Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Svchost is occuping 300k or more of memory.


  • This topic is locked This topic is locked
12 replies to this topic

#1 Vilee

Vilee

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 17 February 2013 - 06:22 PM

Hi everybody,

 

Besides all the memory occuped, I also have been experiencing some slownes in my computer.

Below I am posting the log of DDS. I've tryied to use aswMBR but it always give an error message "The program stop working".

Could anyone help me? Please.

 

DDS LOG

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464  BrowserJavaVersion: 10.13.2
Run by AVELL at 20:03:03 on 2013-02-17
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1046.18.8162.5671 [GMT -3:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
C:\Windows\Explorer.EXE
C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\SRS Labs\SRS Control Panel\srspanel_64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files (x86)\WSED\WSED.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\BTOPtm\BTOptm.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Infineon\Security Platform Software\SpTna.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://websearch.just-browse.info/
mStart Page = hxxp://websearch.just-browse.info/
mWinlogon: Userinit = userinit.exe
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Auxiliar de Conexão do Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\AppliedBiosystems\SDS2.4\jre\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Archiver] C:\Users\AVELL\AppData\Local\Temp\zip .exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IFXSPMGT] "C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" /NotifyLogon
mRun: [WSED] C:\Program Files (x86)\WSED\WSED.exe
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [BTOptm] C:\Program Files (x86)\BTOPtm\BTOptm.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: &Enviar para o OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9BF8073C-7546-4C9F-8CA1-2AA301410C47} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9C501967-64D9-44AC-BB34-612520DDD6B6} : DHCPNameServer = 150.162.2.33 150.162.1.33
TCP: Interfaces\{9C501967-64D9-44AC-BB34-612520DDD6B6}\27564656556435343556D66496F623 : DHCPNameServer = 150.162.2.33 150.162.1.33
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
AppInit_DLLs= c:\progra~3\browse~1\261123~1.78\{16cdf~1\browse~1.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\AVELL\AppData\Roaming\Mozilla\Firefox\Profiles\dojj6f5y.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.just-browse.info/?l=1&q=
FF - prefs.js: browser.search.selectedEngine - WebSearch
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.br/
FF - prefs.js: keyword.URL - hxxp://websearch.just-browse.info/?l=1&q=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\AVELL\AppData\Roaming\Mozilla\Firefox\Profiles\dojj6f5y.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\plugins\npgbfnc_bb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=56c21d59000000000000b888e3512989&q=
FF - user.js: extensions.BabylonToolbar.id - 56c21d59000000000000b888e3512989
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15611
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1219:57:03
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=44444&tt=270912_7a_3912_7
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
.
============= SERVICES / DRIVERS ===============
.
R0 EMSC;COMPAL Embedded System Control;C:\Windows\System32\drivers\EMSC.sys [2009-6-26 16752]
R0 iusb3hcs;Driver de comutação do controlador host Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-6 16152]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-28 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-28 370288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-9-28 283200]
R1 PersonalSecureDrive;PersonalSecureDrive;C:\Windows\System32\drivers\psd.sys [2009-7-19 44576]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-28 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-28 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-1-5 44808]
R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2013-1-31 2561488]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-6 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-8-6 128280]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-8-6 161560]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 128456]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-8-30 382312]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-8-6 363800]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-9-8 288256]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-9-8 1034752]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-9-8 485376]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\drivers\ATSwpWDF.sys [2011-8-30 1050016]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2012-8-6 240432]
R3 iusb3hub;Driver para hub Intel® USB 3.0;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-6 356120]
R3 iusb3xhc;Driver de controlador host eXtensível Intel® USB 3.0;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-6 787736]
R3 NisSrv;Inspeção de Rede da Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-8-6 314472]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-6 565352]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2012-6-2 876136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-8-6 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-8-10 59392]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-28 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2009-2-13 14464]
.
=============== Created Last 30 ================
.
2013-02-16 20:05:51    9161176    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{34C6ADA5-C0BB-498C-842B-AE2DF4CE9A47}\mpengine.dll
2013-02-15 13:59:14    9161176    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-14 15:31:28    95648    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-14 14:30:01    --------    d-----w-    C:\Windows\SysWow64\searchplugins
2013-02-14 14:30:01    --------    d-----w-    C:\Windows\SysWow64\Extensions
2013-02-13 05:02:18    996352    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 05:02:18    768000    ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 02:03:30    5553512    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-02-13 02:03:28    3967848    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-13 02:03:27    3913064    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-02-13 02:03:21    3153408    ----a-w-    C:\Windows\System32\win32k.sys
2013-02-13 02:03:17    215040    ----a-w-    C:\Windows\System32\winsrv.dll
2013-02-13 02:03:15    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-02-13 02:03:15    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-02-13 02:03:15    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 02:03:14    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-02-13 02:03:12    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-02-13 02:02:59    1913192    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-02-13 02:02:58    288088    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-12 20:53:06    --------    d-----w-    C:\ProgramData\BioWare
2013-02-12 19:17:36    --------    d-----w-    C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-02-12 19:17:27    --------    d-----w-    C:\ProgramData\Media Center Programs
2013-02-12 18:51:31    --------    d-----w-    C:\Program Files (x86)\Common Files\BioWare
2013-02-05 16:02:14    --------    d-----w-    C:\ProgramData\gas
2013-01-25 17:32:06    --------    d-----w-    C:\Users\AVELL\AppData\Local\Google
.
==================== Find3M  ====================
.
2013-02-15 13:54:16    71024    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-15 13:54:16    691568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-14 15:31:21    861088    ----a-w-    C:\Windows\SysWow64\npdeployJava1.dll
2013-02-14 15:31:21    782240    ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2013-01-30 10:53:22    273840    ------w-    C:\Windows\System32\MpSigStub.exe
2013-01-09 01:19:09    2312704    ----a-w-    C:\Windows\System32\jscript9.dll
2013-01-09 01:12:03    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2013-01-09 01:11:06    1494528    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2013-01-09 01:04:42    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:21    1800704    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:20    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:12    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29    420864    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:23    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:43:21    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2012-12-16 18:43:11    189248    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2012-12-16 18:43:08    75136    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2012-12-16 17:11:22    46080    ----a-w-    C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03    367616    ----a-w-    C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28    295424    ----a-w-    C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20    34304    ----a-w-    C:\Windows\SysWow64\atmlib.dll
2012-12-07 13:20:16    441856    ----a-w-    C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31    2746368    ----a-w-    C:\Windows\System32\gameux.dll
2012-12-07 12:26:17    308736    ----a-w-    C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43    2576384    ----a-w-    C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04    30720    ----a-w-    C:\Windows\System32\usk.rs
2012-12-07 11:20:03    43520    ----a-w-    C:\Windows\System32\csrr.rs
2012-12-07 11:20:03    23552    ----a-w-    C:\Windows\System32\oflc.rs
2012-12-07 11:20:01    45568    ----a-w-    C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01    44544    ----a-w-    C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01    20480    ----a-w-    C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00    20480    ----a-w-    C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59    20480    ----a-w-    C:\Windows\System32\pegi.rs
2012-12-07 11:19:58    46592    ----a-w-    C:\Windows\System32\fpb.rs
2012-12-07 11:19:57    40960    ----a-w-    C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57    21504    ----a-w-    C:\Windows\System32\grb.rs
2012-12-07 11:19:57    15360    ----a-w-    C:\Windows\System32\djctq.rs
2012-12-07 11:19:56    55296    ----a-w-    C:\Windows\System32\cero.rs
2012-12-07 11:19:55    51712    ----a-w-    C:\Windows\System32\esrb.rs
2012-11-30 05:45:35    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35    243200    ----a-w-    C:\Windows\System32\wow64.dll
2012-11-30 05:45:35    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2012-11-30 05:43:12    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07    424448    ----a-w-    C:\Windows\System32\KernelBase.dll
2012-11-30 04:53:59    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48    338432    ----a-w-    C:\Windows\System32\conhost.exe
2012-11-30 02:38:59    6144    ---ha-w-    C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59    4608    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:13:57    68608    ----a-w-    C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23    800768    ----a-w-    C:\Windows\System32\usp10.dll
2012-11-22 04:45:03    626688    ----a-w-    C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
.
============= FINISH: 20:03:52,51 ===============
 

 

DDS ATTACH

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 06/08/2012 12:53:21
System Uptime: 17/02/2013 16:13:37 (4 hours ago)
.
Motherboard: Compal |  | Type2 - Board Product Name1
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz | U3E1 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 698 GiB total, 49,939 GiB free.
D: is CDROM (CDFS)
G: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP119: 14/02/2013 01:31:25 - Ponto de Verificação Agendado
RP120: 14/02/2013 13:30:25 - Installed Java 7 Update 13
RP121: 16/02/2013 18:05:22 - Windows Update
.
==== Installed Programs ======================
.
64 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5) - Português
AIO_Scan
Alcor Micro Smart Card Reader Driver
Assassin's Creed Brotherhood
µTorrent
Atualizações da NVIDIA 1.10.8
AuthenTec WinBio FingerPrint Software
avast! Free Antivirus
Battle vs. Chess
Browser Manager
BrowseToSave 1.66
BTOptm
BufferChm
C4200
c4200_Help
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Copy
Corel Graphics - Windows Shell Extension
Corel Graphics - Windows Shell Extension 64 Bit
CorelDRAW Graphics Suite X6
CorelDRAW Graphics Suite X6 - BR
CorelDRAW Graphics Suite X6 - Capture
CorelDRAW Graphics Suite X6 - Common
CorelDRAW Graphics Suite X6 - Connect
CorelDRAW Graphics Suite X6 - Custom Data
CorelDRAW Graphics Suite X6 - Draw
CorelDRAW Graphics Suite X6 - Filters
CorelDRAW Graphics Suite X6 - FontNav
CorelDRAW Graphics Suite X6 - IPM
CorelDRAW Graphics Suite X6 - PHOTO-PAINT
CorelDRAW Graphics Suite X6 - Photozoom Plugin
CorelDRAW Graphics Suite X6 - Redist
CorelDRAW Graphics Suite X6 - Setup Files
CorelDRAW Graphics Suite X6 - VBA
CorelDRAW Graphics Suite X6 - VideoBrowser
CorelDRAW Graphics Suite X6 - VSTA
CorelDRAW Graphics Suite X6 - Writing Tools
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Destinations
DeviceDiscovery
DocProc
Dragon Age: Origins
DreaMule 3.2
EMSC
EndNote X6
ETDWare PS/2-X64 10.10.2.5_WHQL
FFHC Kasumi: Rebirth
Ghostscript GPL 8.64 (Msi Setup)
Google Earth
Google Update Helper
GPBaseService2
GraphPad Prism 5 (Trial)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Infineon TPM Professional Package
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Java 7 Update 13
Java 7 Update 7 (64-bit)
Java Auto Updater
Java™ 6 Update 35
Java™ SE Runtime Environment 6
Junk Mail filter update
K-Lite Codec Pack 9.3.0 (64-bit)
K-Lite Mega Codec Pack 5.2.0
MarketResearch
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile PTB Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended PTB Language Pack
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (Portuguese (Brazil)) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (Portuguese (Brazil)) 2010
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2010
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010
Microsoft Office Word MUI (Portuguese (Brazil)) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SkyDrive
Microsoft Visual Basic for Applications 7.1 (x86)
Microsoft Visual Basic for Applications 7.1 (x86) English
Microsoft Visual Basic for Applications 7.1 (x86) Portuguese (Brazil)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Mozilla Firefox 18.0.2 (x86 pt-BR)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 pt-BR)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MV RegClean 6.9
Nero 7 Essentials
neroxml
NVIDIA Driver de gráficos 306.23
NVIDIA Driver de áudio HD 1.3.18.0
NVIDIA Driver do 3D Vision 306.23
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Software do sistema PhysX 9.12.0604
NVIDIA Stereoscopic 3D Driver
NVIDIA Update Components
OCR Software by I.R.I.S. 13.0
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
Painel de controle da NVIDIA 306.23
Power USB
PS_AIO_Software_min
PunkBuster Services
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver
ResearchSoft Direct Export Helper
Scan
SDS v2.4 Standard
Search Assistant JustBrowse 1.66
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 64-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition
Shop for HP Supplies
Sleeping Dogs version 5.1
SmartWebPrinting
SolutionCenter
Spybot - Search & Destroy
SRS Premium Sound Control Panel
Status
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Uplay
WD SmartWare
WebReg
Winamp
Winamp Detectar Aplicação
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (64-bit)
Wireless enable/disable
WSED
Youtube Downloader HD v. 2.9.6
.
==== End Of File ===========================
 



BC AdBot (Login to Remove)

 


#2 Vilee

Vilee
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 17 February 2013 - 06:24 PM

Hi everybody,

 

Besides all the memory occuped, I also have been experiencing some slownes in my computer.

I attached the logs of DDS. I've tryied to use aswMBR but it always give an error message "The program stop working".

Could anyone help me? Please.

Attached Files



#3 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:26 PM

Posted 17 February 2013 - 06:38 PM

Hi and welcome to Bleeping Computer!  welcome.gif  My name is Jeff and I would be more than happy to help you with your malware related problems.

 

 

Please download TDSSKiller

  • Double click TDSSKiller.exe


  • Press Start Scan


  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.


  • Do Not Attempt To Fix Anything Now.  We just need to look over the report and be sure we are removing the correct items.  


  • Attach the log in your next reply


  • A copy of the log will be saved automatically to the root of the drive (typically C:\)

 

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#4 Vilee

Vilee
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 17 February 2013 - 07:41 PM

Hi and thansk for the welcome.

 

Here folows the log of TDSSKiller.

 

