45:17.0860 3324 [ DEECCADBD25F65D65293A09721B3A447 ] AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
00:45:17.0860 3324 AcPrfMgrSvc - ok
00:45:17.0860 3324 [ 58F7D09BACA61B019227AF0D07564739 ] ACSSCR C:\Windows\system32\DRIVERS\a38usb.sys
00:45:17.0891 3324 ACSSCR - ok
00:45:17.0891 3324 [ A7753804C6C66C9C80F4E29659FD721C ] AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
00:45:17.0891 3324 AcSvc - ok
00:45:17.0922 3324 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:45:17.0954 3324 AdobeFlashPlayerUpdateSvc - ok
00:45:17.0969 3324 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:45:17.0985 3324 adp94xx - ok
00:45:17.0985 3324 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:45:18.0000 3324 adpahci - ok
00:45:18.0000 3324 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:45:18.0016 3324 adpu320 - ok
00:45:18.0016 3324 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:45:18.0016 3324 AeLookupSvc - ok
00:45:18.0032 3324 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
00:45:18.0032 3324 AFD - ok
00:45:18.0032 3324 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:45:18.0032 3324 agp440 - ok
00:45:18.0047 3324 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
00:45:18.0047 3324 ALG - ok
00:45:18.0047 3324 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
00:45:18.0047 3324 aliide - ok
00:45:18.0063 3324 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
00:45:18.0063 3324 amdide - ok
00:45:18.0063 3324 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:45:18.0063 3324 AmdK8 - ok
00:45:18.0063 3324 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
00:45:18.0078 3324 AmdPPM - ok
00:45:18.0078 3324 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:45:18.0110 3324 amdsata - ok
00:45:18.0110 3324 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:45:18.0125 3324 amdsbs - ok
00:45:18.0125 3324 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:45:18.0156 3324 amdxata - ok
00:45:18.0156 3324 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
00:45:18.0188 3324 AppID - ok
00:45:18.0203 3324 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:45:18.0203 3324 AppIDSvc - ok
00:45:18.0203 3324 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
00:45:18.0234 3324 Appinfo - ok
00:45:18.0234 3324 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:45:18.0234 3324 Apple Mobile Device - ok
00:45:18.0234 3324 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
00:45:18.0234 3324 AppMgmt - ok
00:45:18.0250 3324 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
00:45:18.0250 3324 arc - ok
00:45:18.0250 3324 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:45:18.0266 3324 arcsas - ok
00:45:18.0266 3324 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:45:18.0266 3324 AsyncMac - ok
00:45:18.0266 3324 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
00:45:18.0266 3324 atapi - ok
00:45:18.0281 3324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:45:18.0312 3324 AudioEndpointBuilder - ok
00:45:18.0328 3324 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:45:18.0328 3324 AudioSrv - ok
00:45:18.0328 3324 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:45:18.0359 3324 AxInstSV - ok
00:45:18.0359 3324 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:45:18.0375 3324 b06bdrv - ok
00:45:18.0390 3324 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:45:18.0390 3324 b57nd60a - ok
00:45:18.0390 3324 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
00:45:18.0437 3324 BBSvc - ok
00:45:18.0437 3324 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
00:45:18.0437 3324 BDESVC - ok
00:45:18.0453 3324 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
00:45:18.0453 3324 Beep - ok
00:45:18.0468 3324 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
00:45:18.0500 3324 BFE - ok
00:45:18.0515 3324 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
00:45:18.0515 3324 BITS - ok
00:45:18.0515 3324 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:45:18.0515 3324 blbdrive - ok
00:45:18.0531 3324 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:45:18.0562 3324 Bonjour Service - ok
00:45:18.0562 3324 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:45:18.0593 3324 bowser - ok
00:45:18.0609 3324 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
00:45:18.0609 3324 BrFiltLo - ok
00:45:18.0609 3324 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
00:45:18.0609 3324 BrFiltUp - ok
00:45:18.0624 3324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
00:45:18.0624 3324 Browser - ok
00:45:18.0624 3324 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:45:18.0640 3324 Brserid - ok
00:45:18.0640 3324 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:45:18.0640 3324 BrSerWdm - ok
00:45:18.0640 3324 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:45:18.0656 3324 BrUsbMdm - ok
00:45:18.0656 3324 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:45:18.0656 3324 BrUsbSer - ok
00:45:18.0656 3324 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
00:45:18.0671 3324 BthEnum - ok
00:45:18.0671 3324 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:45:18.0671 3324 BTHMODEM - ok
00:45:18.0671 3324 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:45:18.0687 3324 BthPan - ok
00:45:18.0687 3324 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
00:45:18.0687 3324 BTHPORT - ok
00:45:18.0702 3324 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
00:45:18.0702 3324 bthserv - ok
00:45:18.0702 3324 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
00:45:18.0734 3324 BTHUSB - ok
00:45:18.0749 3324 [ 8834F87A6A745872894DF8223201A6C3 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
00:45:18.0780 3324 BTWAMPFL - ok
00:45:18.0796 3324 [ 9863D82ECBEC6106D377ED73680D99D8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
00:45:18.0827 3324 btwaudio - ok
00:45:18.0827 3324 [ 3432DD66AE75AB2DE6D0527AD78DBFC7 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
00:45:18.0858 3324 btwavdt - ok
00:45:18.0890 3324 [ EB4AFE08FB39BB444F221D7D501E0915 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
00:45:18.0921 3324 btwdins - ok
00:45:18.0921 3324 [ 382DC5A631CED0462EA09B7EB898BDBF ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
00:45:18.0952 3324 btwl2cap - ok
00:45:18.0968 3324 [ 13A9C2CEDD44C175E6CA39A536795CA6 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
00:45:18.0983 3324 btwrchid - ok
00:45:18.0999 3324 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:45:18.0999 3324 cdfs - ok
00:45:18.0999 3324 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
00:45:18.0999 3324 cdrom - ok
00:45:18.0999 3324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
00:45:19.0030 3324 CertPropSvc - ok
00:45:19.0030 3324 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
00:45:19.0030 3324 circlass - ok
00:45:19.0046 3324 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
00:45:19.0046 3324 CLFS - ok
