Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Security Shield Continuous reboots

Started by got me too , Aug 08 2012 03:05 PM

Please log in to reply

12 replies to this topic

#1 got me too

New Member

Members
7 posts

Posted 08 August 2012 - 03:05 PM

I started by getting the Security Shield 2012 popup yesterday. I ran rkill, then Malwarebytes which seemed to remove Security Shield. I was still getting IE8 search redirects but could use the PC until this morning. Thats when I tried to run MSE and couldn't. So I uninstalled re-installed MSE and now I'm stuck in the reboot loop. I copied this text from another user but it's exactly where I am stuck now as well.
"Computer had been acting funny lately so I updated and ran MSE. MSE found the threat, but before I was able to remove and restart the pc I kept getting the error message "windows has encountered a critical problem and will restart automatically in one minute"

Every time I restart the machine it keeps throwing up the same error even in safe mode. I can't run any programs long enough to post any logs, please help"

The problem pc is currently running Kaspersky Rescue Disk 10 from a bootable USB. When it ends what should I do if it stops the cycle?
Thanks
Shawn

BC Ads
BleepingComputer.com

#2 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 08 August 2012 - 03:08 PM

Do these scans after kaspersky scan gets finished

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 got me too

New Member

Members
7 posts

Posted 09 August 2012 - 09:46 AM

08:36:52.0576 2504 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:36:52.0903 2504 ============================================================
08:36:52.0903 2504 Current date / time: 2012/08/09 08:36:52.0903
08:36:52.0903 2504 SystemInfo:
08:36:52.0903 2504
08:36:52.0903 2504 OS Version: 6.1.7601 ServicePack: 1.0
08:36:52.0903 2504 Product type: Workstation
08:36:52.0903 2504 ComputerName: SHAWNS
08:36:52.0903 2504 UserName: Security Camera
08:36:52.0903 2504 Windows directory: C:\windows
08:36:52.0903 2504 System windows directory: C:\windows
08:36:52.0903 2504 Running under WOW64
08:36:52.0903 2504 Processor architecture: Intel x64
08:36:52.0903 2504 Number of processors: 2
08:36:52.0903 2504 Page size: 0x1000
08:36:52.0903 2504 Boot type: Normal boot
08:36:52.0903 2504 ============================================================
08:36:53.0933 2504 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:36:53.0948 2504 Drive \Device\Harddisk1\DR4 - Size: 0xF0DFFE00 (3.76 Gb), SectorSize: 0x200, Cylinders: 0x1EB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:36:53.0964 2504 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:36:53.0964 2504 ============================================================
08:36:53.0964 2504 \Device\Harddisk0\DR0:
08:36:53.0964 2504 MBR partitions:
08:36:53.0964 2504 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:36:53.0964 2504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3712E000
08:36:53.0964 2504 \Device\Harddisk1\DR4:
08:36:53.0964 2504 MBR partitions:
08:36:53.0964 2504 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x786FDF
08:36:53.0964 2504 \Device\Harddisk3\DR3:
08:36:53.0964 2504 MBR partitions:
08:36:53.0964 2504 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
08:36:53.0964 2504 ============================================================
08:36:53.0980 2504 C: <-> \Device\Harddisk0\DR0\Partition1
08:36:54.0011 2504 F: <-> \Device\Harddisk3\DR3\Partition0
08:36:54.0011 2504 ============================================================
08:36:54.0011 2504 Initialize success
08:36:54.0011 2504 ============================================================
08:37:01.0249 3020 ============================================================
08:37:01.0249 3020 Scan started
08:37:01.0249 3020 Mode: Manual;
08:37:01.0249 3020 ============================================================
08:37:01.0561 3020 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:37:01.0577 3020 1394ohci - ok
08:37:01.0608 3020 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:37:01.0608 3020 ACPI - ok
08:37:01.0624 3020 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:37:01.0624 3020 AcpiPmi - ok
08:37:01.0780 3020 AcrSch2Svc (91d3b4916ec7c8e105351011a39a0312) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
08:37:01.0811 3020 AcrSch2Svc - ok
08:37:01.0873 3020 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:37:01.0873 3020 AdobeARMservice - ok
08:37:02.0014 3020 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:37:02.0123 3020 AdobeFlashPlayerUpdateSvc - ok
08:37:02.0279 3020 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
08:37:02.0326 3020 adp94xx - ok
08:37:02.0357 3020 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
08:37:02.0372 3020 adpahci - ok
08:37:02.0388 3020 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
08:37:02.0419 3020 adpu320 - ok
08:37:02.0435 3020 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:37:02.0435 3020 AeLookupSvc - ok
08:37:02.0513 3020 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\windows\system32\DRIVERS\afcdp.sys
08:37:02.0513 3020 afcdp - ok
08:37:02.0809 3020 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
08:37:02.0856 3020 afcdpsrv - ok
08:37:03.0012 3020 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:37:03.0074 3020 AFD - ok
08:37:03.0106 3020 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:37:03.0121 3020 agp440 - ok
08:37:03.0152 3020 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:37:03.0168 3020 ALG - ok
08:37:03.0184 3020 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:37:03.0199 3020 aliide - ok
08:37:03.0246 3020 AMD External Events Utility (b4143cb1dd16ae73c6177c72f33450a6) C:\windows\system32\atiesrxx.exe
08:37:03.0308 3020 AMD External Events Utility - ok
08:37:03.0324 3020 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:37:03.0340 3020 amdide - ok
08:37:03.0386 3020 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
08:37:03.0386 3020 AmdK8 - ok
08:37:03.0901 3020 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atipmdag.sys
08:37:04.0104 3020 amdkmdag - ok
08:37:04.0244 3020 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\windows\system32\DRIVERS\atikmpag.sys
08:37:04.0260 3020 amdkmdap - ok
08:37:04.0276 3020 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
08:37:04.0276 3020 AmdPPM - ok
08:37:04.0322 3020 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:37:04.0354 3020 amdsata - ok
08:37:04.0400 3020 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
08:37:04.0416 3020 amdsbs - ok
08:37:04.0432 3020 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:37:04.0432 3020 amdxata - ok
08:37:04.0463 3020 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:37:04.0478 3020 AppID - ok
08:37:04.0510 3020 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:37:04.0525 3020 AppIDSvc - ok
08:37:04.0556 3020 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:37:04.0572 3020 Appinfo - ok
08:37:04.0572 3020 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
08:37:04.0588 3020 arc - ok
08:37:04.0588 3020 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
08:37:04.0603 3020 arcsas - ok
08:37:04.0619 3020 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:37:04.0634 3020 AsyncMac - ok
08:37:04.0650 3020 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:37:04.0650 3020 atapi - ok
08:37:04.0697 3020 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\windows\system32\drivers\AtiHdmi.sys
08:37:04.0712 3020 AtiHdmiService - ok
08:37:04.0993 3020 atikmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atikmdag.sys
08:37:05.0227 3020 atikmdag - ok
08:37:05.0368 3020 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
08:37:05.0368 3020 AtiPcie - ok
08:37:05.0555 3020 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:37:05.0602 3020 AudioEndpointBuilder - ok
08:37:05.0617 3020 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:37:05.0617 3020 AudioSrv - ok
08:37:05.0664 3020 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:37:05.0695 3020 AxInstSV - ok
08:37:05.0789 3020 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
08:37:05.0836 3020 b06bdrv - ok
08:37:05.0867 3020 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:37:05.0898 3020 b57nd60a - ok
08:37:05.0929 3020 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:37:05.0960 3020 BDESVC - ok
08:37:05.0976 3020 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:37:05.0992 3020 Beep - ok
08:37:06.0023 3020 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:37:06.0023 3020 blbdrive - ok
08:37:06.0070 3020 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:37:06.0085 3020 bowser - ok
08:37:06.0101 3020 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
08:37:06.0116 3020 BrFiltLo - ok
08:37:06.0116 3020 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
08:37:06.0132 3020 BrFiltUp - ok
08:37:06.0148 3020 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:37:06.0194 3020 Browser - ok
08:37:06.0210 3020 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:37:06.0226 3020 Brserid - ok
08:37:06.0226 3020 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:37:06.0241 3020 BrSerWdm - ok
08:37:06.0241 3020 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:37:06.0241 3020 BrUsbMdm - ok
08:37:06.0257 3020 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:37:06.0257 3020 BrUsbSer - ok
08:37:06.0272 3020 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
08:37:06.0272 3020 BTHMODEM - ok
08:37:06.0304 3020 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:37:06.0335 3020 bthserv - ok
08:37:06.0350 3020 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:37:06.0350 3020 cdfs - ok
08:37:06.0397 3020 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:37:06.0444 3020 cdrom - ok
08:37:06.0491 3020 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:37:06.0522 3020 CertPropSvc - ok
08:37:06.0538 3020 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
08:37:06.0553 3020 circlass - ok
08:37:06.0584 3020 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:37:06.0584 3020 CLFS - ok
08:37:06.0662 3020 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:37:06.0694 3020 clr_optimization_v2.0.50727_32 - ok
08:37:06.0725 3020 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:37:06.0772 3020 clr_optimization_v2.0.50727_64 - ok
08:37:06.0803 3020 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:37:06.0818 3020 clr_optimization_v4.0.30319_32 - ok
08:37:06.0850 3020 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:37:06.0850 3020 clr_optimization_v4.0.30319_64 - ok
08:37:06.0881 3020 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:37:06.0896 3020 CmBatt - ok
08:37:06.0912 3020 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:37:06.0928 3020 cmdide - ok
08:37:06.0974 3020 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
08:37:06.0990 3020 CNG - ok
08:37:06.0990 3020 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
08:37:07.0006 3020 Compbatt - ok
08:37:07.0037 3020 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
08:37:07.0037 3020 CompositeBus - ok
08:37:07.0052 3020 COMSysApp - ok
08:37:07.0052 3020 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
08:37:07.0068 3020 crcdisk - ok
08:37:07.0099 3020 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
08:37:07.0099 3020 CryptSvc - ok
08:37:07.0146 3020 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:37:07.0146 3020 DcomLaunch - ok
08:37:07.0193 3020 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:37:07.0255 3020 defragsvc - ok
08:37:07.0271 3020 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:37:07.0286 3020 DfsC - ok
08:37:07.0286 3020 dgderdrv - ok
08:37:07.0318 3020 dg_ssudbus (3ce3066ab1ccc094b4f0f1285cda4609) C:\windows\system32\DRIVERS\ssudbus.sys
08:37:07.0349 3020 dg_ssudbus - ok
08:37:07.0380 3020 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:37:07.0411 3020 Dhcp - ok
08:37:07.0427 3020 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:37:07.0442 3020 discache - ok
08:37:07.0474 3020 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
08:37:07.0474 3020 Disk - ok
08:37:07.0505 3020 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:37:07.0536 3020 Dnscache - ok
08:37:07.0567 3020 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:37:07.0598 3020 dot3svc - ok
08:37:07.0645 3020 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
08:37:07.0661 3020 Dot4 - ok
08:37:07.0676 3020 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
08:37:07.0676 3020 Dot4Print - ok
08:37:07.0708 3020 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
08:37:07.0723 3020 dot4usb - ok
08:37:07.0723 3020 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:37:07.0739 3020 DPS - ok
08:37:07.0754 3020 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:37:07.0770 3020 drmkaud - ok
08:37:07.0848 3020 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:37:07.0864 3020 DXGKrnl - ok
08:37:07.0957 3020 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
08:37:07.0957 3020 DymoPnpService - ok
08:37:07.0988 3020 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:37:08.0051 3020 EapHost - ok
08:37:08.0222 3020 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
08:37:08.0300 3020 ebdrv - ok
08:37:08.0394 3020 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:37:08.0441 3020 EFS - ok
08:37:08.0550 3020 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:37:08.0628 3020 ehRecvr - ok
08:37:08.0644 3020 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:37:08.0675 3020 ehSched - ok
08:37:08.0753 3020 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
08:37:08.0800 3020 elxstor - ok
08:37:08.0815 3020 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:37:08.0815 3020 ErrDev - ok
08:37:08.0862 3020 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:37:08.0862 3020 EventSystem - ok
08:37:08.0878 3020 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:37:08.0909 3020 exfat - ok
08:37:08.0924 3020 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:37:08.0940 3020 fastfat - ok
08:37:09.0034 3020 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:37:09.0049 3020 Fax - ok
08:37:09.0049 3020 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
08:37:09.0065 3020 fdc - ok
08:37:09.0080 3020 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:37:09.0080 3020 fdPHost - ok
08:37:09.0080 3020 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:37:09.0080 3020 FDResPub - ok
08:37:09.0096 3020 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:37:09.0096 3020 FileInfo - ok
08:37:09.0112 3020 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:37:09.0127 3020 Filetrace - ok
08:37:09.0127 3020 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
08:37:09.0127 3020 flpydisk - ok
08:37:09.0158 3020 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:37:09.0158 3020 FltMgr - ok
08:37:09.0236 3020 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:37:09.0252 3020 FontCache - ok
08:37:09.0314 3020 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:37:09.0346 3020 FontCache3.0.0.0 - ok
08:37:09.0392 3020 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:37:09.0408 3020 FsDepends - ok
08:37:09.0424 3020 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:37:09.0424 3020 Fs_Rec - ok
08:37:09.0502 3020 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:37:09.0502 3020 fvevol - ok