21:35:06.0647 3972  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:35:07.0441 3972  ============================================================
21:35:07.0441 3972  Current date / time: 2013/02/17 21:35:07.0441
21:35:07.0441 3972  SystemInfo:
21:35:07.0441 3972  
21:35:07.0441 3972  OS Version: 6.1.7601 ServicePack: 1.0
21:35:07.0441 3972  Product type: Workstation
21:35:07.0441 3972  ComputerName: VICENTE-PC
21:35:07.0441 3972  UserName: AVELL
21:35:07.0441 3972  Windows directory: C:\Windows
21:35:07.0441 3972  System windows directory: C:\Windows
21:35:07.0441 3972  Running under WOW64
21:35:07.0441 3972  Processor architecture: Intel x64
21:35:07.0441 3972  Number of processors: 4
21:35:07.0441 3972  Page size: 0x1000
21:35:07.0441 3972  Boot type: Normal boot
21:35:07.0441 3972  ============================================================
21:35:08.0239 3972  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:35:08.0251 3972  ============================================================
21:35:08.0251 3972  \Device\Harddisk0\DR0:
21:35:08.0252 3972  MBR partitions:
21:35:08.0252 3972  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x8D800
21:35:08.0252 3972  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x8E000, BlocksNum 0x574B7800
21:35:08.0252 3972  ============================================================
21:35:08.0325 3972  C: <-> \Device\Harddisk0\DR0\Partition2
21:35:08.0325 3972  ============================================================
21:35:08.0325 3972  Initialize success
21:35:08.0325 3972  ============================================================
21:35:24.0344 6176  ============================================================
21:35:24.0344 6176  Scan started
21:35:24.0344 6176  Mode: Manual;
21:35:24.0344 6176  ============================================================
21:35:24.0507 6176  ================ Scan system memory ========================
21:35:24.0507 6176  System memory - ok
21:35:24.0507 6176  ================ Scan services =============================
21:35:24.0610 6176  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:35:24.0614 6176  1394ohci - ok
21:35:24.0638 6176  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:35:24.0643 6176  ACPI - ok
21:35:24.0669 6176  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:35:24.0669 6176  AcpiPmi - ok
21:35:24.0736 6176  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:24.0739 6176  AdobeARMservice - ok
21:35:24.0846 6176  [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:35:24.0852 6176  AdobeFlashPlayerUpdateSvc - ok
21:35:24.0895 6176  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:35:24.0903 6176  adp94xx - ok
21:35:24.0928 6176  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:35:24.0934 6176  adpahci - ok
21:35:24.0950 6176  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:35:24.0954 6176  adpu320 - ok
21:35:24.0980 6176  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:35:24.0981 6176  AeLookupSvc - ok
21:35:25.0009 6176  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:35:25.0015 6176  AFD - ok
21:35:25.0040 6176  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:35:25.0041 6176  agp440 - ok
21:35:25.0059 6176  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:35:25.0060 6176  ALG - ok
21:35:25.0076 6176  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:35:25.0079 6176  aliide - ok
21:35:25.0087 6176  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:35:25.0089 6176  amdide - ok
21:35:25.0101 6176  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:35:25.0103 6176  AmdK8 - ok
21:35:25.0118 6176  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:35:25.0119 6176  AmdPPM - ok
21:35:25.0130 6176  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:35:25.0132 6176  amdsata - ok
21:35:25.0153 6176  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:35:25.0156 6176  amdsbs - ok
21:35:25.0166 6176  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:35:25.0167 6176  amdxata - ok
21:35:25.0200 6176  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:35:25.0201 6176  AppID - ok
21:35:25.0214 6176  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:35:25.0216 6176  AppIDSvc - ok
21:35:25.0235 6176  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:35:25.0237 6176  Appinfo - ok
21:35:25.0294 6176  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:35:25.0297 6176  AppMgmt - ok
21:35:25.0311 6176  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:35:25.0312 6176  arc - ok
21:35:25.0323 6176  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:35:25.0324 6176  arcsas - ok
21:35:25.0410 6176  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:35:25.0412 6176  aspnet_state - ok
21:35:25.0456 6176  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:35:25.0457 6176  aswFsBlk - ok
21:35:25.0483 6176  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:35:25.0484 6176  aswMonFlt - ok
21:35:25.0500 6176  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:35:25.0502 6176  aswRdr - ok
21:35:25.0527 6176  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:35:25.0543 6176  aswSnx - ok
21:35:25.0563 6176  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:35:25.0571 6176  aswSP - ok
21:35:25.0585 6176  [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:35:25.0586 6176  aswTdi - ok
21:35:25.0607 6176  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:35:25.0608 6176  AsyncMac - ok
21:35:25.0636 6176  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:35:25.0637 6176  atapi - ok
21:35:25.0674 6176  [ 0C9039EC45E6C4631BE31DDEC370D341 ] ATSwpWDF        C:\Windows\system32\DRIVERS\ATSwpWDF.sys
21:35:25.0687 6176  ATSwpWDF - ok
21:35:25.0719 6176  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:35:25.0728 6176  AudioEndpointBuilder - ok
21:35:25.0737 6176  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:35:25.0741 6176  AudioSrv - ok
21:35:25.0813 6176  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:35:25.0815 6176  avast! Antivirus - ok
21:35:25.0848 6176  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:35:25.0851 6176  AxInstSV - ok
21:35:25.0887 6176  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:35:25.0893 6176  b06bdrv - ok
21:35:25.0930 6176  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:35:25.0934 6176  b57nd60a - ok
21:35:25.0966 6176  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:35:25.0967 6176  BDESVC - ok
21:35:25.0981 6176  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:35:25.0982 6176  Beep - ok
21:35:26.0027 6176  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:35:26.0037 6176  BFE - ok
21:35:26.0066 6176  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:35:26.0080 6176  BITS - ok
21:35:26.0099 6176  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:35:26.0100 6176  blbdrive - ok
21:35:26.0128 6176  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:35:26.0129 6176  bowser - ok
21:35:26.0152 6176  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:35:26.0152 6176  BrFiltLo - ok
21:35:26.0165 6176  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:35:26.0166 6176  BrFiltUp - ok
21:35:26.0201 6176  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:35:26.0204 6176  Browser - ok
21:35:26.0344 6176  [ B98EF68B1E3DC5AC79A432900947EA2D ] Browser Manager C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
21:35:26.0363 6176  Browser Manager - ok
21:35:26.0392 6176  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:35:26.0396 6176  Brserid - ok
21:35:26.0409 6176  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:35:26.0410 6176  BrSerWdm - ok
21:35:26.0426 6176  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:35:26.0426 6176  BrUsbMdm - ok
21:35:26.0434 6176  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:35:26.0434 6176  BrUsbSer - ok
21:35:26.0475 6176  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:35:26.0476 6176  BthEnum - ok
21:35:26.0491 6176  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:35:26.0491 6176  BTHMODEM - ok
21:35:26.0514 6176  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:35:26.0515 6176  BthPan - ok
21:35:26.0539 6176  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:35:26.0545 6176  BTHPORT - ok
21:35:26.0565 6176  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:35:26.0566 6176  bthserv - ok
21:35:26.0583 6176  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:35:26.0584 6176  BTHUSB - ok
21:35:26.0604 6176  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:35:26.0605 6176  cdfs - ok
21:35:26.0638 6176  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:35:26.0640 6176  cdrom - ok
21:35:26.0669 6176  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:35:26.0670 6176  CertPropSvc - ok
21:35:26.0685 6176  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:35:26.0686 6176  circlass - ok
21:35:26.0709 6176  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:35:26.0714 6176  CLFS - ok
21:35:26.0758 6176  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:35:26.0761 6176  clr_optimization_v2.0.50727_32 - ok
21:35:26.0793 6176  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:35:26.0795 6176  clr_optimization_v2.0.50727_64 - ok
21:35:26.0890 6176  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:35:26.0894 6176  clr_optimization_v4.0.30319_32 - ok
21:35:26.0907 6176  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:35:26.0911 6176  clr_optimization_v4.0.30319_64 - ok
21:35:26.0934 6176  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:35:26.0936 6176  CmBatt - ok
21:35:26.0956 6176  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:35:26.0958 6176  cmdide - ok
21:35:26.0998 6176  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:35:27.0007 6176  CNG - ok
21:35:27.0038 6176  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:35:27.0039 6176  Compbatt - ok
21:35:27.0070 6176  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:35:27.0071 6176  CompositeBus - ok
21:35:27.0080 6176  COMSysApp - ok
21:35:27.0092 6176  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:35:27.0093 6176  crcdisk - ok
21:35:27.0149 6176  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:35:27.0155 6176  CryptSvc - ok
21:35:27.0206 6176  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
21:35:27.0214 6176  CSC - ok
21:35:27.0260 6176  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
21:35:27.0271 6176  CscService - ok
21:35:27.0406 6176  [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc    C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
21:35:27.0408 6176  DAUpdaterSvc - ok
21:35:27.0435 6176  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:35:27.0446 6176  DcomLaunch - ok
21:35:27.0471 6176  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:35:27.0476 6176  defragsvc - ok
21:35:27.0498 6176  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:35:27.0500 6176  DfsC - ok
21:35:27.0527 6176  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:35:27.0534 6176  Dhcp - ok
21:35:27.0555 6176  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:35:27.0556 6176  discache - ok
21:35:27.0569 6176  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:35:27.0571 6176  Disk - ok
21:35:27.0595 6176  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:35:27.0600 6176  Dnscache - ok
21:35:27.0619 6176  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:35:27.0623 6176  dot3svc - ok
21:35:27.0736 6176  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:35:27.0740 6176  Dot4 - ok
21:35:27.0761 6176  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:35:27.0762 6176  Dot4Print - ok
21:35:27.0814 6176  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:35:27.0815 6176  dot4usb - ok
21:35:27.0841 6176  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:35:27.0845 6176  DPS - ok
21:35:27.0866 6176  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:35:27.0867 6176  drmkaud - ok
21:35:27.0890 6176  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:35:27.0894 6176  dtsoftbus01 - ok
21:35:27.0930 6176  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:35:27.0943 6176  DXGKrnl - ok
21:35:27.0973 6176  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:35:27.0976 6176  EapHost - ok
21:35:28.0041 6176  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:35:28.0086 6176  ebdrv - ok
21:35:28.0103 6176  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:35:28.0106 6176  EFS - ok
21:35:28.0144 6176  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:35:28.0153 6176  ehRecvr - ok
21:35:28.0177 6176  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:35:28.0180 6176  ehSched - ok
21:35:28.0224 6176  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:35:28.0230 6176  elxstor - ok
21:35:28.0259 6176  [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC            C:\Windows\system32\DRIVERS\EMSC.SYS
21:35:28.0260 6176  EMSC - ok
21:35:28.0268 6176  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:35:28.0269 6176  ErrDev - ok
21:35:28.0306 6176  [ 1550E7977E376F7AE4D9D44D7C8FC8E8 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
21:35:28.0309 6176  ETD - ok
21:35:28.0342 6176  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:35:28.0349 6176  EventSystem - ok
21:35:28.0373 6176  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:35:28.0376 6176  exfat - ok
21:35:28.0393 6176  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:35:28.0397 6176  fastfat - ok
21:35:28.0439 6176  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:35:28.0447 6176  Fax - ok
21:35:28.0472 6176  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:35:28.0473 6176  fdc - ok
21:35:28.0490 6176  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:35:28.0491 6176  fdPHost - ok
21:35:28.0499 6176  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:35:28.0503 6176  FDResPub - ok
21:35:28.0516 6176  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:35:28.0517 6176  FileInfo - ok
21:35:28.0530 6176  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:35:28.0531 6176  Filetrace - ok
21:35:28.0542 6176  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:35:28.0544 6176  flpydisk - ok
21:35:28.0564 6176  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:35:28.0568 6176  FltMgr - ok
21:35:28.0604 6176  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
21:35:28.0609 6176  FontCache - ok
21:35:28.0653 6176  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:35:28.0656 6176  FontCache3.0.0.0 - ok
21:35:28.0683 6176  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:35:28.0684 6176  FsDepends - ok
21:35:28.0704 6176  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:35:28.0705 6176  Fs_Rec - ok
21:35:28.0738 6176  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:35:28.0741 6176  fvevol - ok
21:35:28.0754 6176  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:35:28.0755 6176  gagp30kx - ok
21:35:28.0780 6176  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:35:28.0790 6176  gpsvc - ok
21:35:28.0886 6176  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:28.0889 6176  gupdate - ok
21:35:28.0898 6176  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:35:28.0900 6176  gupdatem - ok
21:35:28.0917 6176  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:35:28.0918 6176  hcw85cir - ok
21:35:28.0964 6176  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:35:28.0969 6176  HdAudAddService - ok
21:35:28.0982 6176  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:35:28.0985 6176  HDAudBus - ok
21:35:28.0998 6176  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:35:28.0999 6176  HidBatt - ok
21:35:29.0014 6176  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:35:29.0016 6176  HidBth - ok
21:35:29.0028 6176  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:35:29.0029 6176  HidIr - ok
21:35:29.0055 6176  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:35:29.0056 6176  hidserv - ok
21:35:29.0082 6176  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:35:29.0082 6176  HidUsb - ok
21:35:29.0096 6176  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:35:29.0098 6176  hkmsvc - ok
21:35:29.0123 6176  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:35:29.0127 6176  HomeGroupListener - ok
21:35:29.0144 6176  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:35:29.0150 6176  HomeGroupProvider - ok
21:35:29.0244 6176  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:35:29.0248 6176  hpqcxs08 - ok
21:35:29.0262 6176  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:35:29.0265 6176  hpqddsvc - ok
21:35:29.0286 6176  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:35:29.0287 6176  HpSAMD - ok
21:35:29.0315 6176  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:35:29.0324 6176  HTTP - ok
21:35:29.0346 6176  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:35:29.0347 6176  hwpolicy - ok
21:35:29.0366 6176  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:35:29.0367 6176  i8042prt - ok
21:35:29.0389 6176  [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:35:29.0392 6176  iaStor - ok
21:35:29.0428 6176  [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:35:29.0431 6176  IAStorDataMgrSvc - ok
21:35:29.0461 6176  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:35:29.0469 6176  iaStorV - ok
21:35:29.0509 6176  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:35:29.0512 6176  IDriverT - ok
21:35:29.0553 6176  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:35:29.0569 6176  idsvc - ok
21:35:29.0675 6176  [ BB530F1C035DD72A33ACE0A5DB65CB78 ] IFXSpMgtSrv     C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
21:35:29.0687 6176  IFXSpMgtSrv - ok
21:35:29.0716 6176  [ DD2CA93025BB1174C870F0B0A7B445DE ] IFXTCS          C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
21:35:29.0728 6176  IFXTCS - ok
21:35:29.0751 6176  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:35:29.0752 6176  iirsp - ok
21:35:29.0785 6176  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:35:29.0805 6176  IKEEXT - ok
21:35:29.0971 6176  [ ABA41EE6F5EEFC034F3BBD025506B37E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:35:30.0106 6176  IntcAzAudAddService - ok
21:35:30.0161 6176  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:35:30.0165 6176  Intel® Capability Licensing Service Interface - ok
21:35:30.0210 6176  [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
21:35:30.0214 6176  Intel® ME Service - ok
21:35:30.0227 6176  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:35:30.0228 6176  intelide - ok
21:35:30.0259 6176  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:35:30.0260 6176  intelppm - ok
21:35:30.0272 6176  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:35:30.0275 6176  IPBusEnum - ok
21:35:30.0303 6176  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:35:30.0305 6176  IpFilterDriver - ok
21:35:30.0350 6176  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:35:30.0359 6176  iphlpsvc - ok
21:35:30.0387 6176  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:35:30.0389 6176  IPMIDRV - ok
21:35:30.0420 6176  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:35:30.0421 6176  IPNAT - ok
21:35:30.0445 6176  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:35:30.0446 6176  IRENUM - ok
21:35:30.0457 6176  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:35:30.0458 6176  isapnp - ok
21:35:30.0474 6176  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:35:30.0478 6176  iScsiPrt - ok
21:35:30.0506 6176  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:35:30.0507 6176  iusb3hcs - ok
21:35:30.0518 6176  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:35:30.0523 6176  iusb3hub - ok
21:35:30.0541 6176  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:35:30.0551 6176  iusb3xhc - ok
21:35:30.0581 6176  [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:35:30.0584 6176  jhi_service - ok
21:35:30.0607 6176  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:35:30.0608 6176  kbdclass - ok
21:35:30.0637 6176  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:35:30.0638 6176  kbdhid - ok
21:35:30.0649 6176  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:35:30.0651 6176  KeyIso - ok
21:35:30.0668 6176  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:35:30.0669 6176  KSecDD - ok
21:35:30.0678 6176  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:35:30.0681 6176  KSecPkg - ok
21:35:30.0708 6176  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:35:30.0709 6176  ksthunk - ok