00:45:19.0061 3324 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:45:19.0061 3324 clr_optimization_v2.0.50727_32 - ok
00:45:19.0077 3324 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:45:19.0077 3324 clr_optimization_v2.0.50727_64 - ok
00:45:19.0092 3324 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:45:19.0124 3324 clr_optimization_v4.0.30319_32 - ok
00:45:19.0139 3324 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:45:19.0170 3324 clr_optimization_v4.0.30319_64 - ok
00:45:19.0170 3324 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:45:19.0170 3324 CmBatt - ok
00:45:19.0170 3324 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:45:19.0186 3324 cmdide - ok
00:45:19.0186 3324 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
00:45:19.0217 3324 CNG - ok
00:45:19.0248 3324 [ DB6F09464C57606892BF6D2458483417 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
00:45:19.0295 3324 CnxtHdAudService - ok
00:45:19.0295 3324 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
00:45:19.0295 3324 Compbatt - ok
00:45:19.0295 3324 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:45:19.0326 3324 CompositeBus - ok
00:45:19.0342 3324 COMSysApp - ok
00:45:19.0342 3324 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:45:19.0342 3324 crcdisk - ok
00:45:19.0342 3324 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:45:19.0342 3324 CryptSvc - ok
00:45:19.0358 3324 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
00:45:19.0389 3324 CSC - ok
00:45:19.0404 3324 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
00:45:19.0436 3324 CscService - ok
00:45:19.0436 3324 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
00:45:19.0467 3324 ctxusbm - ok
00:45:19.0482 3324 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
00:45:19.0482 3324 CxAudMsg - ok
00:45:19.0482 3324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:45:19.0498 3324 DcomLaunch - ok
00:45:19.0498 3324 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
00:45:19.0514 3324 defragsvc - ok
00:45:19.0514 3324 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:45:19.0545 3324 DfsC - ok
00:45:19.0545 3324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
00:45:19.0576 3324 Dhcp - ok
00:45:19.0576 3324 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
00:45:19.0576 3324 discache - ok
00:45:19.0592 3324 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
00:45:19.0592 3324 Disk - ok
00:45:19.0592 3324 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
00:45:19.0623 3324 dmvsc - ok
00:45:19.0623 3324 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:45:19.0654 3324 Dnscache - ok
00:45:19.0654 3324 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:45:19.0685 3324 dot3svc - ok
00:45:19.0701 3324 [ E6987F7818154791A6937BCC6655599B ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
00:45:19.0732 3324 DozeSvc - ok
00:45:19.0732 3324 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
00:45:19.0763 3324 DPS - ok
00:45:19.0763 3324 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:45:19.0763 3324 drmkaud - ok
00:45:19.0763 3324 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
00:45:19.0794 3324 dsNcAdpt - ok
00:45:19.0810 3324 [ 824C188936FDC1B20FB32192B57CDEBA ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
00:45:19.0826 3324 dsNcService - ok
00:45:19.0841 3324 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:45:19.0888 3324 DXGKrnl - ok
00:45:19.0888 3324 [ CE4CFFD9F64B86BCEB1C343FC9924D72 ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
00:45:19.0919 3324 DzHDD64 - ok
00:45:19.0919 3324 [ 426A0AE0B9F4F1CF4BA6FAF4EE28E5B0 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
00:45:19.0966 3324 e1cexpress - ok
00:45:19.0966 3324 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
00:45:19.0966 3324 EapHost - ok
00:45:20.0013 3324 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:45:20.0060 3324 ebdrv - ok
00:45:20.0060 3324 [ F88F2E5806FC405B0FA94B7947A5875E ] ecnssndis C:\Windows\system32\Drivers\wwuss64.sys
00:45:20.0091 3324 ecnssndis - ok
00:45:20.0091 3324 [ C8CD88218EFC28F7E44A9892B3E97F4D ] ecnssndisfltr C:\Windows\system32\Drivers\wwussf64.sys
00:45:20.0122 3324 ecnssndisfltr - ok
00:45:20.0122 3324 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
00:45:20.0122 3324 EFS - ok
00:45:20.0138 3324 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:45:20.0184 3324 ehRecvr - ok
00:45:20.0184 3324 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
00:45:20.0184 3324 ehSched - ok
00:45:20.0200 3324 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:45:20.0216 3324 elxstor - ok
00:45:20.0216 3324 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:45:20.0216 3324 ErrDev - ok
00:45:20.0231 3324 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
00:45:20.0231 3324 EventSystem - ok
00:45:20.0262 3324 [ 8B6C9924B0D333DBF76086B8258A0891 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
00:45:20.0294 3324 EvtEng - ok
00:45:20.0294 3324 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
00:45:20.0309 3324 exfat - ok
00:45:20.0309 3324 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:45:20.0309 3324 fastfat - ok
00:45:20.0325 3324 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
00:45:20.0356 3324 Fax - ok
00:45:20.0356 3324 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
00:45:20.0356 3324 fdc - ok
00:45:20.0372 3324 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
00:45:20.0372 3324 fdPHost - ok
00:45:20.0372 3324 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
00:45:20.0372 3324 FDResPub - ok
00:45:20.0372 3324 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:45:20.0387 3324 FileInfo - ok
00:45:20.0387 3324 [ AD9D3401E1B0949DBC3E59871BC4422F ] FileOpenManagerSvc C:\ProgramData\FileOpen\Services\FileOpenManagerSvc64.exe
00:45:20.0387 3324 FileOpenManagerSvc - ok
00:45:20.0403 3324 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:45:20.0403 3324 Filetrace - ok
00:45:20.0403 3324 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
00:45:20.0403 3324 flpydisk - ok
00:45:20.0403 3324 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:45:20.0418 3324 FltMgr - ok
00:45:20.0434 3324 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
00:45:20.0465 3324 FontCache - ok
00:45:20.0465 3324 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:45:20.0465 3324 FontCache3.0.0.0 - ok
00:45:20.0465 3324 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:45:20.0465 3324 FsDepends - ok
00:45:20.0481 3324 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:45:20.0481 3324 Fs_Rec - ok
00:45:20.0481 3324 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:45:20.0512 3324 fvevol - ok
00:45:20.0512 3324 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:45:20.0528 3324 gagp30kx - ok
00:45:20.0528 3324 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:45:20.0559 3324 GEARAspiWDM - ok
00:45:20.0574 3324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
00:45:20.0606 3324 gpsvc - ok
00:45:20.0606 3324 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:45:20.0652 3324 gupdate - ok