08:37:09.0564 3020 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
08:37:09.0580 3020 gagp30kx - ok
08:37:09.0673 3020 GoToAssist (80d6ea9c46904608cea146c4996a824a) C:\Program Files (x86)\Citrix\GoToAssist\822\g2aservice.exe
08:37:09.0689 3020 GoToAssist - ok
08:37:09.0829 3020 GoToMyPC (b4bac2b0bc0599d743b7b628e126a5e4) C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
08:37:09.0845 3020 GoToMyPC - ok
08:37:10.0001 3020 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:37:10.0016 3020 gpsvc - ok
08:37:10.0110 3020 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:37:10.0126 3020 gupdate - ok
08:37:10.0126 3020 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:37:10.0126 3020 gupdatem - ok
08:37:10.0172 3020 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:37:10.0188 3020 hcw85cir - ok
08:37:10.0235 3020 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:37:10.0266 3020 HdAudAddService - ok
08:37:10.0282 3020 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
08:37:10.0282 3020 HDAudBus - ok
08:37:10.0297 3020 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
08:37:10.0297 3020 HidBatt - ok
08:37:10.0313 3020 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
08:37:10.0313 3020 HidBth - ok
08:37:10.0328 3020 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
08:37:10.0344 3020 HidIr - ok
08:37:10.0360 3020 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:37:10.0360 3020 hidserv - ok
08:37:10.0406 3020 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:37:10.0422 3020 HidUsb - ok
08:37:10.0438 3020 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:37:10.0469 3020 hkmsvc - ok
08:37:10.0500 3020 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:37:10.0516 3020 HomeGroupListener - ok
08:37:10.0547 3020 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:37:10.0562 3020 HomeGroupProvider - ok
08:37:10.0578 3020 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:37:10.0594 3020 HpSAMD - ok
08:37:10.0656 3020 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:37:10.0687 3020 HTTP - ok
08:37:10.0703 3020 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:37:10.0703 3020 hwpolicy - ok
08:37:10.0734 3020 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
08:37:10.0750 3020 i8042prt - ok
08:37:10.0781 3020 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:37:10.0828 3020 iaStorV - ok
08:37:10.0937 3020 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:37:11.0015 3020 idsvc - ok
08:37:11.0374 3020 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
08:37:11.0639 3020 igfx - ok
08:37:11.0779 3020 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
08:37:11.0795 3020 iirsp - ok
08:37:11.0873 3020 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:37:11.0920 3020 IKEEXT - ok
08:37:12.0060 3020 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\windows\system32\drivers\RTKVHD64.sys
08:37:12.0076 3020 IntcAzAudAddService - ok
08:37:12.0154 3020 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:37:12.0154 3020 intelide - ok
08:37:12.0185 3020 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:37:12.0216 3020 intelppm - ok
08:37:12.0247 3020 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:37:12.0263 3020 IPBusEnum - ok
08:37:12.0294 3020 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:37:12.0310 3020 IpFilterDriver - ok
08:37:12.0325 3020 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:37:12.0325 3020 IPMIDRV - ok
08:37:12.0356 3020 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:37:12.0372 3020 IPNAT - ok
08:37:12.0388 3020 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:37:12.0403 3020 IRENUM - ok
08:37:12.0419 3020 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:37:12.0419 3020 isapnp - ok
08:37:12.0450 3020 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:37:12.0466 3020 iScsiPrt - ok
08:37:12.0497 3020 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:37:12.0512 3020 kbdclass - ok
08:37:12.0528 3020 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
08:37:12.0544 3020 kbdhid - ok
08:37:12.0575 3020 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:37:12.0575 3020 KeyIso - ok
08:37:12.0606 3020 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
08:37:12.0622 3020 KSecDD - ok
08:37:12.0637 3020 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
08:37:12.0637 3020 KSecPkg - ok
08:37:12.0668 3020 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:37:12.0684 3020 ksthunk - ok
08:37:12.0746 3020 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:37:12.0793 3020 KtmRm - ok
08:37:12.0840 3020 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:37:12.0871 3020 LanmanServer - ok
08:37:12.0902 3020 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:37:12.0918 3020 LanmanWorkstation - ok
08:37:12.0949 3020 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:37:12.0965 3020 lltdio - ok
08:37:13.0012 3020 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:37:13.0058 3020 lltdsvc - ok
08:37:13.0058 3020 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:37:13.0074 3020 lmhosts - ok
08:37:13.0105 3020 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
08:37:13.0121 3020 LSI_FC - ok
08:37:13.0121 3020 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
08:37:13.0136 3020 LSI_SAS - ok
08:37:13.0136 3020 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
08:37:13.0152 3020 LSI_SAS2 - ok
08:37:13.0152 3020 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
08:37:13.0168 3020 LSI_SCSI - ok
08:37:13.0183 3020 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:37:13.0199 3020 luafv - ok
08:37:13.0230 3020 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:37:13.0246 3020 Mcx2Svc - ok
08:37:13.0246 3020 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
08:37:13.0261 3020 megasas - ok
08:37:13.0292 3020 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
08:37:13.0308 3020 MegaSR - ok
08:37:13.0433 3020 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:37:13.0480 3020 Microsoft Office Groove Audit Service - ok
08:37:13.0511 3020 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:37:13.0511 3020 MMCSS - ok
08:37:13.0511 3020 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:37:13.0526 3020 Modem - ok
08:37:13.0558 3020 monblanking (d70d2b27eb40ef1cc7ff1bedaa3db9e9) C:\windows\system32\DRIVERS\monblanking.sys
08:37:13.0558 3020 monblanking - ok
08:37:13.0604 3020 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:37:13.0604 3020 monitor - ok
08:37:13.0636 3020 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:37:13.0667 3020 mouclass - ok
08:37:13.0698 3020 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:37:13.0714 3020 mouhid - ok
08:37:13.0745 3020 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:37:13.0745 3020 mountmgr - ok
08:37:13.0807 3020 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
08:37:13.0807 3020 MpFilter - ok
08:37:13.0838 3020 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:37:13.0870 3020 mpio - ok
08:37:13.0901 3020 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:37:13.0916 3020 mpsdrv - ok
08:37:13.0948 3020 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:37:13.0963 3020 MRxDAV - ok
08:37:13.0994 3020 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:37:14.0026 3020 mrxsmb - ok
08:37:14.0057 3020 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:37:14.0072 3020 mrxsmb10 - ok
08:37:14.0104 3020 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:37:14.0119 3020 mrxsmb20 - ok
08:37:14.0135 3020 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
08:37:14.0135 3020 msahci - ok
08:37:14.0166 3020 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:37:14.0182 3020 msdsm - ok
08:37:14.0213 3020 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:37:14.0228 3020 MSDTC - ok
08:37:14.0260 3020 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:37:14.0260 3020 Msfs - ok
08:37:14.0275 3020 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:37:14.0275 3020 mshidkmdf - ok
08:37:14.0291 3020 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:37:14.0291 3020 msisadrv - ok
08:37:14.0322 3020 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:37:14.0369 3020 MSiSCSI - ok
08:37:14.0369 3020 msiserver - ok
08:37:14.0384 3020 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:37:14.0400 3020 MSKSSRV - ok
08:37:14.0494 3020 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:37:14.0494 3020 MsMpSvc - ok
08:37:14.0509 3020 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:37:14.0540 3020 MSPCLOCK - ok
08:37:14.0540 3020 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:37:14.0556 3020 MSPQM - ok
08:37:14.0587 3020 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:37:14.0587 3020 MsRPC - ok
08:37:14.0618 3020 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
08:37:14.0618 3020 mssmbios - ok
08:37:14.0634 3020 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:37:14.0634 3020 MSTEE - ok
08:37:14.0650 3020 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
08:37:14.0650 3020 MTConfig - ok
08:37:14.0681 3020 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:37:14.0681 3020 Mup - ok
08:37:14.0728 3020 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:37:14.0728 3020 napagent - ok
08:37:14.0774 3020 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:37:14.0806 3020 NativeWifiP - ok
08:37:14.0884 3020 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:37:14.0884 3020 NDIS - ok
08:37:14.0899 3020 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:37:14.0915 3020 NdisCap - ok
08:37:14.0930 3020 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:37:14.0946 3020 NdisTapi - ok
08:37:14.0977 3020 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:37:14.0977 3020 Ndisuio - ok
08:37:15.0008 3020 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:37:15.0024 3020 NdisWan - ok
08:37:15.0040 3020 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:37:15.0055 3020 NDProxy - ok
08:37:15.0055 3020 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:37:15.0071 3020 NetBIOS - ok
08:37:15.0118 3020 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:37:15.0133 3020 NetBT - ok
08:37:15.0164 3020 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:37:15.0164 3020 Netlogon - ok
08:37:15.0227 3020 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:37:15.0227 3020 Netman - ok
08:37:15.0274 3020 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:37:15.0274 3020 netprofm - ok
08:37:15.0352 3020 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:37:15.0398 3020 NetTcpPortSharing - ok
08:37:15.0445 3020 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
08:37:15.0445 3020 nfrd960 - ok
08:37:15.0492 3020 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:37:15.0523 3020 NisDrv - ok
08:37:15.0601 3020 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
08:37:15.0664 3020 NisSrv - ok
08:37:15.0788 3020 NitroReaderDriverReadSpool2 (d333a5fb3beafd554fb8ff5fd5bf762e) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
08:37:15.0804 3020 NitroReaderDriverReadSpool2 - ok
08:37:15.0866 3020 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:37:15.0882 3020 NlaSvc - ok
08:37:15.0882 3020 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:37:15.0898 3020 Npfs - ok
08:37:15.0929 3020 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:37:15.0944 3020 nsi - ok
08:37:15.0960 3020 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:37:15.0976 3020 nsiproxy - ok
08:37:16.0085 3020 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:37:16.0100 3020 Ntfs - ok
08:37:16.0194 3020 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:37:16.0225 3020 Null - ok
08:37:16.0241 3020 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:37:16.0272 3020 nvraid - ok
08:37:16.0303 3020 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:37:16.0319 3020 nvstor - ok
08:37:16.0334 3020 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:37:16.0350 3020 nv_agp - ok
08:37:16.0475 3020 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:37:16.0553 3020 odserv - ok
08:37:16.0568 3020 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:37:16.0584 3020 ohci1394 - ok
08:37:16.0631 3020 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:37:16.0662 3020 ose - ok
08:37:16.0709 3020 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:37:16.0724 3020 p2pimsvc - ok
08:37:16.0771 3020 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:37:16.0818 3020 p2psvc - ok
08:37:16.0849 3020 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
08:37:16.0865 3020 Parport - ok
08:37:16.0896 3020 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:37:16.0896 3020 partmgr - ok
08:37:16.0927 3020 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:37:16.0927 3020 PcaSvc - ok
08:37:16.0943 3020 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:37:16.0943 3020 pci - ok
08:37:16.0958 3020 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
08:37:16.0958 3020 pciide - ok
08:37:16.0974 3020 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
08:37:16.0990 3020 pcmcia - ok
08:37:16.0990 3020 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:37:17.0005 3020 pcw - ok
08:37:17.0036 3020 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:37:17.0036 3020 PEAUTH - ok
08:37:17.0130 3020 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:37:17.0177 3020 PerfHost - ok
08:37:17.0364 3020 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:37:17.0442 3020 pla - ok
08:37:17.0473 3020 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:37:17.0473 3020 PlugPlay - ok
08:37:17.0536 3020 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\windows\system32\HPZipm12.dll
08:37:17.0551 3020 Pml Driver HPZ12 - ok
08:37:17.0567 3020 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:37:17.0629 3020 PNRPAutoReg - ok
08:37:17.0660 3020 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:37:17.0660 3020 PNRPsvc - ok
08:37:17.0723 3020 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:37:17.0754 3020 PolicyAgent - ok
08:37:17.0770 3020 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:37:17.0801 3020 Power - ok
08:37:17.0863 3020 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:37:17.0894 3020 PptpMiniport - ok
08:37:17.0926 3020 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
08:37:17.0926 3020 Processor - ok
08:37:17.0957 3020 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
08:37:17.0972 3020 ProfSvc - ok
08:37:17.0988 3020 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:37:17.0988 3020 ProtectedStorage - ok
08:37:18.0019 3020 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:37:18.0035 3020 Psched - ok
08:37:18.0113 3020 QBCFMonitorService (ee46f431b25c14778d2e89d6f10f1d65) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:37:18.0113 3020 QBCFMonitorService - ok
08:37:18.0144 3020 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:37:18.0160 3020 QBFCService - ok
08:37:18.0316 3020 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
08:37:18.0394 3020 ql2300 - ok
08:37:18.0550 3020 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
08:37:18.0581 3020 ql40xx - ok
08:37:18.0612 3020 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:37:18.0659 3020 QWAVE - ok
08:37:18.0674 3020 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:37:18.0706 3020 QWAVEdrv - ok
08:37:18.0706 3020 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:37:18.0737 3020 RasAcd - ok
