TechSpot

Xorer.virus

Solved
By Asulli94
Oct 17, 2012
  1. I recently plugged in a new flashdrive I purchased of amazon it had an auto run file that made multiple copies of the xorer.virus file and possibly other files. approximately the same time I noticed the virus a new drive appeared under my computer Q:\. I cant access the drive or take ownership of it and I don't know if it is associated with a possible virus. Any help I could get would be greatly appreciated.
    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-10-17 13:05:00
    Windows 6.1.7601 Service Pack 1
    Running: duu3jtq9.exe


    ---- Files - GMER 1.0.15 ----

    File Q:\$RECYCLE.BIN 0 bytes
    File Q:\$RECYCLE.BIN\S-1-5-21-1031267864-2299367058-2740294337-1001 0 bytes
    File Q:\$RECYCLE.BIN\S-1-5-21-1031267864-2299367058-2740294337-1001\desktop.ini 129 bytes
    File Q:\$RECYCLE.BIN\S-1-5-21-1031267864-2299367058-2740294337-500 0 bytes
    File Q:\$RECYCLE.BIN\S-1-5-21-1031267864-2299367058-2740294337-500\desktop.ini 129 bytes
    File Q:\boot 0 bytes
    File Q:\boot\bcd 262144 bytes
    File Q:\boot\BCD.LOG 17408 bytes
    File Q:\boot\boot.sdi 3170304 bytes
    File Q:\boot\Desktop.ini 67 bytes
    File Q:\boot\etfsboot.com 4096 bytes
    File Q:\boot\fonts 0 bytes
    File Q:\boot\fonts\chs_boot.ttf 3693112 bytes
    File Q:\boot\fonts\cht_boot.ttf 3875804 bytes
    File Q:\boot\fonts\jpn_boot.ttf 1983244 bytes
    File Q:\boot\fonts\kor_boot.ttf 2370376 bytes
    File Q:\boot\fonts\wgl4_boot.ttf 46468 bytes
    File Q:\bootmgr 383562 bytes
    File Q:\Desktop.ini 67 bytes
    File Q:\FactoryUpdate 0 bytes
    File Q:\FactoryUpdate\BBOffLin.cmd 12239 bytes
    File Q:\FactoryUpdate\BOOT.SDI 3170304 bytes
    File Q:\FactoryUpdate\boot.wim 287949965 bytes
    File Q:\FactoryUpdate\BrandTwk.cmd 3151 bytes
    File Q:\FactoryUpdate\ChkOSMem.vbs 1957 bytes
    File Q:\FactoryUpdate\Desktop.ini 67 bytes
    File Q:\FactoryUpdate\DevPath.reg 848 bytes
    File Q:\FactoryUpdate\ErrorHandler.cmd 409 bytes
    File Q:\FactoryUpdate\Find4QFE.cmd 180 bytes
    File Q:\FactoryUpdate\Fixup 0 bytes
    File Q:\FactoryUpdate\Fixup\FU_CTO.CMD 2797 bytes
    File Q:\FactoryUpdate\Fixup\FU_Tweaks.CMD 2810 bytes
    File Q:\FactoryUpdate\FixUps.cmd 1129 bytes
    File Q:\FactoryUpdate\FUpdate.cmd 1744 bytes
    File Q:\FactoryUpdate\FU_6_88423_20120229_100A2 0 bytes
    File Q:\FactoryUpdate\FU_6_88423_20120229_100A2\FU88423_BBV2.CMD 2240 bytes
    File Q:\FactoryUpdate\FU_6_88423_20120229_100A2\UPDATE.CMD 2160 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.32 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.32\IE9-WINDOWS6.1-KB2530548-X86.MSU 10298604 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.32\IE9-WINDOWS6.1-KB2559049-X86.MSU 10906232 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.32\IE9-WINDOWS6.1-KB2586448-X86.MSU 11150740 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.32\IE9-WINDOWS6.1-KB2618444-X86.MSU 11549054 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.32\IE9-WINDOWS6.1-KB2647516-X86.MSU 11557950 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.64 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.64\IE9-WINDOWS6.1-KB2530548-X64.MSU 20657625 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.64\IE9-WINDOWS6.1-KB2559049-X64.MSU 22068973 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.64\IE9-WINDOWS6.1-KB2586448-X64.MSU 22464741 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.64\IE9-WINDOWS6.1-KB2618444-X64.MSU 22999647 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\SwSetup\QFE_MSCU_All\Win7.64\IE9-WINDOWS6.1-KB2647516-X64.MSU 23005224 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\IE8-WINDOWS6.0-KB2647516-X86.MSU 9832037 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2479943-X86.MSU 1159925 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2482017-X86.MSU 11508966 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2484033-X86.MSU 504056 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2485376-X86.MSU 421311 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2488113-X86.MSU 325276 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2491683-X86.MSU 929599 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2492386-X86.MSU 3278528 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2497640-X86.MSU 12494394 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2502285-X86.MSU 695066 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2503658-X86.MSU 586844 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2503665-X86.MSU 1039021 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2505438-X86.MSU 948786 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2506212-X86.MSU 753976 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2506928-V2-X86.MSU 222953 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2507618-X86.MSU 421879 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2507938-X86.MSU 1160681 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2508272-X86.MSU 201337 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2508429-X86.MSU 520253 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2509553-X86.MSU 418975 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2510531-X86.MSU 711406 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2511250-X86.MSU 289045 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2511455-X86.MSU 464402 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2515325-X86.MSU 1183632 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2524375-X86.MSU 215438 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2529073-X86.MSU 483995 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2530548-X86.MSU 11502437 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2533623-X86.MSU 1162805 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2534366-X86.MSU 2211971 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2536275-X86.MSU 625537 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2536276-V2-X86.MSU 507576 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2541014-X86.MSU 208085 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2544521-X86.MSU 500401 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2544893-X86.MSU 587320 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2545698-X86.MSU 2432764 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2547666-X86.MSU 2203123 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2552343-X86.MSU 464537 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2555917-X86.MSU 1343046 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2556532-X86.MSU 3140148 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2559049-X86.MSU 11516620 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2479628-X86.MSU 1333120 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2506223-X86.MSU 1339636 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2532531-X86.MSU 499956 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2560656-X86.MSU 499978 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2598845-X86.MSU 196723 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2639417-X86.MSU 1348423 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2562937-X86.MSU 201594 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2563227-X86.MSU 280576 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2563894-X86.MSU 893137 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2564958-X86.MSU 589437 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2567053-X86.MSU 1780798 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2567680-X86.MSU 1022800 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2570791-X86.MSU 831348 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2570947-X86.MSU 340746 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2579686-X86.MSU 650019 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2584146-X86.MSU 228938 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2585542-X86.MSU 1290639 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2586448-X86.MSU 11805761 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2588516-X86.MSU 898915 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2393802-X86.MSU 3073472 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2425227-X86.MSU 469678 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2475792-X86.MSU 707322 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2476490-X86.MSU 484048 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2607576-X86.MSU 4888467 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2616676-X86.MSU 225557 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2617657-X86.MSU 1347746 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2618444-X86.MSU 12905186 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2618451-X86.MSU 199320 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2619339-X86.MSU 406635 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2620712-X86.MSU 217403 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2621440-X86.MSU 895503 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2631813-X86.MSU 1208686 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2632503-X86.MSU 516073 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2633171-X86.MSU 2235548 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2633952-X86.MSU 841264 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2639308-X86.MSU 2233654 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2640148-V2-X86.MSU 5086902 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2641653-X86.MSU 1348698 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2641690-X86.MSU 227624 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2644615-X86.MSU 775695 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2647516-X86.MSU 10005937 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2647518-X86.MSU 199397 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2654428-X86.MSU 488475 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2660075-X86.MSU 472413 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2660465-X86.MSU 1349437 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2665364-X86.MSU 1424418 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB2667402-X86.MSU 302308 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB976902-X86.MSU 4631169 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.32\Appl.zip\QFEs\WINDOWS6.1-KB982018-V3-X86.MSU 2459717 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs 0 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\IE8-WINDOWS6.0-KB2647516-X64.MSU 19124641 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2479943-X64.MSU 2425816 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2482017-X64.MSU 23712048 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2484033-X64.MSU 1035628 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2485376-X64.MSU 688721 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2487426-X64.MSU 288697 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2488113-X64.MSU 492851 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2491683-X64.MSU 1042689 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2492386-X64.MSU 3458220 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2497640-X64.MSU 26204652 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2503658-X64.MSU 1010570 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2503665-X64.MSU 1830158 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2505438-X64.MSU 1768589 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2506014-X64.MSU 2033827 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2506223-X64.MSU 1742046 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2506928-V2-X64.MSU 230471 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2507618-X64.MSU 686621 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2507938-X64.MSU 2355636 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2508272-X64.MSU 201586 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2508429-X64.MSU 767644 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2509553-X64.MSU 642098 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2510531-X64.MSU 1394426 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2511250-X64.MSU 426485 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2511455-X64.MSU 536638 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2515325-X64.MSU 1691464 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2524375-X64.MSU 216741 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2529073-X64.MSU 551394 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2393802-X64.MSU 6490757 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2425227-X64.MSU 999347 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2475792-X64.MSU 1392585 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2476490-X64.MSU 915863 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2532531-X64.MSU 580024 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2533623-X64.MSU 2314805 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2534366-X64.MSU 5273744 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2536275-X64.MSU 972323 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2536276-V2-X64.MSU 579809 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2541014-X64.MSU 206593 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2544521-X64.MSU 833082 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2544893-X64.MSU 1011124 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2545698-X64.MSU 2434517 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2547666-X64.MSU 4971993 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2552343-X64.MSU 725441 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2555917-X64.MSU 1737598 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2556532-X64.MSU 6754950 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2479628-X64.MSU 1710873 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2506212-X64.MSU 1452482 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2530548W-64.MSU 24348866 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2559049-X64.MSU 25011046 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2588516-X64.MSU 1616261 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2639417-X64.MSU 1750151 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2560656-X64.MSU 717833 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2562937-X64.MSU 201342 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2563227-X64.MSU 375684 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2563894-X64.MSU 1611058 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2564958-X64.MSU 1103278 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2567053-X64.MSU 2218941 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2567680-X64.MSU 2049178 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2570791-X64.MSU 1240183 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2570947-X64.MSU 540665 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2579686-X64.MSU 1090986 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2584146-X64.MSU 253051 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2585542-X64.MSU 1999538 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2586448-X64.MSU 26035913 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2598845-X64.MSU 199228 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2607576-X64.MSU 7666758 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2616676-X64.MSU 229996 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2617657-X64.MSU 1749625 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2618444-X64.MSU 27931099 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2618451-X64.MSU 204176 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2619339-X64.MSU 663198 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2620712-X64.MSU 227365 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2621440-X64.MSU 1433202 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2631813-X64.MSU 1980015 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2632503-X64.MSU 959628 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2633952-X64.MSU 1255368 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2639308-X64.MSU 5319912 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2640148-V2-X64.MSU 8055925 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2641653-X64.MSU 1752456 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2641690-X64.MSU 231996 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2644615-X64.MSU 1591938 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2645640-X64.MSU 469026 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2647516-X64.MSU 22313365 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2647518-X64.MSU 204295 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2654428-X64.MSU 776646 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2660075-X64.MSU 553514 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2660465-X64.MSU 1749608 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2665364-X64.MSU 2933833 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB2667402-X64.MSU 315378 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB976902-X64.MSU 10758737 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\SOURCE\Win7.64\Appl.zip\QFEs\WINDOWS6.1-KB982018-V3-X64.MSU 4445380 bytes
    File Q:\FactoryUpdate\FU_6_89695_20120403_100A1\UPDATE.CMD 3370 bytes
    File Q:\FactoryUpdate\FU_FixUP.cmd 278 bytes
    File Q:\FactoryUpdate\GetOptCd.vbs 1153 bytes
    File Q:\FactoryUpdate\MIRTweak.cmd 1031 bytes
    File Q:\FactoryUpdate\MVFolder.vbs 3030 bytes
    File Q:\FactoryUpdate\OffLine.cmd 1835 bytes
    File Q:\FactoryUpdate\PINTweak.cmd 8402 bytes
    File Q:\FactoryUpdate\Prepare.cmd 2636 bytes
    File Q:\FactoryUpdate\SKUDef.cmd 16545 bytes
    File Q:\FactoryUpdate\SSRDTwks.cmd 4884 bytes
    File Q:\FactoryUpdate\WriteUIA.CMD 3417 bytes
    File Q:\hp 0 bytes
    File Q:\hp\Desktop.ini 67 bytes
    File Q:\HPSF_Rep.txt 20 bytes
    File Q:\HP_WSD.dat 8 bytes
    File Q:\preload 0 bytes
    File Q:\preload\base.wim 1896907647 bytes
    File Q:\preload\Desktop.ini 67 bytes
    File Q:\recovery 0 bytes
    File Q:\recovery\Desktop.ini 67 bytes
    File Q:\recovery\HPRP.log 1181 bytes
    File Q:\recovery\lang.ini 22 bytes
    File Q:\recovery\system32 0 bytes
    File Q:\recovery\system32\Recovery 0 bytes
    File Q:\recovery\system32\Recovery\ReAgent.xml 1088 bytes
    File Q:\recovery\TypeList.txt 958 bytes
    File Q:\recovery\WindowsRE 0 bytes
    File Q:\recovery\WindowsRE\boot.sdi 3170304 bytes
    File Q:\recovery\WindowsRE\WinRE.wim 287201200 bytes
    File Q:\recovery\WindowsRE\WinUCRD.wim 288137994 bytes
    File Q:\recovery\_CNBRP.FLG 24 bytes
    File Q:\RM_Reserve 0 bytes
    File Q:\RM_Reserve\Desktop.ini 67 bytes
    File Q:\RM_Reserve\INSTALL.LOG 594679 bytes
    File Q:\RM_Reserve\Reserve.log 30 bytes
    File Q:\System Volume Information 0 bytes
    File Q:\System Volume Information\tracking.log 20480 bytes

    ---- EOF - GMER 1.0.15 ----
    Malwarebytes Anti-Malware 1.65.0.1400
    www.malwarebytes.org
    Database version: v2012.10.13.01
    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Sulli :: SULLISCOMPUTER [administrator]
    10/17/2012 1:11:08 PM
    mbam-log-2012-10-17 (13-11-08).txt
    Scan type: Full scan (C:\|D:\|E:\|Q:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 434914
    Time elapsed: 41 minute(s), 1 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)
     
  2. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    DDS (Ver_2012-10-14.05) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
    Run by Sulli at 13:08:36 on 2012-10-17
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8091.6322 [GMT -4:00]
    .
    AV: ESET NOD32 Antivirus 5.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET NOD32 Antivirus 5.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\Hpservice.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k WbioSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files (x86)\HP SimplePass\TouchControl.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
    C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    mWinlogon: Userinit = userinit.exe
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: HP SimplePass Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: HP SimplePass Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll
    mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    TCP: NameServer = 134.126.13.11 134.126.64.11
    TCP: Interfaces\{22DFA82D-1E97-4F14-9130-A6EE4BB9D748} : DHCPNameServer = 134.126.64.11 134.126.13.11
    TCP: Interfaces\{22DFA82D-1E97-4F14-9130-A6EE4BB9D748}\37861646F677 : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{22DFA82D-1E97-4F14-9130-A6EE4BB9D748}\84F6D65602F46666963656723702E4564777F627B6 : DHCPNameServer = 10.0.1.1
    TCP: Interfaces\{22DFA82D-1E97-4F14-9130-A6EE4BB9D748}\C696E6B6379737 : DHCPNameServer = 66.189.0.100 24.159.64.23 24.247.24.53
    TCP: Interfaces\{22DFA82D-1E97-4F14-9130-A6EE4BB9D748}\D6163676275676F62733 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{B132FCBA-4835-4D6A-9386-D8F05AD949AE} : DHCPNameServer = 134.126.13.11 134.126.64.11
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: HP SimplePass Browser Helper Object: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-TB: HP SimplePass Toolbar: {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll
    x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2011-12-5 16152]
    R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-10-13 30056]
    R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-3-14 209768]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-3-7 913144]
    R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2012-3-14 137144]
    R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2011-12-11 260424]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
    R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-11-22 227896]
    R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-11-29 34872]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-12 13592]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-8-12 128280]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-8-12 161560]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-8-12 1258856]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-12 363800]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-12 331264]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2011-12-5 355096]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2011-12-5 785688]
    R3 MEIx64;Intel(R) Management Engine Interface ;C:\Windows\System32\drivers\HECIx64.sys [2011-11-10 60184]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-8-12 1813056]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-12 565352]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-14 20016]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
    S2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/11 22:44:42;C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-4-20 241648]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
    S3 cphs;Intel(R) Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-8-12 276248]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-8-12 259688]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
    S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2011-12-9 269640]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-8-18 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2074-05-18 21:44:52607296----a-w-C:\Program Files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll
    2012-10-17 03:58:279308616----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{25A19345-9C11-4EC0-A188-D3872FFF37CC}\mpengine.dll
    2012-10-16 15:47:09--------d-----w-C:\ProgramData\ClubSanDisk
    2012-10-13 04:18:381659760----a-w-C:\Windows\System32\drivers\ntfs.sys
    2012-10-13 04:17:38220160----a-w-C:\Windows\System32\wintrust.dll
    2012-10-13 04:17:38172544----a-w-C:\Windows\SysWow64\wintrust.dll
    2012-10-13 04:17:312048----a-w-C:\Windows\SysWow64\tzres.dll
    2012-10-13 04:17:312048----a-w-C:\Windows\System32\tzres.dll
    2012-10-13 04:17:02715776----a-w-C:\Windows\System32\kerberos.dll
    2012-10-13 04:17:02542208----a-w-C:\Windows\SysWow64\kerberos.dll
    2012-10-13 04:16:53184320----a-w-C:\Windows\System32\cryptsvc.dll
    2012-10-13 04:16:531464320----a-w-C:\Windows\System32\crypt32.dll
    2012-10-13 04:16:53140288----a-w-C:\Windows\System32\cryptnet.dll
    2012-10-13 04:16:531159680----a-w-C:\Windows\SysWow64\crypt32.dll
    2012-10-13 04:16:52140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
    2012-10-13 04:16:52103936----a-w-C:\Windows\SysWow64\cryptnet.dll
    2012-10-13 01:29:00--------d-----w-C:\Users\Sulli\AppData\Local\ElevatedDiagnostics
    2012-10-07 21:55:22--------d-----w-C:\Users\Sulli\AppData\Local\ESET
    2012-09-26 15:58:40245760----a-w-C:\Windows\System32\OxpsConverter.exe
    .
    ==================== Find3M ====================
    .
    2012-10-02 19:51:153536817----a-w-C:\Windows\System32\nvcoproc.bin
    2012-10-02 19:51:113293544----a-w-C:\Windows\System32\nvsvc64.dll
    2012-10-02 19:51:046200680----a-w-C:\Windows\System32\nvcpl.dll
    2012-10-02 19:50:57891240----a-w-C:\Windows\System32\nvvsvc.exe
    2012-10-02 19:50:57866664----a-w-C:\Windows\System32\nv3dappshext.dll
    2012-10-02 19:50:5763336----a-w-C:\Windows\System32\nvshext.dll
    2012-10-02 19:50:5755144----a-w-C:\Windows\System32\nv3dappshextr.dll
    2012-10-02 19:50:572557800----a-w-C:\Windows\System32\nvsvcr.dll
    2012-10-02 19:50:57118120----a-w-C:\Windows\System32\nvmctray.dll
    2012-09-07 21:04:4625928----a-w-C:\Windows\System32\drivers\mbam.sys
    2012-09-04 16:33:0695208----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-04 16:33:06821736----a-w-C:\Windows\SysWow64\npDeployJava1.dll
    2012-09-04 16:33:06746984----a-w-C:\Windows\SysWow64\deployJava1.dll
    2012-08-30 18:03:455559664----a-w-C:\Windows\System32\ntoskrnl.exe
    2012-08-30 17:12:023968880----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
    2012-08-30 17:12:023914096----a-w-C:\Windows\SysWow64\ntoskrnl.exe
    2012-08-24 17:06:1273416----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-24 17:06:12696520----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-08-24 10:31:322312704----a-w-C:\Windows\System32\jscript9.dll
    2012-08-24 10:21:181392128----a-w-C:\Windows\System32\wininet.dll
    2012-08-24 10:20:111494528----a-w-C:\Windows\System32\inetcpl.cpl
    2012-08-24 10:14:45173056----a-w-C:\Windows\System32\ieUnatt.exe
    2012-08-24 10:13:29599040----a-w-C:\Windows\System32\vbscript.dll
    2012-08-24 10:09:422382848----a-w-C:\Windows\System32\mshtml.tlb
    2012-08-24 06:59:171800704----a-w-C:\Windows\SysWow64\jscript9.dll
    2012-08-24 06:51:271129472----a-w-C:\Windows\SysWow64\wininet.dll
    2012-08-24 06:51:021427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
    2012-08-24 06:47:26142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
    2012-08-24 06:47:12420864----a-w-C:\Windows\SysWow64\vbscript.dll
    2012-08-24 06:43:582382848----a-w-C:\Windows\SysWow64\mshtml.tlb
    2012-08-22 18:12:501913200----a-w-C:\Windows\System32\drivers\tcpip.sys
    2012-08-22 18:12:40950128----a-w-C:\Windows\System32\drivers\ndis.sys
    2012-08-22 18:12:40376688----a-w-C:\Windows\System32\drivers\netio.sys
    2012-08-22 18:12:33288624----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
    2012-08-20 18:48:44362496----a-w-C:\Windows\System32\wow64win.dll
    2012-08-20 18:48:44243200----a-w-C:\Windows\System32\wow64.dll
    2012-08-20 18:48:4413312----a-w-C:\Windows\System32\wow64cpu.dll
    2012-08-20 18:48:43215040----a-w-C:\Windows\System32\winsrv.dll
    2012-08-20 18:48:3716384----a-w-C:\Windows\System32\ntvdm64.dll
    2012-08-20 18:48:35424448----a-w-C:\Windows\System32\KernelBase.dll
    2012-08-20 18:46:22338432----a-w-C:\Windows\System32\conhost.exe
    2012-08-20 17:40:2114336----a-w-C:\Windows\SysWow64\ntvdm64.dll
    2012-08-20 17:38:4444032----a-w-C:\Windows\apppatch\acwow64.dll
    2012-08-20 17:38:2625600----a-w-C:\Windows\SysWow64\setup16.exe
    2012-08-20 17:37:195120----a-w-C:\Windows\SysWow64\wow32.dll
    2012-08-20 17:37:18274944----a-w-C:\Windows\SysWow64\KernelBase.dll
    2012-08-20 15:38:217680----a-w-C:\Windows\SysWow64\instnm.exe
    2012-08-20 15:38:202048----a-w-C:\Windows\SysWow64\user.exe
    2012-08-20 15:33:286144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2012-08-20 15:33:284608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2012-08-20 15:33:283584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2012-08-20 15:33:283072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2012-08-17 03:38:08955888----a-w-C:\Windows\System32\npDeployJava1.dll
    2012-08-17 03:38:08839152----a-w-C:\Windows\System32\deployJava1.dll
    2012-08-12 05:43:39505128----a-w-C:\Windows\SysWow64\msvcp71.dll
    2012-08-12 05:43:39353576----a-w-C:\Windows\SysWow64\msvcr71.dll
    2012-08-12 05:43:3929480----a-w-C:\Windows\SysWow64\msxml3a.dll
    2012-08-12 05:26:55515584----a-w-C:\Windows\System32\timedate.cpl
    2012-08-12 05:26:55478720----a-w-C:\Windows\SysWow64\timedate.cpl
    2012-08-12 05:26:49690688----a-w-C:\Windows\SysWow64\msvcrt.dll
    2012-08-12 05:26:49634880----a-w-C:\Windows\System32\msvcrt.dll
    2012-08-12 05:26:18498688----a-w-C:\Windows\System32\drivers\afd.sys
    2012-08-12 05:26:131731920----a-w-C:\Windows\System32\ntdll.dll
    2012-08-12 05:26:131292080----a-w-C:\Windows\SysWow64\ntdll.dll
    2012-08-02 17:58:52574464----a-w-C:\Windows\System32\d3d10level9.dll
    2012-08-02 16:57:20490496----a-w-C:\Windows\SysWow64\d3d10level9.dll
    .
    ============= FINISH: 13:08:47.72 ===============
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-10-14.05)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 8/16/2012 2:14:57 PM
    System Uptime: 10/17/2012 12:39:34 PM (1 hours ago)
    .
    Motherboard: Hewlett-Packard | | 181E
    Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz | U3E1 | 2301/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 910 GiB total, 785.807 GiB free.
    D: is FIXED (NTFS) - 22 GiB total, 2.33 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP53: 10/16/2012 11:26:38 AM - Windows Update
    RP54: 10/16/2012 11:51:51 PM - Restore Operation
    RP55: 10/16/2012 11:57:23 PM - Windows Update
    .
    ==== Installed Programs ======================
    .
    64 Bit HP CIO Components Installer
    Adobe Flash Player 11 ActiveX 64-bit
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.4) MUI
    Adobe Shockwave Player 11.6
    Age of Empires III
    Age of Empires III - The Asian Dynasties
    AuthenTec TrueAPI 64-bit
    Bejeweled 3
    Blackhawk Striker 2
    CCleaner
    Chuzzle Deluxe
    Cradle of Rome 2
    CyberLink PowerDVD
    CyberLink YouCam
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Dora's World Adventure
    ESET NOD32 Antivirus
    ESU for Microsoft Windows 7 SP1
    Evernote v. 4.5.2
    Farm Frenzy
    Farmscapes
    FATE
    Final Drive Fury
    Google Chrome
    Guild Wars 2
    Half-Life 2
    Hewlett-Packard ACLM.NET v1.1.2.0
    Hoyle Card Games
    HP 3D DriveGuard
    HP Application Assistant
    HP Auto
    HP Client Services
    HP CoolSense
    HP Customer Experience Enhancements
    HP Documentation
    HP Games
    HP Launch Box
    HP MovieStore
    HP On Screen Display
    HP Photosmart 5510d series Basic Device Software
    HP Power Manager
    HP Quick Launch
    HP Recovery Manager
    HP Security Assistant
    HP Setup
    HP Setup Manager
    HP SimplePass
    HP Software Framework
    HP Support Assistant
    IDT Audio
    Intel(R) Management Engine Components
    Intel(R) OpenCL CPU Runtime
    Intel(R) Processor Graphics
    Intel(R) Rapid Storage Technology
    Intel(R) USB 3.0 eXtensible Host Controller Driver
    Intel® Trusted Connect Service Client
    ISO to USB
    Java 7 Update 7
    Java Auto Updater
    Java(TM) 7 Update 5 (64-bit)
    JavaFX 2.1.1
    Jewel Match 3
    Jewel Quest Mysteries: The Seventh Gate Collector's Edition
    John Deere Drive Green
    Junk Mail filter update
    Letters from Nowhere 2
    Luxor HD
    Mah Jong Medley
    Malwarebytes Anti-Malware version 1.65.0.1400
    Medieval II: Total War Kingdoms
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft Access 2010
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office 2010
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access 2010
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office File Validation Add-In
    Microsoft Office Home and Student 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing (English) 2010
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Starter 2010 - English
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft WSE 3.0 Runtime
    Mount & Blade: Warband
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mumble 1.2.3
    NVIDIA Control Panel 306.97
    NVIDIA Graphics Driver 306.97
    NVIDIA Install Application
    NVIDIA Optimus 1.10.8
    NVIDIA PhysX
    NVIDIA PhysX System Software 9.12.0604
    NVIDIA Update 1.10.8
    NVIDIA Update Components
    opensource
    Pearson LockDown Browser
    Penguins!
    Plants vs. Zombies - Game of the Year
    PlayReady PC Runtime x86
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter
    Realtek Ethernet Controller Driver
    Realtek PCIE Card Reader
    RollerCoaster Tycoon 3: Platinum
    Rome: Total War Gold Edition
    Secure Download Manager
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Skype™ 5.10
    Steam
    Stronghold 2
    Stronghold Legends
    swMSM
    Synaptics Pointing Device Driver
    The Treasures of Mystery Island: The Ghost Ship
    Torchlight
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
    Update Installer for WildTangent Games App
    Validity WBF DDK
    Virtual Villagers 4 - The Tree of Life
    War of the Roses
    WildTangent Games App (HP Games)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 4.20 (64-bit)
    Zuma's Revenge
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/17/2012 12:27:00 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
    10/17/2012 12:26:30 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    10/17/2012 12:26:22 AM, Error: Service Control Manager [7034] - The Client Virtualization Handler service terminated unexpectedly. It has done this 1 time(s).
    10/17/2012 12:26:18 AM, Error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    10/17/2012 12:26:14 AM, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
    10/16/2012 11:57:43 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.137.1875.0).
    10/14/2012 3:00:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
    10/13/2012 12:32:58 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: nVidia - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Other hardware - NVIDIA GeForce GT 650M.
    10/13/2012 12:11:21 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
    10/13/2012 12:09:48 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    .
    ==== End Of File ===========================
     