00:45:20.0652 3324 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:45:20.0652 3324 gupdatem - ok
00:45:20.0668 3324 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:45:20.0699 3324 gusvc - ok
00:45:20.0715 3324 [ BA207B48AA3D9D73FD4856400F852458 ] hcmon C:\Windows\system32\drivers\hcmon.sys
00:45:20.0746 3324 hcmon - ok
00:45:20.0746 3324 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:45:20.0746 3324 hcw85cir - ok
00:45:20.0762 3324 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:45:20.0793 3324 HdAudAddService - ok
00:45:20.0793 3324 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:45:20.0824 3324 HDAudBus - ok
00:45:20.0824 3324 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
00:45:20.0824 3324 HidBatt - ok
00:45:20.0840 3324 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:45:20.0840 3324 HidBth - ok
00:45:20.0840 3324 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
00:45:20.0840 3324 HidIr - ok
00:45:20.0855 3324 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
00:45:20.0855 3324 hidserv - ok
00:45:20.0855 3324 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
00:45:20.0855 3324 HidUsb - ok
00:45:20.0855 3324 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:45:20.0886 3324 hkmsvc - ok
00:45:20.0886 3324 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:45:20.0918 3324 HomeGroupListener - ok
00:45:20.0918 3324 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:45:20.0949 3324 HomeGroupProvider - ok
00:45:20.0949 3324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:45:20.0980 3324 HpSAMD - ok
00:45:20.0996 3324 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:45:20.0996 3324 HTTP - ok
00:45:20.0996 3324 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:45:21.0027 3324 hwpolicy - ok
00:45:21.0027 3324 [ 9149907FF8681AD6475607EEBF62DD2F ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
00:45:21.0074 3324 HyperW7Svc - ok
00:45:21.0074 3324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:45:21.0074 3324 i8042prt - ok
00:45:21.0089 3324 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
00:45:21.0089 3324 iaStor - ok
00:45:21.0105 3324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:45:21.0136 3324 iaStorV - ok
00:45:21.0136 3324 [ A9BD44426A69079240767FE4AEE0EA71 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
00:45:21.0167 3324 IBMPMDRV - ok
00:45:21.0183 3324 [ 57D4A3ED5497DB0C5A53E680A9BDD1C6 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
00:45:21.0183 3324 IBMPMSVC - ok
00:45:21.0198 3324 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:45:21.0230 3324 idsvc - ok
00:45:21.0386 3324 [ 66DC0CE2D1867B8178EAA0E11930DBD7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:45:21.0573 3324 igfx - ok
00:45:21.0573 3324 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:45:21.0573 3324 iirsp - ok
00:45:21.0588 3324 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
00:45:21.0620 3324 IKEEXT - ok
00:45:21.0635 3324 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:45:21.0666 3324 IntcDAud - ok
00:45:21.0666 3324 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
00:45:21.0666 3324 intelide - ok
00:45:21.0666 3324 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:45:21.0666 3324 intelppm - ok
00:45:21.0682 3324 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:45:21.0682 3324 IPBusEnum - ok
00:45:21.0682 3324 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:45:21.0682 3324 IpFilterDriver - ok
00:45:21.0698 3324 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:45:21.0729 3324 iphlpsvc - ok
00:45:21.0729 3324 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:45:21.0760 3324 IPMIDRV - ok
00:45:21.0760 3324 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:45:21.0760 3324 IPNAT - ok
00:45:21.0776 3324 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:45:21.0807 3324 iPod Service - ok
00:45:21.0822 3324 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:45:21.0822 3324 IRENUM - ok
00:45:21.0822 3324 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:45:21.0822 3324 isapnp - ok
00:45:21.0822 3324 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:45:21.0869 3324 iScsiPrt - ok
00:45:21.0869 3324 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
00:45:21.0869 3324 jhi_service - ok
00:45:21.0869 3324 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:45:21.0869 3324 kbdclass - ok
00:45:21.0885 3324 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
00:45:21.0916 3324 kbdhid - ok
00:45:21.0916 3324 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
00:45:21.0916 3324 KeyIso - ok
00:45:21.0916 3324 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:45:21.0916 3324 KSecDD - ok
00:45:21.0916 3324 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:45:21.0963 3324 KSecPkg - ok
00:45:21.0963 3324 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:45:21.0963 3324 ksthunk - ok
00:45:21.0978 3324 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
00:45:21.0978 3324 KtmRm - ok
00:45:21.0978 3324 [ 0FEF994D890C92D8F23442BC52D4FEA9 ] l36wgps C:\Windows\system32\DRIVERS\l36wgps64.sys
00:45:22.0010 3324 l36wgps - ok
00:45:22.0025 3324 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:45:22.0041 3324 LanmanServer - ok
00:45:22.0056 3324 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:45:22.0072 3324 LanmanWorkstation - ok
00:45:22.0088 3324 [ 1EF45F1BD62B8F4C19458326A3E91930 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
00:45:22.0088 3324 LENOVO.CAMMUTE - ok
00:45:22.0088 3324 [ FCE735941DA27929DBFC1918F286FFD8 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
00:45:22.0088 3324 LENOVO.MICMUTE - ok
00:45:22.0088 3324 [ 2B9D8555DC004E240082D18E7725CE20 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
00:45:22.0119 3324 lenovo.smi - ok
00:45:22.0119 3324 [ 448BE3E001004A55E8A959C57E17F6D8 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
00:45:22.0119 3324 LENOVO.TPKNRSVC - ok
00:45:22.0134 3324 [ 6F2CC57EB5836D2AC9BD37F3554D55F8 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
00:45:22.0134 3324 Lenovo.VIRTSCRLSVC - ok
00:45:22.0134 3324 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:45:22.0134 3324 lltdio - ok
00:45:22.0150 3324 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:45:22.0150 3324 lltdsvc - ok
00:45:22.0150 3324 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:45:22.0166 3324 lmhosts - ok
00:45:22.0166 3324 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
00:45:22.0166 3324 LMS - ok
00:45:22.0181 3324 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:45:22.0181 3324 LSI_FC - ok
00:45:22.0181 3324 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:45:22.0197 3324 LSI_SAS - ok
00:45:22.0197 3324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
00:45:22.0197 3324 LSI_SAS2 - ok
00:45:22.0197 3324 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:45:22.0212 3324 LSI_SCSI - ok
00:45:22.0212 3324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