08:37:18.0846 3020 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:37:18.0862 3020 RasAgileVpn - ok
08:37:18.0940 3020 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:37:19.0018 3020 RasAuto - ok
08:37:19.0049 3020 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:37:19.0096 3020 Rasl2tp - ok
08:37:19.0142 3020 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:37:19.0174 3020 RasMan - ok
08:37:19.0220 3020 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:37:19.0236 3020 RasPppoe - ok
08:37:19.0267 3020 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:37:19.0283 3020 RasSstp - ok
08:37:19.0314 3020 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:37:19.0345 3020 rdbss - ok
08:37:19.0361 3020 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
08:37:19.0376 3020 rdpbus - ok
08:37:19.0392 3020 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:37:19.0392 3020 RDPCDD - ok
08:37:19.0408 3020 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:37:19.0423 3020 RDPENCDD - ok
08:37:19.0423 3020 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:37:19.0439 3020 RDPREFMP - ok
08:37:19.0470 3020 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:37:19.0501 3020 RDPWD - ok
08:37:19.0548 3020 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:37:19.0548 3020 rdyboost - ok
08:37:19.0579 3020 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:37:19.0595 3020 RemoteAccess - ok
08:37:19.0626 3020 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:37:19.0657 3020 RemoteRegistry - ok
08:37:19.0673 3020 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:37:19.0688 3020 RpcEptMapper - ok
08:37:19.0704 3020 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:37:19.0704 3020 RpcLocator - ok
08:37:19.0751 3020 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:37:19.0751 3020 RpcSs - ok
08:37:19.0798 3020 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:37:19.0813 3020 rspndr - ok
08:37:19.0829 3020 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
08:37:19.0829 3020 RTL8023x64 - ok
08:37:19.0891 3020 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\windows\system32\DRIVERS\Rt64win7.sys
08:37:19.0922 3020 RTL8167 - ok
08:37:19.0954 3020 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:37:19.0954 3020 SamSs - ok
08:37:19.0985 3020 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:37:20.0000 3020 sbp2port - ok
08:37:20.0032 3020 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:37:20.0063 3020 SCardSvr - ok
08:37:20.0094 3020 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:37:20.0094 3020 scfilter - ok
08:37:20.0172 3020 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:37:20.0203 3020 Schedule - ok
08:37:20.0234 3020 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:37:20.0234 3020 SCPolicySvc - ok
08:37:20.0250 3020 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:37:20.0266 3020 SDRSVC - ok
08:37:20.0312 3020 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:37:20.0312 3020 secdrv - ok
08:37:20.0344 3020 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:37:20.0359 3020 seclogon - ok
08:37:20.0375 3020 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:37:20.0375 3020 SENS - ok
08:37:20.0406 3020 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:37:20.0422 3020 SensrSvc - ok
08:37:20.0453 3020 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
08:37:20.0484 3020 Serenum - ok
08:37:20.0515 3020 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
08:37:20.0562 3020 Serial - ok
08:37:20.0609 3020 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
08:37:20.0624 3020 sermouse - ok
08:37:20.0718 3020 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:37:20.0765 3020 SessionEnv - ok
08:37:20.0796 3020 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:37:20.0796 3020 sffdisk - ok
08:37:20.0812 3020 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:37:20.0812 3020 sffp_mmc - ok
08:37:20.0827 3020 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:37:20.0827 3020 sffp_sd - ok
08:37:20.0858 3020 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
08:37:20.0874 3020 sfloppy - ok
08:37:20.0905 3020 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:37:20.0936 3020 ShellHWDetection - ok
08:37:20.0936 3020 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
08:37:20.0952 3020 SiSRaid2 - ok
08:37:20.0952 3020 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
08:37:20.0968 3020 SiSRaid4 - ok
08:37:20.0983 3020 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:37:20.0999 3020 Smb - ok
08:37:21.0030 3020 snapman (10450f432811d7fda60a97fcc674d7b2) C:\windows\system32\DRIVERS\snapman.sys
08:37:21.0046 3020 snapman - ok
08:37:21.0061 3020 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:37:21.0077 3020 SNMPTRAP - ok
08:37:21.0108 3020 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:37:21.0108 3020 spldr - ok
08:37:21.0155 3020 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:37:21.0186 3020 Spooler - ok
08:37:21.0514 3020 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:37:21.0529 3020 sppsvc - ok
08:37:21.0779 3020 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:37:21.0794 3020 sppuinotify - ok
08:37:21.0966 3020 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:37:22.0028 3020 srv - ok
08:37:22.0060 3020 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:37:22.0091 3020 srv2 - ok
08:37:22.0138 3020 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:37:22.0153 3020 srvnet - ok
08:37:22.0200 3020 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:37:22.0200 3020 SSDPSRV - ok
08:37:22.0216 3020 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:37:22.0247 3020 SstpSvc - ok
08:37:22.0278 3020 ssudmdm (c683e87ac3f8eb55735338a6ad5cc096) C:\windows\system32\DRIVERS\ssudmdm.sys
08:37:22.0294 3020 ssudmdm - ok
08:37:22.0325 3020 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
08:37:22.0340 3020 stexstor - ok
08:37:22.0403 3020 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:37:22.0418 3020 stisvc - ok
08:37:22.0450 3020 SuperIO (d310da4bb3d61a52f8c50ddb1a62ff5e) C:\windows\system32\DRIVERS\spio.sys
08:37:22.0481 3020 SuperIO - ok
08:37:22.0512 3020 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
08:37:22.0528 3020 swenum - ok
08:37:22.0606 3020 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:37:22.0637 3020 swprv - ok
08:37:22.0730 3020 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:37:22.0793 3020 SysMain - ok
08:37:22.0980 3020 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:37:22.0980 3020 TabletInputService - ok
08:37:23.0011 3020 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:37:23.0011 3020 TapiSrv - ok
08:37:23.0027 3020 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:37:23.0058 3020 TBS - ok
08:37:23.0370 3020 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:37:23.0386 3020 Tcpip - ok
08:37:23.0854 3020 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:37:23.0869 3020 TCPIP6 - ok
08:37:24.0041 3020 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:37:24.0041 3020 tcpipreg - ok
08:37:24.0072 3020 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:37:24.0088 3020 TDPIPE - ok
08:37:24.0181 3020 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\windows\system32\DRIVERS\tdrpm273.sys
08:37:24.0197 3020 tdrpman273 - ok
08:37:24.0212 3020 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:37:24.0228 3020 TDTCP - ok
08:37:24.0259 3020 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:37:24.0275 3020 tdx - ok
08:37:24.0290 3020 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
08:37:24.0306 3020 TermDD - ok
08:37:24.0353 3020 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:37:24.0384 3020 TermService - ok
08:37:24.0415 3020 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:37:24.0431 3020 Themes - ok
08:37:24.0462 3020 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:37:24.0462 3020 THREADORDER - ok
08:37:24.0587 3020 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\windows\system32\DRIVERS\timntr.sys
08:37:24.0602 3020 timounter - ok
08:37:24.0634 3020 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:37:24.0634 3020 TrkWks - ok
08:37:24.0680 3020 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:37:24.0727 3020 TrustedInstaller - ok
08:37:24.0758 3020 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:37:24.0758 3020 tssecsrv - ok
08:37:24.0805 3020 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:37:24.0821 3020 TsUsbFlt - ok
08:37:24.0868 3020 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:37:24.0883 3020 tunnel - ok
08:37:24.0914 3020 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
08:37:24.0914 3020 uagp35 - ok
08:37:24.0946 3020 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:37:24.0977 3020 udfs - ok
08:37:25.0008 3020 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:37:25.0008 3020 UI0Detect - ok
08:37:25.0039 3020 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:37:25.0055 3020 uliagpkx - ok
08:37:25.0086 3020 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
08:37:25.0086 3020 umbus - ok
08:37:25.0102 3020 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
08:37:25.0102 3020 UmPass - ok
08:37:25.0133 3020 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:37:25.0133 3020 upnphost - ok
08:37:25.0164 3020 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
08:37:25.0180 3020 usbccgp - ok
08:37:25.0195 3020 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:37:25.0211 3020 usbcir - ok
08:37:25.0226 3020 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:37:25.0226 3020 usbehci - ok
08:37:25.0273 3020 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\windows\system32\DRIVERS\usbfilter.sys
08:37:25.0304 3020 usbfilter - ok
08:37:25.0351 3020 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:37:25.0367 3020 usbhub - ok
08:37:25.0382 3020 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
08:37:25.0398 3020 usbohci - ok
08:37:25.0429 3020 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:37:25.0429 3020 usbprint - ok
08:37:25.0445 3020 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\windows\system32\DRIVERS\usbser.sys
08:37:25.0460 3020 usbser - ok
08:37:25.0492 3020 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:37:25.0507 3020 USBSTOR - ok
08:37:25.0523 3020 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
08:37:25.0523 3020 usbuhci - ok
08:37:25.0554 3020 USTOR2K (88ce07826f25b851e824ed2e57106323) C:\windows\system32\DRIVERS\ustor2k.sys
08:37:25.0570 3020 USTOR2K - ok
08:37:25.0585 3020 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:37:25.0601 3020 UxSms - ok
08:37:25.0616 3020 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:37:25.0632 3020 VaultSvc - ok
08:37:25.0648 3020 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:37:25.0648 3020 vdrvroot - ok
08:37:25.0710 3020 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:37:25.0741 3020 vds - ok
08:37:25.0772 3020 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:37:25.0772 3020 vga - ok
08:37:25.0788 3020 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:37:25.0804 3020 VgaSave - ok
08:37:25.0835 3020 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:37:25.0850 3020 vhdmp - ok
08:37:25.0866 3020 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:37:25.0866 3020 viaide - ok
08:37:25.0882 3020 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:37:25.0882 3020 volmgr - ok
08:37:25.0913 3020 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:37:25.0928 3020 volmgrx - ok
08:37:25.0960 3020 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
08:37:25.0960 3020 volsnap - ok
08:37:25.0975 3020 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
08:37:25.0991 3020 vsmraid - ok
08:37:26.0100 3020 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:37:26.0178 3020 VSS - ok
08:37:26.0272 3020 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\System32\drivers\vwifibus.sys
08:37:26.0303 3020 vwifibus - ok
08:37:26.0350 3020 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:37:26.0396 3020 W32Time - ok
08:37:26.0412 3020 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
08:37:26.0412 3020 WacomPen - ok
08:37:26.0443 3020 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:37:26.0459 3020 WANARP - ok
08:37:26.0459 3020 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:37:26.0474 3020 Wanarpv6 - ok
08:37:26.0615 3020 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:37:26.0864 3020 WatAdminSvc - ok
08:37:26.0974 3020 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:37:27.0067 3020 wbengine - ok
08:37:27.0208 3020 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:37:27.0254 3020 WbioSrvc - ok
08:37:27.0301 3020 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:37:27.0317 3020 wcncsvc - ok
08:37:27.0317 3020 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:37:27.0348 3020 WcsPlugInService - ok
08:37:27.0395 3020 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
08:37:27.0395 3020 Wd - ok
08:37:27.0442 3020 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:37:27.0442 3020 Wdf01000 - ok
08:37:27.0457 3020 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:37:27.0473 3020 WdiServiceHost - ok
08:37:27.0473 3020 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:37:27.0473 3020 WdiSystemHost - ok
08:37:27.0488 3020 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:37:27.0520 3020 WebClient - ok
08:37:27.0551 3020 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:37:27.0566 3020 Wecsvc - ok
08:37:27.0582 3020 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:37:27.0582 3020 wercplsupport - ok
08:37:27.0598 3020 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:37:27.0613 3020 WerSvc - ok
08:37:27.0676 3020 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:37:27.0676 3020 WfpLwf - ok
08:37:27.0691 3020 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:37:27.0691 3020 WIMMount - ok
08:37:27.0707 3020 WinHttpAutoProxySvc - ok
08:37:27.0738 3020 WinI2C-DDC (66c365b542195c1f6e2ff4a7d8f3827c) C:\windows\system32\drivers\DDCDrv.sys
08:37:27.0738 3020 WinI2C-DDC - ok
08:37:27.0816 3020 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:37:27.0816 3020 Winmgmt - ok
08:37:27.0956 3020 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:37:28.0034 3020 WinRM - ok
08:37:28.0190 3020 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:37:28.0206 3020 WinUsb - ok
08:37:28.0284 3020 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:37:28.0315 3020 Wlansvc - ok
08:37:28.0393 3020 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:37:28.0424 3020 wlcrasvc - ok
08:37:28.0643 3020 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:37:28.0674 3020 wlidsvc - ok
08:37:28.0799 3020 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
08:37:28.0814 3020 WmiAcpi - ok
08:37:28.0892 3020 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:37:28.0939 3020 wmiApSrv - ok
08:37:28.0986 3020 WMPNetworkSvc - ok
08:37:29.0017 3020 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:37:29.0080 3020 WPCSvc - ok
08:37:29.0111 3020 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:37:29.0111 3020 WPDBusEnum - ok
08:37:29.0142 3020 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:37:29.0142 3020 ws2ifsl - ok
08:37:29.0158 3020 WSearch - ok
08:37:29.0204 3020 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
08:37:29.0220 3020 wsvd - ok
08:37:29.0251 3020 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:37:29.0267 3020 WudfPf - ok