  3. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ============================

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

    ==========================

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    ==========================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
     
  4. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    21:29:34.0754 1692 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
    21:29:35.0391 1692 ============================================================
    21:29:35.0391 1692 Current date / time: 2012/10/18 21:29:35.0391
    21:29:35.0391 1692 SystemInfo:
    21:29:35.0391 1692
    21:29:35.0391 1692 OS Version: 6.1.7601 ServicePack: 1.0
    21:29:35.0391 1692 Product type: Workstation
    21:29:35.0391 1692 ComputerName: SULLISCOMPUTER
    21:29:35.0391 1692 UserName: Sulli
    21:29:35.0391 1692 Windows directory: C:\Windows
    21:29:35.0391 1692 System windows directory: C:\Windows
    21:29:35.0391 1692 Running under WOW64
    21:29:35.0391 1692 Processor architecture: Intel x64
    21:29:35.0391 1692 Number of processors: 8
    21:29:35.0391 1692 Page size: 0x1000
    21:29:35.0391 1692 Boot type: Normal boot
    21:29:35.0391 1692 ============================================================
    21:29:36.0907 1692 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0B80E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    21:29:36.0910 1692 ============================================================
    21:29:36.0910 1692 \Device\Harddisk0\DR0:
    21:29:36.0910 1692 MBR partitions:
    21:29:36.0910 1692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
    21:29:36.0910 1692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x71B1B800
    21:29:36.0910 1692 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x71B7F800, BlocksNum 0x2B4F800
    21:29:36.0910 1692 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x746CF000, BlocksNum 0x36000
    21:29:36.0910 1692 ============================================================
    21:29:36.0916 1692 C: <-> \Device\Harddisk0\DR0\Partition2
    21:29:36.0922 1692 D: <-> \Device\Harddisk0\DR0\Partition3
    21:29:36.0922 1692 ============================================================
    21:29:36.0922 1692 Initialize success
    21:29:36.0922 1692 ============================================================
    21:30:16.0647 0864 ============================================================
    21:30:16.0647 0864 Scan started
    21:30:16.0647 0864 Mode: Manual;
    21:30:16.0647 0864 ============================================================
    21:30:17.0957 0864 ================ Scan system memory ========================
    21:30:17.0957 0864 System memory - ok
    21:30:17.0958 0864 ================ Scan services =============================
    21:30:18.0360 0864 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    21:30:18.0396 0864 1394ohci - ok
    21:30:18.0400 0864 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\drivers\Accelerometer.sys
    21:30:18.0401 0864 Accelerometer - ok
    21:30:18.0409 0864 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    21:30:18.0413 0864 ACPI - ok
    21:30:18.0416 0864 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    21:30:18.0426 0864 AcpiPmi - ok
    21:30:18.0432 0864 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    21:30:18.0432 0864 AdobeARMservice - ok
    21:30:18.0448 0864 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    21:30:18.0478 0864 adp94xx - ok
    21:30:18.0493 0864 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
    21:30:18.0519 0864 adpahci - ok
    21:30:18.0539 0864 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    21:30:18.0545 0864 adpu320 - ok
    21:30:18.0550 0864 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    21:30:18.0553 0864 AeLookupSvc - ok
    21:30:18.0566 0864 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    21:30:18.0576 0864 AFD - ok
    21:30:18.0614 0864 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    21:30:18.0630 0864 agp440 - ok
    21:30:18.0636 0864 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    21:30:18.0647 0864 ALG - ok
    21:30:18.0649 0864 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    21:30:18.0661 0864 aliide - ok
    21:30:18.0671 0864 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    21:30:18.0681 0864 amdide - ok
    21:30:18.0709 0864 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    21:30:18.0720 0864 AmdK8 - ok
    21:30:18.0739 0864 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    21:30:18.0761 0864 AmdPPM - ok
    21:30:18.0793 0864 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    21:30:18.0814 0864 amdsata - ok
    21:30:18.0842 0864 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    21:30:18.0869 0864 amdsbs - ok
    21:30:18.0878 0864 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    21:30:18.0887 0864 amdxata - ok
    21:30:18.0893 0864 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    21:30:18.0906 0864 AppID - ok
    21:30:18.0909 0864 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    21:30:18.0911 0864 AppIDSvc - ok
    21:30:18.0922 0864 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    21:30:18.0923 0864 Appinfo - ok
    21:30:18.0935 0864 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
    21:30:18.0949 0864 arc - ok
    21:30:18.0963 0864 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
    21:30:18.0968 0864 arcsas - ok
    21:30:18.0970 0864 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    21:30:18.0980 0864 AsyncMac - ok
    21:30:18.0983 0864 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    21:30:18.0992 0864 atapi - ok
    21:30:19.0009 0864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    21:30:19.0021 0864 AudioEndpointBuilder - ok
    21:30:19.0036 0864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    21:30:19.0039 0864 AudioSrv - ok
    21:30:19.0049 0864 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    21:30:19.0054 0864 AxInstSV - ok
    21:30:19.0079 0864 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    21:30:19.0088 0864 b06bdrv - ok
    21:30:19.0108 0864 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:30:19.0127 0864 b57nd60a - ok
    21:30:19.0178 0864 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
    21:30:19.0215 0864 BCM43XX - ok
    21:30:19.0230 0864 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    21:30:19.0245 0864 BDESVC - ok
    21:30:19.0248 0864 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    21:30:19.0250 0864 Beep - ok
    21:30:19.0287 0864 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    21:30:19.0302 0864 BFE - ok
    21:30:19.0322 0864 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    21:30:19.0337 0864 BITS - ok
    21:30:19.0341 0864 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
    21:30:19.0352 0864 blbdrive - ok
    21:30:19.0356 0864 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    21:30:19.0374 0864 bowser - ok
    21:30:19.0377 0864 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    21:30:19.0379 0864 BrFiltLo - ok
    21:30:19.0382 0864 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    21:30:19.0384 0864 BrFiltUp - ok
    21:30:19.0391 0864 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    21:30:19.0395 0864 Browser - ok
    21:30:19.0410 0864 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    21:30:19.0424 0864 Brserid - ok
    21:30:19.0437 0864 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    21:30:19.0448 0864 BrSerWdm - ok
    21:30:19.0450 0864 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:30:19.0460 0864 BrUsbMdm - ok
    21:30:19.0463 0864 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    21:30:19.0466 0864 BrUsbSer - ok
    21:30:19.0482 0864 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    21:30:19.0494 0864 BTHMODEM - ok
    21:30:19.0500 0864 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    21:30:19.0505 0864 bthserv - ok
    21:30:19.0521 0864 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    21:30:19.0524 0864 cdfs - ok
    21:30:19.0528 0864 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    21:30:19.0541 0864 cdrom - ok
    21:30:19.0546 0864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    21:30:19.0550 0864 CertPropSvc - ok
    21:30:19.0560 0864 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
    21:30:19.0564 0864 circlass - ok
    21:30:19.0574 0864 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    21:30:19.0581 0864 CLFS - ok
    21:30:19.0612 0864 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
    21:30:19.0620 0864 CLKMSVC10_38F51D56 - ok
    21:30:19.0634 0864 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    21:30:19.0637 0864 clr_optimization_v2.0.50727_32 - ok
    21:30:19.0649 0864 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    21:30:19.0650 0864 clr_optimization_v2.0.50727_64 - ok
    21:30:19.0740 0864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    21:30:19.0763 0864 clr_optimization_v4.0.30319_32 - ok
    21:30:19.0823 0864 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    21:30:19.0838 0864 clr_optimization_v4.0.30319_64 - ok
    21:30:19.0846 0864 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
    21:30:19.0862 0864 clwvd - ok
    21:30:19.0867 0864 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    21:30:19.0880 0864 CmBatt - ok
    21:30:19.0884 0864 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    21:30:19.0954 0864 cmdide - ok
    21:30:20.0009 0864 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    21:30:20.0077 0864 CNG - ok
    21:30:20.0086 0864 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
    21:30:20.0088 0864 Compbatt - ok
    21:30:20.0095 0864 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    21:30:20.0102 0864 CompositeBus - ok
    21:30:20.0106 0864 COMSysApp - ok
    21:30:20.0392 0864 [ 7E14FA0D325267F5B08F2005A12B2C22 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
    21:30:20.0399 0864 cphs - ok
    21:30:20.0405 0864 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    21:30:20.0409 0864 crcdisk - ok
    21:30:20.0433 0864 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    21:30:20.0434 0864 CryptSvc - ok
    21:30:20.0529 0864 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    21:30:20.0532 0864 cvhsvc - ok
    21:30:20.0546 0864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    21:30:20.0556 0864 DcomLaunch - ok
    21:30:20.0567 0864 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    21:30:20.0578 0864 defragsvc - ok
    21:30:20.0582 0864 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    21:30:20.0586 0864 DfsC - ok
    21:30:20.0596 0864 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    21:30:20.0604 0864 Dhcp - ok
    21:30:20.0607 0864 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    21:30:20.0608 0864 discache - ok
    21:30:20.0612 0864 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
    21:30:20.0621 0864 Disk - ok
    21:30:20.0628 0864 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    21:30:20.0635 0864 Dnscache - ok
    21:30:20.0644 0864 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    21:30:20.0652 0864 dot3svc - ok
    21:30:20.0660 0864 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    21:30:20.0665 0864 DPS - ok
    21:30:20.0668 0864 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    21:30:20.0677 0864 drmkaud - ok
    21:30:20.0693 0864 [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    21:30:20.0698 0864 DXGKrnl - ok
    21:30:20.0703 0864 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
    21:30:20.0713 0864 eamonm - ok
    21:30:20.0717 0864 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    21:30:20.0721 0864 EapHost - ok
    21:30:20.0787 0864 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
    21:30:20.0821 0864 ebdrv - ok
    21:30:20.0825 0864 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    21:30:20.0828 0864 EFS - ok
    21:30:20.0833 0864 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
    21:30:20.0842 0864 ehdrv - ok
    21:30:20.0863 0864 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    21:30:20.0879 0864 ehRecvr - ok
    21:30:20.0889 0864 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    21:30:20.0893 0864 ehSched - ok
    21:30:20.0920 0864 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    21:30:20.0924 0864 ekrn - ok
    21:30:20.0948 0864 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    21:30:20.0956 0864 elxstor - ok
    21:30:20.0961 0864 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
    21:30:20.0963 0864 epfwwfpr - ok
    21:30:20.0965 0864 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    21:30:20.0975 0864 ErrDev - ok
    21:30:20.0989 0864 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    21:30:20.0998 0864 EventSystem - ok
    21:30:21.0007 0864 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    21:30:21.0031 0864 exfat - ok
    21:30:21.0038 0864 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    21:30:21.0060 0864 fastfat - ok
    21:30:21.0074 0864 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    21:30:21.0084 0864 Fax - ok
    21:30:21.0087 0864 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
    21:30:21.0104 0864 fdc - ok
    21:30:21.0107 0864 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    21:30:21.0110 0864 fdPHost - ok
    21:30:21.0113 0864 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    21:30:21.0116 0864 FDResPub - ok
    21:30:21.0120 0864 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    21:30:21.0130 0864 FileInfo - ok
    21:30:21.0132 0864 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    21:30:21.0145 0864 Filetrace - ok
    21:30:21.0157 0864 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    21:30:21.0159 0864 flpydisk - ok
    21:30:21.0167 0864 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    21:30:21.0187 0864 FltMgr - ok
    21:30:21.0217 0864 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    21:30:21.0243 0864 FontCache - ok
    21:30:21.0248 0864 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    21:30:21.0250 0864 FontCache3.0.0.0 - ok
    21:30:21.0260 0864 [ BA0F98B69D84EFAE63EA80A957F9EF31 ] FPLService C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    21:30:21.0261 0864 FPLService - ok
    21:30:21.0265 0864 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    21:30:21.0276 0864 FsDepends - ok
    21:30:21.0279 0864 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    21:30:21.0289 0864 Fs_Rec - ok
    21:30:21.0299 0864 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    21:30:21.0302 0864 fvevol - ok
    21:30:21.0316 0864 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    21:30:21.0343 0864 gagp30kx - ok
    21:30:21.0352 0864 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    21:30:21.0360 0864 GamesAppService - ok
    21:30:21.0386 0864 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    21:30:21.0411 0864 gpsvc - ok
    21:30:21.0422 0864 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    21:30:21.0424 0864 hcw85cir - ok
    21:30:21.0444 0864 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    21:30:21.0451 0864 HdAudAddService - ok
    21:30:21.0457 0864 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    21:30:21.0459 0864 HDAudBus - ok
    21:30:21.0475 0864 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    21:30:21.0492 0864 HidBatt - ok
    21:30:21.0513 0864 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    21:30:21.0525 0864 HidBth - ok
    21:30:21.0543 0864 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
    21:30:21.0561 0864 HidIr - ok
    21:30:21.0565 0864 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    21:30:21.0580 0864 hidserv - ok
    21:30:21.0583 0864 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    21:30:21.0593 0864 HidUsb - ok
    21:30:21.0601 0864 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    21:30:21.0606 0864 hkmsvc - ok
    21:30:21.0614 0864 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    21:30:21.0622 0864 HomeGroupListener - ok
    21:30:21.0630 0864 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    21:30:21.0632 0864 HomeGroupProvider - ok
    21:30:21.0638 0864 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    21:30:21.0638 0864 HP Support Assistant Service - ok
    21:30:21.0657 0864 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    21:30:21.0671 0864 HPAuto - ok
    21:30:21.0682 0864 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    21:30:21.0686 0864 HPClientSvc - ok
    21:30:21.0693 0864 [ 3D85344F1B6A74B5EB1D97BB8DAEE224 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    21:30:21.0694 0864 HPDrvMntSvc.exe - ok
    21:30:21.0697 0864 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\drivers\hpdskflt.sys
    21:30:21.0699 0864 hpdskflt - ok
    21:30:21.0721 0864 [ 7BBD5B17B77CE24BAB3ADF54991ABB36 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    21:30:21.0725 0864 hpqwmiex - ok
    21:30:21.0738 0864 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    21:30:21.0741 0864 HpSAMD - ok
    21:30:21.0745 0864 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
    21:30:21.0745 0864 hpsrv - ok
    21:30:21.0750 0864 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    21:30:21.0750 0864 HPWMISVC - ok
    21:30:21.0760 0864 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    21:30:21.0768 0864 HTTP - ok
    21:30:21.0771 0864 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    21:30:21.0771 0864 hwpolicy - ok
    21:30:21.0777 0864 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    21:30:21.0790 0864 i8042prt - ok
    21:30:21.0801 0864 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
    21:30:21.0804 0864 iaStor - ok
    21:30:21.0808 0864 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    21:30:21.0808 0864 IAStorDataMgrSvc - ok
    21:30:21.0822 0864 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    21:30:21.0837 0864 iaStorV - ok
    21:30:21.0842 0864 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    21:30:21.0844 0864 IDriverT - ok
    21:30:21.0865 0864 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    21:30:21.0884 0864 idsvc - ok
    21:30:22.0021 0864 [ 11BA677667432A99CA261A472A2C29B8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    21:30:22.0242 0864 igfx - ok
    21:30:22.0271 0864 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    21:30:22.0274 0864 iirsp - ok
    21:30:22.0298 0864 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    21:30:22.0322 0864 IKEEXT - ok
    21:30:22.0335 0864 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    21:30:22.0349 0864 IntcDAud - ok
    21:30:22.0381 0864 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
    21:30:22.0388 0864 Intel(R) Capability Licensing Service Interface - ok
    21:30:22.0395 0864 [ C9DCE1CB628AEED3C0C30ABBF4F1E718 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    21:30:22.0395 0864 Intel(R) ME Service - ok
    21:30:22.0399 0864 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    21:30:22.0401 0864 intelide - ok
    21:30:22.0404 0864 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
    21:30:22.0405 0864 intelppm - ok
    21:30:22.0408 0864 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    21:30:22.0411 0864 IPBusEnum - ok
    21:30:22.0415 0864 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:30:22.0419 0864 IpFilterDriver - ok
    21:30:22.0429 0864 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    21:30:22.0438 0864 iphlpsvc - ok
    21:30:22.0453 0864 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    21:30:22.0457 0864 IPMIDRV - ok
    21:30:22.0462 0864 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    21:30:22.0476 0864 IPNAT - ok
    21:30:22.0478 0864 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    21:30:22.0480 0864 IRENUM - ok
    21:30:22.0492 0864 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    21:30:22.0502 0864 isapnp - ok
    21:30:22.0527 0864 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    21:30:22.0541 0864 iScsiPrt - ok
    21:30:22.0544 0864 [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
    21:30:22.0545 0864 iusb3hcs - ok
    21:30:22.0552 0864 [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
    21:30:22.0554 0864 iusb3hub - ok
    21:30:22.0567 0864 [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
    21:30:22.0570 0864 iusb3xhc - ok
    21:30:22.0578 0864 [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    21:30:22.0578 0864 jhi_service - ok
    21:30:22.0581 0864 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    21:30:22.0583 0864 kbdclass - ok
    21:30:22.0586 0864 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    21:30:22.0589 0864 kbdhid - ok
    21:30:22.0592 0864 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    21:30:22.0593 0864 KeyIso - ok
    21:30:22.0598 0864 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    21:30:22.0602 0864 KSecDD - ok
    21:30:22.0606 0864 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    21:30:22.0610 0864 KSecPkg - ok
    21:30:22.0613 0864 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    21:30:22.0622 0864 ksthunk - ok
    21:30:22.0632 0864 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    21:30:22.0644 0864 KtmRm - ok
    21:30:22.0650 0864 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    21:30:22.0657 0864 LanmanServer - ok
    21:30:22.0660 0864 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    21:30:22.0664 0864 LanmanWorkstation - ok
    21:30:22.0668 0864 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    21:30:22.0679 0864 lltdio - ok
    21:30:22.0691 0864 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    21:30:22.0704 0864 lltdsvc - ok
    21:30:22.0706 0864 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    21:30:22.0708 0864 lmhosts - ok
    21:30:22.0717 0864 [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    21:30:22.0719 0864 LMS - ok
    21:30:22.0735 0864 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    21:30:22.0746 0864 LSI_FC - ok
    21:30:22.0759 0864 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    21:30:22.0770 0864 LSI_SAS - ok
    21:30:22.0786 0864 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    21:30:22.0797 0864 LSI_SAS2 - ok
    21:30:22.0809 0864 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    21:30:22.0825 0864 LSI_SCSI - ok
    21:30:22.0841 0864 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    21:30:22.0857 0864 luafv - ok
    21:30:22.0874 0864 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    21:30:22.0880 0864 Mcx2Svc - ok
    21:30:22.0892 0864 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
    21:30:22.0915 0864 megasas - ok
    21:30:22.0934 0864 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    21:30:22.0952 0864 MegaSR - ok
    21:30:22.0956 0864 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
    21:30:22.0957 0864 MEIx64 - ok
    21:30:22.0962 0864 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    21:30:22.0963 0864 MMCSS - ok
    21:30:22.0966 0864 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    21:30:22.0970 0864 Modem - ok
    21:30:22.0975 0864 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    21:30:22.0975 0864 monitor - ok
    21:30:22.0978 0864 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    21:30:22.0980 0864 mouclass - ok
    21:30:22.0983 0864 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    21:30:22.0986 0864 mouhid - ok
    21:30:22.0991 0864 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    21:30:22.0992 0864 mountmgr - ok
    21:30:23.0010 0864 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    21:30:23.0016 0864 mpio - ok
    21:30:23.0020 0864 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    21:30:23.0031 0864 mpsdrv - ok
    21:30:23.0051 0864 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    21:30:23.0069 0864 MpsSvc - ok
    21:30:23.0073 0864 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    21:30:23.0077 0864 MRxDAV - ok
    21:30:23.0082 0864 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:30:23.0085 0864 mrxsmb - ok
    21:30:23.0092 0864 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:30:23.0114 0864 mrxsmb10 - ok
    21:30:23.0118 0864 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:30:23.0129 0864 mrxsmb20 - ok
    21:30:23.0147 0864 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    21:30:23.0157 0864 msahci - ok
    21:30:23.0172 0864 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    21:30:23.0186 0864 msdsm - ok
    21:30:23.0192 0864 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    21:30:23.0199 0864 MSDTC - ok
    21:30:23.0204 0864 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    21:30:23.0206 0864 Msfs - ok
    21:30:23.0209 0864 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    21:30:23.0210 0864 mshidkmdf - ok
    21:30:23.0212 0864 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    21:30:23.0221 0864 msisadrv - ok
    21:30:23.0228 0864 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    21:30:23.0235 0864 MSiSCSI - ok
    21:30:23.0237 0864 msiserver - ok
    21:30:23.0240 0864 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    21:30:23.0242 0864 MSKSSRV - ok
    21:30:23.0244 0864 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    21:30:23.0245 0864 MSPCLOCK - ok
    21:30:23.0248 0864 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    21:30:23.0257 0864 MSPQM - ok
    21:30:23.0266 0864 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    21:30:23.0271 0864 MsRPC - ok
    21:30:23.0275 0864 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    21:30:23.0276 0864 mssmbios - ok
    21:30:23.0278 0864 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    21:30:23.0280 0864 MSTEE - ok
    21:30:23.0282 0864 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    21:30:23.0285 0864 MTConfig - ok
    21:30:23.0290 0864 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    21:30:23.0298 0864 Mup - ok
    21:30:23.0310 0864 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    21:30:23.0317 0864 napagent - ok
    21:30:23.0325 0864 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    21:30:23.0347 0864 NativeWifiP - ok
    21:30:23.0367 0864 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    21:30:23.0377 0864 NDIS - ok
    21:30:23.0380 0864 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    21:30:23.0390 0864 NdisCap - ok
    21:30:23.0394 0864 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    21:30:23.0396 0864 NdisTapi - ok
    21:30:23.0400 0864 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    21:30:23.0404 0864 Ndisuio - ok
    21:30:23.0408 0864 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    21:30:23.0420 0864 NdisWan - ok
    21:30:23.0423 0864 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    21:30:23.0440 0864 NDProxy - ok
    21:30:23.0449 0864 [ 76C4D5C98A808D8C8E0C46280036FAF8 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
    21:30:23.0449 0864 Net Driver HPZ12 - ok
    21:30:23.0453 0864 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    21:30:23.0464 0864 NetBIOS - ok
    21:30:23.0471 0864 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    21:30:23.0475 0864 NetBT - ok
    21:30:23.0477 0864 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    21:30:23.0478 0864 Netlogon - ok
    21:30:23.0490 0864 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    21:30:23.0498 0864 Netman - ok
    21:30:23.0509 0864 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    21:30:23.0518 0864 netprofm - ok
    21:30:23.0538 0864 [ 2F06E01DE7A3E366185E65C41C9DEBF7 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
    21:30:23.0553 0864 netr28x - ok
    21:30:23.0559 0864 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    21:30:23.0564 0864 NetTcpPortSharing - ok
    21:30:23.0591 0864 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    21:30:23.0610 0864 nfrd960 - ok
    21:30:23.0619 0864 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    21:30:23.0626 0864 NlaSvc - ok
    21:30:23.0629 0864 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    21:30:23.0638 0864 Npfs - ok
    21:30:23.0641 0864 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    21:30:23.0644 0864 nsi - ok
    21:30:23.0647 0864 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    21:30:23.0648 0864 nsiproxy - ok
    21:30:23.0685 0864 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    21:30:23.0715 0864 Ntfs - ok
    21:30:23.0718 0864 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    21:30:23.0727 0864 Null - ok
    21:30:23.0743 0864 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
    21:30:23.0757 0864 NVENETFD - ok
    21:30:24.0068 0864 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    21:30:24.0123 0864 nvlddmkm - ok
    21:30:24.0130 0864 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
    21:30:24.0134 0864 nvpciflt - ok
    21:30:24.0150 0864 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    21:30:24.0176 0864 nvraid - ok
    21:30:24.0195 0864 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    21:30:24.0226 0864 nvstor - ok
    21:30:24.0281 0864 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
    21:30:24.0293 0864 nvsvc - ok
    21:30:24.0372 0864 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    21:30:24.0377 0864 nvUpdatusService - ok
    21:30:24.0400 0864 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    21:30:24.0413 0864 nv_agp - ok
    21:30:24.0425 0864 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    21:30:24.0430 0864 odserv - ok
    21:30:24.0448 0864 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    21:30:24.0459 0864 ohci1394 - ok
    21:30:24.0468 0864 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    21:30:24.0473 0864 ose - ok
    21:30:24.0614 0864 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    21:30:24.0693 0864 osppsvc - ok
    21:30:24.0703 0864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    21:30:24.0710 0864 p2pimsvc - ok
    21:30:24.0724 0864 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    21:30:24.0736 0864 p2psvc - ok
    21:30:24.0748 0864 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
    21:30:24.0759 0864 Parport - ok
    21:30:24.0765 0864 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    21:30:24.0775 0864 partmgr - ok
    21:30:24.0783 0864 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    21:30:24.0792 0864 PcaSvc - ok
    21:30:24.0798 0864 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    21:30:24.0818 0864 pci - ok
    21:30:24.0820 0864 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    21:30:24.0831 0864 pciide - ok
    21:30:24.0861 0864 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    21:30:24.0875 0864 pcmcia - ok
    21:30:24.0878 0864 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    21:30:24.0887 0864 pcw - ok
    21:30:24.0896 0864 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    21:30:24.0911 0864 PEAUTH - ok
    21:30:24.0975 0864 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    21:30:24.0977 0864 PerfHost - ok
    21:30:25.0015 0864 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    21:30:25.0038 0864 pla - ok
    21:30:25.0052 0864 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    21:30:25.0065 0864 PlugPlay - ok
    21:30:25.0069 0864 [ D1A4DBB8A29F7FFC78378F47F9EA6B91 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
    21:30:25.0070 0864 Pml Driver HPZ12 - ok
    21:30:25.0073 0864 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    21:30:25.0076 0864 PNRPAutoReg - ok
    21:30:25.0085 0864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    21:30:25.0087 0864 PNRPsvc - ok
    21:30:25.0106 0864 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    21:30:25.0118 0864 PolicyAgent - ok
    21:30:25.0125 0864 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    21:30:25.0131 0864 Power - ok
    21:30:25.0135 0864 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    21:30:25.0161 0864 PptpMiniport - ok
    21:30:25.0174 0864 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
    21:30:25.0185 0864 Processor - ok
    21:30:25.0191 0864 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    21:30:25.0197 0864 ProfSvc - ok
    21:30:25.0200 0864 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    21:30:25.0201 0864 ProtectedStorage - ok
    21:30:25.0206 0864 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    21:30:25.0207 0864 Psched - ok
    21:30:25.0255 0864 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    21:30:25.0271 0864 ql2300 - ok
    21:30:25.0287 0864 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    21:30:25.0292 0864 ql40xx - ok
    21:30:25.0300 0864 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    21:30:25.0307 0864 QWAVE - ok
    21:30:25.0311 0864 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    21:30:25.0312 0864 QWAVEdrv - ok
    21:30:25.0314 0864 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    21:30:25.0324 0864 RasAcd - ok
    21:30:25.0328 0864 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:30:25.0331 0864 RasAgileVpn - ok
    21:30:25.0336 0864 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    21:30:25.0342 0864 RasAuto - ok
    21:30:25.0345 0864 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:30:25.0363 0864 Rasl2tp - ok
    21:30:25.0377 0864 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    21:30:25.0390 0864 RasMan - ok
    21:30:25.0394 0864 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    21:30:25.0398 0864 RasPppoe - ok
    21:30:25.0402 0864 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    21:30:25.0413 0864 RasSstp - ok
    21:30:25.0419 0864 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    21:30:25.0425 0864 rdbss - ok
    21:30:25.0427 0864 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    21:30:25.0444 0864 rdpbus - ok
    21:30:25.0447 0864 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:30:25.0447 0864 RDPCDD - ok
    21:30:25.0451 0864 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    21:30:25.0451 0864 RDPENCDD - ok
    21:30:25.0455 0864 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    21:30:25.0455 0864 RDPREFMP - ok
    21:30:25.0464 0864 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    21:30:25.0481 0864 RDPWD - ok
    21:30:25.0491 0864 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    21:30:25.0498 0864 rdyboost - ok
    21:30:25.0504 0864 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    21:30:25.0509 0864 RemoteAccess - ok
    21:30:25.0515 0864 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    21:30:25.0522 0864 RemoteRegistry - ok
    21:30:25.0525 0864 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    21:30:25.0529 0864 RpcEptMapper - ok
    21:30:25.0531 0864 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    21:30:25.0533 0864 RpcLocator - ok
    21:30:25.0545 0864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    21:30:25.0548 0864 RpcSs - ok
    21:30:25.0559 0864 [ 7F324DFFCA5318EEF040DBE351D038D8 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
    21:30:25.0569 0864 RSP2STOR - ok
    21:30:25.0574 0864 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    21:30:25.0586 0864 rspndr - ok
    21:30:25.0603 0864 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    21:30:25.0606 0864 RTL8167 - ok
    21:30:25.0609 0864 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    21:30:25.0610 0864 SamSs - ok
    21:30:25.0621 0864 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    21:30:25.0632 0864 sbp2port - ok
    21:30:25.0639 0864 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    21:30:25.0646 0864 SCardSvr - ok
    21:30:25.0649 0864 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    21:30:25.0660 0864 scfilter - ok
    21:30:25.0684 0864 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    21:30:25.0709 0864 Schedule - ok
    21:30:25.0714 0864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    21:30:25.0715 0864 SCPolicySvc - ok
    21:30:25.0728 0864 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
    21:30:25.0732 0864 sdbus - ok
    21:30:25.0739 0864 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    21:30:25.0748 0864 SDRSVC - ok
    21:30:25.0750 0864 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    21:30:25.0760 0864 secdrv - ok
    21:30:25.0763 0864 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    21:30:25.0764 0864 seclogon - ok
    21:30:25.0768 0864 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    21:30:25.0771 0864 SENS - ok
    21:30:25.0774 0864 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    21:30:25.0777 0864 SensrSvc - ok
    21:30:25.0780 0864 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
    21:30:25.0790 0864 Serenum - ok
    21:30:25.0803 0864 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
    21:30:25.0835 0864 Serial - ok
    21:30:25.0856 0864 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    21:30:25.0866 0864 sermouse - ok
    21:30:25.0873 0864 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    21:30:25.0878 0864 SessionEnv - ok
    21:30:25.0881 0864 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    21:30:25.0891 0864 sffdisk - ok
    21:30:25.0906 0864 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    21:30:25.0916 0864 sffp_mmc - ok
    21:30:25.0919 0864 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    21:30:25.0921 0864 sffp_sd - ok
    21:30:25.0924 0864 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    21:30:25.0934 0864 sfloppy - ok
    21:30:25.0951 0864 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
    21:30:25.0957 0864 Sftfs - ok
    21:30:25.0974 0864 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    21:30:25.0982 0864 sftlist - ok
    21:30:25.0993 0864 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
    21:30:25.0995 0864 Sftplay - ok
    21:30:25.0998 0864 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
    21:30:26.0007 0864 Sftredir - ok
    21:30:26.0010 0864 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
    21:30:26.0060 0864 Sftvol - ok
    21:30:26.0076 0864 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    21:30:26.0077 0864 sftvsa - ok
     