00:45:22.0212 3324 luafv - ok
00:45:22.0228 3324 [ 0845DA0BFF1AF5C57DE4DD97ACAF2FCD ] Mbm3CBus C:\Windows\system32\DRIVERS\Mbm3CBus.sys
00:45:22.0259 3324 Mbm3CBus - ok
00:45:22.0275 3324 [ DB6FA599AA79324E287C4EAF6020DA37 ] Mbm3DevMt C:\Windows\system32\DRIVERS\Mbm3DevMt.sys
00:45:22.0306 3324 Mbm3DevMt - ok
00:45:22.0306 3324 [ 2F71EDB697752D409B9983F0E1D88F70 ] Mbm3mdfl C:\Windows\system32\DRIVERS\Mbm3mdfl.sys
00:45:22.0337 3324 Mbm3mdfl - ok
00:45:22.0353 3324 [ 21B412A36DE3CCFE4E13383B88CFC90C ] Mbm3Mdm C:\Windows\system32\DRIVERS\Mbm3Mdm.sys
00:45:22.0400 3324 Mbm3Mdm - ok
00:45:22.0400 3324 [ 4A6DD3C84AA2FDDA86EFAA527D8AB7B6 ] McAfeeEngineService C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe
00:45:22.0431 3324 McAfeeEngineService - ok
00:45:22.0431 3324 [ C341D64C9F3B39CB56F9712335C33717 ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
00:45:22.0431 3324 McAfeeFramework - ok
00:45:22.0446 3324 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
00:45:22.0493 3324 McComponentHostService - ok
00:45:22.0493 3324 [ 39244B1D160FEC32EE4A7EA2635986C8 ] McShield C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe
00:45:22.0524 3324 McShield - ok
00:45:22.0524 3324 [ 9DF3A434657512B31549F8D20AFFAD5F ] McTaskManager C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
00:45:22.0524 3324 McTaskManager - ok
00:45:22.0524 3324 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:45:22.0556 3324 Mcx2Svc - ok
00:45:22.0556 3324 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
00:45:22.0571 3324 megasas - ok
00:45:22.0571 3324 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
00:45:22.0587 3324 MegaSR - ok
00:45:22.0587 3324 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:45:22.0618 3324 MEIx64 - ok
00:45:22.0618 3324 [ 4DEA3F2DC347DEA7CB4535680C0E03F1 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
00:45:22.0649 3324 mfeapfk - ok
00:45:22.0649 3324 [ E555FED8762CBEE0A91C47450F81654E ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
00:45:22.0680 3324 mfeavfk - ok
00:45:22.0696 3324 [ F3CE7173922B89CFA909695A489A0E9E ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
00:45:22.0743 3324 mfehidk - ok
00:45:22.0743 3324 [ A4F8465B956571AB296EB70C167754DB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
00:45:22.0774 3324 mferkdet - ok
00:45:22.0774 3324 [ 4339AEE8F042ECB4292CD36D84A7CC2F ] mfetdik C:\Windows\system32\drivers\mfetdik.sys
00:45:22.0805 3324 mfetdik - ok
00:45:22.0805 3324 [ DBEB6C9C637703C51356F5A1C932FF51 ] mfevtp C:\Windows\system32\mfevtps.exe
00:45:22.0836 3324 mfevtp - ok
00:45:22.0852 3324 Microsoft SharePoint Workspace Audit Service - ok
00:45:22.0852 3324 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
00:45:22.0852 3324 MMCSS - ok
00:45:22.0852 3324 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
00:45:22.0852 3324 Modem - ok
00:45:22.0852 3324 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:45:22.0868 3324 monitor - ok
00:45:22.0868 3324 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:45:22.0868 3324 mouclass - ok
00:45:22.0868 3324 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
00:45:22.0868 3324 mouhid - ok
00:45:22.0883 3324 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:45:22.0883 3324 mountmgr - ok
00:45:22.0883 3324 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:45:22.0914 3324 MozillaMaintenance - ok
00:45:22.0930 3324 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
00:45:22.0961 3324 mpio - ok
00:45:22.0961 3324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:45:22.0961 3324 mpsdrv - ok
00:45:22.0977 3324 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:45:23.0008 3324 MpsSvc - ok
00:45:23.0024 3324 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:45:23.0024 3324 MRxDAV - ok
00:45:23.0024 3324 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:45:23.0024 3324 mrxsmb - ok
00:45:23.0039 3324 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:45:23.0070 3324 mrxsmb10 - ok
00:45:23.0070 3324 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:45:23.0102 3324 mrxsmb20 - ok
00:45:23.0102 3324 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
00:45:23.0133 3324 msahci - ok
00:45:23.0148 3324 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:45:23.0180 3324 msdsm - ok
00:45:23.0180 3324 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
00:45:23.0195 3324 MSDTC - ok
00:45:23.0195 3324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:45:23.0195 3324 Msfs - ok
00:45:23.0195 3324 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:45:23.0211 3324 mshidkmdf - ok
00:45:23.0211 3324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:45:23.0211 3324 msisadrv - ok
00:45:23.0226 3324 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:45:23.0226 3324 MSiSCSI - ok
00:45:23.0226 3324 msiserver - ok
00:45:23.0226 3324 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:45:23.0242 3324 MSKSSRV - ok
00:45:23.0242 3324 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:45:23.0242 3324 MSPCLOCK - ok
00:45:23.0242 3324 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:45:23.0242 3324 MSPQM - ok
00:45:23.0242 3324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:45:23.0273 3324 MsRPC - ok
00:45:23.0289 3324 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:45:23.0289 3324 mssmbios - ok
00:45:23.0289 3324 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:45:23.0289 3324 MSTEE - ok
00:45:23.0289 3324 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
00:45:23.0304 3324 MTConfig - ok
00:45:23.0304 3324 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:45:23.0304 3324 Mup - ok
00:45:23.0304 3324 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
00:45:23.0336 3324 napagent - ok
00:45:23.0351 3324 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:45:23.0351 3324 NativeWifiP - ok
00:45:23.0367 3324 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:45:23.0367 3324 NDIS - ok
00:45:23.0382 3324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:45:23.0382 3324 NdisCap - ok
00:45:23.0382 3324 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:45:23.0382 3324 NdisTapi - ok
00:45:23.0382 3324 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:45:23.0382 3324 Ndisuio - ok
00:45:23.0398 3324 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:45:23.0398 3324 NdisWan - ok
00:45:23.0398 3324 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:45:23.0398 3324 NDProxy - ok
00:45:23.0414 3324 [ 057F3685EE5C2A1DABF52F1F1CE9ED13 ] NEOFLTR_7112_21827 C:\Windows\system32\Drivers\NEOFLTR_7112_21827.SYS
00:45:23.0445 3324 NEOFLTR_7112_21827 - ok
00:45:23.0445 3324 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:45:23.0445 3324 NetBIOS - ok
00:45:23.0445 3324 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:45:23.0445 3324 NetBT - ok
00:45:23.0460 3324 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
00:45:23.0460 3324 Netlogon - ok
00:45:23.0460 3324 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