21:35:30.0738 6176  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:35:30.0745 6176  KtmRm - ok
21:35:30.0774 6176  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:35:30.0780 6176  LanmanServer - ok
21:35:30.0807 6176  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:35:30.0812 6176  LanmanWorkstation - ok
21:35:30.0841 6176  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:35:30.0842 6176  lltdio - ok
21:35:30.0864 6176  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:35:30.0870 6176  lltdsvc - ok
21:35:30.0887 6176  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:35:30.0890 6176  lmhosts - ok
21:35:30.0930 6176  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:35:30.0934 6176  LMS - ok
21:35:30.0964 6176  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:35:30.0966 6176  LSI_FC - ok
21:35:30.0994 6176  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:35:30.0996 6176  LSI_SAS - ok
21:35:31.0005 6176  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:35:31.0006 6176  LSI_SAS2 - ok
21:35:31.0018 6176  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:35:31.0019 6176  LSI_SCSI - ok
21:35:31.0041 6176  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:35:31.0042 6176  luafv - ok
21:35:31.0102 6176  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:35:31.0104 6176  Mcx2Svc - ok
21:35:31.0129 6176  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:35:31.0130 6176  megasas - ok
21:35:31.0144 6176  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:35:31.0149 6176  MegaSR - ok
21:35:31.0179 6176  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:35:31.0180 6176  MEIx64 - ok
21:35:31.0211 6176  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:35:31.0214 6176  MMCSS - ok
21:35:31.0227 6176  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:35:31.0228 6176  Modem - ok
21:35:31.0255 6176  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:35:31.0257 6176  monitor - ok
21:35:31.0279 6176  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:35:31.0280 6176  mouclass - ok
21:35:31.0291 6176  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:35:31.0292 6176  mouhid - ok
21:35:31.0331 6176  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:35:31.0334 6176  mountmgr - ok
21:35:31.0382 6176  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:35:31.0385 6176  MozillaMaintenance - ok
21:35:31.0421 6176  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:35:31.0424 6176  MpFilter - ok
21:35:31.0439 6176  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:35:31.0442 6176  mpio - ok
21:35:31.0464 6176  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:35:31.0465 6176  mpsdrv - ok
21:35:31.0498 6176  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:35:31.0511 6176  MpsSvc - ok
21:35:31.0541 6176  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:35:31.0544 6176  MRxDAV - ok
21:35:31.0569 6176  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:35:31.0572 6176  mrxsmb - ok
21:35:31.0589 6176  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:35:31.0594 6176  mrxsmb10 - ok
21:35:31.0608 6176  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:35:31.0611 6176  mrxsmb20 - ok
21:35:31.0629 6176  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:35:31.0631 6176  msahci - ok
21:35:31.0660 6176  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:35:31.0664 6176  msdsm - ok
21:35:31.0698 6176  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:35:31.0702 6176  MSDTC - ok
21:35:31.0734 6176  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:35:31.0735 6176  Msfs - ok
21:35:31.0742 6176  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:35:31.0743 6176  mshidkmdf - ok
21:35:31.0767 6176  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:35:31.0768 6176  msisadrv - ok
21:35:31.0803 6176  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:35:31.0807 6176  MSiSCSI - ok
21:35:31.0811 6176  msiserver - ok
21:35:31.0905 6176  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:35:31.0907 6176  MSKSSRV - ok
21:35:31.0936 6176  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:35:31.0937 6176  MsMpSvc - ok
21:35:31.0961 6176  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:35:31.0963 6176  MSPCLOCK - ok
21:35:31.0989 6176  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:35:31.0991 6176  MSPQM - ok
21:35:32.0010 6176  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:35:32.0015 6176  MsRPC - ok
21:35:32.0034 6176  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:35:32.0034 6176  mssmbios - ok
21:35:32.0042 6176  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:35:32.0043 6176  MSTEE - ok
21:35:32.0049 6176  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:35:32.0050 6176  MTConfig - ok
21:35:32.0065 6176  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:35:32.0066 6176  Mup - ok
21:35:32.0090 6176  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:35:32.0098 6176  napagent - ok
21:35:32.0136 6176  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:35:32.0140 6176  NativeWifiP - ok
21:35:32.0204 6176  [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService       C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
21:35:32.0214 6176  NBService - ok
21:35:32.0254 6176  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:35:32.0271 6176  NDIS - ok
21:35:32.0303 6176  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:35:32.0305 6176  NdisCap - ok
21:35:32.0326 6176  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:35:32.0327 6176  NdisTapi - ok
21:35:32.0353 6176  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:35:32.0354 6176  Ndisuio - ok
21:35:32.0374 6176  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:35:32.0377 6176  NdisWan - ok
21:35:32.0395 6176  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:35:32.0396 6176  NDProxy - ok
21:35:32.0456 6176  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:35:32.0459 6176  Net Driver HPZ12 - ok
21:35:32.0492 6176  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:35:32.0494 6176  NetBIOS - ok
21:35:32.0519 6176  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:35:32.0523 6176  NetBT - ok
21:35:32.0543 6176  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:35:32.0546 6176  Netlogon - ok
21:35:32.0572 6176  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:35:32.0581 6176  Netman - ok
21:35:32.0633 6176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:32.0637 6176  NetMsmqActivator - ok
21:35:32.0641 6176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:32.0643 6176  NetPipeActivator - ok
21:35:32.0653 6176  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:35:32.0663 6176  netprofm - ok
21:35:32.0668 6176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:32.0670 6176  NetTcpActivator - ok
21:35:32.0674 6176  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:35:32.0677 6176  NetTcpPortSharing - ok
21:35:32.0730 6176  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:35:32.0731 6176  nfrd960 - ok
21:35:32.0765 6176  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:35:32.0767 6176  NisDrv - ok
21:35:32.0795 6176  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
21:35:32.0801 6176  NisSrv - ok
21:35:32.0823 6176  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:35:32.0830 6176  NlaSvc - ok
21:35:32.0888 6176  [ 060DAF68493AD7ADF104413E5A62AFA8 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
21:35:32.0893 6176  NMIndexingService - ok
21:35:32.0901 6176  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:35:32.0902 6176  Npfs - ok
21:35:32.0917 6176  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:35:32.0921 6176  nsi - ok
21:35:32.0934 6176  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:35:32.0935 6176  nsiproxy - ok
21:35:33.0009 6176  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:35:33.0043 6176  Ntfs - ok
21:35:33.0057 6176  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:35:33.0058 6176  Null - ok
21:35:33.0099 6176  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:35:33.0102 6176  NVHDA - ok
21:35:33.0365 6176  [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:35:33.0570 6176  nvlddmkm - ok
21:35:33.0624 6176  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:35:33.0627 6176  nvraid - ok
21:35:33.0637 6176  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:35:33.0641 6176  nvstor - ok
21:35:33.0692 6176  [ 43F91595049DE14C4B61D1E76436164F ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:35:33.0744 6176  nvsvc - ok
21:35:33.0787 6176  [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:35:33.0801 6176  nvUpdatusService - ok
21:35:33.0842 6176  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:35:33.0843 6176  nv_agp - ok
21:35:33.0871 6176  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:35:33.0873 6176  ohci1394 - ok
21:35:33.0940 6176  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:35:33.0946 6176  ose64 - ok
21:35:34.0085 6176  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:35:34.0166 6176  osppsvc - ok
21:35:34.0195 6176  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:35:34.0201 6176  p2pimsvc - ok
21:35:34.0218 6176  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:35:34.0226 6176  p2psvc - ok
21:35:34.0250 6176  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:35:34.0251 6176  Parport - ok
21:35:34.0274 6176  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:35:34.0275 6176  partmgr - ok
21:35:34.0295 6176  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:35:34.0299 6176  PcaSvc - ok
21:35:34.0314 6176  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:35:34.0318 6176  pci - ok
21:35:34.0334 6176  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:35:34.0335 6176  pciide - ok
21:35:34.0356 6176  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:35:34.0360 6176  pcmcia - ok
21:35:34.0376 6176  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:35:34.0377 6176  pcw - ok
21:35:34.0391 6176  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:35:34.0399 6176  PEAUTH - ok
21:35:34.0465 6176  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:35:34.0490 6176  PeerDistSvc - ok
21:35:34.0535 6176  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:35:34.0538 6176  PerfHost - ok
21:35:34.0559 6176  [ F20612DF7E12DE3A087D0F44CC545FB1 ] PersonalSecureDrive C:\Windows\System32\drivers\psd.sys
21:35:34.0560 6176  PersonalSecureDrive - ok
21:35:34.0570 6176  [ 0AED704097BA683113CF08E8AD37723B ] PersonalSecureDriveService C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
21:35:34.0572 6176  PersonalSecureDriveService - ok
21:35:34.0610 6176  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:35:34.0636 6176  pla - ok
21:35:34.0672 6176  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:35:34.0681 6176  PlugPlay - ok
21:35:34.0739 6176  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:35:34.0744 6176  Pml Driver HPZ12 - ok
21:35:34.0769 6176  PnkBstrA - ok
21:35:34.0789 6176  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:35:34.0792 6176  PNRPAutoReg - ok
21:35:34.0804 6176  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:35:34.0809 6176  PNRPsvc - ok
21:35:34.0880 6176  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:35:34.0890 6176  PolicyAgent - ok
21:35:34.0917 6176  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:35:34.0923 6176  Power - ok
21:35:34.0957 6176  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:35:34.0959 6176  PptpMiniport - ok
21:35:34.0986 6176  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:35:34.0987 6176  Processor - ok
21:35:35.0019 6176  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:35:35.0025 6176  ProfSvc - ok
21:35:35.0038 6176  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:35:35.0040 6176  ProtectedStorage - ok
21:35:35.0070 6176  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:35:35.0073 6176  Psched - ok
21:35:35.0101 6176  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:35:35.0105 6176  PSI_SVC_2 - ok
21:35:35.0141 6176  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:35:35.0166 6176  ql2300 - ok
21:35:35.0203 6176  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:35:35.0204 6176  ql40xx - ok
21:35:35.0285 6176  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:35:35.0293 6176  QWAVE - ok
21:35:35.0326 6176  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:35:35.0327 6176  QWAVEdrv - ok
21:35:35.0342 6176  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:35:35.0343 6176  RasAcd - ok
21:35:35.0370 6176  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:35:35.0370 6176  RasAgileVpn - ok
21:35:35.0385 6176  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:35:35.0388 6176  RasAuto - ok
21:35:35.0406 6176  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:35:35.0407 6176  Rasl2tp - ok
21:35:35.0442 6176  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:35:35.0449 6176  RasMan - ok
21:35:35.0465 6176  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:35:35.0466 6176  RasPppoe - ok
21:35:35.0489 6176  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:35:35.0490 6176  RasSstp - ok
21:35:35.0506 6176  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:35:35.0511 6176  rdbss - ok
21:35:35.0523 6176  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:35:35.0524 6176  rdpbus - ok
21:35:35.0533 6176  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:35:35.0534 6176  RDPCDD - ok
21:35:35.0564 6176  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:35:35.0567 6176  RDPDR - ok
21:35:35.0597 6176  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:35:35.0599 6176  RDPENCDD - ok
21:35:35.0619 6176  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:35:35.0621 6176  RDPREFMP - ok
21:35:35.0662 6176  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:35:35.0664 6176  RdpVideoMiniport - ok
21:35:35.0705 6176  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:35:35.0710 6176  RDPWD - ok
21:35:35.0746 6176  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:35:35.0751 6176  rdyboost - ok
21:35:35.0772 6176  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:35:35.0778 6176  RemoteAccess - ok
21:35:35.0795 6176  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:35:35.0800 6176  RemoteRegistry - ok
21:35:35.0833 6176  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:35:35.0836 6176  RFCOMM - ok
21:35:35.0845 6176  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:35:35.0849 6176  RpcEptMapper - ok
21:35:35.0863 6176  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:35:35.0864 6176  RpcLocator - ok
21:35:35.0884 6176  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:35:35.0888 6176  RpcSs - ok
21:35:35.0921 6176  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:35:35.0922 6176  rspndr - ok
21:35:35.0947 6176  [ D4A7B5BE29413AFE27DFA2054DCEF957 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
21:35:35.0951 6176  RSUSBVSTOR - ok
21:35:35.0985 6176  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:35:35.0992 6176  RTL8167 - ok
21:35:36.0021 6176  [ FD66FFCE55D6F5D78FD9939F10E81569 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
21:35:36.0031 6176  RTL8192Ce - ok
21:35:36.0043 6176  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:35:36.0044 6176  SamSs - ok
21:35:36.0068 6176  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:35:36.0069 6176  sbp2port - ok
21:35:36.0111 6176  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:35:36.0116 6176  SCardSvr - ok
21:35:36.0136 6176  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:35:36.0137 6176  scfilter - ok
21:35:36.0209 6176  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:35:36.0223 6176  Schedule - ok
21:35:36.0239 6176  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:35:36.0240 6176  SCPolicySvc - ok
21:35:36.0257 6176  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:35:36.0262 6176  SDRSVC - ok
21:35:36.0289 6176  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:35:36.0290 6176  secdrv - ok
21:35:36.0307 6176  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:35:36.0310 6176  seclogon - ok
21:35:36.0337 6176  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:35:36.0341 6176  SENS - ok
21:35:36.0354 6176  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:35:36.0356 6176  SensrSvc - ok
21:35:36.0373 6176  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:35:36.0374 6176  Serenum - ok
21:35:36.0405 6176  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:35:36.0406 6176  Serial - ok
21:35:36.0423 6176  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:35:36.0424 6176  sermouse - ok
21:35:36.0458 6176  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:35:36.0460 6176  SessionEnv - ok
21:35:36.0482 6176  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:35:36.0482 6176  sffdisk - ok
21:35:36.0489 6176  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:35:36.0490 6176  sffp_mmc - ok
21:35:36.0493 6176  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:35:36.0494 6176  sffp_sd - ok
21:35:36.0519 6176  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:35:36.0520 6176  sfloppy - ok
21:35:36.0552 6176  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:35:36.0557 6176  SharedAccess - ok
21:35:36.0578 6176  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:35:36.0585 6176  ShellHWDetection - ok
21:35:36.0593 6176  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:35:36.0594 6176  SiSRaid2 - ok
21:35:36.0604 6176  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:35:36.0606 6176  SiSRaid4 - ok
21:35:36.0621 6176  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:35:36.0622 6176  Smb - ok
21:35:36.0663 6176  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:35:36.0666 6176  SNMPTRAP - ok
21:35:36.0674 6176  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:35:36.0676 6176  spldr - ok
21:35:36.0702 6176  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:35:36.0711 6176  Spooler - ok
21:35:36.0786 6176  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:35:36.0854 6176  sppsvc - ok
21:35:36.0876 6176  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:35:36.0879 6176  sppuinotify - ok
21:35:36.0903 6176  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:35:36.0909 6176  srv - ok
21:35:36.0924 6176  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:35:36.0930 6176  srv2 - ok
21:35:36.0951 6176  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:35:36.0954 6176  srvnet - ok
21:35:36.0970 6176  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:35:36.0975 6176  SSDPSRV - ok
21:35:36.0988 6176  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:35:36.0990 6176  SstpSvc - ok
21:35:37.0045 6176  [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:35:37.0051 6176  Stereo Service - ok
21:35:37.0072 6176  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:35:37.0073 6176  stexstor - ok
21:35:37.0112 6176  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:35:37.0129 6176  stisvc - ok
21:35:37.0151 6176  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:35:37.0152 6176  swenum - ok
21:35:37.0169 6176  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:35:37.0178 6176  swprv - ok
21:35:37.0198 6176  Synth3dVsc - ok
21:35:37.0245 6176  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:35:37.0279 6176  SysMain - ok
21:35:37.0294 6176  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:35:37.0297 6176  TabletInputService - ok
21:35:37.0325 6176  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:35:37.0331 6176  TapiSrv - ok
21:35:37.0348 6176  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:35:37.0351 6176  TBS - ok
21:35:37.0425 6176  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:35:37.0452 6176  Tcpip - ok
21:35:37.0491 6176  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:35:37.0499 6176  TCPIP6 - ok
21:35:37.0543 6176  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:35:37.0544 6176  tcpipreg - ok
21:35:37.0579 6176  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:35:37.0580 6176  TDPIPE - ok
21:35:37.0604 6176  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:35:37.0605 6176  TDTCP - ok
21:35:37.0624 6176  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:35:37.0625 6176  tdx - ok
21:35:37.0646 6176  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:35:37.0647 6176  TermDD - ok
21:35:37.0667 6176  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:35:37.0677 6176  TermService - ok