  5. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    21:30:26.0114 0864 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    21:30:26.0156 0864 SharedAccess - ok
    21:30:26.0202 0864 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    21:30:26.0248 0864 ShellHWDetection - ok
    21:30:26.0304 0864 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    21:30:26.0322 0864 SiSRaid2 - ok
    21:30:26.0338 0864 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    21:30:26.0353 0864 SiSRaid4 - ok
    21:30:26.0363 0864 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    21:30:26.0367 0864 SkypeUpdate - ok
    21:30:26.0382 0864 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    21:30:26.0396 0864 Smb - ok
    21:30:26.0407 0864 [ 8AF2546861B179E2517EB02748B4FAB7 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
    21:30:26.0415 0864 SmbDrv - ok
    21:30:26.0420 0864 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    21:30:26.0423 0864 SNMPTRAP - ok
    21:30:26.0426 0864 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    21:30:26.0434 0864 spldr - ok
    21:30:26.0453 0864 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    21:30:26.0471 0864 Spooler - ok
    21:30:26.0544 0864 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    21:30:26.0574 0864 sppsvc - ok
    21:30:26.0579 0864 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    21:30:26.0583 0864 sppuinotify - ok
    21:30:26.0591 0864 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    21:30:26.0617 0864 srv - ok
    21:30:26.0625 0864 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    21:30:26.0640 0864 srv2 - ok
    21:30:26.0666 0864 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    21:30:26.0673 0864 SrvHsfHDA - ok
    21:30:26.0711 0864 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    21:30:26.0734 0864 SrvHsfV92 - ok
    21:30:26.0745 0864 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    21:30:26.0761 0864 SrvHsfWinac - ok
    21:30:26.0766 0864 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    21:30:26.0770 0864 srvnet - ok
    21:30:26.0776 0864 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    21:30:26.0780 0864 SSDPSRV - ok
    21:30:26.0785 0864 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    21:30:26.0789 0864 SstpSvc - ok
    21:30:26.0812 0864 [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
    21:30:26.0814 0864 STacSV - ok
    21:30:26.0816 0864 Steam Client Service - ok
    21:30:26.0820 0864 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
    21:30:26.0822 0864 stexstor - ok
    21:30:26.0834 0864 [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
    21:30:26.0851 0864 STHDA - ok
    21:30:26.0866 0864 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    21:30:26.0881 0864 stisvc - ok
    21:30:26.0884 0864 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    21:30:26.0892 0864 swenum - ok
    21:30:26.0908 0864 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    21:30:26.0925 0864 swprv - ok
    21:30:26.0933 0864 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\drivers\SynTP.sys
    21:30:26.0943 0864 SynTP - ok
    21:30:27.0000 0864 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    21:30:27.0028 0864 SysMain - ok
    21:30:27.0033 0864 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    21:30:27.0037 0864 TabletInputService - ok
    21:30:27.0046 0864 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    21:30:27.0056 0864 TapiSrv - ok
    21:30:27.0060 0864 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    21:30:27.0063 0864 TBS - ok
    21:30:27.0105 0864 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    21:30:27.0126 0864 Tcpip - ok
    21:30:27.0169 0864 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    21:30:27.0176 0864 TCPIP6 - ok
    21:30:27.0181 0864 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    21:30:27.0184 0864 tcpipreg - ok
    21:30:27.0188 0864 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    21:30:27.0198 0864 TDPIPE - ok
    21:30:27.0201 0864 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    21:30:27.0208 0864 TDTCP - ok
    21:30:27.0212 0864 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    21:30:27.0223 0864 tdx - ok
    21:30:27.0227 0864 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    21:30:27.0236 0864 TermDD - ok
    21:30:27.0255 0864 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    21:30:27.0271 0864 TermService - ok
    21:30:27.0274 0864 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    21:30:27.0278 0864 Themes - ok
    21:30:27.0281 0864 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    21:30:27.0282 0864 THREADORDER - ok
    21:30:27.0286 0864 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    21:30:27.0290 0864 TrkWks - ok
    21:30:27.0297 0864 [ E06079D6BCF81AB8D07A932B209BC839 ] TrueService C:\Program Files\Common Files\AuthenTec\TrueService.exe
    21:30:27.0301 0864 TrueService - ok
    21:30:27.0307 0864 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    21:30:27.0308 0864 TrustedInstaller - ok
    21:30:27.0323 0864 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:30:27.0326 0864 tssecsrv - ok
    21:30:27.0341 0864 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    21:30:27.0359 0864 TsUsbFlt - ok
    21:30:27.0363 0864 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    21:30:27.0366 0864 TsUsbGD - ok
    21:30:27.0372 0864 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    21:30:27.0384 0864 tunnel - ok
    21:30:27.0403 0864 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    21:30:27.0413 0864 uagp35 - ok
    21:30:27.0424 0864 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    21:30:27.0435 0864 udfs - ok
    21:30:27.0441 0864 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    21:30:27.0445 0864 UI0Detect - ok
    21:30:27.0456 0864 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    21:30:27.0468 0864 uliagpkx - ok
    21:30:27.0471 0864 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    21:30:27.0481 0864 umbus - ok
    21:30:27.0483 0864 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
    21:30:27.0493 0864 UmPass - ok
    21:30:27.0507 0864 [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    21:30:27.0508 0864 UNS - ok
    21:30:27.0517 0864 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    21:30:27.0523 0864 upnphost - ok
    21:30:27.0527 0864 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    21:30:27.0537 0864 usbccgp - ok
    21:30:27.0552 0864 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    21:30:27.0556 0864 usbcir - ok
    21:30:27.0559 0864 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
    21:30:27.0568 0864 usbehci - ok
    21:30:27.0575 0864 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
    21:30:27.0588 0864 usbhub - ok
    21:30:27.0598 0864 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    21:30:27.0608 0864 usbohci - ok
    21:30:27.0624 0864 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    21:30:27.0634 0864 usbprint - ok
    21:30:27.0646 0864 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    21:30:27.0649 0864 usbscan - ok
    21:30:27.0653 0864 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:30:27.0673 0864 USBSTOR - ok
    21:30:27.0687 0864 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    21:30:27.0690 0864 usbuhci - ok
    21:30:27.0695 0864 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    21:30:27.0707 0864 usbvideo - ok
    21:30:27.0711 0864 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    21:30:27.0715 0864 UxSms - ok
    21:30:27.0718 0864 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    21:30:27.0719 0864 VaultSvc - ok
    21:30:27.0721 0864 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    21:30:27.0737 0864 vdrvroot - ok
    21:30:27.0750 0864 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    21:30:27.0762 0864 vds - ok
    21:30:27.0780 0864 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    21:30:27.0782 0864 vga - ok
    21:30:27.0785 0864 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    21:30:27.0794 0864 VgaSave - ok
    21:30:27.0814 0864 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    21:30:27.0828 0864 vhdmp - ok
    21:30:27.0831 0864 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    21:30:27.0842 0864 viaide - ok
    21:30:27.0846 0864 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    21:30:27.0862 0864 volmgr - ok
    21:30:27.0871 0864 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    21:30:27.0876 0864 volmgrx - ok
    21:30:27.0889 0864 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
    21:30:27.0909 0864 volsnap - ok
    21:30:27.0941 0864 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    21:30:27.0953 0864 vsmraid - ok
    21:30:28.0011 0864 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    21:30:28.0044 0864 VSS - ok
    21:30:28.0047 0864 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    21:30:28.0058 0864 vwifibus - ok
    21:30:28.0061 0864 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    21:30:28.0065 0864 vwififlt - ok
    21:30:28.0067 0864 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    21:30:28.0068 0864 vwifimp - ok
    21:30:28.0080 0864 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    21:30:28.0092 0864 W32Time - ok
    21:30:28.0096 0864 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    21:30:28.0099 0864 WacomPen - ok
    21:30:28.0103 0864 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    21:30:28.0115 0864 WANARP - ok
    21:30:28.0119 0864 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    21:30:28.0120 0864 Wanarpv6 - ok
    21:30:28.0177 0864 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    21:30:28.0195 0864 WatAdminSvc - ok
    21:30:28.0242 0864 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    21:30:28.0271 0864 wbengine - ok
    21:30:28.0279 0864 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    21:30:28.0286 0864 WbioSrvc - ok
    21:30:28.0297 0864 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    21:30:28.0308 0864 wcncsvc - ok
    21:30:28.0311 0864 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    21:30:28.0315 0864 WcsPlugInService - ok
    21:30:28.0318 0864 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
    21:30:28.0319 0864 Wd - ok
    21:30:28.0334 0864 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    21:30:28.0348 0864 Wdf01000 - ok
    21:30:28.0352 0864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    21:30:28.0354 0864 WdiServiceHost - ok
    21:30:28.0358 0864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    21:30:28.0359 0864 WdiSystemHost - ok
    21:30:28.0368 0864 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    21:30:28.0378 0864 WebClient - ok
    21:30:28.0389 0864 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    21:30:28.0399 0864 Wecsvc - ok
    21:30:28.0404 0864 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    21:30:28.0405 0864 wercplsupport - ok
    21:30:28.0409 0864 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    21:30:28.0413 0864 WerSvc - ok
    21:30:28.0416 0864 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    21:30:28.0425 0864 WfpLwf - ok
    21:30:28.0428 0864 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    21:30:28.0438 0864 WIMMount - ok
    21:30:28.0440 0864 WinDefend - ok
    21:30:28.0443 0864 WinHttpAutoProxySvc - ok
    21:30:28.0459 0864 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    21:30:28.0468 0864 Winmgmt - ok
    21:30:28.0520 0864 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    21:30:28.0565 0864 WinRM - ok
    21:30:28.0577 0864 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
    21:30:28.0591 0864 WinUsb - ok
    21:30:28.0634 0864 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    21:30:28.0677 0864 Wlansvc - ok
    21:30:28.0697 0864 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    21:30:28.0709 0864 wlcrasvc - ok
    21:30:28.0779 0864 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    21:30:28.0798 0864 wlidsvc - ok
    21:30:28.0802 0864 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    21:30:28.0802 0864 WmiAcpi - ok
    21:30:28.0813 0864 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    21:30:28.0821 0864 wmiApSrv - ok
    21:30:28.0823 0864 WMPNetworkSvc - ok
    21:30:28.0826 0864 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    21:30:28.0829 0864 WPCSvc - ok
    21:30:28.0833 0864 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    21:30:28.0835 0864 WPDBusEnum - ok
    21:30:28.0838 0864 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    21:30:28.0848 0864 ws2ifsl - ok
    21:30:28.0852 0864 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    21:30:28.0854 0864 wscsvc - ok
    21:30:28.0855 0864 WSearch - ok
    21:30:28.0933 0864 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    21:30:28.0982 0864 wuauserv - ok
    21:30:28.0987 0864 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    21:30:28.0998 0864 WudfPf - ok
    21:30:29.0004 0864 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:30:29.0019 0864 WUDFRd - ok
    21:30:29.0023 0864 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    21:30:29.0027 0864 wudfsvc - ok
    21:30:29.0034 0864 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
    21:30:29.0040 0864 WwanSvc - ok
    21:30:29.0045 0864 ================ Scan global ===============================
    21:30:29.0047 0864 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    21:30:29.0056 0864 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    21:30:29.0068 0864 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    21:30:29.0073 0864 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    21:30:29.0087 0864 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    21:30:29.0097 0864 [Global] - ok
    21:30:29.0097 0864 ================ Scan MBR ==================================
    21:30:29.0108 0864 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    21:30:29.0277 0864 \Device\Harddisk0\DR0 - ok
    21:30:29.0277 0864 ================ Scan VBR ==================================
    21:30:29.0278 0864 [ B43B6A86C968CAC9A8F7776810917CA3 ] \Device\Harddisk0\DR0\Partition1
    21:30:29.0282 0864 \Device\Harddisk0\DR0\Partition1 - ok
    21:30:29.0284 0864 [ 99A27B4352D6B579B525F39AA4DB0172 ] \Device\Harddisk0\DR0\Partition2
    21:30:29.0287 0864 \Device\Harddisk0\DR0\Partition2 - ok
    21:30:29.0289 0864 [ DE091AB05CE54191A2B2A02159BDF485 ] \Device\Harddisk0\DR0\Partition3
    21:30:29.0291 0864 \Device\Harddisk0\DR0\Partition3 - ok
    21:30:29.0293 0864 [ 163D7CBAA8FC3AFE4AC9D30D195A96CD ] \Device\Harddisk0\DR0\Partition4
    21:30:29.0294 0864 \Device\Harddisk0\DR0\Partition4 - ok
    21:30:29.0294 0864 ============================================================
    21:30:29.0294 0864 Scan finished
    21:30:29.0294 0864 ============================================================
    21:30:29.0299 4260 Detected object count: 0
    21:30:29.0299 4260 Actual detected object count: 0
    21:30:39.0401 5276 ============================================================
    21:30:39.0401 5276 Scan started
    21:30:39.0401 5276 Mode: Manual; SigCheck; TDLFS;
    21:30:39.0401 5276 ============================================================
    21:30:39.0876 5276 ================ Scan system memory ========================
    21:30:39.0876 5276 System memory - ok
    21:30:39.0876 5276 ================ Scan services =============================
    21:30:39.0982 5276 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    21:30:40.0057 5276 1394ohci - ok
    21:30:40.0061 5276 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\drivers\Accelerometer.sys
    21:30:40.0071 5276 Accelerometer - ok
    21:30:40.0079 5276 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    21:30:40.0088 5276 ACPI - ok
    21:30:40.0091 5276 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    21:30:40.0187 5276 AcpiPmi - ok
    21:30:40.0194 5276 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    21:30:40.0201 5276 AdobeARMservice - ok
    21:30:40.0219 5276 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    21:30:40.0231 5276 adp94xx - ok
    21:30:40.0242 5276 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
    21:30:40.0251 5276 adpahci - ok
    21:30:40.0260 5276 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    21:30:40.0268 5276 adpu320 - ok
    21:30:40.0273 5276 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    21:30:40.0443 5276 AeLookupSvc - ok
    21:30:40.0457 5276 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
    21:30:40.0506 5276 AFD - ok
    21:30:40.0510 5276 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
    21:30:40.0516 5276 agp440 - ok
    21:30:40.0520 5276 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
    21:30:40.0559 5276 ALG - ok
    21:30:40.0562 5276 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
    21:30:40.0568 5276 aliide - ok
    21:30:40.0571 5276 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
    21:30:40.0577 5276 amdide - ok
    21:30:40.0582 5276 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    21:30:40.0595 5276 AmdK8 - ok
    21:30:40.0599 5276 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    21:30:40.0608 5276 AmdPPM - ok
    21:30:40.0656 5276 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    21:30:40.0663 5276 amdsata - ok
    21:30:40.0704 5276 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    21:30:40.0712 5276 amdsbs - ok
    21:30:40.0719 5276 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
    21:30:40.0725 5276 amdxata - ok
    21:30:40.0737 5276 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
    21:30:40.0945 5276 AppID - ok
    21:30:40.0948 5276 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    21:30:40.0981 5276 AppIDSvc - ok
    21:30:40.0985 5276 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
    21:30:41.0013 5276 Appinfo - ok
    21:30:41.0019 5276 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
    21:30:41.0026 5276 arc - ok
    21:30:41.0032 5276 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
    21:30:41.0038 5276 arcsas - ok
    21:30:41.0041 5276 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    21:30:41.0072 5276 AsyncMac - ok
    21:30:41.0075 5276 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
    21:30:41.0081 5276 atapi - ok
    21:30:41.0097 5276 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    21:30:41.0124 5276 AudioEndpointBuilder - ok
    21:30:41.0138 5276 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
    21:30:41.0164 5276 AudioSrv - ok
    21:30:41.0171 5276 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
    21:30:41.0204 5276 AxInstSV - ok
    21:30:41.0218 5276 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    21:30:41.0235 5276 b06bdrv - ok
    21:30:41.0248 5276 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:30:41.0271 5276 b57nd60a - ok
    21:30:41.0328 5276 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
    21:30:41.0359 5276 BCM43XX - ok
    21:30:41.0365 5276 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
    21:30:41.0379 5276 BDESVC - ok
    21:30:41.0381 5276 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
    21:30:41.0418 5276 Beep - ok
    21:30:41.0434 5276 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
    21:30:41.0472 5276 BFE - ok
    21:30:41.0492 5276 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
    21:30:41.0528 5276 BITS - ok
    21:30:41.0532 5276 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
    21:30:41.0543 5276 blbdrive - ok
    21:30:41.0547 5276 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    21:30:41.0566 5276 bowser - ok
    21:30:41.0569 5276 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    21:30:41.0578 5276 BrFiltLo - ok
    21:30:41.0581 5276 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    21:30:41.0590 5276 BrFiltUp - ok
    21:30:41.0595 5276 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
    21:30:41.0605 5276 Browser - ok
    21:30:41.0614 5276 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    21:30:41.0626 5276 Brserid - ok
    21:30:41.0629 5276 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    21:30:41.0646 5276 BrSerWdm - ok
    21:30:41.0649 5276 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:30:41.0658 5276 BrUsbMdm - ok
    21:30:41.0661 5276 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    21:30:41.0669 5276 BrUsbSer - ok
    21:30:41.0672 5276 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    21:30:41.0694 5276 BTHMODEM - ok
    21:30:41.0700 5276 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
    21:30:41.0725 5276 bthserv - ok
    21:30:41.0753 5276 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    21:30:41.0791 5276 cdfs - ok
    21:30:41.0795 5276 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
    21:30:41.0814 5276 cdrom - ok
    21:30:41.0819 5276 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
    21:30:41.0855 5276 CertPropSvc - ok
    21:30:41.0858 5276 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
    21:30:41.0868 5276 circlass - ok
    21:30:41.0878 5276 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
    21:30:41.0887 5276 CLFS - ok
    21:30:41.0920 5276 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
    21:30:41.0928 5276 CLKMSVC10_38F51D56 - ok
    21:30:41.0942 5276 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    21:30:41.0949 5276 clr_optimization_v2.0.50727_32 - ok
    21:30:41.0961 5276 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    21:30:41.0967 5276 clr_optimization_v2.0.50727_64 - ok
    21:30:41.0982 5276 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    21:30:41.0989 5276 clr_optimization_v4.0.30319_32 - ok
    21:30:42.0001 5276 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    21:30:42.0008 5276 clr_optimization_v4.0.30319_64 - ok
    21:30:42.0011 5276 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
    21:30:42.0016 5276 clwvd - ok
    21:30:42.0019 5276 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    21:30:42.0050 5276 CmBatt - ok
    21:30:42.0052 5276 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
    21:30:42.0059 5276 cmdide - ok
    21:30:42.0072 5276 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
    21:30:42.0085 5276 CNG - ok
    21:30:42.0088 5276 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
    21:30:42.0094 5276 Compbatt - ok
    21:30:42.0097 5276 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
    21:30:42.0107 5276 CompositeBus - ok
    21:30:42.0109 5276 COMSysApp - ok
    21:30:42.0168 5276 [ 7E14FA0D325267F5B08F2005A12B2C22 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
    21:30:42.0176 5276 cphs - ok
    21:30:42.0179 5276 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    21:30:42.0185 5276 crcdisk - ok
    21:30:42.0196 5276 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
    21:30:42.0225 5276 CryptSvc - ok
    21:30:42.0254 5276 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    21:30:42.0268 5276 cvhsvc - ok
    21:30:42.0281 5276 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
    21:30:42.0311 5276 DcomLaunch - ok
    21:30:42.0322 5276 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
    21:30:42.0354 5276 defragsvc - ok
    21:30:42.0359 5276 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    21:30:42.0389 5276 DfsC - ok
    21:30:42.0398 5276 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
    21:30:42.0440 5276 Dhcp - ok
    21:30:42.0444 5276 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
    21:30:42.0475 5276 discache - ok
    21:30:42.0479 5276 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
    21:30:42.0485 5276 Disk - ok
    21:30:42.0492 5276 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    21:30:42.0503 5276 Dnscache - ok
    21:30:42.0511 5276 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
    21:30:42.0544 5276 dot3svc - ok
    21:30:42.0551 5276 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
    21:30:42.0579 5276 DPS - ok
    21:30:42.0581 5276 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    21:30:42.0602 5276 drmkaud - ok
    21:30:42.0617 5276 [ CE7743807258A7D383C427E3C178A49E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    21:30:42.0632 5276 DXGKrnl - ok
    21:30:42.0638 5276 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
    21:30:42.0645 5276 eamonm - ok
    21:30:42.0650 5276 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
    21:30:42.0679 5276 EapHost - ok
    21:30:42.0741 5276 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
    21:30:42.0769 5276 ebdrv - ok
    21:30:42.0773 5276 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
    21:30:42.0805 5276 EFS - ok
    21:30:42.0813 5276 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
    21:30:42.0819 5276 ehdrv - ok
    21:30:42.0883 5276 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    21:30:42.0942 5276 ehRecvr - ok
    21:30:42.0951 5276 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
    21:30:42.0959 5276 ehSched - ok
    21:30:43.0041 5276 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    21:30:43.0055 5276 ekrn - ok
    21:30:43.0122 5276 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    21:30:43.0133 5276 elxstor - ok
    21:30:43.0143 5276 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
    21:30:43.0149 5276 epfwwfpr - ok
    21:30:43.0152 5276 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
    21:30:43.0179 5276 ErrDev - ok
    21:30:43.0218 5276 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
    21:30:43.0250 5276 EventSystem - ok
    21:30:43.0259 5276 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
    21:30:43.0282 5276 exfat - ok
    21:30:43.0289 5276 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
    21:30:43.0312 5276 fastfat - ok
    21:30:43.0326 5276 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
    21:30:43.0352 5276 Fax - ok
    21:30:43.0355 5276 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
    21:30:43.0372 5276 fdc - ok
    21:30:43.0375 5276 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
    21:30:43.0396 5276 fdPHost - ok
    21:30:43.0400 5276 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
    21:30:43.0422 5276 FDResPub - ok
    21:30:43.0426 5276 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    21:30:43.0432 5276 FileInfo - ok
    21:30:43.0435 5276 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    21:30:43.0460 5276 Filetrace - ok
    21:30:43.0463 5276 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    21:30:43.0470 5276 flpydisk - ok
    21:30:43.0478 5276 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    21:30:43.0486 5276 FltMgr - ok
    21:30:43.0516 5276 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
    21:30:43.0542 5276 FontCache - ok
    21:30:43.0546 5276 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    21:30:43.0552 5276 FontCache3.0.0.0 - ok
    21:30:43.0562 5276 [ BA0F98B69D84EFAE63EA80A957F9EF31 ] FPLService C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    21:30:43.0569 5276 FPLService - ok
    21:30:43.0573 5276 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    21:30:43.0580 5276 FsDepends - ok
    21:30:43.0583 5276 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    21:30:43.0589 5276 Fs_Rec - ok
    21:30:43.0598 5276 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    21:30:43.0608 5276 fvevol - ok
    21:30:43.0613 5276 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    21:30:43.0620 5276 gagp30kx - ok
    21:30:43.0629 5276 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    21:30:43.0637 5276 GamesAppService - ok
    21:30:43.0664 5276 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
    21:30:43.0691 5276 gpsvc - ok
    21:30:43.0698 5276 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    21:30:43.0727 5276 hcw85cir - ok
    21:30:43.0739 5276 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    21:30:43.0763 5276 HdAudAddService - ok
    21:30:43.0767 5276 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
    21:30:43.0784 5276 HDAudBus - ok
    21:30:43.0787 5276 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    21:30:43.0795 5276 HidBatt - ok
    21:30:43.0800 5276 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    21:30:43.0813 5276 HidBth - ok
    21:30:43.0842 5276 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
    21:30:43.0851 5276 HidIr - ok
    21:30:43.0855 5276 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
    21:30:43.0890 5276 hidserv - ok
    21:30:43.0894 5276 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    21:30:43.0901 5276 HidUsb - ok
    21:30:43.0905 5276 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
    21:30:43.0943 5276 hkmsvc - ok
    21:30:43.0952 5276 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    21:30:43.0963 5276 HomeGroupListener - ok
    21:30:43.0971 5276 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    21:30:43.0981 5276 HomeGroupProvider - ok
    21:30:43.0987 5276 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    21:30:43.0992 5276 HP Support Assistant Service - ok
    21:30:44.0035 5276 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    21:30:44.0046 5276 HPAuto - ok
    21:30:44.0056 5276 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    21:30:44.0064 5276 HPClientSvc - ok
    21:30:44.0072 5276 [ 3D85344F1B6A74B5EB1D97BB8DAEE224 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    21:30:44.0078 5276 HPDrvMntSvc.exe - ok
    21:30:44.0082 5276 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\drivers\hpdskflt.sys
    21:30:44.0087 5276 hpdskflt - ok
    21:30:44.0109 5276 [ 7BBD5B17B77CE24BAB3ADF54991ABB36 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    21:30:44.0123 5276 hpqwmiex - ok
    21:30:44.0127 5276 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    21:30:44.0134 5276 HpSAMD - ok
    21:30:44.0138 5276 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
    21:30:44.0143 5276 hpsrv - ok
    21:30:44.0146 5276 [ 77C15D7E8F002A173EEBFF0B20CD697D ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    21:30:44.0151 5276 HPWMISVC - ok
    21:30:44.0162 5276 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    21:30:44.0196 5276 HTTP - ok
    21:30:44.0199 5276 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    21:30:44.0206 5276 hwpolicy - ok
    21:30:44.0211 5276 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
    21:30:44.0218 5276 i8042prt - ok
    21:30:44.0229 5276 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
    21:30:44.0239 5276 iaStor - ok
    21:30:44.0246 5276 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    21:30:44.0251 5276 IAStorDataMgrSvc - ok
    21:30:44.0264 5276 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    21:30:44.0274 5276 iaStorV - ok
    21:30:44.0283 5276 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    21:30:44.0285 5276 IDriverT ( UnsignedFile.Multi.Generic ) - warning
    21:30:44.0285 5276 IDriverT - detected UnsignedFile.Multi.Generic (1)
    21:30:44.0312 5276 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    21:30:44.0325 5276 idsvc - ok
    21:30:44.0479 5276 [ 11BA677667432A99CA261A472A2C29B8 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    21:30:44.0670 5276 igfx - ok
    21:30:44.0675 5276 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    21:30:44.0681 5276 iirsp - ok
    21:30:44.0745 5276 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
    21:30:44.0787 5276 IKEEXT - ok
    21:30:44.0797 5276 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    21:30:44.0812 5276 IntcDAud - ok
    21:30:44.0855 5276 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
    21:30:44.0868 5276 Intel(R) Capability Licensing Service Interface - ok
    21:30:44.0881 5276 [ C9DCE1CB628AEED3C0C30ABBF4F1E718 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    21:30:44.0887 5276 Intel(R) ME Service - ok
    21:30:44.0890 5276 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
    21:30:44.0898 5276 intelide - ok
    21:30:44.0901 5276 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
    21:30:44.0917 5276 intelppm - ok
    21:30:44.0921 5276 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    21:30:44.0948 5276 IPBusEnum - ok
    21:30:44.0953 5276 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:30:44.0973 5276 IpFilterDriver - ok
    21:30:44.0984 5276 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    21:30:45.0053 5276 iphlpsvc - ok
     