00:45:23.0460 3324 Netman - ok
00:45:23.0476 3324 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
00:45:23.0476 3324 netprofm - ok
00:45:23.0492 3324 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:45:23.0492 3324 NetTcpPortSharing - ok
00:45:23.0585 3324 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
00:45:23.0710 3324 NETwNs64 - ok
00:45:23.0710 3324 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:45:23.0726 3324 nfrd960 - ok
00:45:23.0726 3324 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:45:23.0757 3324 NlaSvc - ok
00:45:23.0757 3324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:45:23.0757 3324 Npfs - ok
00:45:23.0772 3324 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
00:45:23.0772 3324 nsi - ok
00:45:23.0772 3324 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:45:23.0772 3324 nsiproxy - ok
00:45:23.0804 3324 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:45:23.0804 3324 Ntfs - ok
00:45:23.0819 3324 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
00:45:23.0819 3324 Null - ok
00:45:23.0819 3324 [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:45:23.0850 3324 nusb3hub - ok
00:45:23.0850 3324 [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:45:23.0882 3324 nusb3xhc - ok
00:45:23.0897 3324 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:45:23.0928 3324 nvraid - ok
00:45:23.0928 3324 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:45:23.0960 3324 nvstor - ok
00:45:23.0960 3324 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:45:23.0975 3324 nv_agp - ok
00:45:23.0975 3324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:45:23.0991 3324 ohci1394 - ok
00:45:23.0991 3324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:45:24.0022 3324 ose - ok
00:45:24.0084 3324 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:45:24.0178 3324 osppsvc - ok
00:45:24.0194 3324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:45:24.0194 3324 p2pimsvc - ok
00:45:24.0209 3324 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
00:45:24.0209 3324 p2psvc - ok
00:45:24.0225 3324 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
00:45:24.0225 3324 Parport - ok
00:45:24.0225 3324 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:45:24.0225 3324 partmgr - ok
00:45:24.0225 3324 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:45:24.0240 3324 PcaSvc - ok
00:45:24.0256 3324 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{127174DC-C366ED8B-06020200}_0 c:\program files\pc-doctor\pcdsrvc_x64.pkms
00:45:24.0303 3324 PCDSRVC{127174DC-C366ED8B-06020200}_0 - ok
00:45:24.0303 3324 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
00:45:24.0303 3324 pci - ok
00:45:24.0318 3324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
00:45:24.0318 3324 pciide - ok
00:45:24.0318 3324 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:45:24.0318 3324 pcmcia - ok
00:45:24.0318 3324 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
00:45:24.0334 3324 pcw - ok
00:45:24.0334 3324 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:45:24.0350 3324 PEAUTH - ok
00:45:24.0365 3324 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:45:24.0396 3324 PeerDistSvc - ok
00:45:24.0428 3324 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:45:24.0428 3324 PerfHost - ok
00:45:24.0443 3324 [ 18EEA095AF22AC5FA16FC27FB98C82D3 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
00:45:24.0506 3324 PHCORE - ok
00:45:24.0521 3324 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
00:45:24.0568 3324 pla - ok
00:45:24.0568 3324 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:45:24.0599 3324 PlugPlay - ok
00:45:24.0615 3324 [ 0BEE791C7C7ACE453C134E73633C497D ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
00:45:24.0646 3324 pmxdrv - ok
00:45:24.0646 3324 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:45:24.0646 3324 PNRPAutoReg - ok
00:45:24.0662 3324 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:45:24.0662 3324 PNRPsvc - ok
00:45:24.0677 3324 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:45:24.0677 3324 PolicyAgent - ok
00:45:24.0677 3324 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
00:45:24.0708 3324 Power - ok
00:45:24.0708 3324 [ AF7186CF9909BEF0D86097175175178F ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
00:45:24.0740 3324 Power Manager DBC Service - ok
00:45:24.0755 3324 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:45:24.0755 3324 PptpMiniport - ok
00:45:24.0755 3324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
00:45:24.0755 3324 Processor - ok
00:45:24.0771 3324 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:45:24.0786 3324 ProfSvc - ok
00:45:24.0802 3324 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:45:24.0802 3324 ProtectedStorage - ok
00:45:24.0802 3324 [ 515A7C5A0886FCC60901916785EFD549 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
00:45:24.0833 3324 psadd - ok
00:45:24.0833 3324 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:45:24.0864 3324 Psched - ok
00:45:24.0880 3324 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:45:24.0911 3324 ql2300 - ok
00:45:24.0911 3324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:45:24.0911 3324 ql40xx - ok
00:45:24.0927 3324 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
00:45:24.0927 3324 QWAVE - ok
00:45:24.0942 3324 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:45:24.0942 3324 QWAVEdrv - ok
00:45:24.0942 3324 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:45:24.0942 3324 RasAcd - ok
00:45:24.0942 3324 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:45:24.0958 3324 RasAgileVpn - ok
00:45:24.0958 3324 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
00:45:24.0958 3324 RasAuto - ok
00:45:24.0974 3324 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:45:24.0974 3324 Rasl2tp - ok
00:45:24.0974 3324 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
00:45:25.0005 3324 RasMan - ok
00:45:25.0005 3324 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:45:25.0005 3324 RasPppoe - ok
00:45:25.0020 3324 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:45:25.0020 3324 RasSstp - ok
00:45:25.0020 3324 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:45:25.0020 3324 rdbss - ok
00:45:25.0036 3324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:45:25.0036 3324 rdpbus - ok
00:45:25.0036 3324 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:45:25.0036 3324 RDPCDD - ok
00:45:25.0052 3324 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:45:25.0052 3324 RDPDR - ok
00:45:25.0052 3324 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:45:25.0052 3324 RDPENCDD - ok
00:45:25.0067 3324 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:45:25.0067 3324 RDPREFMP - ok
00:45:25.0067 3324 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:45:25.0067 3324 RDPWD - ok
00:45:25.0067 3324 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:45:25.0114 3324 rdyboost - ok