08:37:29.0298 3020 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
08:37:29.0314 3020 WUDFRd - ok
08:37:29.0329 3020 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:37:29.0360 3020 wudfsvc - ok
08:37:29.0392 3020 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:37:29.0407 3020 WwanSvc - ok
08:37:29.0454 3020 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
08:37:29.0532 3020 yukonw7 - ok
08:37:29.0579 3020 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:37:29.0766 3020 \Device\Harddisk0\DR0 - ok
08:37:29.0782 3020 MBR (0x1B8) (973e9ba32fdbb305c552ed3e1ebf0686) \Device\Harddisk1\DR4
08:37:29.0797 3020 \Device\Harddisk1\DR4 - ok
08:37:29.0797 3020 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
08:37:29.0813 3020 \Device\Harddisk3\DR3 - ok
08:37:29.0813 3020 Boot (0x1200) (4dd8aa9edfabf2895d06d033c35126ce) \Device\Harddisk0\DR0\Partition0
08:37:29.0813 3020 \Device\Harddisk0\DR0\Partition0 - ok
08:37:29.0828 3020 Boot (0x1200) (412c5f5d45b3848ea41ec24251c4ad2c) \Device\Harddisk0\DR0\Partition1
08:37:29.0828 3020 \Device\Harddisk0\DR0\Partition1 - ok
08:37:29.0828 3020 Boot (0x1200) (18b9b2ab3c3b092a7081d84e7c3c5e52) \Device\Harddisk1\DR4\Partition0
08:37:29.0828 3020 \Device\Harddisk1\DR4\Partition0 - ok
08:37:29.0844 3020 Boot (0x1200) (b4acc28443f3a0af31da6817f4d4d2cb) \Device\Harddisk3\DR3\Partition0
08:37:29.0844 3020 \Device\Harddisk3\DR3\Partition0 - ok
08:37:29.0844 3020 ============================================================
08:37:29.0844 3020 Scan finished
08:37:29.0844 3020 ============================================================
08:37:29.0860 4824 Detected object count: 0
08:37:29.0860 4824 Actual detected object count: 0
08:38:04.0039 3080 ============================================================
08:38:04.0039 3080 Scan started
08:38:04.0039 3080 Mode: Manual; TDLFS;
08:38:04.0039 3080 ============================================================
08:38:04.0320 3080 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:38:04.0320 3080 1394ohci - ok
08:38:04.0351 3080 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:38:04.0351 3080 ACPI - ok
08:38:04.0367 3080 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:38:04.0367 3080 AcpiPmi - ok
08:38:04.0507 3080 AcrSch2Svc (91d3b4916ec7c8e105351011a39a0312) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
08:38:04.0507 3080 AcrSch2Svc - ok
08:38:04.0570 3080 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:38:04.0570 3080 AdobeARMservice - ok
08:38:04.0694 3080 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:38:04.0694 3080 AdobeFlashPlayerUpdateSvc - ok
08:38:04.0819 3080 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
08:38:04.0819 3080 adp94xx - ok
08:38:04.0850 3080 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
08:38:04.0850 3080 adpahci - ok
08:38:04.0866 3080 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
08:38:04.0866 3080 adpu320 - ok
08:38:04.0897 3080 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:38:04.0897 3080 AeLookupSvc - ok
08:38:04.0928 3080 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\windows\system32\DRIVERS\afcdp.sys
08:38:04.0928 3080 afcdp - ok
08:38:05.0147 3080 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
08:38:05.0162 3080 afcdpsrv - ok
08:38:05.0303 3080 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:38:05.0303 3080 AFD - ok
08:38:05.0334 3080 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:38:05.0334 3080 agp440 - ok
08:38:05.0365 3080 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:38:05.0365 3080 ALG - ok
08:38:05.0381 3080 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:38:05.0381 3080 aliide - ok
08:38:05.0412 3080 AMD External Events Utility (b4143cb1dd16ae73c6177c72f33450a6) C:\windows\system32\atiesrxx.exe
08:38:05.0412 3080 AMD External Events Utility - ok
08:38:05.0428 3080 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:38:05.0428 3080 amdide - ok
08:38:05.0459 3080 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
08:38:05.0459 3080 AmdK8 - ok
08:38:05.0755 3080 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atipmdag.sys
08:38:05.0786 3080 amdkmdag - ok
08:38:05.0911 3080 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\windows\system32\DRIVERS\atikmpag.sys
08:38:05.0927 3080 amdkmdap - ok
08:38:05.0942 3080 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
08:38:05.0942 3080 AmdPPM - ok
08:38:05.0974 3080 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:38:05.0974 3080 amdsata - ok
08:38:06.0005 3080 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
08:38:06.0005 3080 amdsbs - ok
08:38:06.0020 3080 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:38:06.0020 3080 amdxata - ok
08:38:06.0036 3080 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:38:06.0036 3080 AppID - ok
08:38:06.0067 3080 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:38:06.0067 3080 AppIDSvc - ok
08:38:06.0114 3080 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:38:06.0114 3080 Appinfo - ok
08:38:06.0114 3080 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
08:38:06.0130 3080 arc - ok
08:38:06.0130 3080 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
08:38:06.0130 3080 arcsas - ok
08:38:06.0145 3080 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:38:06.0145 3080 AsyncMac - ok
08:38:06.0161 3080 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:38:06.0161 3080 atapi - ok
08:38:06.0192 3080 AtiHdmiService (7e2f5a758f63f80f8b03f889b4e6b19f) C:\windows\system32\drivers\AtiHdmi.sys
08:38:06.0192 3080 AtiHdmiService - ok
08:38:06.0426 3080 atikmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\windows\system32\DRIVERS\atikmdag.sys
08:38:06.0457 3080 atikmdag - ok
08:38:06.0582 3080 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys
08:38:06.0582 3080 AtiPcie - ok
08:38:06.0660 3080 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:38:06.0676 3080 AudioEndpointBuilder - ok
08:38:06.0676 3080 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:38:06.0691 3080 AudioSrv - ok
08:38:06.0722 3080 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:38:06.0722 3080 AxInstSV - ok
08:38:06.0769 3080 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
08:38:06.0769 3080 b06bdrv - ok
08:38:06.0800 3080 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:38:06.0800 3080 b57nd60a - ok
08:38:06.0832 3080 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:38:06.0832 3080 BDESVC - ok
08:38:06.0847 3080 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:38:06.0847 3080 Beep - ok
08:38:06.0863 3080 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:38:06.0863 3080 blbdrive - ok
08:38:06.0894 3080 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:38:06.0894 3080 bowser - ok
08:38:06.0894 3080 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
08:38:06.0894 3080 BrFiltLo - ok
08:38:06.0910 3080 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
08:38:06.0910 3080 BrFiltUp - ok
08:38:06.0941 3080 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:38:06.0941 3080 Browser - ok
08:38:06.0956 3080 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:38:06.0956 3080 Brserid - ok
08:38:06.0972 3080 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:38:06.0972 3080 BrSerWdm - ok
08:38:06.0972 3080 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:38:06.0972 3080 BrUsbMdm - ok
08:38:06.0972 3080 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:38:06.0988 3080 BrUsbSer - ok
08:38:06.0988 3080 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
08:38:06.0988 3080 BTHMODEM - ok
08:38:07.0003 3080 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:38:07.0003 3080 bthserv - ok
08:38:07.0019 3080 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:38:07.0019 3080 cdfs - ok
08:38:07.0050 3080 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:38:07.0050 3080 cdrom - ok
08:38:07.0066 3080 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:38:07.0066 3080 CertPropSvc - ok
08:38:07.0066 3080 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
08:38:07.0066 3080 circlass - ok
08:38:07.0097 3080 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:38:07.0097 3080 CLFS - ok
08:38:07.0175 3080 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:38:07.0175 3080 clr_optimization_v2.0.50727_32 - ok
08:38:07.0222 3080 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:38:07.0222 3080 clr_optimization_v2.0.50727_64 - ok
08:38:07.0253 3080 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:38:07.0268 3080 clr_optimization_v4.0.30319_32 - ok
08:38:07.0284 3080 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:38:07.0284 3080 clr_optimization_v4.0.30319_64 - ok
08:38:07.0315 3080 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:38:07.0315 3080 CmBatt - ok
08:38:07.0346 3080 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:38:07.0346 3080 cmdide - ok
08:38:07.0393 3080 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
08:38:07.0393 3080 CNG - ok
08:38:07.0393 3080 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
08:38:07.0393 3080 Compbatt - ok
08:38:07.0409 3080 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
08:38:07.0409 3080 CompositeBus - ok
08:38:07.0424 3080 COMSysApp - ok
08:38:07.0424 3080 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
08:38:07.0424 3080 crcdisk - ok
08:38:07.0456 3080 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
08:38:07.0456 3080 CryptSvc - ok
08:38:07.0502 3080 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:38:07.0502 3080 DcomLaunch - ok
08:38:07.0549 3080 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:38:07.0549 3080 defragsvc - ok
08:38:07.0580 3080 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:38:07.0580 3080 DfsC - ok
08:38:07.0580 3080 dgderdrv - ok
08:38:07.0596 3080 dg_ssudbus (3ce3066ab1ccc094b4f0f1285cda4609) C:\windows\system32\DRIVERS\ssudbus.sys
08:38:07.0596 3080 dg_ssudbus - ok
08:38:07.0627 3080 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:38:07.0627 3080 Dhcp - ok
08:38:07.0643 3080 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:38:07.0643 3080 discache - ok
08:38:07.0674 3080 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
08:38:07.0674 3080 Disk - ok
08:38:07.0705 3080 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:38:07.0705 3080 Dnscache - ok
08:38:07.0736 3080 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:38:07.0736 3080 dot3svc - ok
08:38:07.0768 3080 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
08:38:07.0768 3080 Dot4 - ok
08:38:07.0783 3080 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
08:38:07.0783 3080 Dot4Print - ok
08:38:07.0799 3080 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
08:38:07.0799 3080 dot4usb - ok
08:38:07.0814 3080 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:38:07.0814 3080 DPS - ok
08:38:07.0830 3080 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:38:07.0830 3080 drmkaud - ok
08:38:07.0892 3080 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:38:07.0892 3080 DXGKrnl - ok
08:38:07.0955 3080 DymoPnpService (16801152c1c1ba0857972c28d35bce33) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
08:38:07.0955 3080 DymoPnpService - ok
08:38:07.0986 3080 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:38:08.0002 3080 EapHost - ok
08:38:08.0158 3080 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
08:38:08.0173 3080 ebdrv - ok
08:38:08.0267 3080 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:38:08.0267 3080 EFS - ok
08:38:08.0360 3080 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:38:08.0360 3080 ehRecvr - ok
08:38:08.0392 3080 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:38:08.0392 3080 ehSched - ok
08:38:08.0470 3080 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
08:38:08.0470 3080 elxstor - ok
08:38:08.0485 3080 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:38:08.0485 3080 ErrDev - ok
08:38:08.0532 3080 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:38:08.0532 3080 EventSystem - ok
08:38:08.0563 3080 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:38:08.0563 3080 exfat - ok
08:38:08.0594 3080 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:38:08.0594 3080 fastfat - ok
08:38:08.0657 3080 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:38:08.0672 3080 Fax - ok
08:38:08.0672 3080 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
08:38:08.0672 3080 fdc - ok
08:38:08.0688 3080 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:38:08.0688 3080 fdPHost - ok
08:38:08.0688 3080 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:38:08.0688 3080 FDResPub - ok
08:38:08.0704 3080 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:38:08.0704 3080 FileInfo - ok
08:38:08.0719 3080 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:38:08.0719 3080 Filetrace - ok
08:38:08.0719 3080 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
08:38:08.0719 3080 flpydisk - ok
08:38:08.0750 3080 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:38:08.0750 3080 FltMgr - ok
08:38:08.0828 3080 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:38:08.0828 3080 FontCache - ok
08:38:08.0891 3080 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:38:08.0891 3080 FontCache3.0.0.0 - ok
08:38:08.0953 3080 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:38:08.0953 3080 FsDepends - ok
08:38:08.0984 3080 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:38:08.0984 3080 Fs_Rec - ok
08:38:09.0031 3080 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:38:09.0031 3080 fvevol - ok
08:38:09.0047 3080 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
08:38:09.0047 3080 gagp30kx - ok
08:38:09.0109 3080 GoToAssist (80d6ea9c46904608cea146c4996a824a) C:\Program Files (x86)\Citrix\GoToAssist\822\g2aservice.exe
08:38:09.0109 3080 GoToAssist - ok
08:38:09.0234 3080 GoToMyPC (b4bac2b0bc0599d743b7b628e126a5e4) C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
08:38:09.0250 3080 GoToMyPC - ok
08:38:09.0374 3080 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:38:09.0374 3080 gpsvc - ok
08:38:09.0421 3080 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:38:09.0421 3080 gupdate - ok
08:38:09.0437 3080 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:38:09.0437 3080 gupdatem - ok
08:38:09.0468 3080 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:38:09.0484 3080 hcw85cir - ok
08:38:09.0515 3080 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:38:09.0515 3080 HdAudAddService - ok
08:38:09.0546 3080 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
08:38:09.0546 3080 HDAudBus - ok
08:38:09.0546 3080 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
08:38:09.0546 3080 HidBatt - ok
08:38:09.0577 3080 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
08:38:09.0577 3080 HidBth - ok
08:38:09.0577 3080 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
08:38:09.0577 3080 HidIr - ok
08:38:09.0608 3080 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:38:09.0608 3080 hidserv - ok
08:38:09.0624 3080 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:38:09.0624 3080 HidUsb - ok
08:38:09.0655 3080 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:38:09.0655 3080 hkmsvc - ok
08:38:09.0702 3080 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:38:09.0702 3080 HomeGroupListener - ok
08:38:09.0749 3080 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:38:09.0749 3080 HomeGroupProvider - ok