  6. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    21:30:45.0069 5276 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    21:30:45.0083 5276 IPMIDRV - ok
    21:30:45.0099 5276 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    21:30:45.0132 5276 IPNAT - ok
    21:30:45.0137 5276 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
    21:30:45.0147 5276 IRENUM - ok
    21:30:45.0152 5276 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    21:30:45.0159 5276 isapnp - ok
    21:30:45.0195 5276 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    21:30:45.0204 5276 iScsiPrt - ok
    21:30:45.0209 5276 [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
    21:30:45.0214 5276 iusb3hcs - ok
    21:30:45.0230 5276 [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
    21:30:45.0238 5276 iusb3hub - ok
    21:30:45.0261 5276 [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
    21:30:45.0274 5276 iusb3xhc - ok
    21:30:45.0292 5276 [ 3628933AF5305EAB8173949BFF912F04 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    21:30:45.0299 5276 jhi_service - ok
    21:30:45.0302 5276 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
    21:30:45.0308 5276 kbdclass - ok
    21:30:45.0316 5276 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
    21:30:45.0345 5276 kbdhid - ok
    21:30:45.0347 5276 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
    21:30:45.0355 5276 KeyIso - ok
    21:30:45.0370 5276 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    21:30:45.0377 5276 KSecDD - ok
    21:30:45.0384 5276 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    21:30:45.0392 5276 KSecPkg - ok
    21:30:45.0395 5276 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    21:30:45.0429 5276 ksthunk - ok
    21:30:45.0455 5276 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
    21:30:45.0492 5276 KtmRm - ok
    21:30:45.0505 5276 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
    21:30:45.0541 5276 LanmanServer - ok
    21:30:45.0547 5276 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    21:30:45.0570 5276 LanmanWorkstation - ok
    21:30:45.0574 5276 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    21:30:45.0603 5276 lltdio - ok
    21:30:45.0632 5276 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
    21:30:45.0667 5276 lltdsvc - ok
    21:30:45.0671 5276 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
    21:30:45.0694 5276 lmhosts - ok
    21:30:45.0718 5276 [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    21:30:45.0726 5276 LMS - ok
    21:30:45.0742 5276 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    21:30:45.0749 5276 LSI_FC - ok
    21:30:45.0764 5276 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    21:30:45.0771 5276 LSI_SAS - ok
    21:30:45.0778 5276 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    21:30:45.0785 5276 LSI_SAS2 - ok
    21:30:45.0806 5276 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    21:30:45.0813 5276 LSI_SCSI - ok
    21:30:45.0824 5276 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
    21:30:45.0866 5276 luafv - ok
    21:30:45.0872 5276 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    21:30:45.0886 5276 Mcx2Svc - ok
    21:30:45.0889 5276 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
    21:30:45.0896 5276 megasas - ok
    21:30:45.0904 5276 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    21:30:45.0913 5276 MegaSR - ok
    21:30:45.0916 5276 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
    21:30:45.0922 5276 MEIx64 - ok
    21:30:45.0925 5276 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
    21:30:45.0951 5276 MMCSS - ok
    21:30:45.0954 5276 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
    21:30:45.0981 5276 Modem - ok
    21:30:45.0985 5276 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    21:30:46.0003 5276 monitor - ok
    21:30:46.0006 5276 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    21:30:46.0013 5276 mouclass - ok
    21:30:46.0017 5276 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    21:30:46.0034 5276 mouhid - ok
    21:30:46.0039 5276 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    21:30:46.0047 5276 mountmgr - ok
    21:30:46.0053 5276 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
    21:30:46.0060 5276 mpio - ok
    21:30:46.0064 5276 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    21:30:46.0086 5276 mpsdrv - ok
    21:30:46.0105 5276 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
    21:30:46.0135 5276 MpsSvc - ok
    21:30:46.0139 5276 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    21:30:46.0154 5276 MRxDAV - ok
    21:30:46.0159 5276 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:30:46.0168 5276 mrxsmb - ok
    21:30:46.0174 5276 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:30:46.0183 5276 mrxsmb10 - ok
    21:30:46.0187 5276 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:30:46.0195 5276 mrxsmb20 - ok
    21:30:46.0198 5276 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
    21:30:46.0204 5276 msahci - ok
    21:30:46.0209 5276 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    21:30:46.0216 5276 msdsm - ok
    21:30:46.0223 5276 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
    21:30:46.0239 5276 MSDTC - ok
    21:30:46.0244 5276 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    21:30:46.0265 5276 Msfs - ok
    21:30:46.0267 5276 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    21:30:46.0291 5276 mshidkmdf - ok
    21:30:46.0294 5276 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    21:30:46.0300 5276 msisadrv - ok
    21:30:46.0307 5276 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    21:30:46.0329 5276 MSiSCSI - ok
    21:30:46.0331 5276 msiserver - ok
    21:30:46.0334 5276 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    21:30:46.0356 5276 MSKSSRV - ok
    21:30:46.0358 5276 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    21:30:46.0392 5276 MSPCLOCK - ok
    21:30:46.0394 5276 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    21:30:46.0424 5276 MSPQM - ok
    21:30:46.0433 5276 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    21:30:46.0443 5276 MsRPC - ok
    21:30:46.0447 5276 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
    21:30:46.0453 5276 mssmbios - ok
    21:30:46.0455 5276 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    21:30:46.0487 5276 MSTEE - ok
    21:30:46.0490 5276 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    21:30:46.0496 5276 MTConfig - ok
    21:30:46.0501 5276 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
    21:30:46.0507 5276 Mup - ok
    21:30:46.0518 5276 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
    21:30:46.0552 5276 napagent - ok
    21:30:46.0559 5276 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    21:30:46.0575 5276 NativeWifiP - ok
    21:30:46.0595 5276 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
    21:30:46.0609 5276 NDIS - ok
    21:30:46.0613 5276 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    21:30:46.0634 5276 NdisCap - ok
    21:30:46.0638 5276 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    21:30:46.0659 5276 NdisTapi - ok
    21:30:46.0663 5276 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    21:30:46.0684 5276 Ndisuio - ok
    21:30:46.0688 5276 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    21:30:46.0716 5276 NdisWan - ok
    21:30:46.0718 5276 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    21:30:46.0740 5276 NDProxy - ok
    21:30:46.0744 5276 [ 76C4D5C98A808D8C8E0C46280036FAF8 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
    21:30:46.0751 5276 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    21:30:46.0752 5276 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    21:30:46.0755 5276 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    21:30:46.0780 5276 NetBIOS - ok
    21:30:46.0787 5276 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    21:30:46.0809 5276 NetBT - ok
    21:30:46.0811 5276 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
    21:30:46.0818 5276 Netlogon - ok
    21:30:46.0829 5276 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
    21:30:46.0862 5276 Netman - ok
    21:30:46.0874 5276 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
    21:30:46.0905 5276 netprofm - ok
    21:30:46.0925 5276 [ 2F06E01DE7A3E366185E65C41C9DEBF7 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
    21:30:46.0946 5276 netr28x - ok
    21:30:46.0969 5276 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    21:30:46.0976 5276 NetTcpPortSharing - ok
    21:30:46.0988 5276 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    21:30:46.0994 5276 nfrd960 - ok
    21:30:47.0016 5276 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
    21:30:47.0041 5276 NlaSvc - ok
    21:30:47.0046 5276 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
    21:30:47.0068 5276 Npfs - ok
    21:30:47.0076 5276 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
    21:30:47.0123 5276 nsi - ok
    21:30:47.0133 5276 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    21:30:47.0157 5276 nsiproxy - ok
    21:30:47.0296 5276 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    21:30:47.0318 5276 Ntfs - ok
    21:30:47.0320 5276 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
    21:30:47.0342 5276 Null - ok
    21:30:47.0386 5276 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
    21:30:47.0419 5276 NVENETFD - ok
    21:30:47.0928 5276 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
    21:30:48.0055 5276 nvlddmkm - ok
    21:30:48.0060 5276 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
    21:30:48.0066 5276 nvpciflt - ok
    21:30:48.0075 5276 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
    21:30:48.0082 5276 nvraid - ok
    21:30:48.0089 5276 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
    21:30:48.0096 5276 nvstor - ok
    21:30:48.0113 5276 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
    21:30:48.0127 5276 nvsvc - ok
    21:30:48.0155 5276 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    21:30:48.0172 5276 nvUpdatusService - ok
    21:30:48.0177 5276 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    21:30:48.0184 5276 nv_agp - ok
    21:30:48.0196 5276 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    21:30:48.0205 5276 odserv - ok
    21:30:48.0209 5276 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    21:30:48.0216 5276 ohci1394 - ok
    21:30:48.0224 5276 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    21:30:48.0230 5276 ose - ok
    21:30:48.0388 5276 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    21:30:48.0439 5276 osppsvc - ok
    21:30:48.0450 5276 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    21:30:48.0476 5276 p2pimsvc - ok
    21:30:48.0491 5276 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
    21:30:48.0501 5276 p2psvc - ok
    21:30:48.0508 5276 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
    21:30:48.0515 5276 Parport - ok
    21:30:48.0521 5276 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
    21:30:48.0528 5276 partmgr - ok
    21:30:48.0536 5276 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
    21:30:48.0558 5276 PcaSvc - ok
    21:30:48.0564 5276 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
    21:30:48.0572 5276 pci - ok
    21:30:48.0575 5276 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
    21:30:48.0581 5276 pciide - ok
    21:30:48.0602 5276 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    21:30:48.0611 5276 pcmcia - ok
    21:30:48.0614 5276 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
    21:30:48.0620 5276 pcw - ok
    21:30:48.0629 5276 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    21:30:48.0678 5276 PEAUTH - ok
    21:30:48.0741 5276 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
    21:30:48.0761 5276 PerfHost - ok
    21:30:48.0811 5276 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
    21:30:48.0859 5276 pla - ok
    21:30:48.0872 5276 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    21:30:48.0908 5276 PlugPlay - ok
    21:30:48.0912 5276 [ D1A4DBB8A29F7FFC78378F47F9EA6B91 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
    21:30:48.0934 5276 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    21:30:48.0934 5276 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    21:30:48.0937 5276 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    21:30:48.0950 5276 PNRPAutoReg - ok
    21:30:48.0959 5276 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    21:30:48.0968 5276 PNRPsvc - ok
    21:30:48.0987 5276 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    21:30:49.0014 5276 PolicyAgent - ok
    21:30:49.0022 5276 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
    21:30:49.0053 5276 Power - ok
    21:30:49.0057 5276 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    21:30:49.0084 5276 PptpMiniport - ok
    21:30:49.0089 5276 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
    21:30:49.0109 5276 Processor - ok
    21:30:49.0115 5276 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
    21:30:49.0134 5276 ProfSvc - ok
    21:30:49.0137 5276 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    21:30:49.0144 5276 ProtectedStorage - ok
    21:30:49.0149 5276 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    21:30:49.0173 5276 Psched - ok
    21:30:49.0250 5276 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    21:30:49.0270 5276 ql2300 - ok
    21:30:49.0276 5276 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    21:30:49.0283 5276 ql40xx - ok
    21:30:49.0292 5276 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
    21:30:49.0304 5276 QWAVE - ok
    21:30:49.0308 5276 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    21:30:49.0321 5276 QWAVEdrv - ok
    21:30:49.0326 5276 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    21:30:49.0347 5276 RasAcd - ok
    21:30:49.0351 5276 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:30:49.0372 5276 RasAgileVpn - ok
    21:30:49.0377 5276 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
    21:30:49.0400 5276 RasAuto - ok
    21:30:49.0404 5276 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:30:49.0440 5276 Rasl2tp - ok
    21:30:49.0453 5276 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
    21:30:49.0477 5276 RasMan - ok
    21:30:49.0481 5276 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    21:30:49.0504 5276 RasPppoe - ok
    21:30:49.0508 5276 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    21:30:49.0530 5276 RasSstp - ok
    21:30:49.0535 5276 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    21:30:49.0558 5276 rdbss - ok
    21:30:49.0560 5276 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
    21:30:49.0573 5276 rdpbus - ok
    21:30:49.0576 5276 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:30:49.0597 5276 RDPCDD - ok
    21:30:49.0601 5276 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    21:30:49.0629 5276 RDPENCDD - ok
    21:30:49.0632 5276 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    21:30:49.0653 5276 RDPREFMP - ok
    21:30:49.0662 5276 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    21:30:49.0671 5276 RDPWD - ok
    21:30:49.0680 5276 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    21:30:49.0688 5276 rdyboost - ok
    21:30:49.0694 5276 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
    21:30:49.0717 5276 RemoteAccess - ok
    21:30:49.0723 5276 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    21:30:49.0747 5276 RemoteRegistry - ok
    21:30:49.0750 5276 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    21:30:49.0777 5276 RpcEptMapper - ok
    21:30:49.0779 5276 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
    21:30:49.0787 5276 RpcLocator - ok
    21:30:49.0799 5276 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
    21:30:49.0824 5276 RpcSs - ok
    21:30:49.0834 5276 [ 7F324DFFCA5318EEF040DBE351D038D8 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
    21:30:49.0841 5276 RSP2STOR - ok
    21:30:49.0846 5276 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    21:30:49.0868 5276 rspndr - ok
    21:30:49.0883 5276 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
    21:30:49.0894 5276 RTL8167 - ok
    21:30:49.0897 5276 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
    21:30:49.0904 5276 SamSs - ok
    21:30:49.0908 5276 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    21:30:49.0915 5276 sbp2port - ok
    21:30:49.0921 5276 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
    21:30:49.0945 5276 SCardSvr - ok
    21:30:49.0948 5276 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    21:30:49.0976 5276 scfilter - ok
    21:30:50.0002 5276 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
    21:30:50.0035 5276 Schedule - ok
    21:30:50.0061 5276 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
    21:30:50.0082 5276 SCPolicySvc - ok
    21:30:50.0097 5276 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
    21:30:50.0108 5276 sdbus - ok
    21:30:50.0130 5276 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    21:30:50.0148 5276 SDRSVC - ok
    21:30:50.0153 5276 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
    21:30:50.0175 5276 secdrv - ok
    21:30:50.0178 5276 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
    21:30:50.0200 5276 seclogon - ok
    21:30:50.0211 5276 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
    21:30:50.0234 5276 SENS - ok
    21:30:50.0239 5276 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
    21:30:50.0257 5276 SensrSvc - ok
    21:30:50.0260 5276 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
    21:30:50.0277 5276 Serenum - ok
    21:30:50.0285 5276 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
    21:30:50.0295 5276 Serial - ok
    21:30:50.0300 5276 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
    21:30:50.0312 5276 sermouse - ok
    21:30:50.0320 5276 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
    21:30:50.0359 5276 SessionEnv - ok
    21:30:50.0361 5276 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    21:30:50.0370 5276 sffdisk - ok
    21:30:50.0392 5276 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    21:30:50.0424 5276 sffp_mmc - ok
    21:30:50.0427 5276 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    21:30:50.0444 5276 sffp_sd - ok
    21:30:50.0446 5276 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    21:30:50.0454 5276 sfloppy - ok
    21:30:50.0498 5276 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
    21:30:50.0510 5276 Sftfs - ok
    21:30:50.0538 5276 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    21:30:50.0547 5276 sftlist - ok
    21:30:50.0581 5276 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
    21:30:50.0589 5276 Sftplay - ok
    21:30:50.0591 5276 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
    21:30:50.0597 5276 Sftredir - ok
    21:30:50.0601 5276 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
    21:30:50.0606 5276 Sftvol - ok
    21:30:50.0615 5276 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    21:30:50.0621 5276 sftvsa - ok
    21:30:50.0659 5276 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
    21:30:50.0683 5276 SharedAccess - ok
    21:30:50.0706 5276 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    21:30:50.0731 5276 ShellHWDetection - ok
    21:30:50.0735 5276 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    21:30:50.0742 5276 SiSRaid2 - ok
    21:30:50.0746 5276 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    21:30:50.0753 5276 SiSRaid4 - ok
    21:30:50.0759 5276 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    21:30:50.0765 5276 SkypeUpdate - ok
    21:30:50.0770 5276 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    21:30:50.0817 5276 Smb - ok
    21:30:50.0819 5276 [ 8AF2546861B179E2517EB02748B4FAB7 ] SmbDrv C:\Windows\system32\drivers\Smb_driver.sys
    21:30:50.0825 5276 SmbDrv - ok
    21:30:50.0830 5276 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    21:30:50.0850 5276 SNMPTRAP - ok
    21:30:50.0853 5276 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
    21:30:50.0859 5276 spldr - ok
    21:30:50.0877 5276 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
    21:30:50.0891 5276 Spooler - ok
    21:30:50.0960 5276 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
    21:30:51.0026 5276 sppsvc - ok
    21:30:51.0030 5276 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    21:30:51.0053 5276 sppuinotify - ok
    21:30:51.0061 5276 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
    21:30:51.0078 5276 srv - ok
    21:30:51.0085 5276 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    21:30:51.0100 5276 srv2 - ok
    21:30:51.0109 5276 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
    21:30:51.0118 5276 SrvHsfHDA - ok
    21:30:51.0171 5276 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
    21:30:51.0209 5276 SrvHsfV92 - ok
    21:30:51.0230 5276 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
    21:30:51.0242 5276 SrvHsfWinac - ok
    21:30:51.0246 5276 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    21:30:51.0254 5276 srvnet - ok
    21:30:51.0260 5276 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    21:30:51.0287 5276 SSDPSRV - ok
    21:30:51.0291 5276 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
    21:30:51.0315 5276 SstpSvc - ok
    21:30:51.0355 5276 [ D30FE3ECF1D6D521365FAE307B500BC0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
    21:30:51.0395 5276 STacSV - ok
    21:30:51.0397 5276 Steam Client Service - ok
    21:30:51.0400 5276 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
    21:30:51.0406 5276 stexstor - ok
    21:30:51.0417 5276 [ 6F69D75F50E8FAF1003AA6CFB18B91EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
    21:30:51.0452 5276 STHDA - ok
    21:30:51.0467 5276 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
    21:30:51.0482 5276 stisvc - ok
    21:30:51.0485 5276 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
    21:30:51.0491 5276 swenum - ok
    21:30:51.0507 5276 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
    21:30:51.0546 5276 swprv - ok
    21:30:51.0553 5276 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\drivers\SynTP.sys
    21:30:51.0562 5276 SynTP - ok
    21:30:51.0638 5276 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
    21:30:51.0675 5276 SysMain - ok
    21:30:51.0680 5276 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    21:30:51.0692 5276 TabletInputService - ok
    21:30:51.0701 5276 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
    21:30:51.0734 5276 TapiSrv - ok
    21:30:51.0738 5276 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
    21:30:51.0761 5276 TBS - ok
    21:30:51.0803 5276 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    21:30:51.0826 5276 Tcpip - ok
    21:30:51.0868 5276 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    21:30:51.0891 5276 TCPIP6 - ok
    21:30:51.0896 5276 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    21:30:51.0943 5276 tcpipreg - ok
    21:30:51.0947 5276 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    21:30:51.0954 5276 TDPIPE - ok
    21:30:51.0957 5276 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    21:30:51.0974 5276 TDTCP - ok
    21:30:51.0978 5276 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    21:30:51.0999 5276 tdx - ok
    21:30:52.0003 5276 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
    21:30:52.0010 5276 TermDD - ok
    21:30:52.0029 5276 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
    21:30:52.0061 5276 TermService - ok
    21:30:52.0064 5276 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
    21:30:52.0075 5276 Themes - ok
    21:30:52.0078 5276 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
    21:30:52.0100 5276 THREADORDER - ok
    21:30:52.0105 5276 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
    21:30:52.0136 5276 TrkWks - ok
    21:30:52.0143 5276 [ E06079D6BCF81AB8D07A932B209BC839 ] TrueService C:\Program Files\Common Files\AuthenTec\TrueService.exe
    21:30:52.0150 5276 TrueService - ok
    21:30:52.0157 5276 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    21:30:52.0187 5276 TrustedInstaller - ok
    21:30:52.0192 5276 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:30:52.0253 5276 tssecsrv - ok
    21:30:52.0257 5276 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    21:30:52.0295 5276 TsUsbFlt - ok
    21:30:52.0298 5276 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    21:30:52.0326 5276 TsUsbGD - ok
    21:30:52.0331 5276 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    21:30:52.0401 5276 tunnel - ok
    21:30:52.0404 5276 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    21:30:52.0411 5276 uagp35 - ok
    21:30:52.0422 5276 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    21:30:52.0450 5276 udfs - ok
    21:30:52.0456 5276 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
    21:30:52.0464 5276 UI0Detect - ok
    21:30:52.0468 5276 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    21:30:52.0474 5276 uliagpkx - ok
    21:30:52.0477 5276 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    21:30:52.0493 5276 umbus - ok
    21:30:52.0496 5276 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
    21:30:52.0513 5276 UmPass - ok
    21:30:52.0527 5276 [ B097EBA0E3FEB020BB65FE43AF5ECCFF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    21:30:52.0535 5276 UNS - ok
    21:30:52.0543 5276 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
    21:30:52.0579 5276 upnphost - ok
    21:30:52.0584 5276 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    21:30:52.0592 5276 usbccgp - ok
    21:30:52.0599 5276 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
    21:30:52.0608 5276 usbcir - ok
    21:30:52.0611 5276 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
    21:30:52.0620 5276 usbehci - ok
    21:30:52.0626 5276 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
    21:30:52.0646 5276 usbhub - ok
    21:30:52.0649 5276 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
    21:30:52.0669 5276 usbohci - ok
    21:30:52.0697 5276 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
    21:30:52.0728 5276 usbprint - ok
    21:30:52.0752 5276 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    21:30:52.0761 5276 usbscan - ok
    21:30:52.0768 5276 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:30:52.0799 5276 USBSTOR - ok
    21:30:52.0804 5276 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    21:30:52.0814 5276 usbuhci - ok
    21:30:52.0826 5276 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    21:30:52.0836 5276 usbvideo - ok
    21:30:52.0845 5276 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
    21:30:52.0874 5276 UxSms - ok
    21:30:52.0877 5276 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
    21:30:52.0884 5276 VaultSvc - ok
    21:30:52.0887 5276 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    21:30:52.0893 5276 vdrvroot - ok
    21:30:52.0906 5276 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
    21:30:52.0944 5276 vds - ok
    21:30:52.0947 5276 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    21:30:52.0956 5276 vga - ok
    21:30:52.0958 5276 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
    21:30:52.0988 5276 VgaSave - ok
    21:30:52.0997 5276 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    21:30:53.0005 5276 vhdmp - ok
    21:30:53.0008 5276 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
    21:30:53.0014 5276 viaide - ok
    21:30:53.0018 5276 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    21:30:53.0025 5276 volmgr - ok
    21:30:53.0033 5276 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    21:30:53.0043 5276 volmgrx - ok
    21:30:53.0056 5276 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
    21:30:53.0065 5276 volsnap - ok
    21:30:53.0096 5276 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    21:30:53.0103 5276 vsmraid - ok
    21:30:53.0148 5276 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
    21:30:53.0201 5276 VSS - ok
    21:30:53.0204 5276 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    21:30:53.0223 5276 vwifibus - ok
    21:30:53.0227 5276 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    21:30:53.0241 5276 vwififlt - ok
    21:30:53.0243 5276 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    21:30:53.0253 5276 vwifimp - ok
    21:30:53.0265 5276 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
    21:30:53.0289 5276 W32Time - ok
    21:30:53.0294 5276 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    21:30:53.0306 5276 WacomPen - ok
    21:30:53.0310 5276 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    21:30:53.0344 5276 WANARP - ok
    21:30:53.0347 5276 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    21:30:53.0369 5276 Wanarpv6 - ok
    21:30:53.0433 5276 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    21:30:53.0450 5276 WatAdminSvc - ok
    21:30:53.0501 5276 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
    21:30:53.0543 5276 wbengine - ok
    21:30:53.0560 5276 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    21:30:53.0573 5276 WbioSrvc - ok
    21:30:53.0598 5276 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
    21:30:53.0618 5276 wcncsvc - ok
    21:30:53.0625 5276 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    21:30:53.0637 5276 WcsPlugInService - ok
    21:30:53.0639 5276 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
    21:30:53.0646 5276 Wd - ok
    21:30:53.0678 5276 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    21:30:53.0690 5276 Wdf01000 - ok
    21:30:53.0699 5276 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
    21:30:53.0759 5276 WdiServiceHost - ok
    21:30:53.0762 5276 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
    21:30:53.0774 5276 WdiSystemHost - ok
    21:30:53.0783 5276 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
    21:30:53.0804 5276 WebClient - ok
    21:30:53.0815 5276 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
    21:30:53.0847 5276 Wecsvc - ok
    21:30:53.0852 5276 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    21:30:53.0875 5276 wercplsupport - ok
    21:30:53.0879 5276 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
    21:30:53.0906 5276 WerSvc - ok
    21:30:53.0908 5276 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    21:30:53.0930 5276 WfpLwf - ok
    21:30:53.0933 5276 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    21:30:53.0939 5276 WIMMount - ok
    21:30:53.0941 5276 WinDefend - ok
    21:30:53.0944 5276 WinHttpAutoProxySvc - ok
    21:30:53.0960 5276 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    21:30:53.0984 5276 Winmgmt - ok
    21:30:54.0032 5276 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
    21:30:54.0067 5276 WinRM - ok
    21:30:54.0074 5276 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
    21:30:54.0083 5276 WinUsb - ok
    21:30:54.0119 5276 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
    21:30:54.0159 5276 Wlansvc - ok
    21:30:54.0174 5276 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    21:30:54.0180 5276 wlcrasvc - ok
    21:30:54.0271 5276 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    21:30:54.0297 5276 wlidsvc - ok
    21:30:54.0300 5276 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
    21:30:54.0326 5276 WmiAcpi - ok
    21:30:54.0337 5276 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    21:30:54.0349 5276 wmiApSrv - ok
    21:30:54.0352 5276 WMPNetworkSvc - ok
    21:30:54.0355 5276 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
    21:30:54.0364 5276 WPCSvc - ok
    21:30:54.0368 5276 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    21:30:54.0377 5276 WPDBusEnum - ok
    21:30:54.0381 5276 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    21:30:54.0403 5276 ws2ifsl - ok
    21:30:54.0408 5276 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
    21:30:54.0430 5276 wscsvc - ok
    21:30:54.0432 5276 WSearch - ok
    21:30:54.0513 5276 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
    21:30:54.0542 5276 wuauserv - ok
    21:30:54.0547 5276 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    21:30:54.0592 5276 WudfPf - ok
    21:30:54.0597 5276 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:30:54.0625 5276 WUDFRd - ok
    21:30:54.0629 5276 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    21:30:54.0651 5276 wudfsvc - ok
    21:30:54.0658 5276 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
    21:30:54.0669 5276 WwanSvc - ok
    21:30:54.0673 5276 ================ Scan global ===============================
    21:30:54.0676 5276 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    21:30:54.0682 5276 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    21:30:54.0690 5276 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
    21:30:54.0695 5276 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    21:30:54.0707 5276 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    21:30:54.0709 5276 [Global] - ok
    21:30:54.0710 5276 ================ Scan MBR ==================================
    21:30:54.0712 5276 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    21:30:54.0841 5276 \Device\Harddisk0\DR0 - ok
    21:30:54.0841 5276 ================ Scan VBR ==================================
    21:30:54.0843 5276 [ B43B6A86C968CAC9A8F7776810917CA3 ] \Device\Harddisk0\DR0\Partition1
    21:30:54.0844 5276 \Device\Harddisk0\DR0\Partition1 - ok
    21:30:54.0845 5276 [ 99A27B4352D6B579B525F39AA4DB0172 ] \Device\Harddisk0\DR0\Partition2
    21:30:54.0847 5276 \Device\Harddisk0\DR0\Partition2 - ok
    21:30:54.0848 5276 [ DE091AB05CE54191A2B2A02159BDF485 ] \Device\Harddisk0\DR0\Partition3
    21:30:54.0850 5276 \Device\Harddisk0\DR0\Partition3 - ok
    21:30:54.0852 5276 [ 163D7CBAA8FC3AFE4AC9D30D195A96CD ] \Device\Harddisk0\DR0\Partition4
    21:30:54.0852 5276 \Device\Harddisk0\DR0\Partition4 - ok
    21:30:54.0852 5276 ============================================================
    21:30:54.0852 5276 Scan finished
    21:30:54.0852 5276 ============================================================
    21:30:54.0857 1128 Detected object count: 3
    21:30:54.0857 1128 Actual detected object count: 3
    21:31:49.0948 1128 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
    21:31:49.0948 1128 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
    21:31:49.0948 1128 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    21:31:49.0948 1128 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    21:31:49.0948 1128 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    21:31:49.0948 1128 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
     