00:45:25.0130 3324 [ 189C5A8D2098E0AA14FD157A954B34FC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
00:45:25.0161 3324 RegSrvc - ok
00:45:25.0161 3324 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:45:25.0176 3324 RemoteAccess - ok
00:45:25.0176 3324 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:45:25.0176 3324 RemoteRegistry - ok
00:45:25.0192 3324 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:45:25.0192 3324 RFCOMM - ok
00:45:25.0192 3324 [ 819FE65AE1C0312B535B7AA54D30CFDA ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
00:45:25.0223 3324 risdxc - ok
00:45:25.0223 3324 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:45:25.0239 3324 RpcEptMapper - ok
00:45:25.0239 3324 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
00:45:25.0239 3324 RpcLocator - ok
00:45:25.0254 3324 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
00:45:25.0254 3324 RpcSs - ok
00:45:25.0254 3324 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:45:25.0270 3324 rspndr - ok
00:45:25.0270 3324 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
00:45:25.0301 3324 s3cap - ok
00:45:25.0301 3324 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
00:45:25.0301 3324 SamSs - ok
00:45:25.0301 3324 SAService - ok
00:45:25.0317 3324 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:45:25.0348 3324 sbp2port - ok
00:45:25.0348 3324 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:45:25.0364 3324 SCardSvr - ok
00:45:25.0364 3324 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:45:25.0395 3324 scfilter - ok
00:45:25.0410 3324 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
00:45:25.0410 3324 Schedule - ok
00:45:25.0426 3324 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
00:45:25.0442 3324 SCPolicySvc - ok
00:45:25.0442 3324 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:45:25.0473 3324 SDRSVC - ok
00:45:25.0473 3324 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:45:25.0473 3324 SeaPort - ok
00:45:25.0488 3324 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:45:25.0488 3324 secdrv - ok
00:45:25.0488 3324 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
00:45:25.0520 3324 seclogon - ok
00:45:25.0520 3324 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
00:45:25.0520 3324 SENS - ok
00:45:25.0535 3324 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:45:25.0535 3324 SensrSvc - ok
00:45:25.0535 3324 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:45:25.0535 3324 Serenum - ok
00:45:25.0535 3324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:45:25.0551 3324 Serial - ok
00:45:25.0551 3324 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:45:25.0551 3324 sermouse - ok
00:45:25.0566 3324 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
00:45:25.0582 3324 SessionEnv - ok
00:45:25.0582 3324 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:45:25.0582 3324 sffdisk - ok
00:45:25.0598 3324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:45:25.0598 3324 sffp_mmc - ok
00:45:25.0598 3324 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:45:25.0598 3324 sffp_sd - ok
00:45:25.0598 3324 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:45:25.0613 3324 sfloppy - ok
00:45:25.0613 3324 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:45:25.0629 3324 SharedAccess - ok
00:45:25.0629 3324 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:45:25.0644 3324 ShellHWDetection - ok
00:45:25.0644 3324 [ 380B52126E62C6C2D3C8BA805AADFDC7 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
00:45:25.0676 3324 Shockprf - ok
00:45:25.0691 3324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:45:25.0691 3324 SiSRaid2 - ok
00:45:25.0691 3324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:45:25.0707 3324 SiSRaid4 - ok
00:45:25.0707 3324 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:45:29.0108 3324 SkypeUpdate - ok
00:45:29.0108 3324 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:45:29.0123 3324 Smb - ok
00:45:29.0123 3324 [ C5B1A19B14F19B08AE72FCB20A3075B6 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
00:45:29.0154 3324 smihlp - ok
00:45:29.0170 3324 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:45:29.0170 3324 SNMPTRAP - ok
00:45:29.0170 3324 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
00:45:29.0170 3324 spldr - ok
00:45:29.0186 3324 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
00:45:29.0186 3324 Spooler - ok
00:45:29.0232 3324 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
00:45:29.0279 3324 sppsvc - ok
00:45:29.0295 3324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:45:29.0295 3324 sppuinotify - ok
00:45:29.0310 3324 [ 47118A04B1D4DCCCE3A1CDA3C10095B9 ] SROSVC C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
00:45:29.0310 3324 SROSVC - ok
00:45:29.0326 3324 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
00:45:29.0326 3324 srv - ok
00:45:29.0326 3324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:45:29.0373 3324 srv2 - ok
00:45:29.0373 3324 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:45:29.0404 3324 srvnet - ok
00:45:29.0420 3324 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:45:29.0420 3324 SSDPSRV - ok
00:45:29.0420 3324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:45:29.0420 3324 SstpSvc - ok
00:45:29.0435 3324 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:45:29.0435 3324 stexstor - ok
00:45:29.0451 3324 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
00:45:29.0451 3324 stisvc - ok
00:45:29.0451 3324 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:45:29.0482 3324 storflt - ok
00:45:29.0482 3324 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
00:45:29.0498 3324 StorSvc - ok
00:45:29.0498 3324 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:45:29.0529 3324 storvsc - ok
00:45:29.0529 3324 [ E8029EB9B0D962675EAE956AF0F1FD87 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
00:45:29.0529 3324 SUService - ok
00:45:29.0544 3324 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:45:29.0544 3324 swenum - ok
00:45:29.0544 3324 [ 2B15EEB42F5578E931D1FE0426020602 ] SWIX64 C:\Program Files (x86)\Lenovo\System Update\tvsuhd64.sys
00:45:29.0576 3324 SWIX64 - ok
00:45:29.0591 3324 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
00:45:29.0591 3324 swprv - ok
00:45:29.0622 3324 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:45:29.0669 3324 SynTP - ok
00:45:29.0685 3324 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
00:45:29.0732 3324 SysMain - ok
00:45:29.0732 3324 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:45:29.0763 3324 TabletInputService - ok
00:45:29.0778 3324 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:45:29.0778 3324 TapiSrv - ok
00:45:29.0778 3324 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
00:45:29.0778 3324 TBS - ok
00:45:29.0810 3324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:45:29.0810 3324 Tcpip - ok
00:45:29.0841 3324 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:45:29.0856 3324 TCPIP6 - ok
00:45:29.0856 3324 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:45:29.0888 3324 tcpipreg - ok