08:38:09.0780 3080 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:38:09.0780 3080 HpSAMD - ok
08:38:09.0842 3080 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:38:09.0842 3080 HTTP - ok
08:38:09.0874 3080 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:38:09.0874 3080 hwpolicy - ok
08:38:09.0889 3080 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
08:38:09.0889 3080 i8042prt - ok
08:38:09.0920 3080 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:38:09.0920 3080 iaStorV - ok
08:38:10.0030 3080 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:38:10.0030 3080 idsvc - ok
08:38:10.0264 3080 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
08:38:10.0295 3080 igfx - ok
08:38:10.0388 3080 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
08:38:10.0388 3080 iirsp - ok
08:38:10.0466 3080 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:38:10.0466 3080 IKEEXT - ok
08:38:10.0591 3080 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\windows\system32\drivers\RTKVHD64.sys
08:38:10.0607 3080 IntcAzAudAddService - ok
08:38:10.0669 3080 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:38:10.0669 3080 intelide - ok
08:38:10.0700 3080 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:38:10.0700 3080 intelppm - ok
08:38:10.0732 3080 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:38:10.0732 3080 IPBusEnum - ok
08:38:10.0763 3080 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:38:10.0763 3080 IpFilterDriver - ok
08:38:10.0778 3080 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:38:10.0778 3080 IPMIDRV - ok
08:38:10.0794 3080 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:38:10.0794 3080 IPNAT - ok
08:38:10.0810 3080 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:38:10.0810 3080 IRENUM - ok
08:38:10.0810 3080 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:38:10.0810 3080 isapnp - ok
08:38:10.0841 3080 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:38:10.0841 3080 iScsiPrt - ok
08:38:10.0872 3080 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:38:10.0872 3080 kbdclass - ok
08:38:10.0888 3080 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
08:38:10.0888 3080 kbdhid - ok
08:38:10.0919 3080 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:38:10.0919 3080 KeyIso - ok
08:38:10.0966 3080 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
08:38:10.0966 3080 KSecDD - ok
08:38:10.0997 3080 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
08:38:10.0997 3080 KSecPkg - ok
08:38:11.0012 3080 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:38:11.0012 3080 ksthunk - ok
08:38:11.0059 3080 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:38:11.0075 3080 KtmRm - ok
08:38:11.0106 3080 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:38:11.0106 3080 LanmanServer - ok
08:38:11.0137 3080 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:38:11.0137 3080 LanmanWorkstation - ok
08:38:11.0153 3080 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:38:11.0153 3080 lltdio - ok
08:38:11.0200 3080 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:38:11.0200 3080 lltdsvc - ok
08:38:11.0200 3080 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:38:11.0200 3080 lmhosts - ok
08:38:11.0231 3080 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
08:38:11.0231 3080 LSI_FC - ok
08:38:11.0231 3080 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
08:38:11.0231 3080 LSI_SAS - ok
08:38:11.0246 3080 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
08:38:11.0246 3080 LSI_SAS2 - ok
08:38:11.0246 3080 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
08:38:11.0246 3080 LSI_SCSI - ok
08:38:11.0262 3080 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:38:11.0262 3080 luafv - ok
08:38:11.0293 3080 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:38:11.0309 3080 Mcx2Svc - ok
08:38:11.0309 3080 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
08:38:11.0309 3080 megasas - ok
08:38:11.0324 3080 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
08:38:11.0324 3080 MegaSR - ok
08:38:11.0418 3080 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
08:38:11.0418 3080 Microsoft Office Groove Audit Service - ok
08:38:11.0449 3080 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:38:11.0449 3080 MMCSS - ok
08:38:11.0465 3080 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:38:11.0465 3080 Modem - ok
08:38:11.0496 3080 monblanking (d70d2b27eb40ef1cc7ff1bedaa3db9e9) C:\windows\system32\DRIVERS\monblanking.sys
08:38:11.0496 3080 monblanking - ok
08:38:11.0527 3080 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:38:11.0527 3080 monitor - ok
08:38:11.0543 3080 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:38:11.0543 3080 mouclass - ok
08:38:11.0543 3080 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:38:11.0558 3080 mouhid - ok
08:38:11.0574 3080 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:38:11.0590 3080 mountmgr - ok
08:38:11.0621 3080 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
08:38:11.0621 3080 MpFilter - ok
08:38:11.0668 3080 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:38:11.0668 3080 mpio - ok
08:38:11.0683 3080 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:38:11.0683 3080 mpsdrv - ok
08:38:11.0714 3080 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:38:11.0714 3080 MRxDAV - ok
08:38:11.0746 3080 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:38:11.0746 3080 mrxsmb - ok
08:38:11.0792 3080 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:38:11.0792 3080 mrxsmb10 - ok
08:38:11.0824 3080 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:38:11.0824 3080 mrxsmb20 - ok
08:38:11.0839 3080 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
08:38:11.0839 3080 msahci - ok
08:38:11.0855 3080 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:38:11.0870 3080 msdsm - ok
08:38:11.0902 3080 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:38:11.0902 3080 MSDTC - ok
08:38:11.0917 3080 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:38:11.0917 3080 Msfs - ok
08:38:11.0933 3080 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:38:11.0933 3080 mshidkmdf - ok
08:38:11.0933 3080 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:38:11.0933 3080 msisadrv - ok
08:38:11.0964 3080 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:38:11.0964 3080 MSiSCSI - ok
08:38:11.0980 3080 msiserver - ok
08:38:11.0995 3080 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:38:11.0995 3080 MSKSSRV - ok
08:38:12.0073 3080 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:38:12.0073 3080 MsMpSvc - ok
08:38:12.0073 3080 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:38:12.0073 3080 MSPCLOCK - ok
08:38:12.0089 3080 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:38:12.0089 3080 MSPQM - ok
08:38:12.0151 3080 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:38:12.0151 3080 MsRPC - ok
08:38:12.0151 3080 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
08:38:12.0151 3080 mssmbios - ok
08:38:12.0167 3080 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:38:12.0167 3080 MSTEE - ok
08:38:12.0182 3080 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
08:38:12.0182 3080 MTConfig - ok
08:38:12.0198 3080 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:38:12.0198 3080 Mup - ok
08:38:12.0229 3080 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:38:12.0229 3080 napagent - ok
08:38:12.0260 3080 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:38:12.0276 3080 NativeWifiP - ok
08:38:12.0323 3080 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:38:12.0323 3080 NDIS - ok
08:38:12.0354 3080 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:38:12.0354 3080 NdisCap - ok
08:38:12.0354 3080 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:38:12.0354 3080 NdisTapi - ok
08:38:12.0385 3080 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:38:12.0385 3080 Ndisuio - ok
08:38:12.0401 3080 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:38:12.0401 3080 NdisWan - ok
08:38:12.0432 3080 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:38:12.0432 3080 NDProxy - ok
08:38:12.0432 3080 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:38:12.0432 3080 NetBIOS - ok
08:38:12.0463 3080 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:38:12.0463 3080 NetBT - ok
08:38:12.0494 3080 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:38:12.0494 3080 Netlogon - ok
08:38:12.0541 3080 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:38:12.0541 3080 Netman - ok
08:38:12.0572 3080 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:38:12.0572 3080 netprofm - ok
08:38:12.0635 3080 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:38:12.0635 3080 NetTcpPortSharing - ok
08:38:12.0666 3080 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
08:38:12.0666 3080 nfrd960 - ok
08:38:12.0697 3080 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:38:12.0697 3080 NisDrv - ok
08:38:12.0775 3080 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
08:38:12.0791 3080 NisSrv - ok
08:38:12.0869 3080 NitroReaderDriverReadSpool2 (d333a5fb3beafd554fb8ff5fd5bf762e) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
08:38:12.0869 3080 NitroReaderDriverReadSpool2 - ok
08:38:12.0916 3080 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:38:12.0916 3080 NlaSvc - ok
08:38:12.0931 3080 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:38:12.0931 3080 Npfs - ok
08:38:12.0947 3080 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:38:12.0947 3080 nsi - ok
08:38:12.0978 3080 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:38:12.0978 3080 nsiproxy - ok
08:38:13.0087 3080 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:38:13.0103 3080 Ntfs - ok
08:38:13.0196 3080 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:38:13.0196 3080 Null - ok
08:38:13.0228 3080 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:38:13.0243 3080 nvraid - ok
08:38:13.0259 3080 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:38:13.0259 3080 nvstor - ok
08:38:13.0290 3080 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:38:13.0290 3080 nv_agp - ok
08:38:13.0384 3080 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:38:13.0399 3080 odserv - ok
08:38:13.0415 3080 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:38:13.0415 3080 ohci1394 - ok
08:38:13.0430 3080 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:38:13.0430 3080 ose - ok
08:38:13.0477 3080 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:38:13.0477 3080 p2pimsvc - ok
08:38:13.0524 3080 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:38:13.0540 3080 p2psvc - ok
08:38:13.0555 3080 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
08:38:13.0571 3080 Parport - ok
08:38:13.0586 3080 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:38:13.0586 3080 partmgr - ok
08:38:13.0618 3080 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:38:13.0618 3080 PcaSvc - ok
08:38:13.0664 3080 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:38:13.0664 3080 pci - ok
08:38:13.0680 3080 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
08:38:13.0680 3080 pciide - ok
08:38:13.0696 3080 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
08:38:13.0711 3080 pcmcia - ok
08:38:13.0727 3080 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:38:13.0727 3080 pcw - ok
08:38:13.0774 3080 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:38:13.0774 3080 PEAUTH - ok
08:38:13.0852 3080 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:38:13.0852 3080 PerfHost - ok
08:38:14.0023 3080 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:38:14.0039 3080 pla - ok
08:38:14.0070 3080 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:38:14.0070 3080 PlugPlay - ok
08:38:14.0101 3080 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\windows\system32\HPZipm12.dll
08:38:14.0101 3080 Pml Driver HPZ12 - ok
08:38:14.0117 3080 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:38:14.0117 3080 PNRPAutoReg - ok
08:38:14.0148 3080 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:38:14.0148 3080 PNRPsvc - ok
08:38:14.0179 3080 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:38:14.0179 3080 PolicyAgent - ok
08:38:14.0210 3080 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:38:14.0210 3080 Power - ok
08:38:14.0257 3080 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:38:14.0257 3080 PptpMiniport - ok
08:38:14.0288 3080 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
08:38:14.0304 3080 Processor - ok
08:38:14.0335 3080 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
08:38:14.0335 3080 ProfSvc - ok
08:38:14.0366 3080 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:38:14.0366 3080 ProtectedStorage - ok
08:38:14.0444 3080 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:38:14.0460 3080 Psched - ok
08:38:14.0538 3080 QBCFMonitorService (ee46f431b25c14778d2e89d6f10f1d65) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:38:14.0538 3080 QBCFMonitorService - ok
08:38:14.0569 3080 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:38:14.0569 3080 QBFCService - ok
08:38:14.0694 3080 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
08:38:14.0694 3080 ql2300 - ok
08:38:14.0803 3080 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
08:38:14.0803 3080 ql40xx - ok
08:38:14.0850 3080 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:38:14.0850 3080 QWAVE - ok
08:38:14.0866 3080 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:38:14.0866 3080 QWAVEdrv - ok
08:38:14.0866 3080 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:38:14.0866 3080 RasAcd - ok
08:38:14.0897 3080 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:38:14.0897 3080 RasAgileVpn - ok
08:38:14.0928 3080 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:38:14.0928 3080 RasAuto - ok
08:38:14.0944 3080 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:38:14.0944 3080 Rasl2tp - ok
08:38:14.0990 3080 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:38:14.0990 3080 RasMan - ok
08:38:15.0006 3080 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:38:15.0022 3080 RasPppoe - ok
08:38:15.0022 3080 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:38:15.0022 3080 RasSstp - ok
08:38:15.0053 3080 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:38:15.0068 3080 rdbss - ok
08:38:15.0084 3080 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
08:38:15.0084 3080 rdpbus - ok
08:38:15.0100 3080 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:38:15.0100 3080 RDPCDD - ok
08:38:15.0100 3080 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:38:15.0100 3080 RDPENCDD - ok
08:38:15.0115 3080 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:38:15.0115 3080 RDPREFMP - ok
08:38:15.0162 3080 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:38:15.0162 3080 RDPWD - ok
08:38:15.0193 3080 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:38:15.0193 3080 rdyboost - ok
08:38:15.0224 3080 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:38:15.0224 3080 RemoteAccess - ok
08:38:15.0256 3080 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:38:15.0256 3080 RemoteRegistry - ok
08:38:15.0256 3080 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:38:15.0256 3080 RpcEptMapper - ok
08:38:15.0287 3080 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:38:15.0287 3080 RpcLocator - ok
08:38:15.0334 3080 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:38:15.0334 3080 RpcSs - ok