  7. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    RogueKiller V8.1.1 [10/01/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Website: http://tigzy.geekstogo.com/roguekiller.php
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : Sulli [Admin rights]
    Mode : Remove -- Date : 10/18/2012 21:48:52

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED] ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> C:\Windows\system32\drivers\etc\hosts



    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: 2SWS9JCA066349 +++++
    --- User ---
    [MBR] 283053ec9b8790fa230e62b4a6c7cedf
    [BSP] e7861fd3f1ff8c638807f853b2353356 : Windows 7 MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 931383 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1907881984 | Size: 22175 Mo
    3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1953296384 | Size: 108 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Finished : << RKreport[3].txt >>
    RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-10-18 21:49:24
    -----------------------------
    21:49:24.832 OS Version: Windows x64 6.1.7601 Service Pack 1
    21:49:24.832 Number of processors: 8 586 0x3A09
    21:49:24.832 ComputerName: SULLISCOMPUTER UserName: Sulli
    21:49:26.513 Initialize success
    21:51:00.112 AVAST engine defs: 12101802
    21:51:37.792 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    21:51:37.794 Disk 0 Vendor: Intel___ 1.0. Size: 953867MB BusType: 8
    21:51:37.796 Disk 0 MBR read successfully
    21:51:37.797 Disk 0 MBR scan
    21:51:37.800 Disk 0 Windows 7 default MBR code
    21:51:37.802 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
    21:51:37.805 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 931383 MB offset 409600
    21:51:37.808 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 22175 MB offset 1907881984
    21:51:37.812 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 108 MB offset 1953296384
    21:51:37.818 Disk 0 scanning C:\Windows\system32\drivers
    21:51:46.419 Service scanning
    21:52:02.366 Modules scanning
    21:52:02.371 Disk 0 trace - called modules:
    21:52:02.375 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
    21:52:02.377 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008044790]
    21:52:02.380 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8007f5cb10]
    21:52:02.382 5 hpdskflt.sys[fffff88001691189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8008048050]
    21:52:03.880 AVAST engine scan C:\Windows
    21:52:06.300 AVAST engine scan C:\Windows\system32
    21:54:51.777 AVAST engine scan C:\Windows\system32\drivers
    21:55:00.024 AVAST engine scan C:\Users\Sulli
    21:55:39.328 AVAST engine scan C:\ProgramData
    21:56:07.316 Scan finished successfully
    22:07:22.273 Disk 0 MBR has been saved successfully to "C:\Users\Sulli\Downloads\MBR.dat"
    22:07:22.277 The log file has been saved successfully to "C:\Users\Sulli\Downloads\aswMBR.txt"
     
  8. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Create new restore point before proceeding with the next step....
    How to:
    - Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
    - Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
    - XP: http://support.microsoft.com/kb/948247

    =============================

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
      If restarting doesn't help use restore point you created prior to running Combofix.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try the following...

    Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Download Rkill (courtesy of BleepingComputer.com) to your desktop.
    There are 2 different versions. If one of them won't run then download and try to run the other one.
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
    iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

    Restart computer in safe mode

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    When the scan is done Notepad will open with rKill.txt log.
    NOTE. rKill.txt log will also be present on your desktop.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
     
  9. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    ComboFix 12-10-19.01 - Sulli 10/20/2012 14:41:53.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8091.6252 [GMT -4:00]
    Running from: c:\users\Sulli\Downloads\ComboFix.exe
    AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_nvsvc
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-09-20 to 2012-10-20 )))))))))))))))))))))))))))))))
    .
    .
    2074-05-18 21:44 . 2008-03-21 18:46607296----a-w-c:\program files (x86)\Microsoft Games\Age of Empires III\deformerdllyD.dll
    2012-10-20 18:46 . 2012-10-20 18:46--------d-----w-c:\users\UpdatusUser\AppData\Local\temp
    2012-10-19 15:46 . 2012-10-12 07:199291768------w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{7265C1AB-3A1C-4ED8-A5BF-8CCBD837D2B5}\mpengine.dll
    2012-10-19 02:27 . 2012-10-19 02:27298016----a-w-c:\windows\SysWow64\PnkBstrB.xtr
    2012-10-19 02:27 . 2012-10-19 02:27--------d-----w-c:\users\Sulli\AppData\Local\PunkBuster
    2012-10-19 02:20 . 2012-10-19 02:27298016----a-w-c:\windows\SysWow64\PnkBstrB.exe
    2012-10-19 02:20 . 2012-10-19 02:20189248----a-w-c:\windows\SysWow64\PnkBstrB.ex0
    2012-10-19 02:20 . 2012-10-19 02:2876888----a-w-c:\windows\SysWow64\PnkBstrA.exe
    2012-10-19 02:20 . 2012-10-18 20:083130440----a-w-c:\windows\SysWow64\pbsvc_blr.exe
    2012-10-19 02:20 . 2012-10-19 02:20--------d-----w-c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
    2012-10-19 02:20 . 2012-10-19 02:20--------d-----w-c:\program files (x86)\Common Files\Wise Installation Wizard
    2012-10-17 23:45 . 2012-10-17 23:45--------d-----w-c:\users\Sulli\AppData\Local\Mumble
    2012-10-16 15:47 . 2012-10-16 15:47--------d-----w-c:\programdata\ClubSanDisk
    2012-10-13 04:18 . 2012-08-31 18:191659760----a-w-c:\windows\system32\drivers\ntfs.sys
    2012-10-13 04:17 . 2012-08-24 18:05220160----a-w-c:\windows\system32\wintrust.dll
    2012-10-13 04:17 . 2012-08-24 16:57172544----a-w-c:\windows\SysWow64\wintrust.dll
    2012-10-13 04:17 . 2012-09-14 19:192048----a-w-c:\windows\system32\tzres.dll
    2012-10-13 04:17 . 2012-09-14 18:282048----a-w-c:\windows\SysWow64\tzres.dll
    2012-10-13 04:17 . 2012-08-11 00:56715776----a-w-c:\windows\system32\kerberos.dll
    2012-10-13 04:17 . 2012-08-10 23:56542208----a-w-c:\windows\SysWow64\kerberos.dll
    2012-10-13 04:16 . 2012-06-02 05:41184320----a-w-c:\windows\system32\cryptsvc.dll
    2012-10-13 04:16 . 2012-06-02 05:41140288----a-w-c:\windows\system32\cryptnet.dll
    2012-10-13 04:16 . 2012-06-02 05:411464320----a-w-c:\windows\system32\crypt32.dll
    2012-10-13 04:16 . 2012-06-02 04:361159680----a-w-c:\windows\SysWow64\crypt32.dll
    2012-10-13 04:16 . 2012-06-02 04:36140288----a-w-c:\windows\SysWow64\cryptsvc.dll
    2012-10-13 04:16 . 2012-06-02 04:36103936----a-w-c:\windows\SysWow64\cryptnet.dll
    2012-10-13 01:29 . 2012-10-13 01:29--------d-----w-c:\users\Sulli\AppData\Local\ElevatedDiagnostics
    2012-10-07 21:55 . 2012-10-07 21:55--------d-----w-c:\users\Sulli\AppData\Local\ESET
    2012-09-26 15:58 . 2012-08-21 21:01245760----a-w-c:\windows\system32\OxpsConverter.exe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-10-13 04:27 . 2012-08-20 04:4165309168----a-w-c:\windows\system32\MRT.exe
    2012-10-02 22:21 . 2012-09-13 16:261482600----a-w-c:\windows\system32\nvdispgenco64.dll
    2012-10-02 22:21 . 2012-08-12 05:30973672----a-w-c:\windows\system32\nvumdshimx.dll
    2012-10-02 22:21 . 2012-08-12 05:302731880----a-w-c:\windows\system32\nvapi64.dll
    2012-10-02 22:21 . 2012-08-12 05:30247144----a-w-c:\windows\system32\nvinitx.dll
    2012-10-02 22:21 . 2012-08-12 05:30202600----a-w-c:\windows\SysWow64\nvinit.dll
    2012-10-02 22:21 . 2012-08-12 05:301760104----a-w-c:\windows\system32\nvdispco64.dll
    2012-10-02 19:51 . 2012-08-12 05:313536817----a-w-c:\windows\system32\nvcoproc.bin
    2012-10-02 19:51 . 2012-08-12 05:313293544----a-w-c:\windows\system32\nvsvc64.dll
    2012-10-02 19:51 . 2012-08-12 05:316200680----a-w-c:\windows\system32\nvcpl.dll
    2012-10-02 19:50 . 2012-08-12 05:31891240----a-w-c:\windows\system32\nvvsvc.exe
    2012-10-02 19:50 . 2012-08-12 05:31866664----a-w-c:\windows\system32\nv3dappshext.dll
    2012-10-02 19:50 . 2012-08-12 05:3163336----a-w-c:\windows\system32\nvshext.dll
    2012-10-02 19:50 . 2012-08-12 05:3155144----a-w-c:\windows\system32\nv3dappshextr.dll
    2012-10-02 19:50 . 2012-08-12 05:312557800----a-w-c:\windows\system32\nvsvcr.dll
    2012-10-02 19:50 . 2012-08-12 05:31118120----a-w-c:\windows\system32\nvmctray.dll
    2012-09-07 21:04 . 2012-09-02 18:4125928----a-w-c:\windows\system32\drivers\mbam.sys
    2012-09-04 16:33 . 2012-09-04 16:3395208----a-w-c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-04 16:33 . 2012-08-17 03:30821736----a-w-c:\windows\SysWow64\npDeployJava1.dll
    2012-09-04 16:33 . 2012-08-17 03:30746984----a-w-c:\windows\SysWow64\deployJava1.dll
    2012-08-24 17:06 . 2012-02-17 23:5873416----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-24 17:06 . 2012-02-17 23:58696520----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
    2012-08-22 18:12 . 2012-09-12 14:121913200----a-w-c:\windows\system32\drivers\tcpip.sys
    2012-08-22 18:12 . 2012-09-12 14:12950128----a-w-c:\windows\system32\drivers\ndis.sys
    2012-08-22 18:12 . 2012-09-12 14:12376688----a-w-c:\windows\system32\drivers\netio.sys
    2012-08-22 18:12 . 2012-09-12 14:12288624----a-w-c:\windows\system32\drivers\FWPKCLNT.SYS
    2012-08-21 09:12 . 2012-08-26 17:39285328----a-w-c:\windows\system32\aswBoot.exe
    2012-08-20 17:38 . 2012-10-13 04:1844032----a-w-c:\windows\apppatch\acwow64.dll
    2012-08-17 03:38 . 2012-08-17 03:38268784----a-w-c:\windows\system32\javaws.exe
    2012-08-17 03:38 . 2012-08-17 03:38189424----a-w-c:\windows\system32\javaw.exe
    2012-08-17 03:38 . 2012-08-17 03:38188912----a-w-c:\windows\system32\java.exe
    2012-08-17 03:38 . 2012-08-17 03:38955888----a-w-c:\windows\system32\npDeployJava1.dll
    2012-08-17 03:38 . 2012-08-17 03:38839152----a-w-c:\windows\system32\deployJava1.dll
    2012-08-16 18:15 . 2011-03-29 02:3619720----a-w-c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2012-08-12 05:43 . 2012-08-12 05:4329480----a-w-c:\windows\SysWow64\msxml3a.dll
    2012-08-12 05:43 . 2003-03-19 03:14505128----a-w-c:\windows\SysWow64\msvcp71.dll
    2012-08-12 05:43 . 2003-02-21 11:42353576----a-w-c:\windows\SysWow64\msvcr71.dll
    2012-08-12 05:26 . 2012-08-12 05:26515584----a-w-c:\windows\system32\timedate.cpl
    2012-08-12 05:26 . 2012-08-12 05:26478720----a-w-c:\windows\SysWow64\timedate.cpl
    2012-08-12 05:26 . 2012-08-12 05:26690688----a-w-c:\windows\SysWow64\msvcrt.dll
    2012-08-12 05:26 . 2012-08-12 05:26634880----a-w-c:\windows\system32\msvcrt.dll
    2012-08-12 05:26 . 2012-08-12 05:26498688----a-w-c:\windows\system32\drivers\afd.sys
    2012-08-12 05:26 . 2012-08-12 05:261731920----a-w-c:\windows\system32\ntdll.dll
    2012-08-12 05:26 . 2012-08-12 05:261292080----a-w-c:\windows\SysWow64\ntdll.dll
    2012-08-12 05:25 . 2012-08-12 05:25509952----a-w-c:\windows\system32\ntshrui.dll
    2012-08-12 05:25 . 2012-08-12 05:25442880----a-w-c:\windows\SysWow64\ntshrui.dll
    2012-08-12 05:25 . 2012-08-12 05:251572864----a-w-c:\windows\system32\quartz.dll
    2012-08-12 05:25 . 2012-08-12 05:251328128----a-w-c:\windows\SysWow64\quartz.dll
    2012-08-12 05:25 . 2012-08-12 05:25826880----a-w-c:\windows\SysWow64\rdpcore.dll
    2012-08-12 05:25 . 2012-08-12 05:2523552----a-w-c:\windows\system32\drivers\tdtcp.sys
    2012-08-12 05:25 . 2012-08-12 05:251031680----a-w-c:\windows\system32\rdpcore.dll
    2012-08-12 05:25 . 2012-08-12 05:25395776----a-w-c:\windows\system32\webio.dll
    2012-08-12 05:25 . 2012-08-12 05:25314880----a-w-c:\windows\SysWow64\webio.dll
    2012-08-12 05:25 . 2012-08-12 05:2531232----a-w-c:\windows\system32\lsass.exe
    2012-08-12 05:25 . 2012-08-12 05:2529184----a-w-c:\windows\system32\sspisrv.dll
    2012-08-12 05:25 . 2012-08-12 05:2528160----a-w-c:\windows\system32\secur32.dll
    2012-08-12 05:25 . 2012-08-12 05:251447936----a-w-c:\windows\system32\lsasrv.dll
    2012-08-12 05:25 . 2012-08-12 05:25136192----a-w-c:\windows\system32\sspicli.dll
    2012-08-12 05:25 . 2012-08-12 05:2577312----a-w-c:\windows\system32\packager.dll
    2012-08-12 05:25 . 2012-08-12 05:2567072----a-w-c:\windows\SysWow64\packager.dll
    2012-08-06 20:02 . 2012-08-06 20:0262784----a-w-c:\windows\system32\drivers\HECIx64.sys
    2012-08-02 17:58 . 2012-09-12 14:12574464----a-w-c:\windows\system32\d3d10level9.dll
    2012-08-02 16:57 . 2012-09-12 14:12490496----a-w-c:\windows\SysWow64\d3d10level9.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-11-30 576568]
    "HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2011-08-26 1342008]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/08/11 22:44;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-04-20 241648]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
    R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-01-30 276248]
    R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
    R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe [2011-12-09 269640]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-18 1255736]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2011-12-05 16152]
    S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
    S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
    S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
    S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
    S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [2011-12-11 260424]
    S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
    S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-11-23 227896]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 30520]
    S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-11-30 34872]
    S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
    S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2011-12-16 128280]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
    S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2011-12-05 355096]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2011-12-05 785688]
    S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2012-08-06 62784]
    S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2011-11-15 1813056]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-08-24 565352]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
    S3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2011-10-14 20016]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - WS2IFSL
    *Deregistered* - CLKMDRV10_38F51D56
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1031267864-2299367058-2740294337-1001Core.job
    - c:\users\Sulli\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-16 14:23]
    .
    2012-09-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1031267864-2299367058-2740294337-1001UA.job
    - c:\users\Sulli\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-16 14:23]
    .
    2012-10-20 c:\windows\Tasks\HPCeeScheduleForSulli.job
    - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 134.126.13.11 134.126.64.11
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    HKLM_Wow6432Node-ActiveSetup-{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec
    AddRemove-Floris Mod Pack_is1 - c:\program files (x86)\Steam\steamapps\common\mountblade warband\New Folder\Modules\unins000.exe
    AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
    AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{C98EE38D-21E4-4A50-907D-2B56FEC7013E}"=hex:51,66,7a,6c,4c,1d,38,12,e3,e0,9d,
    cd,d6,6f,3e,0f,ef,6b,68,16,fb,99,45,2a
    "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
    8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
    "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
    72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
    "{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}"=hex:51,66,7a,6c,4c,1d,38,12,00,8b,83,
    81,be,a2,af,06,dc,3a,a7,82,b5,e8,7d,4f
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
    "{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
    b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
    "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
    fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
    "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
    b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:2d,b7,d6,35,d1,8b,cd,01
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_160_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_160.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\SysWOW64\PnkBstrA.exe
    c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
    .
    **************************************************************************
    .
    Completion time: 2012-10-20 14:49:37 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-10-20 18:49
    .
    Pre-Run: 836,673,748,992 bytes free
    Post-Run: 836,479,881,216 bytes free
    .
    - - End Of File - - 4C3F16D9C81D5A2FD88A1716F561F6CA
     