21:35:37.0698 6176  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:35:37.0702 6176  Themes - ok
21:35:37.0716 6176  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:35:37.0718 6176  THREADORDER - ok
21:35:37.0742 6176  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
21:35:37.0743 6176  TPM - ok
21:35:37.0756 6176  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:35:37.0760 6176  TrkWks - ok
21:35:37.0801 6176  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:37.0804 6176  TrustedInstaller - ok
21:35:37.0823 6176  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:37.0824 6176  tssecsrv - ok
21:35:37.0852 6176  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:35:37.0854 6176  TsUsbFlt - ok
21:35:37.0857 6176  tsusbhub - ok
21:35:37.0917 6176  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:35:37.0920 6176  tunnel - ok
21:35:37.0937 6176  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:35:37.0938 6176  uagp35 - ok
21:35:37.0967 6176  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:35:37.0971 6176  udfs - ok
21:35:37.0990 6176  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:35:37.0994 6176  UI0Detect - ok
21:35:38.0013 6176  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:35:38.0014 6176  uliagpkx - ok
21:35:38.0048 6176  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:35:38.0049 6176  umbus - ok
21:35:38.0073 6176  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:35:38.0075 6176  UmPass - ok
21:35:38.0114 6176  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
21:35:38.0119 6176  UmRdpService - ok
21:35:38.0183 6176  [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:35:38.0191 6176  UNS - ok
21:35:38.0223 6176  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:35:38.0235 6176  upnphost - ok
21:35:38.0265 6176  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:38.0266 6176  usbccgp - ok
21:35:38.0292 6176  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:35:38.0293 6176  usbcir - ok
21:35:38.0309 6176  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:35:38.0310 6176  usbehci - ok
21:35:38.0331 6176  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:35:38.0335 6176  usbhub - ok
21:35:38.0354 6176  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:35:38.0355 6176  usbohci - ok
21:35:38.0377 6176  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:35:38.0378 6176  usbprint - ok
21:35:38.0407 6176  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:35:38.0408 6176  usbscan - ok
21:35:38.0423 6176  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:38.0425 6176  USBSTOR - ok
21:35:38.0438 6176  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:35:38.0439 6176  usbuhci - ok
21:35:38.0475 6176  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:35:38.0478 6176  usbvideo - ok
21:35:38.0492 6176  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:35:38.0494 6176  UxSms - ok
21:35:38.0505 6176  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:35:38.0507 6176  VaultSvc - ok
21:35:38.0519 6176  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:35:38.0520 6176  vdrvroot - ok
21:35:38.0554 6176  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:35:38.0563 6176  vds - ok
21:35:38.0589 6176  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:38.0590 6176  vga - ok
21:35:38.0608 6176  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:35:38.0609 6176  VgaSave - ok
21:35:38.0611 6176  VGPU - ok
21:35:38.0634 6176  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:35:38.0637 6176  vhdmp - ok
21:35:38.0653 6176  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:35:38.0655 6176  viaide - ok
21:35:38.0668 6176  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:35:38.0668 6176  volmgr - ok
21:35:38.0690 6176  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:35:38.0695 6176  volmgrx - ok
21:35:38.0711 6176  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:35:38.0716 6176  volsnap - ok
21:35:38.0740 6176  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:35:38.0743 6176  vsmraid - ok
21:35:38.0782 6176  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:35:38.0809 6176  VSS - ok
21:35:38.0825 6176  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:35:38.0826 6176  vwifibus - ok
21:35:38.0841 6176  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:35:38.0842 6176  vwififlt - ok
21:35:38.0855 6176  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:35:38.0856 6176  vwifimp - ok
21:35:38.0888 6176  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:35:38.0894 6176  W32Time - ok
21:35:38.0922 6176  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:35:38.0923 6176  WacomPen - ok
21:35:38.0957 6176  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:35:38.0959 6176  WANARP - ok
21:35:38.0964 6176  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:35:38.0965 6176  Wanarpv6 - ok
21:35:39.0006 6176  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:35:39.0048 6176  WatAdminSvc - ok
21:35:39.0083 6176  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:35:39.0108 6176  wbengine - ok
21:35:39.0128 6176  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:35:39.0133 6176  WbioSrvc - ok
21:35:39.0156 6176  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:35:39.0162 6176  wcncsvc - ok
21:35:39.0172 6176  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:39.0175 6176  WcsPlugInService - ok
21:35:39.0193 6176  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:35:39.0194 6176  Wd - ok
21:35:39.0220 6176  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
21:35:39.0221 6176  WDC_SAM - ok
21:35:39.0252 6176  [ 6209C98EAA7D003DBEA3EB3245211342 ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
21:35:39.0256 6176  WDDMService - ok
21:35:39.0284 6176  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:35:39.0293 6176  Wdf01000 - ok
21:35:39.0352 6176  [ A787A567B3470C91C487ECE90CF7509C ] WDFME           C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
21:35:39.0361 6176  WDFME - ok
21:35:39.0389 6176  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:35:39.0394 6176  WdiServiceHost - ok
21:35:39.0398 6176  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:35:39.0401 6176  WdiSystemHost - ok
21:35:39.0418 6176  [ 3E2B446BFD98EE3AB236FE9E84F35489 ] WDSC            C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
21:35:39.0424 6176  WDSC - ok
21:35:39.0444 6176  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:35:39.0449 6176  WebClient - ok
21:35:39.0467 6176  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:35:39.0474 6176  Wecsvc - ok
21:35:39.0489 6176  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:35:39.0492 6176  wercplsupport - ok
21:35:39.0513 6176  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:35:39.0518 6176  WerSvc - ok
21:35:39.0545 6176  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:35:39.0545 6176  WfpLwf - ok
21:35:39.0562 6176  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:35:39.0563 6176  WIMMount - ok
21:35:39.0574 6176  WinDefend - ok
21:35:39.0579 6176  WinHttpAutoProxySvc - ok
21:35:39.0625 6176  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:35:39.0629 6176  Winmgmt - ok
21:35:39.0674 6176  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:35:39.0707 6176  WinRM - ok
21:35:39.0748 6176  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:35:39.0761 6176  Wlansvc - ok
21:35:39.0839 6176  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:35:39.0891 6176  wlidsvc - ok
21:35:39.0921 6176  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:35:39.0923 6176  WmiAcpi - ok
21:35:39.0949 6176  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:35:39.0953 6176  wmiApSrv - ok
21:35:39.0969 6176  WMPNetworkSvc - ok
21:35:39.0985 6176  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:35:39.0988 6176  WPCSvc - ok
21:35:40.0006 6176  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:35:40.0011 6176  WPDBusEnum - ok
21:35:40.0028 6176  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:35:40.0030 6176  ws2ifsl - ok
21:35:40.0043 6176  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:35:40.0048 6176  wscsvc - ok
21:35:40.0050 6176  WSearch - ok
21:35:40.0098 6176  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:35:40.0140 6176  wuauserv - ok
21:35:40.0176 6176  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:35:40.0177 6176  WudfPf - ok
21:35:40.0236 6176  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:40.0239 6176  WUDFRd - ok
21:35:40.0279 6176  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:35:40.0283 6176  wudfsvc - ok
21:35:40.0305 6176  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:35:40.0310 6176  WwanSvc - ok
21:35:40.0336 6176  ================ Scan global ===============================
21:35:40.0354 6176  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:35:40.0396 6176  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:35:40.0405 6176  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:35:40.0425 6176  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:35:40.0558 6176  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:35:40.0570 6176  [Global] - ok
21:35:40.0571 6176  ================ Scan MBR ==================================
21:35:40.0581 6176  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:40.0898 6176  \Device\Harddisk0\DR0 - ok
21:35:40.0899 6176  ================ Scan VBR ==================================
21:35:40.0900 6176  [ 393D156D817919C02983D5009A50BE51 ] \Device\Harddisk0\DR0\Partition1
21:35:40.0902 6176  \Device\Harddisk0\DR0\Partition1 - ok
21:35:40.0931 6176  [ 936CF53676315A53D35307180C6AE175 ] \Device\Harddisk0\DR0\Partition2
21:35:40.0933 6176  \Device\Harddisk0\DR0\Partition2 - ok
21:35:40.0933 6176  ============================================================
21:35:40.0933 6176  Scan finished
21:35:40.0933 6176  ============================================================
21:35:40.0939 6488  Detected object count: 0
21:35:40.0939 6488  Actual detected object count: 0
21:35:58.0913 4784  ============================================================
21:35:58.0913 4784  Scan started
21:35:58.0913 4784  Mode: Manual; SigCheck; TDLFS;
21:35:58.0913 4784  ============================================================
21:35:59.0083 4784  ================ Scan system memory ========================
21:35:59.0083 4784  System memory - ok
21:35:59.0084 4784  ================ Scan services =============================
21:35:59.0168 4784  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:35:59.0246 4784  1394ohci - ok
21:35:59.0262 4784  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:35:59.0277 4784  ACPI - ok
21:35:59.0292 4784  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:35:59.0331 4784  AcpiPmi - ok
21:35:59.0392 4784  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:35:59.0405 4784  AdobeARMservice - ok
21:35:59.0460 4784  [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:35:59.0473 4784  AdobeFlashPlayerUpdateSvc - ok
21:35:59.0500 4784  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:35:59.0516 4784  adp94xx - ok
21:35:59.0534 4784  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:35:59.0551 4784  adpahci - ok
21:35:59.0564 4784  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:35:59.0577 4784  adpu320 - ok
21:35:59.0604 4784  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:35:59.0647 4784  AeLookupSvc - ok
21:35:59.0674 4784  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:35:59.0705 4784  AFD - ok
21:35:59.0729 4784  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:35:59.0741 4784  agp440 - ok
21:35:59.0757 4784  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:35:59.0778 4784  ALG - ok
21:35:59.0790 4784  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:35:59.0801 4784  aliide - ok
21:35:59.0810 4784  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:35:59.0822 4784  amdide - ok
21:35:59.0840 4784  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:35:59.0877 4784  AmdK8 - ok
21:35:59.0890 4784  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:35:59.0910 4784  AmdPPM - ok
21:35:59.0934 4784  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:35:59.0946 4784  amdsata - ok
21:35:59.0966 4784  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:35:59.0982 4784  amdsbs - ok
21:35:59.0995 4784  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:36:00.0008 4784  amdxata - ok
21:36:00.0029 4784  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:36:00.0074 4784  AppID - ok
21:36:00.0093 4784  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:36:00.0148 4784  AppIDSvc - ok
21:36:00.0172 4784  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:36:00.0211 4784  Appinfo - ok
21:36:00.0239 4784  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:36:00.0270 4784  AppMgmt - ok
21:36:00.0297 4784  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:36:00.0312 4784  arc - ok
21:36:00.0325 4784  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:36:00.0336 4784  arcsas - ok
21:36:00.0412 4784  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:36:00.0422 4784  aspnet_state - ok
21:36:00.0466 4784  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
21:36:00.0480 4784  aswFsBlk - ok
21:36:00.0501 4784  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:36:00.0512 4784  aswMonFlt - ok
21:36:00.0535 4784  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
21:36:00.0545 4784  aswRdr - ok
21:36:00.0568 4784  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:36:00.0588 4784  aswSnx - ok
21:36:00.0614 4784  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:36:00.0627 4784  aswSP - ok
21:36:00.0636 4784  [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
21:36:00.0646 4784  aswTdi - ok
21:36:00.0667 4784  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:00.0723 4784  AsyncMac - ok
21:36:00.0754 4784  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:36:00.0764 4784  atapi - ok
21:36:00.0791 4784  [ 0C9039EC45E6C4631BE31DDEC370D341 ] ATSwpWDF        C:\Windows\system32\DRIVERS\ATSwpWDF.sys
21:36:00.0812 4784  ATSwpWDF - ok
21:36:00.0836 4784  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:00.0890 4784  AudioEndpointBuilder - ok
21:36:00.0898 4784  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:36:00.0929 4784  AudioSrv - ok
21:36:01.0013 4784  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:36:01.0022 4784  avast! Antivirus - ok
21:36:01.0040 4784  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:36:01.0057 4784  AxInstSV - ok
21:36:01.0086 4784  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:36:01.0109 4784  b06bdrv - ok
21:36:01.0121 4784  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:36:01.0154 4784  b57nd60a - ok
21:36:01.0174 4784  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:36:01.0198 4784  BDESVC - ok
21:36:01.0214 4784  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:36:01.0261 4784  Beep - ok
21:36:01.0292 4784  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:36:01.0339 4784  BFE - ok
21:36:01.0372 4784  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:36:01.0429 4784  BITS - ok
21:36:01.0439 4784  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:36:01.0463 4784  blbdrive - ok
21:36:01.0484 4784  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:36:01.0510 4784  bowser - ok
21:36:01.0541 4784  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:36:01.0568 4784  BrFiltLo - ok
21:36:01.0579 4784  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:36:01.0593 4784  BrFiltUp - ok
21:36:01.0615 4784  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:36:01.0637 4784  Browser - ok
21:36:01.0825 4784  [ B98EF68B1E3DC5AC79A432900947EA2D ] Browser Manager C:\ProgramData\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
21:36:01.0868 4784  Browser Manager - ok
21:36:01.0896 4784  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:36:01.0934 4784  Brserid - ok
21:36:01.0946 4784  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:01.0974 4784  BrSerWdm - ok
21:36:01.0988 4784  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:02.0019 4784  BrUsbMdm - ok
21:36:02.0029 4784  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:36:02.0049 4784  BrUsbSer - ok
21:36:02.0070 4784  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:36:02.0147 4784  BthEnum - ok
21:36:02.0160 4784  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:36:02.0189 4784  BTHMODEM - ok
21:36:02.0216 4784  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:36:02.0243 4784  BthPan - ok
21:36:02.0274 4784  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:36:02.0309 4784  BTHPORT - ok
21:36:02.0325 4784  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:36:02.0370 4784  bthserv - ok
21:36:02.0392 4784  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:36:02.0415 4784  BTHUSB - ok
21:36:02.0438 4784  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:36:02.0480 4784  cdfs - ok
21:36:02.0504 4784  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:36:02.0531 4784  cdrom - ok
21:36:02.0552 4784  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:36:02.0595 4784  CertPropSvc - ok
21:36:02.0610 4784  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:36:02.0637 4784  circlass - ok
21:36:02.0659 4784  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:36:02.0672 4784  CLFS - ok
21:36:02.0716 4784  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:02.0725 4784  clr_optimization_v2.0.50727_32 - ok
21:36:02.0759 4784  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:36:02.0768 4784  clr_optimization_v2.0.50727_64 - ok
21:36:02.0888 4784  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:02.0912 4784  clr_optimization_v4.0.30319_32 - ok
21:36:02.0922 4784  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:36:02.0938 4784  clr_optimization_v4.0.30319_64 - ok
21:36:02.0950 4784  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:36:02.0975 4784  CmBatt - ok
21:36:02.0996 4784  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:36:03.0006 4784  cmdide - ok
21:36:03.0028 4784  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:36:03.0055 4784  CNG - ok
21:36:03.0078 4784  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:36:03.0088 4784  Compbatt - ok
21:36:03.0111 4784  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:36:03.0139 4784  CompositeBus - ok
21:36:03.0141 4784  COMSysApp - ok
21:36:03.0157 4784  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:36:03.0167 4784  crcdisk - ok
21:36:03.0224 4784  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:36:03.0293 4784  CryptSvc - ok
21:36:03.0328 4784  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
21:36:03.0361 4784  CSC - ok
21:36:03.0398 4784  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
21:36:03.0429 4784  CscService - ok
21:36:03.0512 4784  [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc    C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
21:36:03.0534 4784  DAUpdaterSvc - ok
21:36:03.0549 4784  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:36:03.0591 4784  DcomLaunch - ok
21:36:03.0618 4784  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:36:03.0664 4784  defragsvc - ok
21:36:03.0687 4784  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:36:03.0729 4784  DfsC - ok
21:36:03.0756 4784  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:36:03.0797 4784  Dhcp - ok
21:36:03.0818 4784  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:36:03.0854 4784  discache - ok
21:36:03.0865 4784  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:36:03.0875 4784  Disk - ok
21:36:03.0899 4784  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:36:03.0922 4784  Dnscache - ok
21:36:03.0939 4784  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:36:03.0967 4784  dot3svc - ok
21:36:04.0008 4784  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:36:04.0039 4784  Dot4 - ok
21:36:04.0057 4784  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:36:04.0085 4784  Dot4Print - ok
21:36:04.0102 4784  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:36:04.0117 4784  dot4usb - ok
21:36:04.0137 4784  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:36:04.0166 4784  DPS - ok
21:36:04.0179 4784  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:36:04.0193 4784  drmkaud - ok
21:36:04.0235 4784  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:36:04.0246 4784  dtsoftbus01 - ok
21:36:04.0282 4784  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:36:04.0301 4784  DXGKrnl - ok