08:38:15.0365 3080 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:38:15.0365 3080 rspndr - ok
08:38:15.0380 3080 RTL8023x64 (68dd0457d18fccef7384ae84022f0c86) C:\windows\system32\DRIVERS\Rtnic64.sys
08:38:15.0380 3080 RTL8023x64 - ok
08:38:15.0412 3080 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\windows\system32\DRIVERS\Rt64win7.sys
08:38:15.0412 3080 RTL8167 - ok
08:38:15.0443 3080 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:38:15.0443 3080 SamSs - ok
08:38:15.0490 3080 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:38:15.0490 3080 sbp2port - ok
08:38:15.0536 3080 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:38:15.0536 3080 SCardSvr - ok
08:38:15.0552 3080 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:38:15.0552 3080 scfilter - ok
08:38:15.0646 3080 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:38:15.0646 3080 Schedule - ok
08:38:15.0677 3080 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:38:15.0677 3080 SCPolicySvc - ok
08:38:15.0692 3080 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:38:15.0692 3080 SDRSVC - ok
08:38:15.0755 3080 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:38:15.0755 3080 secdrv - ok
08:38:15.0786 3080 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:38:15.0786 3080 seclogon - ok
08:38:15.0817 3080 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:38:15.0817 3080 SENS - ok
08:38:15.0833 3080 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:38:15.0833 3080 SensrSvc - ok
08:38:15.0848 3080 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
08:38:15.0848 3080 Serenum - ok
08:38:15.0864 3080 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
08:38:15.0864 3080 Serial - ok
08:38:15.0880 3080 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
08:38:15.0880 3080 sermouse - ok
08:38:15.0911 3080 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:38:15.0911 3080 SessionEnv - ok
08:38:15.0926 3080 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:38:15.0926 3080 sffdisk - ok
08:38:15.0942 3080 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:38:15.0942 3080 sffp_mmc - ok
08:38:15.0958 3080 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:38:15.0958 3080 sffp_sd - ok
08:38:15.0958 3080 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
08:38:15.0958 3080 sfloppy - ok
08:38:15.0989 3080 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:38:16.0004 3080 ShellHWDetection - ok
08:38:16.0004 3080 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
08:38:16.0004 3080 SiSRaid2 - ok
08:38:16.0004 3080 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
08:38:16.0004 3080 SiSRaid4 - ok
08:38:16.0020 3080 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:38:16.0020 3080 Smb - ok
08:38:16.0067 3080 snapman (10450f432811d7fda60a97fcc674d7b2) C:\windows\system32\DRIVERS\snapman.sys
08:38:16.0067 3080 snapman - ok
08:38:16.0082 3080 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:38:16.0082 3080 SNMPTRAP - ok
08:38:16.0098 3080 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:38:16.0098 3080 spldr - ok
08:38:16.0145 3080 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:38:16.0145 3080 Spooler - ok
08:38:16.0301 3080 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:38:16.0316 3080 sppsvc - ok
08:38:16.0410 3080 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:38:16.0410 3080 sppuinotify - ok
08:38:16.0472 3080 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:38:16.0488 3080 srv - ok
08:38:16.0519 3080 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:38:16.0519 3080 srv2 - ok
08:38:16.0535 3080 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:38:16.0535 3080 srvnet - ok
08:38:16.0550 3080 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:38:16.0550 3080 SSDPSRV - ok
08:38:16.0566 3080 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:38:16.0566 3080 SstpSvc - ok
08:38:16.0597 3080 ssudmdm (c683e87ac3f8eb55735338a6ad5cc096) C:\windows\system32\DRIVERS\ssudmdm.sys
08:38:16.0597 3080 ssudmdm - ok
08:38:16.0613 3080 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
08:38:16.0613 3080 stexstor - ok
08:38:16.0675 3080 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:38:16.0675 3080 stisvc - ok
08:38:16.0691 3080 SuperIO (d310da4bb3d61a52f8c50ddb1a62ff5e) C:\windows\system32\DRIVERS\spio.sys
08:38:16.0691 3080 SuperIO - ok
08:38:16.0722 3080 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
08:38:16.0722 3080 swenum - ok
08:38:16.0753 3080 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:38:16.0753 3080 swprv - ok
08:38:16.0862 3080 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:38:16.0862 3080 SysMain - ok
08:38:16.0987 3080 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:38:16.0987 3080 TabletInputService - ok
08:38:17.0018 3080 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:38:17.0018 3080 TapiSrv - ok
08:38:17.0034 3080 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:38:17.0034 3080 TBS - ok
08:38:17.0206 3080 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:38:17.0221 3080 Tcpip - ok
08:38:17.0377 3080 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:38:17.0393 3080 TCPIP6 - ok
08:38:17.0440 3080 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:38:17.0440 3080 tcpipreg - ok
08:38:17.0471 3080 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:38:17.0471 3080 TDPIPE - ok
08:38:17.0549 3080 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\windows\system32\DRIVERS\tdrpm273.sys
08:38:17.0549 3080 tdrpman273 - ok
08:38:17.0580 3080 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:38:17.0580 3080 TDTCP - ok
08:38:17.0611 3080 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:38:17.0611 3080 tdx - ok
08:38:17.0642 3080 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
08:38:17.0642 3080 TermDD - ok
08:38:17.0689 3080 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:38:17.0689 3080 TermService - ok
08:38:17.0720 3080 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:38:17.0720 3080 Themes - ok
08:38:17.0736 3080 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:38:17.0736 3080 THREADORDER - ok
08:38:17.0814 3080 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\windows\system32\DRIVERS\timntr.sys
08:38:17.0814 3080 timounter - ok
08:38:17.0830 3080 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:38:17.0830 3080 TrkWks - ok
08:38:17.0908 3080 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:38:17.0908 3080 TrustedInstaller - ok
08:38:17.0954 3080 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:38:17.0954 3080 tssecsrv - ok
08:38:17.0986 3080 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:38:17.0986 3080 TsUsbFlt - ok
08:38:18.0001 3080 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:38:18.0001 3080 tunnel - ok
08:38:18.0032 3080 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
08:38:18.0032 3080 uagp35 - ok
08:38:18.0064 3080 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:38:18.0064 3080 udfs - ok
08:38:18.0095 3080 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:38:18.0095 3080 UI0Detect - ok
08:38:18.0126 3080 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:38:18.0126 3080 uliagpkx - ok
08:38:18.0142 3080 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
08:38:18.0142 3080 umbus - ok
08:38:18.0142 3080 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
08:38:18.0142 3080 UmPass - ok
08:38:18.0157 3080 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:38:18.0173 3080 upnphost - ok
08:38:18.0188 3080 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
08:38:18.0204 3080 usbccgp - ok
08:38:18.0220 3080 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:38:18.0220 3080 usbcir - ok
08:38:18.0235 3080 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:38:18.0235 3080 usbehci - ok
08:38:18.0251 3080 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\windows\system32\DRIVERS\usbfilter.sys
08:38:18.0251 3080 usbfilter - ok
08:38:18.0282 3080 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:38:18.0282 3080 usbhub - ok
08:38:18.0298 3080 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
08:38:18.0298 3080 usbohci - ok
08:38:18.0313 3080 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:38:18.0313 3080 usbprint - ok
08:38:18.0329 3080 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\windows\system32\DRIVERS\usbser.sys
08:38:18.0329 3080 usbser - ok
08:38:18.0344 3080 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:38:18.0344 3080 USBSTOR - ok
08:38:18.0360 3080 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
08:38:18.0360 3080 usbuhci - ok
08:38:18.0376 3080 USTOR2K (88ce07826f25b851e824ed2e57106323) C:\windows\system32\DRIVERS\ustor2k.sys
08:38:18.0376 3080 USTOR2K - ok
08:38:18.0391 3080 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:38:18.0391 3080 UxSms - ok
08:38:18.0422 3080 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:38:18.0422 3080 VaultSvc - ok
08:38:18.0422 3080 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:38:18.0422 3080 vdrvroot - ok
08:38:18.0469 3080 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:38:18.0485 3080 vds - ok
08:38:18.0500 3080 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:38:18.0500 3080 vga - ok
08:38:18.0516 3080 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:38:18.0516 3080 VgaSave - ok
08:38:18.0547 3080 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:38:18.0547 3080 vhdmp - ok
08:38:18.0563 3080 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:38:18.0563 3080 viaide - ok
08:38:18.0594 3080 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:38:18.0594 3080 volmgr - ok
08:38:18.0625 3080 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:38:18.0625 3080 volmgrx - ok
08:38:18.0656 3080 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
08:38:18.0672 3080 volsnap - ok
08:38:18.0688 3080 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
08:38:18.0688 3080 vsmraid - ok
08:38:18.0781 3080 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:38:18.0797 3080 VSS - ok
08:38:18.0890 3080 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\System32\drivers\vwifibus.sys
08:38:18.0890 3080 vwifibus - ok
08:38:18.0922 3080 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:38:18.0922 3080 W32Time - ok
08:38:18.0937 3080 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
08:38:18.0937 3080 WacomPen - ok
08:38:18.0953 3080 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:38:18.0953 3080 WANARP - ok
08:38:18.0968 3080 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:38:18.0968 3080 Wanarpv6 - ok
08:38:19.0046 3080 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:38:19.0046 3080 WatAdminSvc - ok
08:38:19.0140 3080 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:38:19.0156 3080 wbengine - ok
08:38:19.0265 3080 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:38:19.0280 3080 WbioSrvc - ok
08:38:19.0312 3080 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:38:19.0312 3080 wcncsvc - ok
08:38:19.0312 3080 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:38:19.0312 3080 WcsPlugInService - ok
08:38:19.0358 3080 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
08:38:19.0358 3080 Wd - ok
08:38:19.0421 3080 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:38:19.0436 3080 Wdf01000 - ok
08:38:19.0452 3080 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:38:19.0452 3080 WdiServiceHost - ok
08:38:19.0468 3080 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:38:19.0468 3080 WdiSystemHost - ok
08:38:19.0499 3080 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:38:19.0514 3080 WebClient - ok
08:38:19.0530 3080 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:38:19.0530 3080 Wecsvc - ok
08:38:19.0546 3080 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:38:19.0546 3080 wercplsupport - ok
08:38:19.0561 3080 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:38:19.0561 3080 WerSvc - ok
08:38:19.0608 3080 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:38:19.0608 3080 WfpLwf - ok
08:38:19.0624 3080 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:38:19.0624 3080 WIMMount - ok
08:38:19.0639 3080 WinHttpAutoProxySvc - ok
08:38:19.0655 3080 WinI2C-DDC (66c365b542195c1f6e2ff4a7d8f3827c) C:\windows\system32\drivers\DDCDrv.sys
08:38:19.0655 3080 WinI2C-DDC - ok
08:38:19.0717 3080 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:38:19.0717 3080 Winmgmt - ok
08:38:19.0858 3080 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:38:19.0873 3080 WinRM - ok
08:38:19.0982 3080 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:38:19.0982 3080 WinUsb - ok
08:38:20.0045 3080 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:38:20.0045 3080 Wlansvc - ok
08:38:20.0107 3080 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:38:20.0107 3080 wlcrasvc - ok
08:38:20.0279 3080 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:38:20.0294 3080 wlidsvc - ok
08:38:20.0435 3080 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
08:38:20.0435 3080 WmiAcpi - ok
08:38:20.0497 3080 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:38:20.0497 3080 wmiApSrv - ok
08:38:20.0528 3080 WMPNetworkSvc - ok
08:38:20.0544 3080 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:38:20.0544 3080 WPCSvc - ok
08:38:20.0575 3080 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:38:20.0591 3080 WPDBusEnum - ok
08:38:20.0606 3080 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:38:20.0606 3080 ws2ifsl - ok
08:38:20.0606 3080 WSearch - ok
08:38:20.0700 3080 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
08:38:20.0700 3080 wsvd - ok
08:38:20.0731 3080 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:38:20.0731 3080 WudfPf - ok
08:38:20.0747 3080 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
08:38:20.0747 3080 WUDFRd - ok
08:38:20.0778 3080 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:38:20.0778 3080 wudfsvc - ok
08:38:20.0809 3080 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:38:20.0809 3080 WwanSvc - ok
08:38:20.0840 3080 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\windows\system32\DRIVERS\yk62x64.sys
08:38:20.0856 3080 yukonw7 - ok
08:38:20.0872 3080 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:38:21.0152 3080 \Device\Harddisk0\DR0 - ok
08:38:21.0152 3080 MBR (0x1B8) (973e9ba32fdbb305c552ed3e1ebf0686) \Device\Harddisk1\DR4
08:38:21.0308 3080 \Device\Harddisk1\DR4 - ok
08:38:21.0308 3080 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk3\DR3
08:38:21.0464 3080 \Device\Harddisk3\DR3 - ok
08:38:21.0464 3080 Boot (0x1200) (4dd8aa9edfabf2895d06d033c35126ce) \Device\Harddisk0\DR0\Partition0
08:38:21.0480 3080 \Device\Harddisk0\DR0\Partition0 - ok
08:38:21.0480 3080 Boot (0x1200) (412c5f5d45b3848ea41ec24251c4ad2c) \Device\Harddisk0\DR0\Partition1
08:38:21.0496 3080 \Device\Harddisk0\DR0\Partition1 - ok
08:38:21.0496 3080 Boot (0x1200) (18b9b2ab3c3b092a7081d84e7c3c5e52) \Device\Harddisk1\DR4\Partition0
08:38:21.0496 3080 \Device\Harddisk1\DR4\Partition0 - ok
08:38:21.0496 3080 Boot (0x1200) (b4acc28443f3a0af31da6817f4d4d2cb) \Device\Harddisk3\DR3\Partition0
08:38:21.0496 3080 \Device\Harddisk3\DR3\Partition0 - ok
08:38:21.0496 3080 ============================================================
08:38:21.0496 3080 Scan finished
08:38:21.0496 3080 ============================================================
08:38:21.0511 2900 Detected object count: 0
08:38:21.0511 2900 Actual detected object count: 0
08:39:03.0756 4340 Deinitialize success