  10. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Looks good :)

    Any current issues?

    =============================

    Download OTL to your Desktop.
    Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
  11. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    OTL logfile created on: 10/23/2012 10:40:44 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sulli\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.90 Gb Total Physical Memory | 6.27 Gb Available Physical Memory | 79.33% Memory free
    15.80 Gb Paging File | 14.11 Gb Available in Paging File | 89.29% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 909.55 Gb Total Space | 774.96 Gb Free Space | 85.20% Space Free | Partition Type: NTFS
    Drive D: | 21.66 Gb Total Space | 2.33 Gb Free Space | 10.76% Space Free | Partition Type: NTFS

    Computer Name: SULLISCOMPUTER | User Name: Sulli | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (All) ==========

    PRC - [2012/10/23 09:53:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sulli\Downloads\OTL.exe
    PRC - [2012/10/18 22:28:05 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
    PRC - [2012/10/02 18:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012/03/07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    PRC - [2012/02/17 19:56:02 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
    PRC - [2012/01/04 14:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    PRC - [2011/12/16 16:37:00 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2011/12/16 16:37:00 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2011/12/16 16:37:00 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    PRC - [2011/12/16 16:37:00 | 000,128,280 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    PRC - [2011/12/11 06:48:26 | 000,260,424 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
    PRC - [2011/12/11 06:48:08 | 000,875,336 | ---- | M] (AuthenTec Inc.) -- C:\Program Files (x86)\HP SimplePass\TouchControl.exe
    PRC - [2011/12/11 06:47:40 | 000,148,296 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
    PRC - [2011/11/30 00:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2011/11/29 22:20:24 | 000,576,568 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    PRC - [2011/11/29 22:20:24 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    PRC - [2011/11/28 18:08:00 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    PRC - [2011/11/22 23:43:36 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    PRC - [2011/11/22 23:40:08 | 000,981,048 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    PRC - [2011/08/26 18:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe


    ========== Modules (All) ==========

    MOD - [2012/10/23 09:53:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sulli\Downloads\OTL.exe
    MOD - [2012/10/02 18:21:00 | 000,286,056 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
    MOD - [2012/10/02 18:21:00 | 000,221,032 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
    MOD - [2012/10/02 18:21:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvinit.dll
    MOD - [2012/08/24 12:57:48 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
    MOD - [2012/08/24 02:51:50 | 001,103,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
    MOD - [2012/08/24 02:51:27 | 001,129,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
    MOD - [2012/08/24 02:44:35 | 001,793,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
    MOD - [2012/08/23 01:41:17 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
    MOD - [2012/08/23 01:41:17 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
    MOD - [2012/08/22 14:30:38 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
    MOD - [2012/08/20 13:37:18 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
    MOD - [2012/08/20 13:37:18 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
    MOD - [2012/08/12 01:26:49 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcrt.dll
    MOD - [2012/08/12 01:26:13 | 001,292,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
    MOD - [2012/08/12 01:25:19 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
    MOD - [2012/07/04 17:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
    MOD - [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
    MOD - [2012/06/02 00:40:42 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
    MOD - [2012/06/02 00:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
    MOD - [2012/06/02 00:36:29 | 001,159,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
    MOD - [2012/06/02 00:34:09 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
    MOD - [2012/05/05 03:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
    MOD - [2012/04/21 00:21:01 | 001,625,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
    MOD - [2012/03/01 01:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
    MOD - [2012/02/17 19:56:02 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
    MOD - [2012/02/17 19:41:55 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleaut32.dll
    MOD - [2012/02/17 19:41:55 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oleacc.dll
    MOD - [2012/02/17 19:40:44 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cfgmgr32.dll
    MOD - [2012/02/17 19:40:44 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devobj.dll
    MOD - [2012/02/17 19:36:15 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
    MOD - [2012/02/02 17:34:36 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
    MOD - [2011/12/11 06:48:12 | 000,480,072 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TrueSuite.AutoSoftwareUpdate.dll
    MOD - [2011/12/11 06:48:08 | 000,875,336 | ---- | M] (AuthenTec Inc.) -- C:\Program Files (x86)\HP SimplePass\TouchControl.exe
    MOD - [2011/12/11 06:48:06 | 000,298,312 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TokenMachine.dll
    MOD - [2011/12/11 06:48:04 | 000,154,952 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\TSLog.dll
    MOD - [2011/12/11 06:47:44 | 000,832,328 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\DataManager.dll
    MOD - [2011/12/11 06:47:40 | 000,148,296 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
    MOD - [2011/12/11 06:47:38 | 000,445,768 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass\BioLayer.dll
    MOD - [2011/12/09 09:41:08 | 000,158,536 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Common Files\AuthenTec\TrueOTPValidity.dll
    MOD - [2011/12/09 09:41:02 | 005,991,752 | ---- | M] (AuthenTec, Inc.) -- C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
    MOD - [2011/11/29 22:20:24 | 000,576,568 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    MOD - [2011/11/28 18:08:00 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
    MOD - [2011/11/22 23:41:06 | 002,409,016 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
    MOD - [2011/08/26 18:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    MOD - [2010/11/20 23:25:15 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
    MOD - [2010/11/20 23:24:33 | 001,010,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
    MOD - [2010/11/20 23:24:32 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\credui.dll
    MOD - [2010/11/20 23:24:28 | 000,640,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advapi32.dll
    MOD - [2010/11/20 23:24:26 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
    MOD - [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
    MOD - [2010/11/20 23:24:25 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imm32.dll
    MOD - [2010/11/20 23:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\user32.dll
    MOD - [2010/11/20 23:24:16 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
    MOD - [2010/11/20 23:24:16 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wldap32.dll
    MOD - [2010/11/20 23:24:16 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winmm.dll
    MOD - [2010/11/20 23:24:16 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
    MOD - [2010/11/20 23:24:16 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\userenv.dll
    MOD - [2010/11/20 23:24:16 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netutils.dll
    MOD - [2010/11/20 23:24:14 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gdi32.dll
    MOD - [2010/11/20 23:24:14 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apphelp.dll
    MOD - [2010/11/20 23:24:14 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
    MOD - [2010/11/20 23:24:11 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
    MOD - [2010/11/20 23:24:09 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
    MOD - [2010/11/20 23:24:08 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\propsys.dll
    MOD - [2010/11/20 23:24:08 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll
    MOD - [2010/11/20 23:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winhttp.dll
    MOD - [2010/11/20 23:24:08 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winspool.drv
    MOD - [2010/11/20 23:24:07 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
    MOD - [2010/11/20 23:24:03 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\olepro32.dll
    MOD - [2010/11/20 23:24:02 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
    MOD - [2010/11/20 23:24:01 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ole32.dll
    MOD - [2010/11/20 23:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
    MOD - [2010/11/20 23:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ws2_32.dll
    MOD - [2010/11/20 23:23:55 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
    MOD - [2010/11/20 23:23:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samcli.dll
    MOD - [2010/11/20 23:23:54 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
    MOD - [2010/11/20 23:23:51 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\setupapi.dll
    MOD - [2010/11/20 23:23:51 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
    MOD - [2010/11/20 23:23:48 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
    MOD - [2010/11/20 23:23:48 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shlwapi.dll
    MOD - [2010/11/20 23:23:48 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msasn1.dll
    MOD - [2010/03/18 09:15:26 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr100.dll
    MOD - [2009/07/13 21:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
    MOD - [2009/07/13 21:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
    MOD - [2009/07/13 21:16:18 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winbio.dll
    MOD - [2009/07/13 21:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
    MOD - [2009/07/13 21:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
    MOD - [2009/07/13 21:16:17 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
    MOD - [2009/07/13 21:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\version.dll
    MOD - [2009/07/13 21:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sechost.dll
    MOD - [2009/07/13 21:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\samlib.dll
    MOD - [2009/07/13 21:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
    MOD - [2009/07/13 21:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
    MOD - [2009/07/13 21:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\profapi.dll
    MOD - [2009/07/13 21:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\psapi.dll
    MOD - [2009/07/13 21:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntmarta.dll
    MOD - [2009/07/13 21:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
    MOD - [2009/07/13 21:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\nsi.dll
    MOD - [2009/07/13 21:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msimg32.dll
    MOD - [2009/07/13 21:15:43 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctf.dll
    MOD - [2009/07/13 21:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
    MOD - [2009/07/13 21:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dwmapi.dll
    MOD - [2009/07/13 21:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
    MOD - [2009/07/13 21:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsp.dll
    MOD - [2009/07/13 21:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptbase.dll
    MOD - [2009/07/13 21:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\clbcatq.dll
    MOD - [2009/07/13 21:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
    MOD - [2009/07/13 21:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
    MOD - [2009/07/13 21:11:24 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\uxtheme.dll
    MOD - [2009/07/13 21:11:23 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\lpk.dll
    MOD - [2009/07/13 21:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
    MOD - [2009/07/13 21:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


    ========== Services (All) ==========

    SRV:64bit: - [2012/08/18 03:01:41 | 001,255,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV:64bit: - [2012/08/12 01:25:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (VaultSvc)
    SRV:64bit: - [2012/08/12 01:25:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
    SRV:64bit: - [2012/08/12 01:25:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
    SRV:64bit: - [2012/08/12 01:25:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (Netlogon)
    SRV:64bit: - [2012/08/12 01:25:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
    SRV:64bit: - [2012/08/12 01:25:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (EFS)
    SRV:64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
    SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
    SRV:64bit: - [2012/06/02 01:41:28 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
    SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
    SRV:64bit: - [2012/03/07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
    SRV:64bit: - [2012/02/17 19:40:44 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
    SRV:64bit: - [2012/02/17 19:40:24 | 000,591,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
    SRV:64bit: - [2012/02/17 19:38:27 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
    SRV:64bit: - [2012/02/17 19:37:55 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
    SRV:64bit: - [2012/02/17 19:37:00 | 001,139,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
    SRV:64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
    SRV:64bit: - [2012/02/08 18:53:38 | 000,066,048 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Windows\SysNative\HPZipm12.dll -- (Pml Driver HPZ12)
    SRV:64bit: - [2012/02/08 18:53:36 | 000,050,688 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Windows\SysNative\HPZinw12.dll -- (Net Driver HPZ12)
    SRV:64bit: - [2012/01/04 04:37:16 | 000,311,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2011/12/09 09:41:00 | 000,269,640 | ---- | M] (AuthenTec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\AuthenTec\TrueService.exe -- (TrueService)
    SRV:64bit: - [2011/12/08 19:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV:64bit: - [2011/05/13 16:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
    SRV:64bit: - [2011/03/29 01:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV:64bit: - [2011/02/17 02:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
    SRV:64bit: - [2010/11/20 23:25:14 | 001,504,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
    SRV:64bit: - [2010/11/20 23:25:14 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
    SRV:64bit: - [2010/11/20 23:25:10 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
    SRV:64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
    SRV:64bit: - [2010/11/20 23:25:05 | 001,525,248 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
    SRV:64bit: - [2010/11/20 23:24:52 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
    SRV:64bit: - [2010/11/20 23:24:51 | 000,232,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
    SRV:64bit: - [2010/11/20 23:24:51 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
    SRV:64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
    SRV:64bit: - [2010/11/20 23:24:42 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc)
    SRV:64bit: - [2010/11/20 23:24:36 | 001,743,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
    SRV:64bit: - [2010/11/20 23:24:36 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
    SRV:64bit: - [2010/11/20 23:24:35 | 000,258,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
    SRV:64bit: - [2010/11/20 23:24:34 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
    SRV:64bit: - [2010/11/20 23:24:33 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
    SRV:64bit: - [2010/11/20 23:24:32 | 000,777,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
    SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
    SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
    SRV:64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
    SRV:64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
    SRV:64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
    SRV:64bit: - [2010/11/20 23:24:24 | 002,018,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
    SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
    SRV:64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
    SRV:64bit: - [2010/11/20 23:24:16 | 000,162,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
    SRV:64bit: - [2010/11/20 23:24:16 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\KMSVC.DLL -- (hkmsvc)
    SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
    SRV:64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
    SRV:64bit: - [2010/11/20 23:24:14 | 000,569,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
    SRV:64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
    SRV:64bit: - [2010/11/20 23:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
    SRV:64bit: - [2010/11/20 23:24:09 | 000,080,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
    SRV:64bit: - [2010/11/20 23:24:08 | 000,070,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
    SRV:64bit: - [2010/11/20 23:24:07 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
    SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
    SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
    SRV:64bit: - [2010/11/20 23:24:00 | 001,389,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
    SRV:64bit: - [2010/11/20 23:24:00 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
    SRV:64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
    SRV:64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
    SRV:64bit: - [2010/11/20 23:23:56 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
    SRV:64bit: - [2010/11/20 23:23:56 | 000,444,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
    SRV:64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
    SRV:64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
    SRV:64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
    SRV:64bit: - [2010/11/20 23:23:54 | 000,303,616 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
    SRV:64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
    SRV:64bit: - [2010/11/20 23:23:51 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
    SRV:64bit: - [2010/11/20 23:23:50 | 000,078,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
    SRV:64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
    SRV:64bit: - [2010/11/20 23:23:48 | 000,476,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\QAGENTRT.DLL -- (napagent)
    SRV:64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
    SRV:64bit: - [2010/10/11 06:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
    SRV:64bit: - [2010/09/22 22:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
    SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
    SRV:64bit: - [2009/07/13 21:41:57 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpcsvc.dll -- (WPCSvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,353,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,084,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
    SRV:64bit: - [2009/07/13 21:41:56 | 000,038,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\uxsms.dll -- (UxSms)
    SRV:64bit: - [2009/07/13 21:41:55 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
    SRV:64bit: - [2009/07/13 21:41:55 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tbssvc.dll -- (TBS)
    SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
    SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
    SRV:64bit: - [2009/07/13 21:41:54 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
    SRV:64bit: - [2009/07/13 21:41:54 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
    SRV:64bit: - [2009/07/13 21:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
    SRV:64bit: - [2009/07/13 21:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,438,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,190,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,186,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,159,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,064,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
    SRV:64bit: - [2009/07/13 21:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
    SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
    SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
    SRV:64bit: - [2009/07/13 21:41:28 | 000,368,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
    SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2009/07/13 21:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
    SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (THREADORDER)
    SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
    SRV:64bit: - [2009/07/13 21:41:18 | 000,300,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
    SRV:64bit: - [2009/07/13 21:41:18 | 000,023,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
    SRV:64bit: - [2009/07/13 21:41:11 | 000,156,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
    SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
    SRV:64bit: - [2009/07/13 21:41:09 | 000,101,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPBusEnum.dll -- (IPBusEnum)
    SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
    SRV:64bit: - [2009/07/13 21:40:52 | 000,034,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
    SRV:64bit: - [2009/07/13 21:40:52 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
    SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
    SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
    SRV:64bit: - [2009/07/13 21:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
    SRV:64bit: - [2009/07/13 21:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
    SRV:64bit: - [2009/07/13 21:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
    SRV:64bit: - [2009/07/13 21:39:55 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
    SRV:64bit: - [2009/07/13 21:39:48 | 000,040,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
    SRV:64bit: - [2009/07/13 21:39:41 | 000,014,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
    SRV:64bit: - [2009/07/13 21:39:21 | 000,141,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
    SRV:64bit: - [2009/07/13 21:39:15 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
    SRV:64bit: - [2009/07/13 21:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
    SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
    SRV - [2012/10/18 22:28:05 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2012/10/03 21:35:49 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2012/10/02 18:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012/06/02 00:36:29 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
    SRV - [2012/02/17 19:40:24 | 000,427,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
    SRV - [2012/01/30 01:03:54 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2012/01/04 14:22:40 | 000,822,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
    SRV - [2011/12/16 16:37:00 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2011/12/16 16:37:00 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2011/12/16 16:37:00 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
    SRV - [2011/12/16 16:37:00 | 000,128,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
    SRV - [2011/12/11 06:48:26 | 000,260,424 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe -- (FPLService)
    SRV - [2011/11/30 00:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
    SRV - [2011/11/29 22:20:24 | 000,034,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
    SRV - [2011/11/22 23:43:36 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
    SRV - [2011/11/22 23:40:08 | 000,981,048 | ---- | M] (Hewlett-Packard Company) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex)
    SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
    SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
    SRV - [2011/09/09 21:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
    SRV - [2011/07/20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
    SRV - [2011/04/20 12:57:02 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
    SRV - [2010/11/20 23:25:10 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
    SRV - [2010/11/20 23:24:53 | 000,856,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
    SRV - [2010/11/20 23:24:52 | 000,042,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
    SRV - [2010/11/20 23:24:49 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wcncsvc.dll -- (wcncsvc)
    SRV - [2010/11/20 23:24:49 | 000,204,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
    SRV - [2010/11/20 23:24:42 | 000,696,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
    SRV - [2010/11/20 23:24:32 | 001,175,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
     
     
  12. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
    SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
    SRV - [2010/11/20 23:24:08 | 001,508,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
    SRV - [2010/11/20 23:24:08 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\winhttp.dll -- (WinHttpAutoProxySvc)
    SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
    SRV - [2010/11/20 23:24:03 | 000,194,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
    SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
    SRV - [2010/11/20 23:23:55 | 000,113,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
    SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
    SRV - [2010/03/18 17:23:04 | 000,044,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe -- (aspnet_state)
    SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/01/09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
    SRV - [2009/07/13 21:39:09 | 000,127,488 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\ehome\ehsched.exe -- (ehSched)
    SRV - [2009/07/13 21:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wpcsvc.dll -- (WPCSvc)
    SRV - [2009/07/13 21:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
    SRV - [2009/07/13 21:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
    SRV - [2009/07/13 21:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
    SRV - [2009/07/13 21:16:17 | 000,266,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
    SRV - [2009/07/13 21:16:13 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\Sens.dll -- (SENS)
    SRV - [2009/07/13 21:16:12 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
    SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
    SRV - [2009/07/13 21:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
    SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
    SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
    SRV - [2009/07/13 21:14:28 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
    SRV - [2009/07/13 21:14:18 | 000,007,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/06/10 16:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
    SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)