21:36:04.0352 4784  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:36:04.0407 4784  EapHost - ok
21:36:04.0464 4784  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:36:04.0521 4784  ebdrv - ok
21:36:04.0539 4784  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:36:04.0562 4784  EFS - ok
21:36:04.0605 4784  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:36:04.0637 4784  ehRecvr - ok
21:36:04.0662 4784  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:36:04.0693 4784  ehSched - ok
21:36:04.0726 4784  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:36:04.0741 4784  elxstor - ok
21:36:04.0761 4784  [ E47D9D7E6E53892FC97282482F4AE307 ] EMSC            C:\Windows\system32\DRIVERS\EMSC.SYS
21:36:04.0769 4784  EMSC - ok
21:36:04.0779 4784  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:36:04.0807 4784  ErrDev - ok
21:36:04.0832 4784  [ 1550E7977E376F7AE4D9D44D7C8FC8E8 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
21:36:04.0843 4784  ETD - ok
21:36:04.0868 4784  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:36:04.0899 4784  EventSystem - ok
21:36:04.0916 4784  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:36:04.0957 4784  exfat - ok
21:36:04.0977 4784  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:36:05.0017 4784  fastfat - ok
21:36:05.0055 4784  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:36:05.0081 4784  Fax - ok
21:36:05.0105 4784  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:36:05.0117 4784  fdc - ok
21:36:05.0139 4784  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:36:05.0186 4784  fdPHost - ok
21:36:05.0189 4784  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:36:05.0226 4784  FDResPub - ok
21:36:05.0239 4784  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:36:05.0249 4784  FileInfo - ok
21:36:05.0270 4784  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:36:05.0304 4784  Filetrace - ok
21:36:05.0323 4784  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:36:05.0345 4784  flpydisk - ok
21:36:05.0370 4784  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:36:05.0382 4784  FltMgr - ok
21:36:05.0418 4784  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
21:36:05.0458 4784  FontCache - ok
21:36:05.0508 4784  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:36:05.0518 4784  FontCache3.0.0.0 - ok
21:36:05.0538 4784  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:36:05.0549 4784  FsDepends - ok
21:36:05.0567 4784  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:36:05.0578 4784  Fs_Rec - ok
21:36:05.0593 4784  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:36:05.0608 4784  fvevol - ok
21:36:05.0626 4784  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:36:05.0637 4784  gagp30kx - ok
21:36:05.0660 4784  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:36:05.0705 4784  gpsvc - ok
21:36:05.0790 4784  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:36:05.0810 4784  gupdate - ok
21:36:05.0823 4784  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:36:05.0832 4784  gupdatem - ok
21:36:05.0846 4784  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:36:05.0859 4784  hcw85cir - ok
21:36:05.0893 4784  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:36:05.0920 4784  HdAudAddService - ok
21:36:05.0936 4784  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:36:05.0966 4784  HDAudBus - ok
21:36:05.0977 4784  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:36:05.0998 4784  HidBatt - ok
21:36:06.0017 4784  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:36:06.0051 4784  HidBth - ok
21:36:06.0054 4784  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:36:06.0098 4784  HidIr - ok
21:36:06.0124 4784  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:36:06.0174 4784  hidserv - ok
21:36:06.0192 4784  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:36:06.0204 4784  HidUsb - ok
21:36:06.0232 4784  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:36:06.0269 4784  hkmsvc - ok
21:36:06.0299 4784  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:36:06.0329 4784  HomeGroupListener - ok
21:36:06.0354 4784  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:36:06.0379 4784  HomeGroupProvider - ok
21:36:06.0528 4784  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:36:06.0551 4784  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
21:36:06.0551 4784  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
21:36:06.0571 4784  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:36:06.0592 4784  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
21:36:06.0592 4784  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
21:36:06.0619 4784  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:36:06.0640 4784  HpSAMD - ok
21:36:06.0674 4784  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:36:06.0719 4784  HTTP - ok
21:36:06.0745 4784  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:36:06.0754 4784  hwpolicy - ok
21:36:06.0764 4784  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:36:06.0776 4784  i8042prt - ok
21:36:06.0796 4784  [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:36:06.0818 4784  iaStor - ok
21:36:06.0868 4784  [ 545462D0DBE24AF379BA869B7C185CCD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:36:06.0887 4784  IAStorDataMgrSvc - ok
21:36:06.0907 4784  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:36:06.0921 4784  iaStorV - ok
21:36:06.0957 4784  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:36:06.0982 4784  IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:36:06.0982 4784  IDriverT - detected UnsignedFile.Multi.Generic (1)
21:36:07.0035 4784  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:36:07.0063 4784  idsvc - ok
21:36:07.0117 4784  [ BB530F1C035DD72A33ACE0A5DB65CB78 ] IFXSpMgtSrv     C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe
21:36:07.0137 4784  IFXSpMgtSrv - ok
21:36:07.0156 4784  [ DD2CA93025BB1174C870F0B0A7B445DE ] IFXTCS          C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe
21:36:07.0173 4784  IFXTCS - ok
21:36:07.0191 4784  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:36:07.0201 4784  iirsp - ok
21:36:07.0227 4784  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:36:07.0273 4784  IKEEXT - ok
21:36:07.0334 4784  [ ABA41EE6F5EEFC034F3BBD025506B37E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:36:07.0383 4784  IntcAzAudAddService - ok
21:36:07.0419 4784  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:36:07.0434 4784  Intel® Capability Licensing Service Interface - ok
21:36:07.0460 4784  [ 896AA2F1D79662B17D5DBBE588E24E30 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
21:36:07.0470 4784  Intel® ME Service - ok
21:36:07.0477 4784  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:36:07.0487 4784  intelide - ok
21:36:07.0509 4784  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:36:07.0535 4784  intelppm - ok
21:36:07.0555 4784  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:36:07.0583 4784  IPBusEnum - ok
21:36:07.0603 4784  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:36:07.0639 4784  IpFilterDriver - ok
21:36:07.0685 4784  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:36:07.0745 4784  iphlpsvc - ok
21:36:07.0777 4784  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:36:07.0797 4784  IPMIDRV - ok
21:36:07.0827 4784  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:36:07.0854 4784  IPNAT - ok
21:36:07.0868 4784  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:36:07.0883 4784  IRENUM - ok
21:36:07.0897 4784  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:36:07.0907 4784  isapnp - ok
21:36:07.0931 4784  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:36:07.0942 4784  iScsiPrt - ok
21:36:07.0962 4784  [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:36:07.0971 4784  iusb3hcs - ok
21:36:08.0010 4784  [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:36:08.0040 4784  iusb3hub - ok
21:36:08.0063 4784  [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:36:08.0080 4784  iusb3xhc - ok
21:36:08.0111 4784  [ 3C6630473DD42FFC57D9F5564F533127 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
21:36:08.0122 4784  jhi_service - ok
21:36:08.0129 4784  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:36:08.0139 4784  kbdclass - ok
21:36:08.0184 4784  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:36:08.0195 4784  kbdhid - ok
21:36:08.0204 4784  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:36:08.0216 4784  KeyIso - ok
21:36:08.0231 4784  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:36:08.0243 4784  KSecDD - ok
21:36:08.0258 4784  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:36:08.0269 4784  KSecPkg - ok
21:36:08.0279 4784  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:36:08.0318 4784  ksthunk - ok
21:36:08.0351 4784  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:36:08.0390 4784  KtmRm - ok
21:36:08.0419 4784  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:36:08.0462 4784  LanmanServer - ok
21:36:08.0485 4784  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:36:08.0515 4784  LanmanWorkstation - ok
21:36:08.0528 4784  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:36:08.0564 4784  lltdio - ok
21:36:08.0592 4784  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:36:08.0632 4784  lltdsvc - ok
21:36:08.0648 4784  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:36:08.0689 4784  lmhosts - ok
21:36:08.0715 4784  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:36:08.0726 4784  LMS - ok
21:36:08.0742 4784  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:36:08.0752 4784  LSI_FC - ok
21:36:08.0780 4784  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:36:08.0790 4784  LSI_SAS - ok
21:36:08.0798 4784  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:36:08.0808 4784  LSI_SAS2 - ok
21:36:08.0820 4784  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:36:08.0830 4784  LSI_SCSI - ok
21:36:08.0843 4784  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:36:08.0886 4784  luafv - ok
21:36:08.0912 4784  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:36:08.0924 4784  Mcx2Svc - ok
21:36:08.0939 4784  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:36:08.0949 4784  megasas - ok
21:36:08.0963 4784  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:36:08.0974 4784  MegaSR - ok
21:36:08.0998 4784  [ 6B01B7414A105B9E51652089A03027CF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:36:09.0006 4784  MEIx64 - ok
21:36:09.0021 4784  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:36:09.0057 4784  MMCSS - ok
21:36:09.0071 4784  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:36:09.0108 4784  Modem - ok
21:36:09.0131 4784  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:36:09.0161 4784  monitor - ok
21:36:09.0188 4784  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:36:09.0198 4784  mouclass - ok
21:36:09.0209 4784  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:36:09.0235 4784  mouhid - ok
21:36:09.0265 4784  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:36:09.0276 4784  mountmgr - ok
21:36:09.0324 4784  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:36:09.0334 4784  MozillaMaintenance - ok
21:36:09.0355 4784  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:36:09.0368 4784  MpFilter - ok
21:36:09.0381 4784  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:36:09.0392 4784  mpio - ok
21:36:09.0415 4784  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:36:09.0442 4784  mpsdrv - ok
21:36:09.0472 4784  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:36:09.0515 4784  MpsSvc - ok
21:36:09.0541 4784  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:36:09.0570 4784  MRxDAV - ok
21:36:09.0602 4784  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:36:09.0629 4784  mrxsmb - ok
21:36:09.0646 4784  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:36:09.0659 4784  mrxsmb10 - ok
21:36:09.0674 4784  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:36:09.0701 4784  mrxsmb20 - ok
21:36:09.0719 4784  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:36:09.0729 4784  msahci - ok
21:36:09.0750 4784  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:36:09.0761 4784  msdsm - ok
21:36:09.0788 4784  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:36:09.0807 4784  MSDTC - ok
21:36:09.0833 4784  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:36:09.0868 4784  Msfs - ok
21:36:09.0882 4784  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:36:09.0921 4784  mshidkmdf - ok
21:36:09.0932 4784  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:36:09.0941 4784  msisadrv - ok
21:36:09.0966 4784  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:36:09.0995 4784  MSiSCSI - ok
21:36:09.0997 4784  msiserver - ok
21:36:10.0029 4784  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:36:10.0054 4784  MSKSSRV - ok
21:36:10.0095 4784  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:36:10.0106 4784  MsMpSvc - ok
21:36:10.0117 4784  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:36:10.0160 4784  MSPCLOCK - ok
21:36:10.0178 4784  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:36:10.0220 4784  MSPQM - ok
21:36:10.0249 4784  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:36:10.0262 4784  MsRPC - ok
21:36:10.0280 4784  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:36:10.0290 4784  mssmbios - ok
21:36:10.0314 4784  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:36:10.0355 4784  MSTEE - ok
21:36:10.0370 4784  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:36:10.0391 4784  MTConfig - ok
21:36:10.0403 4784  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:36:10.0413 4784  Mup - ok
21:36:10.0436 4784  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:36:10.0484 4784  napagent - ok
21:36:10.0498 4784  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:36:10.0527 4784  NativeWifiP - ok
21:36:10.0591 4784  [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService       C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
21:36:10.0607 4784  NBService - ok
21:36:10.0644 4784  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:36:10.0663 4784  NDIS - ok
21:36:10.0682 4784  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:36:10.0721 4784  NdisCap - ok
21:36:10.0737 4784  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:36:10.0764 4784  NdisTapi - ok
21:36:10.0781 4784  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:36:10.0822 4784  Ndisuio - ok
21:36:10.0852 4784  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:36:10.0891 4784  NdisWan - ok
21:36:10.0914 4784  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:36:10.0954 4784  NDProxy - ok
21:36:10.0991 4784  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:36:10.0997 4784  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:36:10.0997 4784  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:36:11.0019 4784  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:36:11.0055 4784  NetBIOS - ok
21:36:11.0144 4784  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:36:11.0191 4784  NetBT - ok
21:36:11.0210 4784  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:36:11.0221 4784  Netlogon - ok
21:36:11.0247 4784  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:36:11.0289 4784  Netman - ok
21:36:11.0324 4784  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:11.0334 4784  NetMsmqActivator - ok
21:36:11.0338 4784  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:11.0348 4784  NetPipeActivator - ok
21:36:11.0355 4784  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:36:11.0399 4784  netprofm - ok
21:36:11.0402 4784  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:11.0413 4784  NetTcpActivator - ok
21:36:11.0416 4784  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:36:11.0426 4784  NetTcpPortSharing - ok
21:36:11.0462 4784  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:36:11.0487 4784  nfrd960 - ok
21:36:11.0514 4784  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:36:11.0528 4784  NisDrv - ok
21:36:11.0553 4784  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
21:36:11.0570 4784  NisSrv - ok
21:36:11.0580 4784  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:36:11.0606 4784  NlaSvc - ok
21:36:11.0653 4784  [ 060DAF68493AD7ADF104413E5A62AFA8 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
21:36:11.0665 4784  NMIndexingService - ok
21:36:11.0675 4784  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:36:11.0706 4784  Npfs - ok
21:36:11.0724 4784  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:36:11.0774 4784  nsi - ok
21:36:11.0799 4784  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:36:11.0837 4784  nsiproxy - ok
21:36:11.0934 4784  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:36:11.0972 4784  Ntfs - ok
21:36:12.0012 4784  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:36:12.0056 4784  Null - ok
21:36:12.0086 4784  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
21:36:12.0097 4784  NVHDA - ok
21:36:12.0298 4784  [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:36:12.0453 4784  nvlddmkm - ok
21:36:12.0481 4784  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:36:12.0491 4784  nvraid - ok
21:36:12.0502 4784  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:36:12.0512 4784  nvstor - ok
21:36:12.0550 4784  [ 43F91595049DE14C4B61D1E76436164F ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:36:12.0569 4784  nvsvc - ok
21:36:12.0609 4784  [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:36:12.0639 4784  nvUpdatusService - ok
21:36:12.0657 4784  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:36:12.0668 4784  nv_agp - ok
21:36:12.0702 4784  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:36:12.0721 4784  ohci1394 - ok
21:36:12.0755 4784  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:36:12.0765 4784  ose64 - ok
21:36:12.0851 4784  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:36:12.0909 4784  osppsvc - ok
21:36:12.0936 4784  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:36:12.0966 4784  p2pimsvc - ok
21:36:12.0984 4784  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:36:13.0016 4784  p2psvc - ok
21:36:13.0040 4784  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:36:13.0052 4784  Parport - ok
21:36:13.0073 4784  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:36:13.0084 4784  partmgr - ok
21:36:13.0093 4784  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:36:13.0111 4784  PcaSvc - ok
21:36:13.0157 4784  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:36:13.0168 4784  pci - ok
21:36:13.0190 4784  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:36:13.0201 4784  pciide - ok
21:36:13.0221 4784  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:36:13.0232 4784  pcmcia - ok
21:36:13.0248 4784  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:36:13.0258 4784  pcw - ok
21:36:13.0272 4784  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:36:13.0315 4784  PEAUTH - ok
21:36:13.0354 4784  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:36:13.0386 4784  PeerDistSvc - ok
21:36:13.0481 4784  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:36:13.0507 4784  PerfHost - ok
21:36:13.0530 4784  [ F20612DF7E12DE3A087D0F44CC545FB1 ] PersonalSecureDrive C:\Windows\System32\drivers\psd.sys
21:36:13.0540 4784  PersonalSecureDrive - ok
21:36:13.0558 4784  [ 0AED704097BA683113CF08E8AD37723B ] PersonalSecureDriveService C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
21:36:13.0568 4784  PersonalSecureDriveService - ok
21:36:13.0605 4784  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:36:13.0663 4784  pla - ok
21:36:13.0693 4784  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:36:13.0720 4784  PlugPlay - ok
21:36:13.0759 4784  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:36:13.0777 4784  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
21:36:13.0777 4784  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
21:36:13.0779 4784  PnkBstrA - ok
21:36:13.0801 4784  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:36:13.0828 4784  PNRPAutoReg - ok
21:36:13.0850 4784  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:36:13.0871 4784  PNRPsvc - ok
21:36:13.0890 4784  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:36:13.0934 4784  PolicyAgent - ok
21:36:13.0962 4784  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:36:14.0008 4784  Power - ok
21:36:14.0027 4784  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:36:14.0064 4784  PptpMiniport - ok