00:45:29.0888 3324 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:45:29.0888 3324 TDPIPE - ok
00:45:29.0903 3324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:45:29.0903 3324 TDTCP - ok
00:45:29.0903 3324 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:45:29.0903 3324 tdx - ok
00:45:29.0950 3324 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
00:45:29.0950 3324 TeamViewer7 - ok
00:45:29.0966 3324 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:45:29.0966 3324 TermDD - ok
00:45:29.0966 3324 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
00:45:29.0981 3324 TermService - ok
00:45:29.0981 3324 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
00:45:29.0981 3324 Themes - ok
00:45:29.0997 3324 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
00:45:29.0997 3324 THREADORDER - ok
00:45:29.0997 3324 [ 5523C729F1ED31B63C88490AF3D220FA ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
00:45:30.0028 3324 TPDIGIMN - ok
00:45:30.0028 3324 [ ECB098A3404ACB8A05F0673DC086BB43 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
00:45:30.0059 3324 TPHDEXLGSVC - ok
00:45:30.0075 3324 [ 63626012E44CAAA162677B57B6DCB542 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
00:45:30.0090 3324 TPHKLOAD - ok
00:45:30.0106 3324 [ 9E6E4A9789F76593CC5A6A5AF8FC5929 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
00:45:30.0106 3324 TPHKSVC - ok
00:45:30.0106 3324 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
00:45:30.0106 3324 TPM - ok
00:45:30.0122 3324 [ 7165B5A9B4867F64A6D6935F57D4196B ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
00:45:30.0153 3324 TPPWRIF - ok
00:45:30.0153 3324 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
00:45:30.0153 3324 TrkWks - ok
00:45:30.0168 3324 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:45:30.0184 3324 TrustedInstaller - ok
00:45:30.0200 3324 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:45:30.0231 3324 tssecsrv - ok
00:45:30.0231 3324 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:45:30.0262 3324 TsUsbFlt - ok
00:45:30.0262 3324 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
00:45:30.0293 3324 TsUsbGD - ok
00:45:30.0293 3324 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:45:30.0324 3324 tunnel - ok
00:45:30.0340 3324 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:45:30.0340 3324 uagp35 - ok
00:45:30.0340 3324 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:45:30.0340 3324 udfs - ok
00:45:30.0356 3324 [ 215462AE7E6A897D675E84DD1E3B3B56 ] ufad-ws60 C:\Program Files\VMware\VMware View\Client\Local Mode\vmware-ufad.exe
00:45:30.0402 3324 ufad-ws60 - ok
00:45:30.0402 3324 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:45:30.0418 3324 UI0Detect - ok
00:45:30.0418 3324 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:45:30.0418 3324 uliagpkx - ok
00:45:30.0418 3324 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:45:30.0449 3324 umbus - ok
00:45:30.0465 3324 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:45:30.0465 3324 UmPass - ok
00:45:30.0465 3324 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
00:45:30.0496 3324 UmRdpService - ok
00:45:30.0527 3324 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
00:45:30.0543 3324 UNS - ok
00:45:30.0543 3324 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
00:45:30.0558 3324 upnphost - ok
00:45:30.0558 3324 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
00:45:30.0590 3324 USBAAPL64 - ok
00:45:30.0590 3324 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:45:30.0590 3324 usbccgp - ok
00:45:30.0605 3324 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:45:30.0605 3324 usbcir - ok
00:45:30.0605 3324 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:45:30.0605 3324 usbehci - ok
00:45:30.0621 3324 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:45:30.0621 3324 usbhub - ok
00:45:30.0621 3324 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:45:30.0652 3324 usbohci - ok
00:45:30.0652 3324 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:45:30.0668 3324 usbprint - ok
00:45:30.0668 3324 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:45:30.0668 3324 USBSTOR - ok
00:45:30.0668 3324 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:45:30.0668 3324 usbuhci - ok
00:45:30.0683 3324 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:45:30.0714 3324 usbvideo - ok
00:45:30.0714 3324 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
00:45:30.0714 3324 UxSms - ok
00:45:30.0714 3324 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
00:45:30.0730 3324 VaultSvc - ok
00:45:30.0730 3324 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:45:30.0730 3324 vdrvroot - ok
00:45:30.0746 3324 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
00:45:30.0777 3324 vds - ok
00:45:30.0777 3324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:45:30.0792 3324 vga - ok
00:45:30.0792 3324 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
00:45:30.0792 3324 VgaSave - ok
00:45:30.0792 3324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:45:30.0839 3324 vhdmp - ok
00:45:30.0839 3324 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
00:45:30.0839 3324 viaide - ok
00:45:30.0839 3324 [ 49C122513203B98B0B2C10211F23450B ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
00:45:30.0855 3324 VIPAppService - ok
00:45:30.0855 3324 [ B42E66036C79F61D3A6F9812239E8B85 ] VMAuthdService C:\Program Files\VMware\VMware View\Client\Local Mode\vmware-authd.exe
00:45:30.0855 3324 VMAuthdService - ok
00:45:30.0855 3324 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:45:30.0902 3324 vmbus - ok
00:45:30.0902 3324 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
00:45:30.0933 3324 VMBusHID - ok
00:45:30.0933 3324 [ 39B32126D2BB21004D360F2943A96152 ] vmci C:\Windows\system32\drivers\vmci.sys
00:45:30.0964 3324 vmci - ok
00:45:30.0980 3324 [ 1AF6462718E5AB0ED55014A6EF3790EF ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
00:45:31.0011 3324 vmkbd - ok
00:45:31.0011 3324 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
00:45:31.0042 3324 VMnetAdapter - ok
00:45:31.0042 3324 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
00:45:31.0089 3324 VMnetBridge - ok
00:45:31.0089 3324 VMnetDHCP - ok
00:45:31.0089 3324 [ 38D7EBFC35C9D59DB777211946047343 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
00:45:31.0136 3324 VMnetuserif - ok
00:45:31.0136 3324 [ F22098DBDD13C1221C274496B3E18DA7 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
00:45:31.0151 3324 VMUSBArbService - ok
00:45:31.0151 3324 VMware NAT Service - ok
00:45:31.0151 3324 [ 1C1111810F0FCD958A6DFE3F869AD80D ] vmwvusb C:\Windows\system32\Drivers\vmwvusb.sys
00:45:31.0182 3324 vmwvusb - ok
00:45:31.0198 3324 [ 31854DC0A3B69CB145835EFBCA24E50C ] vmx86 C:\Windows\system32\drivers\vmx86.sys
00:45:31.0229 3324 vmx86 - ok
00:45:31.0229 3324 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:45:31.0260 3324 volmgr - ok