    ========== Driver Services (All) ==========

    DRV:64bit: - [2012/10/02 18:21:00 | 013,443,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV:64bit: - [2012/10/02 18:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
    DRV:64bit: - [2012/08/31 14:19:35 | 001,659,760 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (Ntfs)
    DRV:64bit: - [2012/08/22 14:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (TCPIP6)
    DRV:64bit: - [2012/08/22 14:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
    DRV:64bit: - [2012/08/22 14:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
    DRV:64bit: - [2012/08/12 01:26:18 | 000,498,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
    DRV:64bit: - [2012/08/12 01:25:29 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdtcp.sys -- (TDTCP)
    DRV:64bit: - [2012/08/06 16:02:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
    DRV:64bit: - [2012/06/02 01:50:10 | 000,458,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
    DRV:64bit: - [2012/06/02 01:48:16 | 000,151,920 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
    DRV:64bit: - [2012/06/02 01:48:16 | 000,095,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
    DRV:64bit: - [2012/04/27 23:55:21 | 000,210,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpwd.sys -- (RDPWD)
    DRV:64bit: - [2012/03/17 03:58:57 | 000,075,120 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
    DRV:64bit: - [2012/03/14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
    DRV:64bit: - [2012/03/14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
    DRV:64bit: - [2012/03/14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
    DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2012/02/17 19:45:19 | 000,410,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStorV.sys -- (iaStorV)
    DRV:64bit: - [2012/02/17 19:45:19 | 000,166,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstor.sys -- (nvstor)
    DRV:64bit: - [2012/02/17 19:45:19 | 000,148,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvraid.sys -- (nvraid)
    DRV:64bit: - [2012/02/17 19:45:19 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2012/02/17 19:45:19 | 000,091,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBSTOR.SYS -- (USBSTOR)
    DRV:64bit: - [2012/02/17 19:45:19 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2012/02/17 19:42:41 | 000,983,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
    DRV:64bit: - [2012/02/17 19:39:54 | 000,288,768 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
    DRV:64bit: - [2012/02/17 19:39:54 | 000,158,208 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
    DRV:64bit: - [2012/02/17 19:39:54 | 000,128,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
    DRV:64bit: - [2012/02/17 19:39:48 | 000,467,456 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
    DRV:64bit: - [2012/02/17 19:39:48 | 000,410,112 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
    DRV:64bit: - [2012/02/17 19:39:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
    DRV:64bit: - [2012/02/17 19:38:50 | 000,343,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
    DRV:64bit: - [2012/02/17 19:38:50 | 000,098,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbccgp.sys -- (usbccgp)
    DRV:64bit: - [2012/02/17 19:38:50 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbehci.sys -- (usbehci)
    DRV:64bit: - [2012/02/17 19:38:50 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbuhci.sys -- (usbuhci)
    DRV:64bit: - [2012/02/17 19:38:50 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbohci.sys -- (usbohci)
    DRV:64bit: - [2012/02/17 19:38:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
    DRV:64bit: - [2012/02/17 19:37:05 | 000,296,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
    DRV:64bit: - [2012/01/18 22:24:12 | 014,658,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2012/01/04 04:37:16 | 000,535,552 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2011/12/06 07:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2011/12/05 06:13:00 | 000,785,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
    DRV:64bit: - [2011/12/05 06:13:00 | 000,355,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
    DRV:64bit: - [2011/12/05 06:13:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
    DRV:64bit: - [2011/11/29 23:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2011/11/15 02:53:02 | 001,813,056 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
    DRV:64bit: - [2011/10/27 14:27:52 | 000,259,688 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
    DRV:64bit: - [2011/10/14 00:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2011/10/14 00:37:42 | 000,020,016 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
    DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
    DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
    DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
    DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
    DRV:64bit: - [2011/08/24 01:57:24 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2011/05/13 16:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
    DRV:64bit: - [2011/05/13 16:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
    DRV:64bit: - [2010/11/20 23:24:39 | 000,223,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
    DRV:64bit: - [2010/11/20 23:24:36 | 000,140,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
    DRV:64bit: - [2010/11/20 23:24:33 | 000,213,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
    DRV:64bit: - [2010/11/20 23:24:33 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
    DRV:64bit: - [2010/11/20 23:24:33 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
    DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 23:24:32 | 000,119,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
    DRV:64bit: - [2010/11/20 23:24:32 | 000,102,400 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (DfsC)
    DRV:64bit: - [2010/11/20 23:24:32 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
    DRV:64bit: - [2010/11/20 23:24:27 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
    DRV:64bit: - [2010/11/20 23:24:25 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
    DRV:64bit: - [2010/11/20 23:24:24 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,366,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,363,392 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
    DRV:64bit: - [2010/11/20 23:24:15 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
    DRV:64bit: - [2010/11/20 23:24:14 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (NDProxy)
    DRV:64bit: - [2010/11/20 23:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wanarp.sys -- (Wanarpv6)
    DRV:64bit: - [2010/11/20 23:24:11 | 000,088,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (WANARP)
    DRV:64bit: - [2010/11/20 23:24:09 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
    DRV:64bit: - [2010/11/20 23:24:08 | 000,309,248 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
    DRV:64bit: - [2010/11/20 23:24:08 | 000,164,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
    DRV:64bit: - [2010/11/20 23:24:08 | 000,131,584 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
    DRV:64bit: - [2010/11/20 23:24:00 | 000,289,664 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
    DRV:64bit: - [2010/11/20 23:23:55 | 000,753,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
    DRV:64bit: - [2010/11/20 23:23:55 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
    DRV:64bit: - [2010/11/20 23:23:53 | 000,094,592 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
    DRV:64bit: - [2010/11/20 23:23:52 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
    DRV:64bit: - [2010/11/20 23:23:51 | 000,261,632 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
    DRV:64bit: - [2010/11/20 23:23:51 | 000,039,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tssecsrv.sys -- (tssecsrv)
    DRV:64bit: - [2010/11/20 23:23:50 | 000,172,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
    DRV:64bit: - [2010/11/20 23:23:50 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,273,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msiscsi.sys -- (iScsiPrt)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,078,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IPMIDrv.sys -- (IPMIDRV)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,334,208 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,229,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,215,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,184,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbvideo.sys -- (usbvideo)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,184,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,155,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mpio.sys -- (mpio)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,140,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdsm.sys -- (msdsm)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,122,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hdaudbus.sys -- (HDAudBus)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,103,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbp2port.sys -- (sbp2port)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,071,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgr.sys -- (volmgr)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,063,360 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\termdd.sys -- (TermDD)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\umbus.sys -- (umbus)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winusb.sys -- (WinUsb)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbdhid.sys -- (kbdhid)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msahci.sys -- (msahci)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidusb.sys -- (HidUsb)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_sd.sys -- (sffp_sd)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
    DRV:64bit: - [2010/07/28 12:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
    DRV:64bit: - [2009/07/13 21:52:31 | 000,367,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\clfs.sys -- (CLFS)
    DRV:64bit: - [2009/07/13 21:52:31 | 000,021,584 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\compbatt.sys -- (Compbatt)
    DRV:64bit: - [2009/07/13 21:52:31 | 000,017,488 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmdide.sys -- (cmdide)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,491,088 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adp94xx.sys -- (adp94xx)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,339,536 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpahci.sys -- (adpahci)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,182,864 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\adpu320.sys -- (adpu320)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,097,856 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arcsas.sys -- (arcsas)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,087,632 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\arc.sys -- (arc)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AGP440.sys -- (agp440)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atapi.sys -- (atapi)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,015,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdide.sys -- (amdide)
    DRV:64bit: - [2009/07/13 21:52:21 | 000,015,440 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aliide.sys -- (aliide)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:27 | 000,060,496 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
    DRV:64bit: - [2009/07/13 21:48:27 | 000,049,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouclass.sys -- (mouclass)
    DRV:64bit: - [2009/07/13 21:48:27 | 000,032,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mssmbios.sys -- (mssmbios)
    DRV:64bit: - [2009/07/13 21:48:27 | 000,015,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\msisadrv.sys -- (msisadrv)
    DRV:64bit: - [2009/07/13 21:48:26 | 000,122,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NV_AGP.SYS -- (nv_agp)
    DRV:64bit: - [2009/07/13 21:48:26 | 000,051,264 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nfrd960.sys -- (nfrd960)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,284,736 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MegaSR.sys -- (MegaSR)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,115,776 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,114,752 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_fc.sys -- (LSI_FC)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,106,560 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbdclass.sys -- (kbdclass)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,044,112 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iirsp.sys -- (iirsp)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,035,392 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\megasas.sys -- (megasas)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\isapnp.sys -- (isapnp)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,016,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelide.sys -- (intelide)
    DRV:64bit: - [2009/07/13 21:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,530,496 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elxstor.sys -- (elxstor)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\disk.sys -- (Disk)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,070,224 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,065,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GAGP30KX.SYS -- (gagp30kx)
    DRV:64bit: - [2009/07/13 21:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk)
    DRV:64bit: - [2009/07/13 21:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,654,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,161,872 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,064,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ULIAGPKX.SYS -- (uliagpkx)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,064,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UAGP35.SYS -- (uagp35)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,021,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wd.sys -- (Wd)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,019,008 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spldr.sys -- (spldr)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,017,488 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viaide.sys -- (viaide)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,012,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\swenum.sys -- (swenum)
    DRV:64bit: - [2009/07/13 21:45:46 | 001,524,816 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql2300.sys -- (ql2300)
    DRV:64bit: - [2009/07/13 21:45:46 | 000,080,464 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid4.sys -- (SiSRaid4)
    DRV:64bit: - [2009/07/13 21:45:45 | 000,220,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcmcia.sys -- (pcmcia)
    DRV:64bit: - [2009/07/13 21:45:45 | 000,128,592 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ql40xx.sys -- (ql40xx)
    DRV:64bit: - [2009/07/13 21:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
    DRV:64bit: - [2009/07/13 21:45:45 | 000,043,584 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sisraid2.sys -- (SiSRaid2)
    DRV:64bit: - [2009/07/13 21:45:45 | 000,012,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pciide.sys -- (pciide)
    DRV:64bit: - [2009/07/13 21:19:07 | 000,286,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerId.sys -- (Brserid)
    DRV:64bit: - [2009/07/13 21:01:48 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (BridgeMP)
    DRV:64bit: - [2009/07/13 21:01:19 | 000,651,264 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
    DRV:64bit: - [2009/07/13 20:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbprint.sys -- (usbprint)
    DRV:64bit: - [2009/07/13 20:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbscan.sys -- (usbscan)
    DRV:64bit: - [2009/07/13 20:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
    DRV:64bit: - [2009/07/13 20:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
    DRV:64bit: - [2009/07/13 20:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPENCDD.sys -- (RDPENCDD)
    DRV:64bit: - [2009/07/13 20:16:34 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPCDD.sys -- (RDPCDD)
    DRV:64bit: - [2009/07/13 20:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdpipe.sys -- (TDPIPE)
    DRV:64bit: - [2009/07/13 20:10:48 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
    DRV:64bit: - [2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
    DRV:64bit: - [2009/07/13 20:10:25 | 000,083,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
    DRV:64bit: - [2009/07/13 20:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
    DRV:64bit: - [2009/07/13 20:10:17 | 000,092,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
    DRV:64bit: - [2009/07/13 20:10:13 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
    DRV:64bit: - [2009/07/13 20:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
    DRV:64bit: - [2009/07/13 20:10:03 | 000,116,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
    DRV:64bit: - [2009/07/13 20:10:00 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
    DRV:64bit: - [2009/07/13 20:09:48 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
    DRV:64bit: - [2009/07/13 20:09:26 | 000,044,544 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
    DRV:64bit: - [2009/07/13 20:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
    DRV:64bit: - [2009/07/13 20:09:09 | 000,093,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\smb.sys -- (Smb)
    DRV:64bit: - [2009/07/13 20:08:59 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
    DRV:64bit: - [2009/07/13 20:08:51 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
    DRV:64bit: - [2009/07/13 20:08:51 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
    DRV:64bit: - [2009/07/13 20:08:25 | 000,077,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
    DRV:64bit: - [2009/07/13 20:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
    DRV:64bit: - [2009/07/13 20:07:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
    DRV:64bit: - [2009/07/13 20:07:23 | 000,318,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
    DRV:64bit: - [2009/07/13 20:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
    DRV:64bit: - [2009/07/13 20:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
    DRV:64bit: - [2009/07/13 20:06:52 | 000,100,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbth.sys -- (HidBth)
    DRV:64bit: - [2009/07/13 20:06:52 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthmodem.sys -- (BTHMODEM)
    DRV:64bit: - [2009/07/13 20:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
    DRV:64bit: - [2009/07/13 20:06:45 | 000,072,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ohci1394.sys -- (ohci1394)
    DRV:64bit: - [2009/07/13 20:06:37 | 000,100,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbcir.sys -- (usbcir)
    DRV:64bit: - [2009/07/13 20:06:34 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\circlass.sys -- (circlass)
    DRV:64bit: - [2009/07/13 20:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
    DRV:64bit: - [2009/07/13 20:06:23 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidir.sys -- (HidIr)
    DRV:64bit: - [2009/07/13 20:06:16 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\drmkaud.sys -- (drmkaud)
    DRV:64bit: - [2009/07/13 20:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
    DRV:64bit: - [2009/07/13 20:02:07 | 000,027,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacompen.sys -- (WacomPen)
    DRV:64bit: - [2009/07/13 20:01:03 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffp_mmc.sys -- (sffp_mmc)
    DRV:64bit: - [2009/07/13 20:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sfloppy.sys -- (sfloppy)
    DRV:64bit: - [2009/07/13 20:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sffdisk.sys -- (sffdisk)
    DRV:64bit: - [2009/07/13 20:00:54 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdc.sys -- (fdc)
    DRV:64bit: - [2009/07/13 20:00:54 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\flpydisk.sys -- (flpydisk)
    DRV:64bit: - [2009/07/13 20:00:41 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\parport.sys -- (Parport)
    DRV:64bit: - [2009/07/13 20:00:40 | 000,094,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serial.sys -- (Serial)
    DRV:64bit: - [2009/07/13 20:00:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serenum.sys -- (Serenum)
    DRV:64bit: - [2009/07/13 20:00:20 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mouhid.sys -- (mouhid)
    DRV:64bit: - [2009/07/13 20:00:20 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sermouse.sys -- (sermouse)
    DRV:64bit: - [2009/07/13 20:00:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
    DRV:64bit: - [2009/07/13 20:00:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
    DRV:64bit: - [2009/07/13 20:00:17 | 000,008,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
    DRV:64bit: - [2009/07/13 20:00:17 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
    DRV:64bit: - [2009/07/13 20:00:17 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
    DRV:64bit: - [2009/07/13 20:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
    DRV:64bit: - [2009/07/13 19:38:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\monitor.sys -- (monitor)
    DRV:64bit: - [2009/07/13 19:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vga.sys -- (VgaSave)
    DRV:64bit: - [2009/07/13 19:38:47 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vgapnp.sys -- (vga)
    DRV:64bit: - [2009/07/13 19:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
    DRV:64bit: - [2009/07/13 19:35:59 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\blbdrive.sys -- (blbdrive)
    DRV:64bit: - [2009/07/13 19:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
    DRV:64bit: - [2009/07/13 19:31:04 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\errdev.sys -- (ErrDev)
    DRV:64bit: - [2009/07/13 19:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
    DRV:64bit: - [2009/07/13 19:31:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wmiacpi.sys -- (WmiAcpi)
    DRV:64bit: - [2009/07/13 19:26:13 | 000,113,152 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
    DRV:64bit: - [2009/07/13 19:25:40 | 000,034,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
    DRV:64bit: - [2009/07/13 19:23:29 | 000,204,800 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
    DRV:64bit: - [2009/07/13 19:23:29 | 000,195,072 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
    DRV:64bit: - [2009/07/13 19:21:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
    DRV:64bit: - [2009/07/13 19:19:57 | 000,105,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\i8042prt.sys -- (i8042prt)
    DRV:64bit: - [2009/07/13 19:19:48 | 000,044,032 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
    DRV:64bit: - [2009/07/13 19:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
    DRV:64bit: - [2009/07/13 19:19:47 | 000,026,112 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
    DRV:64bit: - [2009/07/13 19:19:38 | 000,006,144 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
    DRV:64bit: - [2009/07/13 19:19:25 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdk8.sys -- (AmdK8)
    DRV:64bit: - [2009/07/13 19:19:25 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\intelppm.sys -- (intelppm)
    DRV:64bit: - [2009/07/13 19:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
    DRV:64bit: - [2009/07/13 19:19:25 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\processr.sys -- (Processor)
    DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 16:41:10 | 000,047,104 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerWdm.sys -- (BrSerWdm)
     
  13. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    DRV:64bit: - [2009/06/10 16:41:10 | 000,014,976 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbMdm.sys -- (BrUsbMdm)
    DRV:64bit: - [2009/06/10 16:41:10 | 000,014,720 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSer.sys -- (BrUsbSer)
    DRV:64bit: - [2009/06/10 16:41:06 | 000,018,432 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltLo.sys -- (BrFiltLo)
    DRV:64bit: - [2009/06/10 16:41:06 | 000,008,704 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrFiltUp.sys -- (BrFiltUp)
    DRV:64bit: - [2009/06/10 16:37:19 | 000,023,040 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\secdrv.sys -- (secdrv)
    DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
    DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (All) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE:64bit: - HKLM\..\SearchScopes\{1B7BDB02-6E96-4EE9-809D-548D5B0422C9}: "URL" = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-3...://www.ebay.com/sch/I.html?_nkw={searchTerms}
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\..\SearchScopes\{1B7BDB02-6E96-4EE9-809D-548D5B0422C9}: "URL" = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-3...://www.ebay.com/sch/I.html?_nkw={searchTerms}


    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

    IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes\{1B7BDB02-6E96-4EE9-809D-548D5B0422C9}: "URL" = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-3...://www.ebay.com/sch/I.html?_nkw={searchTerms}
    IE - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sulli\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sulli\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012/09/08 13:56:00 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/09/08 13:56:00 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - homepage: https://yahoo.com/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
    CHR - homepage: https://yahoo.com/
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sulli\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sulli\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\Sulli\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sulli\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: Google Update (Enabled) = C:\Users\Sulli\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
    CHR - Extension: HP Product Detection Plugin = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.16.0_0\
    CHR - Extension: Angry Birds = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
    CHR - Extension: Realm of the Mad God = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\
    CHR - Extension: Realm of the Mad God = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\~
    CHR - Extension: Armor Games = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dodcabcaanoejbpmadedpjmgnblfjefd\1_0\
    CHR - Extension: Canvas Defense = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmamefdpbpjkfhaaiejkhfkeibbkjicf\1_0\
    CHR - Extension: Balloono = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmggmlpijnjmhdekfigfbkookpdfodhf\1.4_0\
    CHR - Extension: Chain Reaction = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemgfpodpjapjhfohdlibagceiknakpa\1.2_0\
    CHR - Extension: Click&Clean = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\
    CHR - Extension: Lord of Ultima = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdheeblenjmceeppomdgokgilmkonced\1.0.12_0\
    CHR - Extension: Website Logon = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh\1.5_0\
    CHR - Extension: Reddit Enhancement Suite = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.1.3_0\
    CHR - Extension: Calculator = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0\
    CHR - Extension: Checkers = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnpfjokaplnkafjlidmjpkkcihedgcek\1.4_0\
    CHR - Extension: Hover Zoom = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.7_0\
    CHR - Extension: Sinuous = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\omlmnomieeknagejjojcpdomnbnbchdl\1.0.4_0\
    CHR - Extension: ibibo Connect Four = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbgdloneindcfklehboadjdhdadaejoh\2_0\
    CHR - Extension: 4chan Plus = C:\Users\Sulli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj\2.5.5_0\

    O1 HOSTS File: ([2012/10/20 14:47:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (HP SimplePass Browser Helper Object) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
    O3 - HKLM\..\Toolbar: (HP SimplePass Toolbar) - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
    O3 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
    O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
    O4 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O7 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://hp.digitalriver.com/DRHM/sto...sPage&SiteID=hpappli&Locale=en_US&keywords=%w
    O7 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 134.126.13.11 134.126.64.11
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22DFA82D-1E97-4F14-9130-A6EE4BB9D748}: DhcpNameServer = 134.126.64.11 134.126.13.11
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B132FCBA-4835-4D6A-9386-D8F05AD949AE}: DhcpNameServer = 134.126.13.11 134.126.64.11
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
    O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
    O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
  14. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/10/20 14:49:39 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/10/20 14:47:51 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
    [2012/10/20 14:41:11 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/10/20 14:41:11 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/10/20 14:41:11 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/10/20 14:41:09 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2012/10/20 14:41:07 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/10/20 14:40:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
    [2012/10/18 22:27:43 | 000,000,000 | ---D | C] -- C:\Users\Sulli\AppData\Local\PunkBuster
    [2012/10/18 22:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2012/10/17 21:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
    [2012/10/17 19:45:24 | 000,000,000 | ---D | C] -- C:\Users\Sulli\AppData\Local\Mumble
    [2012/10/16 11:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk
    [2012/10/13 00:21:08 | 026,331,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
    [2012/10/13 00:21:08 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
    [2012/10/13 00:21:08 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
    [2012/10/13 00:21:08 | 018,252,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
    [2012/10/13 00:21:08 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
    [2012/10/13 00:21:08 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
    [2012/10/13 00:21:08 | 014,922,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
    [2012/10/13 00:21:08 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
    [2012/10/13 00:21:08 | 009,146,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
    [2012/10/13 00:21:08 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
    [2012/10/13 00:21:08 | 007,414,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
    [2012/10/13 00:21:08 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
    [2012/10/13 00:21:08 | 002,747,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
    [2012/10/13 00:21:08 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
    [2012/10/13 00:21:08 | 002,428,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
    [2012/10/13 00:21:08 | 002,218,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
    [2012/10/13 00:21:08 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
    [2012/10/13 00:21:08 | 000,831,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
    [2012/10/13 00:21:08 | 000,364,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
    [2012/10/13 00:21:08 | 000,313,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
    [2012/10/13 00:21:08 | 000,030,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
    [2012/10/13 00:18:33 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2012/10/13 00:18:32 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2012/10/13 00:18:31 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2012/10/13 00:18:10 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2012/10/13 00:18:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
    [2012/10/13 00:18:06 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
    [2012/10/13 00:18:06 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2012/10/13 00:18:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2012/10/13 00:18:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2012/10/13 00:18:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2012/10/13 00:18:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2012/10/13 00:18:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2012/10/13 00:18:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2012/10/13 00:18:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2012/10/13 00:18:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2012/10/13 00:18:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/10/13 00:18:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/10/13 00:18:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2012/10/13 00:18:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2012/10/13 00:18:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/10/13 00:18:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2012/10/13 00:18:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2012/10/13 00:18:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2012/10/13 00:18:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2012/10/13 00:18:02 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2012/10/13 00:18:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2012/10/13 00:18:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2012/10/13 00:18:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2012/10/13 00:17:38 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2012/10/13 00:16:53 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
    [2012/10/13 00:16:53 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
    [2012/10/12 21:29:00 | 000,000,000 | ---D | C] -- C:\Users\Sulli\AppData\Local\ElevatedDiagnostics
    [2012/10/11 03:01:03 | 000,000,000 | ---D | C] -- C:\Config.Msi
    [2012/10/07 17:55:22 | 000,000,000 | ---D | C] -- C:\Users\Sulli\AppData\Local\ESET
    [2012/10/07 15:49:07 | 000,000,000 | R--D | C] -- C:\Users\Sulli\Favorites
    [2012/09/26 19:47:34 | 000,000,000 | --SD | C] -- C:\Users\Sulli\Documents\My Data Sources
    [2012/09/26 11:58:40 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/10/23 10:06:42 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/10/23 10:06:42 | 000,031,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/10/23 09:53:11 | 000,779,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/10/23 09:53:11 | 000,660,762 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/10/23 09:53:11 | 000,121,400 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/10/23 09:51:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/10/22 20:20:34 | 2068,295,679 | -HS- | M] () -- C:\hiberfil.sys
    [2012/10/20 22:23:01 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
    [2012/10/20 22:23:01 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2012/10/20 20:58:01 | 000,298,016 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
    [2012/10/20 14:47:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/10/20 13:24:43 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSulli.job
    [2012/10/19 16:47:42 | 000,773,916 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/10/18 22:28:05 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2012/10/18 16:08:38 | 003,130,440 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_blr.exe
    [2012/10/17 21:29:37 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Mumble.lnk
    [2012/10/16 11:46:44 | 000,000,288 | ---- | M] () -- C:\Users\Sulli\AppData\Roaming\.backup.dm
    [2012/10/13 00:18:21 | 000,001,175 | ---- | M] () -- C:\Users\Sulli\Desktop\Pinball.lnk
    [2012/10/02 18:21:00 | 026,331,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
    [2012/10/02 18:21:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
    [2012/10/02 18:21:00 | 019,906,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
    [2012/10/02 18:21:00 | 018,252,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
    [2012/10/02 18:21:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
    [2012/10/02 18:21:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
    [2012/10/02 18:21:00 | 014,922,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
    [2012/10/02 18:21:00 | 012,501,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
    [2012/10/02 18:21:00 | 009,146,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
    [2012/10/02 18:21:00 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
    [2012/10/02 18:21:00 | 007,414,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
    [2012/10/02 18:21:00 | 006,127,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
    [2012/10/02 18:21:00 | 002,747,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
    [2012/10/02 18:21:00 | 002,731,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
    [2012/10/02 18:21:00 | 002,574,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
    [2012/10/02 18:21:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
    [2012/10/02 18:21:00 | 002,218,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
    [2012/10/02 18:21:00 | 001,867,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
    [2012/10/02 18:21:00 | 001,760,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
    [2012/10/02 18:21:00 | 001,482,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll
    [2012/10/02 18:21:00 | 000,973,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
    [2012/10/02 18:21:00 | 000,831,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
    [2012/10/02 18:21:00 | 000,364,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
    [2012/10/02 18:21:00 | 000,313,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
    [2012/10/02 18:21:00 | 000,247,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
    [2012/10/02 18:21:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
    [2012/10/02 18:21:00 | 000,030,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
    [2012/10/02 18:21:00 | 000,016,127 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
    [2012/10/02 15:51:15 | 003,536,817 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
    [2012/10/02 15:51:11 | 003,293,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
    [2012/10/02 15:51:04 | 006,200,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
    [2012/10/02 15:50:57 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
    [2012/10/02 15:50:57 | 000,866,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
    [2012/10/02 15:50:57 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
    [2012/10/02 15:50:57 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
    [2012/10/02 15:50:57 | 000,055,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/10/20 14:41:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/10/20 14:41:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/10/20 14:41:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/10/20 14:41:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/10/20 14:41:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/10/18 22:27:47 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
    [2012/10/18 22:20:36 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
    [2012/10/18 22:20:36 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
    [2012/10/18 22:20:27 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
    [2012/10/18 22:20:26 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe
    [2012/10/17 21:29:37 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Mumble.lnk
    [2012/10/16 11:46:44 | 000,000,288 | ---- | C] () -- C:\Users\Sulli\AppData\Roaming\.backup.dm
    [2012/10/13 00:18:21 | 000,001,175 | ---- | C] () -- C:\Users\Sulli\Desktop\Pinball.lnk
    [2012/08/27 21:48:04 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
    [2012/08/22 14:47:03 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
    [2012/08/22 14:46:57 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
    [2012/08/22 11:13:23 | 000,773,916 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2012/08/16 15:52:47 | 000,007,605 | ---- | C] () -- C:\Users\Sulli\AppData\Local\resmon.resmoncfg
    [2012/08/12 01:33:52 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
    [2012/08/12 01:30:17 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
    [2012/08/12 01:30:15 | 000,559,780 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
    [2012/08/12 01:30:14 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2012/08/12 01:30:13 | 013,001,728 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
    [2011/12/08 19:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
    [2011/09/06 15:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >
     