21:36:14.0097 4784  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:36:14.0109 4784  Processor - ok
21:36:14.0172 4784  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:36:14.0205 4784  ProfSvc - ok
21:36:14.0223 4784  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:36:14.0236 4784  ProtectedStorage - ok
21:36:14.0255 4784  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:36:14.0297 4784  Psched - ok
21:36:14.0319 4784  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
21:36:14.0329 4784  PSI_SVC_2 - ok
21:36:14.0366 4784  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:36:14.0391 4784  ql2300 - ok
21:36:14.0413 4784  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:36:14.0423 4784  ql40xx - ok
21:36:14.0453 4784  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:36:14.0470 4784  QWAVE - ok
21:36:14.0479 4784  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:36:14.0504 4784  QWAVEdrv - ok
21:36:14.0511 4784  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:36:14.0548 4784  RasAcd - ok
21:36:14.0572 4784  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:36:14.0599 4784  RasAgileVpn - ok
21:36:14.0612 4784  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:36:14.0642 4784  RasAuto - ok
21:36:14.0666 4784  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:36:14.0703 4784  Rasl2tp - ok
21:36:14.0719 4784  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:36:14.0764 4784  RasMan - ok
21:36:14.0783 4784  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:36:14.0809 4784  RasPppoe - ok
21:36:14.0848 4784  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:36:14.0884 4784  RasSstp - ok
21:36:14.0906 4784  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:36:14.0934 4784  rdbss - ok
21:36:14.0948 4784  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:36:14.0962 4784  rdpbus - ok
21:36:14.0974 4784  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:36:15.0001 4784  RDPCDD - ok
21:36:15.0030 4784  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:36:15.0042 4784  RDPDR - ok
21:36:15.0054 4784  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:36:15.0093 4784  RDPENCDD - ok
21:36:15.0110 4784  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:36:15.0150 4784  RDPREFMP - ok
21:36:15.0177 4784  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:36:15.0201 4784  RdpVideoMiniport - ok
21:36:15.0228 4784  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:36:15.0254 4784  RDPWD - ok
21:36:15.0277 4784  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:36:15.0289 4784  rdyboost - ok
21:36:15.0311 4784  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:36:15.0352 4784  RemoteAccess - ok
21:36:15.0368 4784  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:36:15.0409 4784  RemoteRegistry - ok
21:36:15.0439 4784  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:36:15.0453 4784  RFCOMM - ok
21:36:15.0467 4784  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:36:15.0496 4784  RpcEptMapper - ok
21:36:15.0509 4784  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:36:15.0534 4784  RpcLocator - ok
21:36:15.0555 4784  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:36:15.0587 4784  RpcSs - ok
21:36:15.0608 4784  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:36:15.0647 4784  rspndr - ok
21:36:15.0668 4784  [ D4A7B5BE29413AFE27DFA2054DCEF957 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RtsUVStor.sys
21:36:15.0680 4784  RSUSBVSTOR - ok
21:36:15.0706 4784  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:36:15.0721 4784  RTL8167 - ok
21:36:15.0751 4784  [ FD66FFCE55D6F5D78FD9939F10E81569 ] RTL8192Ce       C:\Windows\system32\DRIVERS\rtl8192Ce.sys
21:36:15.0767 4784  RTL8192Ce - ok
21:36:15.0780 4784  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:36:15.0791 4784  SamSs - ok
21:36:15.0814 4784  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:36:15.0824 4784  sbp2port - ok
21:36:15.0849 4784  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:36:15.0878 4784  SCardSvr - ok
21:36:15.0898 4784  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:36:15.0934 4784  scfilter - ok
21:36:15.0971 4784  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:36:16.0019 4784  Schedule - ok
21:36:16.0042 4784  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:36:16.0069 4784  SCPolicySvc - ok
21:36:16.0085 4784  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:36:16.0099 4784  SDRSVC - ok
21:36:16.0117 4784  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:36:16.0157 4784  secdrv - ok
21:36:16.0177 4784  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:36:16.0206 4784  seclogon - ok
21:36:16.0231 4784  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:36:16.0274 4784  SENS - ok
21:36:16.0289 4784  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:36:16.0313 4784  SensrSvc - ok
21:36:16.0324 4784  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:36:16.0342 4784  Serenum - ok
21:36:16.0365 4784  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:36:16.0385 4784  Serial - ok
21:36:16.0400 4784  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:36:16.0411 4784  sermouse - ok
21:36:16.0442 4784  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:36:16.0484 4784  SessionEnv - ok
21:36:16.0507 4784  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:36:16.0531 4784  sffdisk - ok
21:36:16.0540 4784  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:36:16.0563 4784  sffp_mmc - ok
21:36:16.0566 4784  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:36:16.0584 4784  sffp_sd - ok
21:36:16.0610 4784  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:36:16.0628 4784  sfloppy - ok
21:36:16.0660 4784  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:36:16.0690 4784  SharedAccess - ok
21:36:16.0711 4784  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:36:16.0753 4784  ShellHWDetection - ok
21:36:16.0767 4784  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:36:16.0777 4784  SiSRaid2 - ok
21:36:16.0786 4784  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:36:16.0796 4784  SiSRaid4 - ok
21:36:16.0811 4784  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:36:16.0838 4784  Smb - ok
21:36:16.0878 4784  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:36:16.0906 4784  SNMPTRAP - ok
21:36:16.0922 4784  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:36:16.0933 4784  spldr - ok
21:36:16.0958 4784  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:36:16.0977 4784  Spooler - ok
21:36:17.0037 4784  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:36:17.0113 4784  sppsvc - ok
21:36:17.0132 4784  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:36:17.0177 4784  sppuinotify - ok
21:36:17.0200 4784  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:36:17.0223 4784  srv - ok
21:36:17.0247 4784  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:36:17.0260 4784  srv2 - ok
21:36:17.0282 4784  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:36:17.0308 4784  srvnet - ok
21:36:17.0333 4784  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:36:17.0363 4784  SSDPSRV - ok
21:36:17.0376 4784  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:36:17.0416 4784  SstpSvc - ok
21:36:17.0458 4784  [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:36:17.0470 4784  Stereo Service - ok
21:36:17.0493 4784  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:36:17.0503 4784  stexstor - ok
21:36:17.0530 4784  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:36:17.0563 4784  stisvc - ok
21:36:17.0589 4784  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:36:17.0598 4784  swenum - ok
21:36:17.0623 4784  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:36:17.0670 4784  swprv - ok
21:36:17.0673 4784  Synth3dVsc - ok
21:36:17.0723 4784  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:36:17.0751 4784  SysMain - ok
21:36:17.0780 4784  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:36:17.0798 4784  TabletInputService - ok
21:36:17.0812 4784  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:36:17.0842 4784  TapiSrv - ok
21:36:17.0860 4784  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:36:17.0904 4784  TBS - ok
21:36:17.0976 4784  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:36:18.0015 4784  Tcpip - ok
21:36:18.0060 4784  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:36:18.0088 4784  TCPIP6 - ok
21:36:18.0129 4784  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:36:18.0140 4784  tcpipreg - ok
21:36:18.0165 4784  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:36:18.0183 4784  TDPIPE - ok
21:36:18.0206 4784  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:36:18.0226 4784  TDTCP - ok
21:36:18.0243 4784  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:36:18.0282 4784  tdx - ok
21:36:18.0306 4784  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:36:18.0316 4784  TermDD - ok
21:36:18.0335 4784  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:36:18.0376 4784  TermService - ok
21:36:18.0399 4784  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:36:18.0416 4784  Themes - ok
21:36:18.0450 4784  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:36:18.0479 4784  THREADORDER - ok
21:36:18.0517 4784  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
21:36:18.0544 4784  TPM - ok
21:36:18.0564 4784  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:36:18.0602 4784  TrkWks - ok
21:36:18.0650 4784  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:36:18.0687 4784  TrustedInstaller - ok
21:36:18.0713 4784  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:36:18.0740 4784  tssecsrv - ok
21:36:18.0767 4784  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:36:18.0787 4784  TsUsbFlt - ok
21:36:18.0790 4784  tsusbhub - ok
21:36:18.0816 4784  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:36:18.0851 4784  tunnel - ok
21:36:18.0885 4784  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:36:18.0895 4784  uagp35 - ok
21:36:18.0923 4784  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:36:18.0962 4784  udfs - ok
21:36:18.0987 4784  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:36:19.0016 4784  UI0Detect - ok
21:36:19.0027 4784  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:36:19.0037 4784  uliagpkx - ok
21:36:19.0062 4784  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:36:19.0083 4784  umbus - ok
21:36:19.0112 4784  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:36:19.0123 4784  UmPass - ok
21:36:19.0144 4784  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
21:36:19.0173 4784  UmRdpService - ok
21:36:19.0278 4784  [ 3C5405EF78576E8E4D791EB18F6856A8 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:36:19.0290 4784  UNS - ok
21:36:19.0317 4784  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:36:19.0348 4784  upnphost - ok
21:36:19.0369 4784  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:36:19.0395 4784  usbccgp - ok
21:36:19.0421 4784  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:36:19.0449 4784  usbcir - ok
21:36:19.0463 4784  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:36:19.0475 4784  usbehci - ok
21:36:19.0493 4784  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:36:19.0522 4784  usbhub - ok
21:36:19.0540 4784  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:36:19.0561 4784  usbohci - ok
21:36:19.0580 4784  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:36:19.0608 4784  usbprint - ok
21:36:19.0635 4784  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:36:19.0648 4784  usbscan - ok
21:36:19.0660 4784  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:36:19.0683 4784  USBSTOR - ok
21:36:19.0699 4784  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:36:19.0723 4784  usbuhci - ok
21:36:19.0736 4784  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:36:19.0761 4784  usbvideo - ok
21:36:19.0785 4784  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:36:19.0824 4784  UxSms - ok
21:36:19.0840 4784  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:36:19.0852 4784  VaultSvc - ok
21:36:19.0862 4784  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:36:19.0872 4784  vdrvroot - ok
21:36:19.0938 4784  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:36:19.0983 4784  vds - ok
21:36:20.0007 4784  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:36:20.0021 4784  vga - ok
21:36:20.0025 4784  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:36:20.0052 4784  VgaSave - ok
21:36:20.0054 4784  VGPU - ok
21:36:20.0092 4784  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:36:20.0104 4784  vhdmp - ok
21:36:20.0128 4784  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:36:20.0138 4784  viaide - ok
21:36:20.0151 4784  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:36:20.0161 4784  volmgr - ok
21:36:20.0181 4784  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:36:20.0195 4784  volmgrx - ok
21:36:20.0211 4784  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:36:20.0223 4784  volsnap - ok
21:36:20.0248 4784  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:36:20.0259 4784  vsmraid - ok
21:36:20.0299 4784  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:36:20.0354 4784  VSS - ok
21:36:20.0374 4784  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:36:20.0397 4784  vwifibus - ok
21:36:20.0415 4784  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:36:20.0446 4784  vwififlt - ok
21:36:20.0462 4784  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:36:20.0487 4784  vwifimp - ok
21:36:20.0519 4784  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:36:20.0551 4784  W32Time - ok
21:36:20.0578 4784  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:36:20.0597 4784  WacomPen - ok
21:36:20.0622 4784  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:36:20.0649 4784  WANARP - ok
21:36:20.0661 4784  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:36:20.0687 4784  Wanarpv6 - ok
21:36:20.0728 4784  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:36:20.0750 4784  WatAdminSvc - ok
21:36:20.0789 4784  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:36:20.0814 4784  wbengine - ok
21:36:20.0834 4784  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:36:20.0851 4784  WbioSrvc - ok
21:36:20.0922 4784  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:36:20.0971 4784  wcncsvc - ok
21:36:20.0986 4784  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:36:21.0004 4784  WcsPlugInService - ok
21:36:21.0024 4784  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:36:21.0037 4784  Wd - ok
21:36:21.0050 4784  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
21:36:21.0064 4784  WDC_SAM - ok
21:36:21.0099 4784  [ 6209C98EAA7D003DBEA3EB3245211342 ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
21:36:21.0106 4784  WDDMService ( UnsignedFile.Multi.Generic ) - warning
21:36:21.0106 4784  WDDMService - detected UnsignedFile.Multi.Generic (1)
21:36:21.0140 4784  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:36:21.0166 4784  Wdf01000 - ok
21:36:21.0220 4784  [ A787A567B3470C91C487ECE90CF7509C ] WDFME           C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
21:36:21.0254 4784  WDFME ( UnsignedFile.Multi.Generic ) - warning
21:36:21.0254 4784  WDFME - detected UnsignedFile.Multi.Generic (1)
21:36:21.0285 4784  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:36:21.0319 4784  WdiServiceHost - ok
21:36:21.0325 4784  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:36:21.0350 4784  WdiSystemHost - ok
21:36:21.0393 4784  [ 3E2B446BFD98EE3AB236FE9E84F35489 ] WDSC            C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
21:36:21.0409 4784  WDSC ( UnsignedFile.Multi.Generic ) - warning
21:36:21.0409 4784  WDSC - detected UnsignedFile.Multi.Generic (1)
21:36:21.0430 4784  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:36:21.0452 4784  WebClient - ok
21:36:21.0470 4784  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:36:21.0500 4784  Wecsvc - ok
21:36:21.0508 4784  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:36:21.0547 4784  wercplsupport - ok
21:36:21.0566 4784  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:36:21.0608 4784  WerSvc - ok
21:36:21.0630 4784  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:36:21.0656 4784  WfpLwf - ok
21:36:21.0681 4784  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:36:21.0690 4784  WIMMount - ok
21:36:21.0709 4784  WinDefend - ok
21:36:21.0715 4784  WinHttpAutoProxySvc - ok
21:36:21.0760 4784  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:36:21.0802 4784  Winmgmt - ok
21:36:21.0849 4784  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:36:21.0908 4784  WinRM - ok
21:36:21.0941 4784  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:36:21.0976 4784  Wlansvc - ok
21:36:22.0046 4784  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:36:22.0076 4784  wlidsvc - ok
21:36:22.0097 4784  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:36:22.0108 4784  WmiAcpi - ok
21:36:22.0142 4784  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:36:22.0171 4784  wmiApSrv - ok
21:36:22.0195 4784  WMPNetworkSvc - ok
21:36:22.0210 4784  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:36:22.0223 4784  WPCSvc - ok
21:36:22.0240 4784  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:36:22.0255 4784  WPDBusEnum - ok
21:36:22.0278 4784  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:36:22.0316 4784  ws2ifsl - ok
21:36:22.0334 4784  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:36:22.0369 4784  wscsvc - ok
21:36:22.0372 4784  WSearch - ok
21:36:22.0433 4784  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:36:22.0476 4784  wuauserv - ok
21:36:22.0517 4784  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:36:22.0544 4784  WudfPf - ok
21:36:22.0560 4784  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:36:22.0573 4784  WUDFRd - ok
21:36:22.0620 4784  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:36:22.0658 4784  wudfsvc - ok
21:36:22.0686 4784  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:36:22.0718 4784  WwanSvc - ok
21:36:22.0727 4784  ================ Scan global ===============================
21:36:22.0752 4784  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:36:22.0797 4784  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:36:22.0811 4784  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
21:36:22.0848 4784  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:36:22.0864 4784  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:36:22.0868 4784  [Global] - ok
21:36:22.0868 4784  ================ Scan MBR ==================================
21:36:22.0880 4784  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:36:23.0284 4784  \Device\Harddisk0\DR0 - ok
21:36:23.0285 4784  ================ Scan VBR ==================================
21:36:23.0288 4784  [ 393D156D817919C02983D5009A50BE51 ] \Device\Harddisk0\DR0\Partition1
21:36:23.0290 4784  \Device\Harddisk0\DR0\Partition1 - ok
21:36:23.0321 4784  [ 936CF53676315A53D35307180C6AE175 ] \Device\Harddisk0\DR0\Partition2
21:36:23.0326 4784  \Device\Harddisk0\DR0\Partition2 - ok
21:36:23.0326 4784  ============================================================
21:36:23.0326 4784  Scan finished
21:36:23.0326 4784  ============================================================
21:36:23.0336 7456  Detected object count: 8
21:36:23.0336 7456  Actual detected object count: 8
21:36:50.0063 7456  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0063 7456  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0065 7456  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0065 7456  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0066 7456  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0067 7456  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0068 7456  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0068 7456  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0068 7456  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0068 7456  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0069 7456  WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0070 7456  WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0071 7456  WDFME ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0071 7456  WDFME ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:36:50.0072 7456  WDSC ( UnsignedFile.Multi.Generic ) - skipped by user
21:36:50.0072 7456  WDSC ( UnsignedFile.Multi.Generic ) - User select action: Skip
 