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-09 08:40:11
-----------------------------
08:40:11.169 OS Version: Windows x64 6.1.7601 Service Pack 1
08:40:11.169 Number of processors: 2 586 0x603
08:40:11.169 ComputerName: SHAWNS UserName:
08:40:12.510 Initialize success
08:41:10.699 AVAST engine defs: 12080900
08:50:22.581 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:50:22.581 Disk 0 Vendor: WDC_WD5000AAKX-083CA0 15.01H15 Size: 476940MB BusType: 3
08:50:22.597 Disk 0 MBR read successfully
08:50:22.612 Disk 0 MBR scan
08:50:22.628 Disk 0 Windows 7 default MBR code
08:50:22.628 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:50:22.659 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 451164 MB offset 206848
08:50:22.721 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 924190720
08:50:22.799 Disk 0 scanning C:\windows\system32\drivers
08:50:32.893 Service scanning
08:50:55.731 Modules scanning
08:50:55.747 Disk 0 trace - called modules:
08:50:55.762 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
08:50:55.778 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c215d0]
08:50:55.778 3 CLASSPNP.SYS[fffff8800148b43f] -> nt!IofCallDriver -> [0xfffffa8004ba6e40]
08:50:55.793 5 ACPI.sys[fffff88000f6e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004ba3060]
08:50:57.229 AVAST engine scan C:\windows
08:51:02.127 AVAST engine scan C:\windows\system32
08:55:24.129 AVAST engine scan C:\windows\system32\drivers
08:55:36.563 AVAST engine scan C:\Users\Security Camera
08:57:04.625 Disk 0 MBR has been saved successfully to "C:\Users\Security Camera\Desktop\MBR.dat"
08:57:04.672 The log file has been saved successfully to "C:\Users\Security Camera\Desktop\aswMBR.txt"