  15. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    OTL Extras logfile created on: 10/23/2012 10:40:44 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Sulli\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.90 Gb Total Physical Memory | 6.27 Gb Available Physical Memory | 79.33% Memory free
    15.80 Gb Paging File | 14.11 Gb Available in Paging File | 89.29% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 909.55 Gb Total Space | 774.96 Gb Free Space | 85.20% Space Free | Partition Type: NTFS
    Drive D: | 21.66 Gb Total Space | 2.33 Gb Free Space | 10.76% Space Free | Partition Type: NTFS

    Computer Name: SULLISCOMPUTER | User Name: Sulli | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = ComFile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML.LWJAN6UIP6YQQPEMHO3TWEER2E] -- C:\Users\Sulli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0A43BB2F-71EF-4D67-A57E-D783CF1E30FE}" = rport=139 | protocol=6 | dir=out | app=system |
    "{0ADBDE09-D2CE-4674-B643-7D1BFF58FACE}" = lport=138 | protocol=17 | dir=in | app=system |
    "{0C5EC78A-557E-4978-B065-BDFC29A95727}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{2E42EC16-CC1C-440E-9464-16B1DB3DFCB8}" = rport=137 | protocol=17 | dir=out | app=system |
    "{2F43677D-94C1-4FA5-8C66-C63133927584}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{30526209-E922-47FA-8BA1-9EAE920E521B}" = rport=445 | protocol=6 | dir=out | app=system |
    "{3BCBD122-EA6F-43A1-885C-11F868F150E6}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{558675E5-6854-419F-8F5A-BE687C57BF0B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{6612D4DD-DC4B-4453-B3E7-FFD0EF159EFE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{72E8BFD6-162F-46B5-9A09-335AF358FE01}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{7AE08148-DBAF-44B7-BDC6-0F871A30612F}" = lport=445 | protocol=6 | dir=in | app=system |
    "{7E35328F-6243-4E9D-9AE3-5200A8A59D40}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{8864A2F9-8ABE-470D-B721-08B276AEBDA6}" = lport=139 | protocol=6 | dir=in | app=system |
    "{9224D743-CFFA-4263-B603-88E3D97D6366}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{A98B28C8-1C4B-4919-B44D-A99CD26845D3}" = lport=137 | protocol=17 | dir=in | app=system |
    "{AB1C92AE-5C68-48A8-BB7C-20D4A0EB2811}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{ABF87A3A-0AB4-437E-BB86-4903F861D3E4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{AE42C8F4-8833-48C1-871D-08EAD7C602CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AF0CE96F-87EA-4FD0-9D43-A091139AEDBF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{B0E03E3A-4F82-40CD-9827-67C238986248}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{B306623B-0D0B-465A-8585-FA601E323F52}" = rport=138 | protocol=17 | dir=out | app=system |
    "{CB025CC4-BF90-4497-9F16-AEFB8D1C1F37}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{E62DA2AB-4213-4EEB-A869-E54313B9884D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{ECC20E29-DDE2-4299-8D08-E5459088FFEE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{F262319D-6EED-4EF8-B07A-DA76218DC370}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{01502881-5EC5-4774-8811-03130C4FC0E4}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
    "{01AB4771-28F3-43DC-AF29-0A746E151380}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{047334C3-3119-4223-A300-495893C5B2E5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{0B488246-A65F-4036-92F5-DCDB8402F31C}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
    "{0BD569F7-33B3-4EFA-B4E5-3DA5F38E603B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{1EF7E211-0EAC-4093-A83A-6D3A02168C21}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{271B62ED-2CAE-4B71-A134-656E516E2DD9}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
    "{2C6DCB8A-0496-419E-89F2-B5D05AF0F6E7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
    "{2DCF3527-295E-41E0-B921-7AEA5F31853B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold legends\strongholdlegends.exe |
    "{2E674EDA-BD95-4A2B-835C-A494B8CE652C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
    "{36FEF9F1-EDD1-4E81-8F8A-B7E17084F3C7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{3711FC9F-00E3-44B2-AAED-1C2F532EC67C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold 2\stronghold2.exe |
    "{379EDB72-07F2-4D77-9F3C-D7D83428DC5D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
    "{3ACCF57C-0018-4EB5-919D-ACF22E318B4A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
    "{3AFF29CA-829B-4D29-B7E2-65CA5E77E560}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{3C5EDC57-767B-4512-B070-B82FA649D631}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{41402AB5-6CB8-4CCE-91F2-4CA553F1EC1B}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
    "{41DFDC81-7CCE-40E3-B4B6-AFBB30077E66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw.exe |
    "{4738138B-F1BD-4F94-BAFB-00902F915EE4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{48658CD2-E31B-4D95-8231-38112DFCE696}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
    "{491EF5DE-B9FB-4C7A-A47B-DCA21BA17BD8}" = dir=in | app=c:\program files\hp\hp photosmart 5510d series\bin\devicesetup.exe |
    "{4C366F0F-AF28-41B9-BC20-0169AEC9BBE3}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{4C68927C-F9A4-4273-A702-99016B5E8CD1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{52498F52-AFA8-4407-A7DB-3BBEDF4C3448}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the roses\run_game.exe |
    "{533F35B0-7D46-46D6-9F09-E5111594EC36}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
    "{53CE7DB3-7FAA-4F20-988F-AF5412BB0E5D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{6417863F-FDB0-49A5-A9CD-0CBC59BE374C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{699DF9B6-ED6B-45DA-AD1A-05B87AABE3E0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6EB946B9-6BF6-4A31-A674-4C763A2EF28A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{720B141C-8C53-4541-8CE2-1F8A868FDDBB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{72380D55-030E-4886-8560-31FE9603A50A}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
    "{773382CF-D349-48F1-8E10-B63429F9DE72}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
    "{7F7016ED-7CE5-4A7B-B04E-BBE55D2D49B4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\launcher.exe |
    "{8A4B05ED-9AEF-4A8C-996A-45519818BF94}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{8DB15578-C47B-41AE-9488-81A82CCFCEBF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\medieval ii total war\launcher.exe |
    "{8F70ACB6-7370-4F9E-911B-E05DAFDB02D9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{924E3EAC-84FB-4BC2-8A56-2E2EC9A3ADEE}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
    "{96736CED-C952-4BC4-BA4E-1C4B845E7749}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
    "{998765DF-C3BC-4093-BFAC-A17BDE851624}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
    "{A4F86AD9-521E-48F1-A3A2-FDE52D709AB8}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
    "{AF377B08-0E96-4A8E-BE32-784F7F5D33BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3y.exe |
    "{B2696321-9B14-45B1-8FA7-8815A04486DE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
    "{B52DE32E-6A12-4842-80CE-359E84C8A8D0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
    "{B56473CA-B49D-4BBA-934D-EBB169E0F586}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw-bi.exe |
    "{B77D558E-B82A-417E-AE42-3CD3A8F63A32}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{BA1D11C6-0818-4915-922B-921687D52E55}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{BB06BCAF-6604-4456-9902-62DB84237D1B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw.exe |
    "{BB218D01-2508-489A-95C8-29C972A9D0DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{BC372649-D5C3-4B3A-BA23-DF630C9F8931}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe |
    "{BD7FF989-BA2C-4B46-9078-F14FB7A9D9C0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "{C4E5CE05-AF3D-4334-9A29-6CFC7C758D40}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold legends\strongholdlegends.exe |
    "{C6C7E99F-4238-434E-8E14-9B7EC634E5EA}" = dir=in | app=c:\program files\hp\hp photosmart 5510d series\bin\hpnetworkcommunicator.exe |
    "{CF2CA105-DE38-4451-8CF9-77CEAA3E0A74}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E4B8666B-A06E-46AA-B96C-E4DD83D67795}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{E57CE925-584A-4EB1-ADC4-6790C95ECFC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rome total war gold\rometw-bi.exe |
    "{E84B6C12-63EC-435B-8357-A161D82799E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{EA3D57FA-D6C0-4170-BB86-9717DFFAFF1A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{ECF86AA0-9DF9-4406-82EE-38B7FEB0BE81}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold 2\stronghold2.exe |
    "{F0EF680A-12E2-4DE3-BEBF-7CB4ADBB7E24}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{F16A74AA-4F63-49B3-84D3-DC70DF04A7D7}" = protocol=6 | dir=out | app=system |
    "{F2FF68AD-6989-4995-8241-C355CA16450F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mountblade warband\mb_warband.exe |
    "{F99669ED-C437-4A32-97EF-4051A2847267}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
    "{FA68EC81-CEFD-4A70-86BE-6CFC5CF579BF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
    "TCP Query User{03CCAD25-92FC-4491-B1B3-5AC33578E111}C:\users\sulli\desktop\stuff\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\sulli\desktop\stuff\guild wars 2\gw2.exe |
    "TCP Query User{0594DE79-EF0D-4F9E-9568-C5361650C765}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
    "TCP Query User{1D166AA4-BBD0-405F-AB15-911980B7E8B3}C:\users\sulli\desktop\stuff\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\sulli\desktop\stuff\guild wars 2\gw2.exe |
    "TCP Query User{3C974E93-EAB7-489F-AA2D-89F012010414}C:\windows\splwow64.exe" = protocol=6 | dir=in | app=c:\windows\splwow64.exe |
    "TCP Query User{8481DE6A-C514-48EB-A6E5-51DAD35C337E}C:\users\sulli\desktop\stuff\guild wars 2\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\users\sulli\desktop\stuff\guild wars 2\guild wars 2\gw2.exe |
    "TCP Query User{86D3049B-5965-487C-ABFF-6D3096BE1CB0}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
    "TCP Query User{8B9F1223-449E-4357-9B14-D2987288F95E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
    "TCP Query User{9E684EBF-1B8E-4C75-9B7E-7CD1B842DC24}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
    "TCP Query User{F70D9A7B-E2AB-4F32-A12F-51B7137DE8DE}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "UDP Query User{1B16A506-0492-4665-AA0B-F4ED04A782AD}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
    "UDP Query User{26EB11C4-594B-432D-8727-23E0928ED578}C:\users\sulli\desktop\stuff\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\sulli\desktop\stuff\guild wars 2\gw2.exe |
    "UDP Query User{624B2472-B787-4014-8415-98259E4F4DBF}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
    "UDP Query User{6C994C0E-D75D-4737-ABCD-05E885834DA3}C:\users\sulli\desktop\stuff\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\sulli\desktop\stuff\guild wars 2\gw2.exe |
    "UDP Query User{869FB1A1-CBDE-496F-AE70-2CCE78607EC3}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "UDP Query User{9496EB0F-6889-476C-B53B-10ACED09360B}C:\windows\splwow64.exe" = protocol=17 | dir=in | app=c:\windows\splwow64.exe |
    "UDP Query User{AE02AF62-752F-434D-AD95-FAF2255D8F67}C:\users\sulli\desktop\stuff\guild wars 2\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\users\sulli\desktop\stuff\guild wars 2\guild wars 2\gw2.exe |
    "UDP Query User{CB0E3077-EE9C-43A0-932A-63EC163C4E55}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
    "UDP Query User{DC63D514-3B52-462A-8E33-D57FCE77592F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
    "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5972F3C3-5563-47D2-BEE3-1AFEBDD17DA2}" = ESET NOD32 Antivirus
    "{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
    "{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
    "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
    "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}" = HP 3D DriveGuard
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
    "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
    "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}" = Validity WBF DDK
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{F26D0153-CD17-4662-8592-DD98498DE6E4}" = HP Photosmart 5510d series Basic Device Software
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}" = HP Security Assistant
    "{F9E64F70-9BE4-4ECD-9B83-09E74CF5B6C3}" = AuthenTec TrueAPI 64-bit
    "{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "CCleaner" = CCleaner
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "WinRAR archiver" = WinRAR 4.20 (64-bit)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
    "{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
    "{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1F8BAD3E-1EE5-43ED-B5DB-F6311DA7666A}" = Pearson LockDown Browser
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
    "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
    "{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3F122044-172F-4DC6-96CA-0DD4300E9CD9}" = HP Documentation
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6CEF2BC6-8929-44EE-8360-175513E1A49A}" = Secure Download Manager
    "{6DE80866-EF92-47C1-80F5-1EA83B7A0AA2}" = HP Software Framework
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
    "{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
    "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{768A6276-5822-489C-8A2B-67190F745655}" = ESU for Microsoft Windows 7 SP1
    "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{880B5A98-B242-4B53-BD6F-41EA17495EAD}" = HP SimplePass
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter
    "{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.AccessR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.AccessR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0409-1000-0000000FF1CE}_Office14.AccessR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.AccessR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.AccessR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.AccessR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0116-0409-1000-0000000FF1CE}_Office14.AccessR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.AccessR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{91140000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2010
    "{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
    "{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
    "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
    "{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
    "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
    "{C61FCEC2-3ED4-496E-B4B4-1CED423824B9}" = HP Quick Launch
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1" = ISO to USB
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
    "{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
    "{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
    "{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Floris Mod Pack_is1" = Floris Mod Pack 2.54
    "Guild Wars 2" = Guild Wars 2
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
    "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
    "InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
    "Office14.AccessR" = Microsoft Access 2010
    "Office14.Click2Run" = Microsoft Office Click-to-Run 2010
    "PunkBusterSvc" = PunkBuster Services
    "Steam App 209870" = Blacklight: Retribution
    "Steam App 220" = Half-Life 2
    "Steam App 40960" = Stronghold 2
    "Steam App 40980" = Stronghold Legends
    "Steam App 42160" = War of the Roses
    "Steam App 4760" = Rome: Total War Gold Edition
    "Steam App 4780" = Medieval II: Total War Kingdoms
    "Steam App 48700" = Mount & Blade: Warband
    "WildTangent hp Master Uninstall" = HP Games
    "WinLiveSuite" = Windows Live Essentials
    "WTA-0b104c12-dbb1-4c79-8b38-6c6e4ce325e3" = Bejeweled 3
    "WTA-107fe714-24a7-4fe4-965b-229b8bd24b44" = Final Drive Fury
    "WTA-15b06ce9-f456-48f5-a2ef-ba521d3561be" = John Deere Drive Green
    "WTA-1995e512-b779-47b5-acb3-d6566b3e6c4a" = Poker Superstars III
    "WTA-231000ec-3ac6-4848-9457-07940d093afa" = Torchlight
    "WTA-341039b8-b6b3-4bde-96de-32fd1e414649" = RollerCoaster Tycoon 3: Platinum
    "WTA-55d63651-5bc9-41f7-bf5d-b79c15cdc5bd" = Zuma's Revenge
    "WTA-696100e5-ed64-4699-8835-d937a8d12a46" = Plants vs. Zombies - Game of the Year
    "WTA-6c389dfa-f219-4b27-bff4-1a47254cfef1" = Polar Golfer
    "WTA-6fe14483-83c6-4c56-8c40-89b0f6532064" = Farmscapes
    "WTA-718e4272-b5d5-4463-b3b2-2d3ec6cc951a" = Letters from Nowhere 2
    "WTA-8740d9d4-6418-4275-81f2-1458f28145d0" = Jewel Match 3
    "WTA-93467d49-48ca-421c-a6db-660a69d19f3f" = Mah Jong Medley
    "WTA-97c0eaca-b57a-4537-b4ef-c1bb6bd2c0d9" = The Treasures of Mystery Island: The Ghost Ship
    "WTA-9f667811-0732-4527-95f9-64d01ffbd0d2" = Chuzzle Deluxe
    "WTA-a9a99d24-ebfb-4ee3-96d0-9d3fb8bdaaa2" = Cradle of Rome 2
    "WTA-acb1bb99-4941-412e-bf9e-4fde81dccaa2" = Blackhawk Striker 2
    "WTA-acfc8311-629b-4a38-aa0e-c9df138dd60a" = Virtual Villagers 4 - The Tree of Life
    "WTA-bf81c8cb-944a-4194-aa55-728f5318c4a4" = Hoyle Card Games
    "WTA-c030e614-dbb5-452b-b470-2b9abfaa13d0" = Dora's World Adventure
    "WTA-c465c5c9-aee0-4502-8b40-e55867e6ce6a" = Polar Bowler
    "WTA-caec18f3-e7ff-4b5d-ae15-78daa661c85a" = Luxor HD
    "WTA-dd291106-2fab-4e1b-af65-4e164bc65827" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
    "WTA-e15f4cb9-6c89-4d42-896a-f7c1a31d0723" = Farm Frenzy
    "WTA-f005e00f-fec5-436f-b058-2268e4008a5b" = FATE
    "WTA-f6c08ff1-4368-4f09-8a4c-4e56944d20f9" = Penguins!
     
  16. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-1031267864-2299367058-2740294337-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 10/16/2012 11:24:17 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: chrome.exe, version: 21.0.1180.89, time
    stamp: 0x503ebf10 Faulting module name: chrome.exe, version: 21.0.1180.89, time
    stamp: 0x503ebf10 Exception code: 0x40000015 Fault offset: 0x0007bf18 Faulting process
    id: 0x18b0 Faulting application start time: 0x01cdac16c5a008ad Faulting application
    path: C:\Users\Sulli\AppData\Local\Google\Chrome\Application\chrome.exe Faulting
    module path: C:\Users\Sulli\AppData\Local\Google\Chrome\Application\chrome.exe Report
    Id: 2152037e-180a-11e2-9192-a0b3cc459a9a

    Error - 10/16/2012 11:34:37 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0x183c Faulting application start time: 0x01cdac1854070931 Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 92de4569-180b-11e2-9192-a0b3cc459a9a

    Error - 10/16/2012 11:44:51 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0x1aa4 Faulting application start time: 0x01cdac19c3006196 Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 00d7dd4f-180d-11e2-9192-a0b3cc459a9a

    Error - 10/16/2012 11:48:00 PM | Computer Name = SullisComputer | Source = WinMgmt | ID = 10
    Description =

    Error - 10/16/2012 11:48:56 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0x1530 Faulting application start time: 0x01cdac1a54759c2f Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 92f1e5d3-180d-11e2-ae58-a0b3cc459a9a

    Error - 10/16/2012 11:49:05 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0x1598 Faulting application start time: 0x01cdac1a5ab9b4ac Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 987a25a0-180d-11e2-ae58-a0b3cc459a9a

    Error - 10/16/2012 11:50:44 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0x16b8 Faulting application start time: 0x01cdac1a95925961 Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: d3527c34-180d-11e2-ae58-a0b3cc459a9a

    Error - 10/16/2012 11:55:32 PM | Computer Name = SullisComputer | Source = WinMgmt | ID = 10
    Description =

    Error - 10/16/2012 11:56:56 PM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0x16e4 Faulting application start time: 0x01cdac1b6d9c6e6a Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: b1018134-180e-11e2-ae28-a0b3cc459a9a

    Error - 10/17/2012 12:00:52 AM | Computer Name = SullisComputer | Source = Application Error | ID = 1000
    Description = Faulting application name: mb_warband.exe, version: 1.0.0.0, time
    stamp: 0x5047cb3c Faulting module name: ntdll.dll, version: 6.1.7601.17725, time
    stamp: 0x4ec49b8f Exception code: 0xc0000005 Fault offset: 0x00040148 Faulting process
    id: 0xc9c Faulting application start time: 0x01cdac1bff8ef34d Faulting application
    path: C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
    Faulting
    module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 3da5e9f5-180f-11e2-ae28-a0b3cc459a9a

    [ Hewlett-Packard Events ]
    Error - 10/6/2012 2:05:08 PM | Computer Name = SullisComputer | Source = HPSF.exe | ID = 4000
    Description =

    [ System Events ]
    Error - 10/16/2012 11:57:43 PM | Computer Name = SullisComputer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
    1.137.1875.0).

    Error - 10/17/2012 12:26:14 AM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7034
    Description = The Intel(R) Rapid Storage Technology service terminated unexpectedly.
    It has done this 1 time(s).

    Error - 10/17/2012 12:26:18 AM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7031
    Description = The Windows Live ID Sign-in Assistant service terminated unexpectedly.
    It has done this 1 time(s). The following corrective action will be taken in
    10000 milliseconds: Restart the service.

    Error - 10/17/2012 12:26:22 AM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7034
    Description = The Client Virtualization Handler service terminated unexpectedly.
    It has done this 1 time(s).

    Error - 10/17/2012 12:26:30 AM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7031
    Description = The Windows Search service terminated unexpectedly. It has done this
    1 time(s). The following corrective action will be taken in 30000 milliseconds:
    Restart the service.

    Error - 10/17/2012 12:27:00 AM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7032
    Description = The Service Control Manager tried to take a corrective action (Restart
    the service) after the unexpected termination of the Windows Search service, but
    this action failed with the following error: %%1056

    Error - 10/19/2012 11:46:53 AM | Computer Name = SullisComputer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
    with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition
    1.139.124.0).

    Error - 10/20/2012 2:44:44 PM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 10/20/2012 2:46:50 PM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.

    Error - 10/20/2012 2:46:59 PM | Computer Name = SullisComputer | Source = Service Control Manager | ID = 7030
    Description = The PEVSystemStart service is marked as an interactive service. However,
    the system is configured to not allow interactive services. This service may not
    function properly.


    < End of report >
     
  17. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    You didn't say:
    [​IMG]

    ==================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
      O3 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4 - HKLM..\Run: [] File not found
      O4 - HKU\S-1-5-21-1031267864-2299367058-2740294337-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
      
      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      
      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
      
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
      
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
      
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
      
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
      
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
      
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both
      
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
      
      :Services
      
      :Reg
      
      :Files
      
      :Commands
      [purity]
      [emptytemp]
      [emptyjava]
      [emptyflash]
      [Reboot]
      
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

    ==============================

    Last scans...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

    2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.

    3. Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
    • Click on Delete.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the contents of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.

    Next...

    • Double click on adwcleaner.exe to run the tool.
    • Click on Uninstall.
    • Confirm with yes.

    4. Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.

    5. Please, run F-Secure Online Scanner

    • Disable your Antivirus program.
    • Checkmark I have read and accepted the license terms.
    • Click on Run Check button.
    • Quick scan (recommended) option will come pre-checked. Don't change it.
    • Click on Start button.
    • When scan is done, in Step 3: Clean the files, leave all settings as they're.
    • Click Next button.
    • Click Full report... button.
    • Copy report's content and paste it into your next reply.
     
  18. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    No issues currently everything seems normal
    All processes killed
    ========== OTL ==========
    Registry value HKEY_USERS\S-1-5-21-1031267864-2299367058-2740294337-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1031267864-2299367058-2740294337-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    C:\Windows\assembly\Desktop.ini moved successfully.
    File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
    File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
    File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
    File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
    File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
    File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
    Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
    Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
    Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
    Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrator
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: Sulli
    ->Temp folder emptied: 24571964 bytes
    ->Temporary Internet Files folder emptied: 2905012 bytes
    ->Java cache emptied: 0 bytes
    ->Google Chrome cache emptied: 11721695 bytes
    ->Flash cache emptied: 0 bytes

    User: UpdatusUser
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 200704 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 19042854 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50400 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 56.00 mb


    [EMPTYJAVA]

    User: Administrator

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: Sulli
    ->Java cache emptied: 0 bytes

    User: UpdatusUser

    Total Java Files Cleaned = 0.00 mb


    [EMPTYFLASH]

    User: Administrator

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: Sulli
    ->Flash cache emptied: 0 bytes

    User: UpdatusUser

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 10252012_002305

    Files\Folders moved on Reboot...
    C:\Users\Sulli\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...
     
  19. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    Results of screen317's Security Check version 0.99.53
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    ESET NOD32 Antivirus 5.2
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.65.0.1400
    JavaFX 2.1.1
    Java 7 Update 7
    Java version out of Date!
    Adobe Flash Player 11.4.402.265
    Adobe Reader X (10.1.4)
    Google Chrome 21.0.1180.83
    Google Chrome 21.0.1180.89
    ````````Process Check: objlist.exe by Laurent````````
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 3%
    ````````````````````End of Log``````````````````````
     
  20. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    When I try and runFarBar I get the error
    Line 3128 (File "C:\Users\Sulli\Downloads\FSS.exe")
    Error: The requested action with this object has failed

    Should I continue running the other programs u listed ??
     
  21. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Try to download it one more time.
     
  22. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    I tried to download it again it gave me the same error
     
  23. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    Skip it and conyinue with other steps.
     
  24. Broni

    Broni Malware Annihilator Posts: 47,986   +271

    I had a word from FSS author so I'd like you to try something:

    We'll go from there.
     
  25. Asulli94

    Asulli94 TS Rookie Topic Starter Posts: 26

    I still receive an error even though it changed to
    Line 3129 (File "C:\Users\Sulli\Downloads\FSS.exe")
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.