00:45:31.0276 3324 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:45:31.0307 3324 volmgrx - ok
00:45:31.0307 3324 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:45:31.0307 3324 volsnap - ok
00:45:31.0323 3324 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:45:31.0323 3324 vsmraid - ok
00:45:31.0354 3324 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
00:45:31.0401 3324 VSS - ok
00:45:31.0401 3324 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 C:\Program Files\VMware\VMware View\Client\Local Mode\vstor2-ws60.sys
00:45:31.0432 3324 vstor2-ws60 - ok
00:45:31.0432 3324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:45:31.0448 3324 vwifibus - ok
00:45:31.0448 3324 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:45:31.0448 3324 vwififlt - ok
00:45:31.0463 3324 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
00:45:31.0463 3324 W32Time - ok
00:45:31.0463 3324 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:45:31.0479 3324 WacomPen - ok
00:45:31.0479 3324 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:45:31.0479 3324 WANARP - ok
00:45:31.0479 3324 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:45:31.0479 3324 Wanarpv6 - ok
00:45:31.0510 3324 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:45:31.0557 3324 WatAdminSvc - ok
00:45:31.0572 3324 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
00:45:31.0619 3324 wbengine - ok
00:45:31.0619 3324 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:45:31.0635 3324 WbioSrvc - ok
00:45:31.0635 3324 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:45:31.0666 3324 wcncsvc - ok
00:45:31.0666 3324 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:45:31.0682 3324 WcsPlugInService - ok
00:45:31.0682 3324 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
00:45:31.0682 3324 Wd - ok
00:45:31.0697 3324 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:45:31.0713 3324 Wdf01000 - ok
00:45:31.0713 3324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:45:31.0713 3324 WdiServiceHost - ok
00:45:31.0728 3324 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:45:31.0728 3324 WdiSystemHost - ok
00:45:31.0728 3324 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
00:45:31.0760 3324 WebClient - ok
00:45:31.0760 3324 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:45:31.0775 3324 Wecsvc - ok
00:45:31.0775 3324 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:45:31.0791 3324 wercplsupport - ok
00:45:31.0791 3324 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
00:45:31.0791 3324 WerSvc - ok
00:45:31.0791 3324 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:45:31.0806 3324 WfpLwf - ok
00:45:31.0806 3324 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:45:31.0806 3324 WIMMount - ok
00:45:31.0822 3324 WinDefend - ok
00:45:31.0822 3324 WinHttpAutoProxySvc - ok
00:45:31.0838 3324 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:45:31.0838 3324 Winmgmt - ok
00:45:31.0869 3324 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
00:45:31.0900 3324 WinRM - ok
00:45:31.0916 3324 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
00:45:31.0947 3324 WinUsb - ok
00:45:31.0962 3324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
00:45:31.0978 3324 Wlansvc - ok
00:45:31.0978 3324 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:45:32.0009 3324 wlcrasvc - ok
00:45:32.0040 3324 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:45:32.0087 3324 wlidsvc - ok
00:45:32.0087 3324 WMCoreService - ok
00:45:32.0087 3324 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:45:32.0103 3324 WmiAcpi - ok
00:45:32.0103 3324 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:45:32.0118 3324 wmiApSrv - ok
00:45:32.0118 3324 WMPNetworkSvc - ok
00:45:32.0118 3324 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:45:32.0118 3324 WPCSvc - ok
00:45:32.0134 3324 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:45:32.0150 3324 WPDBusEnum - ok
00:45:32.0165 3324 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:45:32.0165 3324 ws2ifsl - ok
00:45:32.0165 3324 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
00:45:32.0165 3324 wscsvc - ok
00:45:32.0165 3324 WSearch - ok
00:45:32.0181 3324 [ 3CF81F104137457A7F32C274709635BE ] wsnm C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
00:45:32.0196 3324 wsnm - ok
00:45:32.0212 3324 [ AFD194F6C3FAF4D29493AD2DF28B46BF ] wsnm_usbctrl C:\Program Files\VMware\VMware View\Client\bin\wsnm_usbctrl.exe
00:45:32.0243 3324 wsnm_usbctrl - ok
00:45:32.0274 3324 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
00:45:32.0306 3324 wuauserv - ok
00:45:32.0306 3324 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:45:32.0337 3324 WudfPf - ok
00:45:32.0352 3324 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:45:32.0384 3324 WUDFRd - ok
00:45:32.0384 3324 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:45:32.0415 3324 wudfsvc - ok
00:45:32.0415 3324 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
00:45:32.0430 3324 WwanSvc - ok
00:45:32.0430 3324 [ DDA7CD9F319AA76385F24BB2BD320044 ] WwanUsbServ C:\Windows\system32\DRIVERS\WwanUsbMp64.sys
00:45:32.0462 3324 WwanUsbServ - ok
00:45:32.0493 3324 ================ Scan global ===============================
00:45:32.0493 3324 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
00:45:32.0508 3324 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
00:45:32.0524 3324 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
00:45:32.0540 3324 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
00:45:32.0540 3324 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
00:45:32.0540 3324 [Global] - ok
00:45:32.0540 3324 ================ Scan MBR ==================================
00:45:32.0555 3324 [ C6805E24642393A06493D40A91C061CB ] \Device\Harddisk0\DR0
00:45:32.0696 3324 \Device\Harddisk0\DR0 - ok
00:45:32.0696 3324 ================ Scan VBR ==================================
00:45:32.0696 3324 [ D53BC473EBDF245E88E2202CA5A0AA8F ] \Device\Harddisk0\DR0\Partition1
00:45:32.0696 3324 \Device\Harddisk0\DR0\Partition1 - ok
00:45:32.0696 3324 [ EB618404C8C11B7C109DD801217898E6 ] \Device\Harddisk0\DR0\Partition2
00:45:32.0696 3324 \Device\Harddisk0\DR0\Partition2 - ok
00:45:32.0696 3324 [ B28BD36C28A49DA960299FC18770BB7B ] \Device\Harddisk0\DR0\Partition3
00:45:32.0711 3324 \Device\Harddisk0\DR0\Partition3 - ok
00:45:32.0711 3324 ============================================================
00:45:32.0711 3324 Scan finished
00:45:32.0711 3324 ============================================================
00:45:32.0711 1084 Detected object count: 0
00:45:32.0711 1084 Actual detected object count: 0
00:45:45.0332 5176 Deinitialize success

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:59 PM

Posted 02 November 2012 - 07:10 PM

Any current issues?

#15 Chae

Chae
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:59 PM

Posted 02 November 2012 - 07:17 PM

Looks like its all working fine again now!
Thanks so much for your help!!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users