#5 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:26 PM

Posted 17 February 2013 - 08:09 PM

ComboFix
 
Download Combofix from the link below, and save it to your desktop.  
 
**Note:  It is important that it is saved directly to your desktop**
 If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.
 
--------------------------------------------------------------------
 
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
 
--------------------------------------------------------------------
 
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.  
  • Please post the C:\ComboFix.txt for further review.
  • ----------

    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #6 Vilee

    Vilee
    • Topic Starter

    • Members
    • 6 posts
    • OFFLINE
    •  
    • Local time:12:26 AM

    Posted 17 February 2013 - 08:43 PM

    The combofix log is as follows.

     

    ComboFix 13-02-15.01 - AVELL 17/02/2013  22:34:09.1.4 - x64
    Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1046.18.8162.5601 [GMT -3:00]
    Executando de: c:\users\AVELL\Downloads\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\AVELL\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B2C5539F-A144-458B-9048-4B64EDDAF506}.xps
    c:\windows\wininit.ini
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2013-01-18 to 2013-02-18  ))))))))))))))))))))))))))))
    .
    .
    2013-02-18 01:38 . 2013-02-18 01:38    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-02-18 01:38 . 2013-02-18 01:38    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
    2013-02-16 20:05 . 2013-01-08 05:32    9161176    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{34C6ADA5-C0BB-498C-842B-AE2DF4CE9A47}\mpengine.dll
    2013-02-15 13:59 . 2013-01-08 05:32    9161176    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-02-14 15:31 . 2013-02-14 15:31    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-02-14 14:30 . 2013-02-14 14:30    --------    d-----w-    c:\windows\SysWow64\searchplugins
    2013-02-14 14:30 . 2013-02-14 14:30    --------    d-----w-    c:\windows\SysWow64\Extensions
    2013-02-13 05:02 . 2013-01-09 01:10    996352    ----a-w-    c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-13 05:02 . 2013-01-08 22:01    768000    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-13 02:03 . 2013-01-05 05:53    5553512    ----a-w-    c:\windows\system32\ntoskrnl.exe
    2013-02-13 02:03 . 2013-01-05 05:00    3967848    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
    2013-02-13 02:03 . 2013-01-05 05:00    3913064    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
    2013-02-13 02:03 . 2013-01-04 03:26    3153408    ----a-w-    c:\windows\system32\win32k.sys
    2013-02-13 02:03 . 2013-01-04 05:46    215040    ----a-w-    c:\windows\system32\winsrv.dll
    2013-02-13 02:03 . 2013-01-04 02:47    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
    2013-02-13 02:03 . 2013-01-04 02:47    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
    2013-02-13 02:03 . 2013-01-04 02:47    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
    2013-02-13 02:03 . 2013-01-04 04:51    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
    2013-02-13 02:03 . 2013-01-04 02:47    2048    ----a-w-    c:\windows\SysWow64\user.exe
    2013-02-13 02:02 . 2013-01-03 06:00    1913192    ----a-w-    c:\windows\system32\drivers\tcpip.sys
    2013-02-13 02:02 . 2013-01-03 06:00    288088    ----a-w-    c:\windows\system32\drivers\FWPKCLNT.SYS
    2013-02-12 20:53 . 2013-02-12 20:53    --------    d-----w-    c:\programdata\BioWare
    2013-02-12 19:17 . 2013-02-12 19:17    --------    d-----w-    c:\windows\1C4551A64743409391E41477CD655043.TMP
    2013-02-12 19:17 . 2013-02-12 19:17    --------    d-----w-    c:\programdata\Media Center Programs
    2013-02-12 18:51 . 2013-02-12 19:17    --------    d-----w-    c:\program files (x86)\Common Files\BioWare
    2013-02-05 16:02 . 2013-02-05 16:02    --------    d-----w-    c:\programdata\gas
    2013-01-25 17:32 . 2013-01-25 17:38    --------    d-----w-    c:\users\AVELL\AppData\Local\Google
    2013-01-25 17:32 . 2013-01-25 17:38    --------    d-----w-    c:\program files (x86)\Google
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-02-15 13:54 . 2012-09-29 00:37    71024    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-02-15 13:54 . 2012-09-29 00:37    691568    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-02-14 15:31 . 2012-08-07 12:24    861088    ----a-w-    c:\windows\SysWow64\npdeployJava1.dll
    2013-02-14 15:31 . 2012-08-07 12:24    782240    ----a-w-    c:\windows\SysWow64\deployJava1.dll
    2013-02-13 05:05 . 2012-08-06 20:11    70004024    ----a-w-    c:\windows\system32\MRT.exe
    2013-01-30 10:53 . 2012-08-06 17:02    273840    ------w-    c:\windows\system32\MpSigStub.exe
    2013-01-04 04:43 . 2013-02-13 02:03    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2012-12-16 18:43 . 2012-12-16 18:43    189248    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
    2012-12-16 18:43 . 2012-12-16 18:43    75136    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
    2012-12-16 17:11 . 2012-12-21 05:00    46080    ----a-w-    c:\windows\system32\atmlib.dll
    2012-12-16 14:45 . 2012-12-21 05:00    367616    ----a-w-    c:\windows\system32\atmfd.dll
    2012-12-16 14:13 . 2012-12-21 05:00    295424    ----a-w-    c:\windows\SysWow64\atmfd.dll
    2012-12-16 14:13 . 2012-12-21 05:00    34304    ----a-w-    c:\windows\SysWow64\atmlib.dll
    2012-12-07 13:20 . 2013-01-10 23:08    441856    ----a-w-    c:\windows\system32\Wpc.dll
    2012-12-07 13:15 . 2013-01-10 23:08    2746368    ----a-w-    c:\windows\system32\gameux.dll
    2012-12-07 12:26 . 2013-01-10 23:08    308736    ----a-w-    c:\windows\SysWow64\Wpc.dll
    2012-12-07 12:20 . 2013-01-10 23:08    2576384    ----a-w-    c:\windows\SysWow64\gameux.dll
    2012-12-07 11:20 . 2013-01-10 23:08    30720    ----a-w-    c:\windows\system32\usk.rs
    2012-12-07 11:20 . 2013-01-10 23:08    43520    ----a-w-    c:\windows\system32\csrr.rs
    2012-12-07 11:20 . 2013-01-10 23:08    23552    ----a-w-    c:\windows\system32\oflc.rs
    2012-12-07 11:20 . 2013-01-10 23:08    45568    ----a-w-    c:\windows\system32\oflc-nz.rs
    2012-12-07 11:20 . 2013-01-10 23:08    44544    ----a-w-    c:\windows\system32\pegibbfc.rs
    2012-12-07 11:20 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\system32\pegi-fi.rs
    2012-12-07 11:20 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\system32\pegi-pt.rs
    2012-12-07 11:19 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\system32\pegi.rs
    2012-12-07 11:19 . 2013-01-10 23:08    46592    ----a-w-    c:\windows\system32\fpb.rs
    2012-12-07 11:19 . 2013-01-10 23:08    40960    ----a-w-    c:\windows\system32\cob-au.rs
    2012-12-07 11:19 . 2013-01-10 23:08    21504    ----a-w-    c:\windows\system32\grb.rs
    2012-12-07 11:19 . 2013-01-10 23:08    15360    ----a-w-    c:\windows\system32\djctq.rs
    2012-12-07 11:19 . 2013-01-10 23:08    55296    ----a-w-    c:\windows\system32\cero.rs
    2012-12-07 11:19 . 2013-01-10 23:08    51712    ----a-w-    c:\windows\system32\esrb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    43520    ----a-w-    c:\windows\SysWow64\csrr.rs
    2012-12-07 10:46 . 2013-01-10 23:08    30720    ----a-w-    c:\windows\SysWow64\usk.rs
    2012-12-07 10:46 . 2013-01-10 23:08    45568    ----a-w-    c:\windows\SysWow64\oflc-nz.rs
    2012-12-07 10:46 . 2013-01-10 23:08    44544    ----a-w-    c:\windows\SysWow64\pegibbfc.rs
    2012-12-07 10:46 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\SysWow64\pegi-pt.rs
    2012-12-07 10:46 . 2013-01-10 23:08    23552    ----a-w-    c:\windows\SysWow64\oflc.rs
    2012-12-07 10:46 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\SysWow64\pegi-fi.rs
    2012-12-07 10:46 . 2013-01-10 23:08    46592    ----a-w-    c:\windows\SysWow64\fpb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\SysWow64\pegi.rs
    2012-12-07 10:46 . 2013-01-10 23:08    21504    ----a-w-    c:\windows\SysWow64\grb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    40960    ----a-w-    c:\windows\SysWow64\cob-au.rs
    2012-12-07 10:46 . 2013-01-10 23:08    15360    ----a-w-    c:\windows\SysWow64\djctq.rs
    2012-12-07 10:46 . 2013-01-10 23:08    51712    ----a-w-    c:\windows\SysWow64\esrb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    55296    ----a-w-    c:\windows\SysWow64\cero.rs
    2012-11-30 05:45 . 2013-01-10 23:09    362496    ----a-w-    c:\windows\system32\wow64win.dll
    2012-11-30 05:45 . 2013-01-10 23:09    243200    ----a-w-    c:\windows\system32\wow64.dll
    2012-11-30 05:45 . 2013-01-10 23:09    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
    2012-11-30 05:43 . 2013-01-10 23:09    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
    2012-11-30 05:41 . 2013-01-10 23:09    424448    ----a-w-    c:\windows\system32\KernelBase.dll
    2012-11-30 05:41 . 2013-01-10 23:09    1161216    ----a-w-    c:\windows\system32\kernel32.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2012-11-30 04:53 . 2013-01-10 23:09    274944    ----a-w-    c:\windows\SysWow64\KernelBase.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    5120    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-09-29 00:38    220608    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-09-29 00:38    220608    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-09-29 00:38    220608    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-08-09 221184]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
    "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
    "IFXSPMGT"="c:\program files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" [2009-08-04 1107232]
    "WSED"="c:\program files (x86)\WSED\WSED.exe" [2010-12-02 320880]
    "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
    "BTOptm"="c:\program files (x86)\BTOPtm\BTOptm.exe" [2012-03-09 1907056]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
    WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 6163456]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~3\browse~1\261123~1.78\{16cdf~1\browse~1.dll c:\progra~3\browse~1\261123~1.78\{16cdf~1\browsemngr.dll
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
    R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-28 1255736]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
    S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752]
    S0 iusb3hcs;Driver de comutação do controlador host Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-29 283200]
    S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2009-07-19 44576]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
    S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2013-01-31 2561488]
    S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
    S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
    S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
    S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
    S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 288256]
    S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
    S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-09-08 485376]
    S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys [2011-08-30 1050016]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-03-11 240432]
    S3 iusb3hub;Driver para hub Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
    S3 iusb3xhc;Driver de controlador host eXtensível Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2012-03-19 314472]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-12-22 876136]
    .
    .
    --- =Outros Serviços/Drivers Na Memória ---
    .
    *NewlyCreated* - 32753756
    *NewlyCreated* - ASWMBR
    *Deregistered* - 32753756
    *Deregistered* - aswMBR
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    .
    2013-02-18 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 13:54]
    .
    2013-02-17 c:\windows\Tasks\AutoKMS.job
    - c:\windows\AutoKMS\AutoKMS.exe [2012-11-29 00:41]
    .
    2013-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 17:32]
    .
    2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 17:32]
    .
    2013-02-17 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    - c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 16:41]
    .
    2013-02-17 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    - c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 16:41]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-09-29 00:38    244672    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-09-29 00:38    244672    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-09-29 00:38    244672    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 22:50    133400    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-12 13353064]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
    .
    ------- Scan Suplementar -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://websearch.just-browse.info/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mStart Page = hxxp://websearch.just-browse.info/
    IE: &Enviar para o OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
    IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\AVELL\AppData\Roaming\Mozilla\Firefox\Profiles\dojj6f5y.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://websearch.just-browse.info/?l=1&q=
    FF - prefs.js: browser.search.selectedEngine - WebSearch
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.br/
    FF - prefs.js: keyword.URL - hxxp://websearch.just-browse.info/?l=1&q=
    FF - user.js: extensions.BabylonToolbar.autoRvrt - false
    FF - user.js: extensions.BabylonToolbar_i.newTab - false
    FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=56c21d59000000000000b888e3512989&q=
    FF - user.js: extensions.BabylonToolbar.id - 56c21d59000000000000b888e3512989
    FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
    FF - user.js: extensions.BabylonToolbar.instlDay - 15611
    FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
    FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1219:57
    FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
    FF - user.js: extensions.BabylonToolbar.instlRef - sst
    FF - user.js: extensions.BabylonToolbar.dfltLng - en
    FF - user.js: extensions.BabylonToolbar.excTlbr - false
    FF - user.js: extensions.BabylonToolbar.admin - false
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=44444&tt=270912_7a_3912_7
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_USERS\S-1-5-21-293510616-4020486758-1889360145-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-293510616-4020486758-1889360145-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="ThunderbirdEML"
    .
    [HKEY_USERS\S-1-5-21-293510616-4020486758-1889360145-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Tempo para conclusão: 2013-02-17  22:41:37
    ComboFix-quarantined-files.txt  2013-02-18 01:41
    .
    Pré-execução: 53.291.708.416 bytes disponíveis
    Pós execução: 53.039.562.752 bytes disponíveis
    .
    - - End Of File - - 8D4C781C0B6624D643C407C93DFC0C2F
     



    #7 jeffce

    jeffce

      Bleepin' Super Saiyan


    • Malware Response Team
    • 3,442 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:USA
    • Local time:09:26 PM

    Posted 17 February 2013 - 10:35 PM

    Hi,

    I noticed that you have ComboFix in your Downloads folder...would you please move it to your Desktop. smile.png
    -------

    ComboFix
    • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the box below:
      ClearJavaCache::
      
      DDS::
      uStart Page = hxxp://websearch.just-browse.info/
      mStart Page = hxxp://websearch.just-browse.info/
      
      
      Firefox::
      FF - ProfilePath - c:\users\AVELL\AppData\Roaming\Mozilla\Firefox\Profiles\dojj6f5y.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://websearch.just-browse.info/?l=1&q=
      FF - prefs.js: browser.search.selectedEngine - WebSearch
      FF - prefs.js: keyword.URL - hxxp://websearch.just-browse.info/?l=1&q=
      FF - user.js: extensions.BabylonToolbar.autoRvrt - false
      FF - user.js: extensions.BabylonToolbar_i.newTab - false
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=56c21d59000000000000b888e3512989&q=
      FF - user.js: extensions.BabylonToolbar.id - 56c21d59000000000000b888e3512989
      FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
      FF - user.js: extensions.BabylonToolbar.instlDay - 15611
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1219:57
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=44444&tt=270912_7a_3912_7
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      
      File::
      c:\programdata\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
      
      Folder::
      c:\windows\1C4551A64743409391E41477CD655043.TMP
      
      Driver::
      Browser Manager
      
    • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

      CFScriptB-4.gif
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
    • ComboFix may request an update; please allow it.
    • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
    • When finished, it shall produce a log for you. Post the contents of the log in your next reply.
    • CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
      ----------
    Post the new ComboFix log and let me know how your system is running now.

    Edited by jeffce, 17 February 2013 - 10:36 PM.

    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #8 Vilee

    Vilee
    • Topic Starter

    • Members
    • 6 posts
    • OFFLINE
    •  
    • Local time:12:26 AM

    Posted 18 February 2013 - 11:59 AM

    Hi Bleeping Super Saiyan,

     

    here is the log of combo fix after the procedure you suggested.