C:\Users\Security Camera\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YC4HBWSH\mos[1].js HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Security Camera\AppData\Local\Temp\nse80DB.tmp\strngctrlr.exe Win32/InstallMonetizer.AC application cleaned by deleting - quarantined

3 logs total

Thanks
Shawn

#4 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 09 August 2012 - 10:03 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 got me too

New Member

Members
7 posts

Posted 09 August 2012 - 11:49 AM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.09.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Security Camera :: SHAWNS [administrator]

8/9/2012 11:15:41 AM
mbam-log-2012-08-09 (11-15-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 357415
Time elapsed: 33 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Security Camera (administrator) on 09-08-2012 at 12:17:58
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=10.88.2.129 publish=Yes
add address name="Local Area Connection" address=10.88.2.130 mask=255.255.255.0

popd
# End of IPv4 configuration

Windows IP Configuration

Host Name . . . . . . . . . . . . : Shawns
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 10-78-D2-CB-BE-92
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::3d97:2040:8120:465%10(Preferred)
IPv4 Address. . . . . . . . . . . : 10.88.2.130(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.88.2.129
DHCPv6 IAID . . . . . . . . . . . : 235960530
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-FB-5E-BA-10-78-D2-CB-BE-92
DNS Servers . . . . . . . . . . . : 24.92.226.11
24.92.226.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0553DA76-4CF6-4677-AFBB-AAAC2518D3EE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-comm-cac-lb-01.nyroc.rr.com
Address: 24.92.226.11

Name: google.com
Addresses: 2607:f8b0:4004:801::1007
74.125.228.78
74.125.228.64
74.125.228.65
74.125.228.66
74.125.228.67
74.125.228.68
74.125.228.69
74.125.228.70
74.125.228.71
74.125.228.72
74.125.228.73

Pinging google.com [74.125.228.104] with 32 bytes of data:
Reply from 74.125.228.104: bytes=32 time=59ms TTL=53
Reply from 74.125.228.104: bytes=32 time=54ms TTL=53

Ping statistics for 74.125.228.104:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 59ms, Average = 56ms
Server: dns-comm-cac-lb-01.nyroc.rr.com
Address: 24.92.226.11

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=77ms TTL=51
Reply from 209.191.122.70: bytes=32 time=71ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 71ms, Maximum = 77ms, Average = 74ms
Server: dns-comm-cac-lb-01.nyroc.rr.com
Address: 24.92.226.11

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...10 78 d2 cb be 92 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.88.2.129 10.88.2.130 276
10.88.2.0 255.255.255.0 On-link 10.88.2.130 276
10.88.2.130 255.255.255.255 On-link 10.88.2.130 276
10.88.2.255 255.255.255.255 On-link 10.88.2.130 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.88.2.130 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.88.2.130 276
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 10.88.2.129 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::3d97:2040:8120:465/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/09/2012 08:59:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 08:59:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/09/2012 08:34:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/08/2012 01:58:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.
.

Error: (08/08/2012 01:56:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: KiesPDLR.exe, version: 1.0.0.0, time stamp: 0x4fe235de
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e211319
Exception code: 0xe0434352
Fault offset: 0x0000b9bc
Faulting process id: 0x930
Faulting application start time: 0xKiesPDLR.exe0
Faulting application path: KiesPDLR.exe1
Faulting module path: KiesPDLR.exe2
Report Id: KiesPDLR.exe3

Error: (08/08/2012 01:56:08 PM) (Source: .NET Runtime) (User: )
Description: Application: KiesPDLR.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Windows.Markup.XamlParseException
Stack:
at System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri)
at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
at System.Windows.Application.LoadComponent(System.Uri, Boolean)
at System.Windows.Application.DoStartup()
at System.Windows.Application.<.ctor>b__1(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.DispatcherOperation.InvokeImpl()
at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
at System.Threading.ExecutionContext.runTryCode(System.Object)
at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Windows.Threading.DispatcherOperation.Invoke()
at System.Windows.Threading.Dispatcher.ProcessQueue()
at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.InvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
at System.Windows.Application.RunDispatcher(System.Object)
at System.Windows.Application.RunInternal(System.Windows.Window)
at System.Windows.Application.Run(System.Windows.Window)
at KiesPDLR.App.Main()

Error: (08/08/2012 01:42:43 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.
.

Error: (08/08/2012 01:39:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.

Details:
Could not query the status of the EventSystem service.

System Error:
The RPC server is unavailable.
.

Error: (08/08/2012 01:30:47 PM) (Source: Microsoft Office 12) (User: )
Description: Rejected Safe Mode action : Microsoft Office Outlook.

Error: (08/08/2012 01:27:23 PM) (Source: DYMO Pnp Service) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

System errors:
=============
Error: (08/09/2012 11:57:57 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/09/2012 11:57:57 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/09/2012 11:57:15 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.

Error: (08/09/2012 11:56:44 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (08/09/2012 11:56:37 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (08/09/2012 11:55:59 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/09/2012 08:23:49 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/09/2012 08:23:49 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/09/2012 08:23:21 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the QBCFMonitorService service to connect.

Error: (08/09/2012 08:22:50 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Microsoft Office Sessions:
=========================
Error: (04/27/2012 10:04:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18144 seconds with 360 seconds of active time. This session ended with a crash.

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acronis True Image Home 2011 (Version: 14.0.6942)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AMD USB Filter Driver (Version: 1.0.15.94)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Belarc Advisor 8.2 (Version: 8.2.1.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full Existing (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full New (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Light (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Common (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0302.2233.40412)
Catalyst Control Center InstallProxy (Version: 2010.0302.2233.40412)
Catalyst Control Center Localization All (Version: 2010.0302.2233.40412)
ccc-core-static (Version: 2010.0302.2233.40412)
ccc-utility64 (Version: 2010.0302.2233.40412)
CCC Help Chinese Standard (Version: 2010.0302.2232.40412)
CCC Help Chinese Traditional (Version: 2010.0302.2232.40412)
CCC Help Czech (Version: 2010.0302.2232.40412)
CCC Help Danish (Version: 2010.0302.2232.40412)
CCC Help Dutch (Version: 2010.0302.2232.40412)
CCC Help English (Version: 2010.0302.2232.40412)
CCC Help Finnish (Version: 2010.0302.2232.40412)
CCC Help French (Version: 2010.0302.2232.40412)
CCC Help German (Version: 2010.0302.2232.40412)
CCC Help Greek (Version: 2010.0302.2232.40412)
CCC Help Hungarian (Version: 2010.0302.2232.40412)
CCC Help Italian (Version: 2010.0302.2232.40412)
CCC Help Japanese (Version: 2010.0302.2232.40412)
CCC Help Korean (Version: 2010.0302.2232.40412)
CCC Help Norwegian (Version: 2010.0302.2232.40412)
CCC Help Polish (Version: 2010.0302.2232.40412)
CCC Help Portuguese (Version: 2010.0302.2232.40412)
CCC Help Russian (Version: 2010.0302.2232.40412)
CCC Help Spanish (Version: 2010.0302.2232.40412)
CCC Help Swedish (Version: 2010.0302.2232.40412)
CCC Help Thai (Version: 2010.0302.2232.40412)
CCC Help Turkish (Version: 2010.0302.2232.40412)
D3DX10 (Version: 15.4.2368.0902)
Dropbox (Version: 1.4.11)
DYMO Label v.8 (Version: 8.3.1.1332)
DYMO Stamps (Version: 3.1)
Eagle for Windows
ESET Online Scanner v3
FanSpeedControl (Version: 1.00.00.13)
Genesys USB Mass Storage Device (Version: 3.0.4.9)
Google Calendar Sync
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
GoToAssist Corporate (Version: 10.2.0.822)
GoToMyPC (Version: 8.0.670)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 26 (64-bit) (Version: 6.0.260)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo Driver and Application Installation (Version: 5.10.1809)
Lenovo Dynamic Brightness System (Version: 4.0.00.19120)
Lenovo Eye Distance System (Version: 4.0.00.16300)
Lenovo Power2Go (Version: 6.0.3720)
Lenovo Rescue System (Version: 3.0.1409)
Lenovo USB2.0 UVC Camera (Version: 1.00.0000)
LVT (Version: 4.1.2.0919)
LXH-JME2207FN Hotkey Driver (Version: 5.1.0804)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MyPhoneExplorer (Version: 1.8.2)
Nitro Reader 2 (Version: 2.1.1.3)
Paint.NET v3.5.10 (Version: 3.60.0)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
QBFC 4.0 (Version: 4.0.00168.0)
QuickBooks (Version: 20.0.4015.807)
QuickBooks Pro 2010 (Version: 20.0.4015.807)
Realtek Ethernet Controller All-In-One Windows Driver (Version: 1.12.0007)
Realtek High Definition Audio Driver (Version: 6.0.1.6043)
RealVu (Version: 1.0.0.0)
RoboForm 7-7-7-1 (All Users) (Version: 7-7-7-1)
Samsung Kies (Version: 2.3.2.12064_9)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.6.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 3838.05 MB
Available physical RAM: 2450.63 MB
Total Pagefile: 7674.29 MB
Available Pagefile: 5985.22 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.52 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:440.59 GB) (Free:377.18 GB) NTFS
4 Drive f: (Expansion Drive) (Fixed) (Total:465.76 GB) (Free:215.77 GB) NTFS
5 Drive g: (4GB THUMB) (Removable) (Total:3.76 GB) (Free:3.46 GB) FAT32

========================= Users: ========================================

User accounts for \\SHAWNS

Administrator Guest Security Camera

**** End of log ****

Farbar Service Scanner Version: 06-08-2012
Ran by Security Camera (administrator) on 09-08-2012 at 12:43:39
Running from "C:\Users\Security Camera\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.

Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

# AdwCleaner v1.800 - Logfile created 08/09/2012 at 12:23:16
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Security Camera - SHAWNS
# Running from : C:\Users\Security Camera\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\Security Camera\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1302 octets] - [09/08/2012 12:23:16]

########## EOF - C:\AdwCleaner[S1].txt - [1430 octets] ##########

Thanks
Shawn

#6 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 09 August 2012 - 01:10 PM

Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts

Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 got me too

New Member

Members
7 posts

Posted 09 August 2012 - 02:15 PM

FSS LOG

Farbar Service Scanner Version: 06-08-2012
Ran by Security Camera (administrator) on 09-08-2012 at 15:11:54
Running from "C:\Users\Security Camera\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Thanks again
Shawn

#8 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 09 August 2012 - 03:14 PM

Any current issues?

#9 got me too

New Member

Members
7 posts

Posted 10 August 2012 - 10:15 AM

When I try and turn on Windows firewall the system will not do it saying it's controlled by group policy and only an administrator can do it. There is only one user set up and it an Adminstator. My OS is Win7 HP.

#10 got me too

New Member

Members
7 posts

Posted 10 August 2012 - 10:17 AM

Also I see others have also run TFC.exe when correcting this type of issue. Should i?

#11 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 10 August 2012 - 02:24 PM

Press Windows+R key and type

regedit and click ok

Go to this entry

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

On right side,change the value

"EnableFirewall" to 1

Now try to start windows firewall

#12 got me too

New Member

Members
7 posts

Posted 13 August 2012 - 11:18 AM

That regedit worked for the firewall issue. It is "On" now. I do find it odd that when I am on the Firewall settings page that Windows tells me "For your security some settings are managed by your system adminstrator." I am the only user setup in UAC and I'm set to Adminstrator. Could the malware have affected my Administrator privelages? Other than that all is well...

Thanks a lot. I really appreciate your help with this.
Shawn

#13 narenxp

Forum Addict

BC Advisor
16,365 posts

Gender:Male
Location:India

Posted 13 August 2012 - 12:11 PM

That regedit worked for the firewall issue. It is "On" now. I do find it odd that when I am on the Firewall settings page that Windows tells me "For your security some settings are managed by your system adminstrator." I am the only user setup in UAC and I'm set to Adminstrator. Could the malware have affected my Administrator privelages

I have not seen malware affecting this key in recent times.If there was nothing done from your side then its mostly likely due to malware.

safe surfing

Back to Am I infected? What do I do?