     

    ComboFix 13-02-15.01 - AVELL 18/02/2013  13:41:33.3.4 - x64
    Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1046.18.8162.5843 [GMT -3:00]
    Executando de: c:\users\AVELL\Desktop\ComboFix.exe
    Comandos utilizados :: c:\users\AVELL\Desktop\CFScript.txt
    AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\programdata\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe"
    .
    .
    (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\1C4551A64743409391E41477CD655043.TMP
    c:\windows\1C4551A64743409391E41477CD655043.TMP\WiseCustomCalla.dll
    c:\programdata\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe . . . . falha na exclusão
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Drivers/Serviços   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_Browser Manager
    .
    .
    ((((((((((((((((   Arquivos/Ficheiros criados de 2013-01-18 to 2013-02-18  ))))))))))))))))))))))))))))
    .
    .
    2013-02-18 16:45 . 2013-02-18 16:45    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
    2013-02-18 16:45 . 2013-02-18 16:45    --------    d-----w-    c:\users\Default\AppData\Local\temp
    2013-02-18 14:02 . 2013-01-08 05:32    9161176    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EF37E8D8-B9BA-4901-ADB6-867BF8D9A106}\mpengine.dll
    2013-02-16 20:05 . 2013-01-08 05:32    9161176    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-02-14 15:31 . 2013-02-14 15:31    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-02-14 14:30 . 2013-02-14 14:30    --------    d-----w-    c:\windows\SysWow64\searchplugins
    2013-02-14 14:30 . 2013-02-14 14:30    --------    d-----w-    c:\windows\SysWow64\Extensions
    2013-02-13 05:02 . 2013-01-09 01:10    996352    ----a-w-    c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-13 05:02 . 2013-01-08 22:01    768000    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
    2013-02-13 02:03 . 2013-01-05 05:53    5553512    ----a-w-    c:\windows\system32\ntoskrnl.exe
    2013-02-13 02:03 . 2013-01-05 05:00    3967848    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
    2013-02-13 02:03 . 2013-01-05 05:00    3913064    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
    2013-02-13 02:03 . 2013-01-04 03:26    3153408    ----a-w-    c:\windows\system32\win32k.sys
    2013-02-13 02:03 . 2013-01-04 05:46    215040    ----a-w-    c:\windows\system32\winsrv.dll
    2013-02-13 02:03 . 2013-01-04 02:47    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
    2013-02-13 02:03 . 2013-01-04 02:47    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
    2013-02-13 02:03 . 2013-01-04 02:47    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
    2013-02-13 02:03 . 2013-01-04 04:51    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
    2013-02-13 02:03 . 2013-01-04 02:47    2048    ----a-w-    c:\windows\SysWow64\user.exe
    2013-02-13 02:02 . 2013-01-03 06:00    1913192    ----a-w-    c:\windows\system32\drivers\tcpip.sys
    2013-02-13 02:02 . 2013-01-03 06:00    288088    ----a-w-    c:\windows\system32\drivers\FWPKCLNT.SYS
    2013-02-12 20:53 . 2013-02-12 20:53    --------    d-----w-    c:\programdata\BioWare
    2013-02-12 19:17 . 2013-02-12 19:17    --------    d-----w-    c:\programdata\Media Center Programs
    2013-02-12 18:51 . 2013-02-12 19:17    --------    d-----w-    c:\program files (x86)\Common Files\BioWare
    2013-02-05 16:02 . 2013-02-05 16:02    --------    d-----w-    c:\programdata\gas
    2013-01-25 17:32 . 2013-01-25 17:38    --------    d-----w-    c:\users\AVELL\AppData\Local\Google
    2013-01-25 17:32 . 2013-01-25 17:38    --------    d-----w-    c:\program files (x86)\Google
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-02-15 13:54 . 2012-09-29 00:37    71024    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-02-15 13:54 . 2012-09-29 00:37    691568    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
    2013-02-14 15:31 . 2012-08-07 12:24    861088    ----a-w-    c:\windows\SysWow64\npdeployJava1.dll
    2013-02-14 15:31 . 2012-08-07 12:24    782240    ----a-w-    c:\windows\SysWow64\deployJava1.dll
    2013-02-13 05:05 . 2012-08-06 20:11    70004024    ----a-w-    c:\windows\system32\MRT.exe
    2013-01-30 10:53 . 2012-08-06 17:02    273840    ------w-    c:\windows\system32\MpSigStub.exe
    2013-01-04 04:43 . 2013-02-13 02:03    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
    2012-12-16 18:43 . 2012-12-16 18:43    189248    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
    2012-12-16 18:43 . 2012-12-16 18:43    75136    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
    2012-12-16 17:11 . 2012-12-21 05:00    46080    ----a-w-    c:\windows\system32\atmlib.dll
    2012-12-16 14:45 . 2012-12-21 05:00    367616    ----a-w-    c:\windows\system32\atmfd.dll
    2012-12-16 14:13 . 2012-12-21 05:00    295424    ----a-w-    c:\windows\SysWow64\atmfd.dll
    2012-12-16 14:13 . 2012-12-21 05:00    34304    ----a-w-    c:\windows\SysWow64\atmlib.dll
    2012-12-07 13:20 . 2013-01-10 23:08    441856    ----a-w-    c:\windows\system32\Wpc.dll
    2012-12-07 13:15 . 2013-01-10 23:08    2746368    ----a-w-    c:\windows\system32\gameux.dll
    2012-12-07 12:26 . 2013-01-10 23:08    308736    ----a-w-    c:\windows\SysWow64\Wpc.dll
    2012-12-07 12:20 . 2013-01-10 23:08    2576384    ----a-w-    c:\windows\SysWow64\gameux.dll
    2012-12-07 11:20 . 2013-01-10 23:08    30720    ----a-w-    c:\windows\system32\usk.rs
    2012-12-07 11:20 . 2013-01-10 23:08    43520    ----a-w-    c:\windows\system32\csrr.rs
    2012-12-07 11:20 . 2013-01-10 23:08    23552    ----a-w-    c:\windows\system32\oflc.rs
    2012-12-07 11:20 . 2013-01-10 23:08    45568    ----a-w-    c:\windows\system32\oflc-nz.rs
    2012-12-07 11:20 . 2013-01-10 23:08    44544    ----a-w-    c:\windows\system32\pegibbfc.rs
    2012-12-07 11:20 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\system32\pegi-fi.rs
    2012-12-07 11:20 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\system32\pegi-pt.rs
    2012-12-07 11:19 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\system32\pegi.rs
    2012-12-07 11:19 . 2013-01-10 23:08    46592    ----a-w-    c:\windows\system32\fpb.rs
    2012-12-07 11:19 . 2013-01-10 23:08    40960    ----a-w-    c:\windows\system32\cob-au.rs
    2012-12-07 11:19 . 2013-01-10 23:08    21504    ----a-w-    c:\windows\system32\grb.rs
    2012-12-07 11:19 . 2013-01-10 23:08    15360    ----a-w-    c:\windows\system32\djctq.rs
    2012-12-07 11:19 . 2013-01-10 23:08    55296    ----a-w-    c:\windows\system32\cero.rs
    2012-12-07 11:19 . 2013-01-10 23:08    51712    ----a-w-    c:\windows\system32\esrb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    43520    ----a-w-    c:\windows\SysWow64\csrr.rs
    2012-12-07 10:46 . 2013-01-10 23:08    30720    ----a-w-    c:\windows\SysWow64\usk.rs
    2012-12-07 10:46 . 2013-01-10 23:08    45568    ----a-w-    c:\windows\SysWow64\oflc-nz.rs
    2012-12-07 10:46 . 2013-01-10 23:08    44544    ----a-w-    c:\windows\SysWow64\pegibbfc.rs
    2012-12-07 10:46 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\SysWow64\pegi-pt.rs
    2012-12-07 10:46 . 2013-01-10 23:08    23552    ----a-w-    c:\windows\SysWow64\oflc.rs
    2012-12-07 10:46 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\SysWow64\pegi-fi.rs
    2012-12-07 10:46 . 2013-01-10 23:08    46592    ----a-w-    c:\windows\SysWow64\fpb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    20480    ----a-w-    c:\windows\SysWow64\pegi.rs
    2012-12-07 10:46 . 2013-01-10 23:08    21504    ----a-w-    c:\windows\SysWow64\grb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    40960    ----a-w-    c:\windows\SysWow64\cob-au.rs
    2012-12-07 10:46 . 2013-01-10 23:08    15360    ----a-w-    c:\windows\SysWow64\djctq.rs
    2012-12-07 10:46 . 2013-01-10 23:08    51712    ----a-w-    c:\windows\SysWow64\esrb.rs
    2012-12-07 10:46 . 2013-01-10 23:08    55296    ----a-w-    c:\windows\SysWow64\cero.rs
    2012-11-30 05:45 . 2013-01-10 23:09    362496    ----a-w-    c:\windows\system32\wow64win.dll
    2012-11-30 05:45 . 2013-01-10 23:09    243200    ----a-w-    c:\windows\system32\wow64.dll
    2012-11-30 05:45 . 2013-01-10 23:09    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
    2012-11-30 05:43 . 2013-01-10 23:09    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
    2012-11-30 05:41 . 2013-01-10 23:09    424448    ----a-w-    c:\windows\system32\KernelBase.dll
    2012-11-30 05:41 . 2013-01-10 23:09    1161216    ----a-w-    c:\windows\system32\kernel32.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2012-11-30 05:38 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
    2012-11-30 04:53 . 2013-01-10 23:09    274944    ----a-w-    c:\windows\SysWow64\KernelBase.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    5120    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    2012-11-30 04:45 . 2013-01-10 23:09    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    .
    .
    ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por padrão não são apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-09-29 00:38    220608    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-09-29 00:38    220608    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-09-29 00:38    220608    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-08-09 221184]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088]
    "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
    "IFXSPMGT"="c:\program files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" [2009-08-04 1107232]
    "WSED"="c:\program files (x86)\WSED\WSED.exe" [2010-12-02 320880]
    "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
    "BTOptm"="c:\program files (x86)\BTOPtm\BTOptm.exe" [2012-03-09 1907056]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
    WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 6163456]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    "AppInit_DLLs"=c:\progra~3\BROWSE~1\261123~1.78\{16CDF~1\browsemngr.dll c:\progra~3\BROWSE~1\261123~1.78\{16CDF~1\browsemngr.dll c:\progra~3\BROWSE~1\261123~1.78\{16CDF~1\browsemngr.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
    R3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-09-28 1255736]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
    S0 EMSC;COMPAL Embedded System Control;c:\windows\system32\DRIVERS\EMSC.SYS [2009-06-26 16752]
    S0 iusb3hcs;Driver de comutação do controlador host Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-01-26 16152]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-29 283200]
    S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys [2009-07-19 44576]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
    S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
    S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
    S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-02-21 128280]
    S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-02-21 161560]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]
    S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-02-28 363800]
    S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 288256]
    S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
    S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [2010-09-08 485376]
    S3 ATSwpWDF;AuthenTec TruePrint WBF Driver;c:\windows\system32\DRIVERS\ATSwpWDF.sys [2011-08-30 1050016]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2012-03-11 240432]
    S3 iusb3hub;Driver para hub Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-26 356120]
    S3 iusb3xhc;Driver de controlador host eXtensível Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-26 787736]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2012-03-19 314472]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-12-22 876136]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt    REG_MULTI_SZ       hpqcxs08 hpqddsvc
    .
    Conteúdo da pasta 'Tarefas Agendadas'
    .
    2013-02-18 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 13:54]
    .
    2013-02-18 c:\windows\Tasks\AutoKMS.job
    - c:\windows\AutoKMS\AutoKMS.exe [2012-11-29 00:41]
    .
    2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 17:32]
    .
    2013-02-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-25 17:32]
    .
    2013-02-18 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
    - c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 16:41]
    .
    2013-02-17 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
    - c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 16:41]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
    @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
    [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
    2012-09-29 00:38    244672    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
    @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
    [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
    2012-09-29 00:38    244672    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
    @="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
    [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
    2012-09-29 00:38    244672    ----a-w-    c:\users\AVELL\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-10-30 22:50    133400    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-12 13353064]
    "ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
    .
    ------- Scan Suplementar -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    mStart Page = hxxp://websearch.just-browse.info/
    IE: &Enviar para o OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
    IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
    TCP: DhcpNameServer = 150.162.2.33 150.162.1.33
    FF - ProfilePath - c:\users\AVELL\AppData\Roaming\Mozilla\Firefox\Profiles\dojj6f5y.default\
    FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.br/
    .
    - - - - ORFÃOS REMOVIDOS - - - -
    .
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_USERS\S-1-5-21-293510616-4020486758-1889360145-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (S-1-5-21-293510616-4020486758-1889360145-1000)
    @Denied: (2) (LocalSystem)
    "Progid"="ThunderbirdEML"
    .
    [HKEY_USERS\S-1-5-21-293510616-4020486758-1889360145-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Outros Processos em Execução ------------------------
    .
    c:\program files\AVAST Software\Avast\AvastSvc.exe
    c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files (x86)\Infineon\Security Platform Software\ifxtcs.exe
    c:\program files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
    c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    c:\program files (x86)\Infineon\Security Platform Software\PSDrt.exe
    c:\program files (x86)\Infineon\Security Platform Software\SpTna.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    .
    **************************************************************************
    .
    Tempo para conclusão: 2013-02-18  13:54:29 - Máquina reiniciou
    ComboFix-quarantined-files.txt  2013-02-18 16:54
    ComboFix2.txt  2013-02-18 14:55
    ComboFix3.txt  2013-02-18 01:41
    .
    Pré-execução: 53.033.496.576 bytes disponíveis
    Pós execução: 52.457.611.264 bytes disponíveis
    .
    - - End Of File - - C835BE939FB2F08AAE7C9541975B25A6
     



    #9 jeffce

    jeffce

      Bleepin' Super Saiyan


    • Malware Response Team
    • 3,442 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:USA
    • Local time:09:26 PM

    Posted 18 February 2013 - 01:03 PM

    and let me know how your system is running now.

    :)


    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #10 Vilee

    Vilee
    • Topic Starter

    • Members
    • 6 posts
    • OFFLINE
    •  
    • Local time:12:26 AM

    Posted 18 February 2013 - 07:51 PM

    I think it's running very good.

     

    Thank you for all the help jeffce.



    #11 jeffce

    jeffce

      Bleepin' Super Saiyan


    • Malware Response Team
    • 3,442 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:USA
    • Local time:09:26 PM

    Posted 19 February 2013 - 07:53 AM

    I think it's running very good.

    Good to hear!  Let's get some updates and check for anything else hiding.
    ------

    java-1.jpg I see that your Java software is out of date. Please go to Start >> Control Panel >> Programs and Features >> uninstall all versions of Java.

    Now download and install the newest version from here >> http://java.com/en/download/index.jsp
    -------------

    java-1.jpgClear Java Cache

    See this page for instructions on how to clear java's cache.

    Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
    • Under Temporary Internet Files, click the Delete Files button.
    • There are three options in the window to clear the cache - Leave ALL 3 Checked

      • Downloaded Applets
        Downloaded Applications
        Other Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Java Control Panel.
    • ----------

      mbam-3.jpg Please download Malwarebytes Anti-Malware to your desktop.
      • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
      • At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
      • If an update is found, it will download and install the latest version.
      • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

        MBAM-2.jpg
      • When the scan is complete, click OK, then Show Results to view the results.
      • Be sure that everything is checked, and click Remove Selected.
      • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
      The log can also be found here:

      Windows 2000 & Windows XP:
      C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

      Windows Vista & Win7:
      C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
      ----------

      ESET Online Scanner

      Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator
      • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
      • Turn off the real time scanner of any existing antivirus program while performing the online scan
      • Tick the box next to YES, I accept the Terms of Use.
      • Click Start
      • When asked, allow the activex control to install
      • Click Start
      • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
      • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
      • Click Scan
      • Wait for the scan to finish
      • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
      • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
      • Close the ESET online scan, and let me know how things are now.
      ----------

    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #12 jeffce

    jeffce

      Bleepin' Super Saiyan


    • Malware Response Team
    • 3,442 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:USA
    • Local time:09:26 PM

    Posted 21 February 2013 - 07:54 AM

    Still with me?


    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     


    #13 jeffce

    jeffce

      Bleepin' Super Saiyan


    • Malware Response Team
    • 3,442 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:USA
    • Local time:09:26 PM

    Posted 22 February 2013 - 07:42 AM

    Due to the lack of feedback, this topic is now closed.

    In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

    Please include a link to your topic in the Private Message. Thank you.

    WFxJwA4.png
     
    mvp_horizontal_fullcolor-(copy2).jpeg
     





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users