Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

W3i.IQ5.fraud


  • This topic is locked This topic is locked
17 replies to this topic

#1 btbraun

btbraun

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 18 August 2012 - 05:04 PM

Spybot found W3i.IQ5.fraud but it won't remove it. I've had to use system restore a few times because I've blue screened since it found it. Just when I think I've removed it, it comes back. Can anyone tell me if there is a safe way to remove it manually?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:36 AM

Posted 18 August 2012 - 09:35 PM

Hello, Did you update spybot before running?

Please run these next.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the [COLOR="Red"]save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 20 August 2012 - 03:43 PM

Hi Boopme,

I am going to take the steps outlined above but your first question made me stop and want to reply specifically to it first - before I take any action because I don't think I was very clear. I apologize.

When I ran spybot, did run the most up to date version. Once it identifies the problem I think it quarantines it, which at first makes me comfortable. However, after that point whenever I run SUPERAntiSpyware it finds 4 or more infections each time I leave the internet. That in itself is very unusual. I’ve been running it for years and it rarely finds anything.

When I remove the infections a few times from subsequent visits to the net, my system seems to become unstable – blue screens have been the most recent. In an effort to try to avoid a systemic crash, what I’ve done is gone back and did a system restore to before I downloaded spybot.

Where I am currently is this; I am at a pre spybot download system restore point and I have uninstalled W3i.IQ5 from the computer using Revo Uninstaller. The current behavior leads me to believe that a root or a Trojan still exists. One of the other items that spybot had found was Ad.FLVPlayer .

*Based on this new information; are your instructions still the same or have they changed? Thank you so much for helping me.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:36 AM

Posted 20 August 2012 - 03:50 PM

Ok, I asked as I noticed the latest Spybot updates should remove this.

Is SAS (SUPERAntiSpyware)reporting more than cookies?
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#5 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 20 August 2012 - 09:07 PM

Just tracking cookies. I've never had so many tracking cookies return after SAS removes them and I reboot.

MiniToolBox by Farbar Version: 23-07-2012
Ran by btbraun_rsmc (administrator) on 20-08-2012 at 20:13:54
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Disconnected)
Intel® Centrino® WiMAX 6150 = Local Area Connection 2 (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global sourceroutingbehavior=drop
set subinterface interface=?/) subinterface=ethernet_9 mtu=1400


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : btbraun_rsmc-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : clearwire-wmx.net

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : clearwire-wmx.net
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6150
Physical Address. . . . . . . . . : 64-D4-DA-62-59-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c935:18a1:5466:133e%16(Preferred)
IPv4 Address. . . . . . . . . . . : 75.92.253.255(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.192.0
Lease Obtained. . . . . . . . . . : Monday, August 20, 2012 8:58:52 AM
Lease Expires . . . . . . . . . . : Tuesday, August 21, 2012 8:58:52 AM
Default Gateway . . . . . . . . . : 75.92.192.1
DHCP Server . . . . . . . . . . . : 64.13.84.152
DHCPv6 IAID . . . . . . . . . . . : 291820762
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-0B-EB-09-54-04-A6-1C-36-18
DNS Servers . . . . . . . . . . . : 66.233.164.12
64.13.115.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 40-25-C2-72-25-85
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-72-25-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 54-04-A6-1C-36-18
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c2a:6d8:b4a3:200(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c2a:6d8:b4a3:200%12(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{DA2359A8-B239-4653-997A-67B203698C4C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D536F0C2-267A-4273-8D91-DB47AB4EBF1F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Connection-specific DNS Suffix . : clearwire-wmx.net
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:4b5c:fdff::4b5c:fdff(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301
DNS Servers . . . . . . . . . . . : 66.233.164.12
64.13.115.12
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{B7E348B6-DD22-49B8-9431-2E52C3BE6958}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.clearwire-wmx.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : clearwire-wmx.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 66.233.164.12

Name: google.com
Addresses: 2607:f8b0:4009:801::1002
74.125.225.64
74.125.225.71
74.125.225.69
74.125.225.73
74.125.225.68
74.125.225.78
74.125.225.65
74.125.225.66
74.125.225.72
74.125.225.70
74.125.225.67


Pinging google.com [74.125.225.66] with 32 bytes of data:
Reply from 74.125.225.66: bytes=32 time=99ms TTL=57
Reply from 74.125.225.66: bytes=32 time=88ms TTL=57

Ping statistics for 74.125.225.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 88ms, Maximum = 99ms, Average = 93ms
Server: UnKnown
Address: 66.233.164.12

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=296ms TTL=54
Reply from 98.139.183.24: bytes=32 time=206ms TTL=54

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 206ms, Maximum = 296ms, Average = 251ms
Server: UnKnown
Address: 66.233.164.12

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...64 d4 da 62 59 e7 ......Intel® Centrino® WiMAX 6150
15...40 25 c2 72 25 85 ......Microsoft Virtual WiFi Miniport Adapter #2
13...40 25 c2 72 25 84 ......Intel® Centrino® Wireless-N 6150
11...54 04 a6 1c 36 18 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 75.92.192.1 75.92.253.255 20
75.92.192.0 255.255.192.0 On-link 75.92.253.255 276
75.92.253.255 255.255.255.255 On-link 75.92.253.255 276
75.92.255.255 255.255.255.255 On-link 75.92.253.255 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 75.92.253.255 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 75.92.253.255 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 1125 ::/0 2002:c058:6301::c058:6301
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:953c:2c2a:6d8:b4a3:200/128
On-link
17 1025 2002::/16 On-link
17 281 2002:4b5c:fdff::4b5c:fdff/128
On-link
16 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::2c2a:6d8:b4a3:200/128
On-link
16 276 fe80::c935:18a1:5466:133e/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
16 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Program Files (x86)\SpeedBit Video Accelerator\SBLSP.dll [168136] (SpeedBit)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/20/2012 08:07:52 PM) (Source: Application Hang) (User: )
Description: The program winpoint.exe version 7.6.1419.531 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 159c

Start Time: 01cd7f063de3b409

Termination Time: 40

Application Path: C:\winpoint\winpoint.exe

Report Id: 9d00bb2f-eb2c-11e1-b677-5404a61c3618

Error: (08/20/2012 07:14:46 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 19:14:46.235]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 07:14:46 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 19:14:46.235]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 07:12:14 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 19:12:14.362]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 07:12:14 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 19:12:14.362]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 07:02:16 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 19:02:16.781]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 07:02:16 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 19:02:16.781]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 06:58:07 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 18:58:07.135]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 06:58:07 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 18:58:07.135]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 06:44:35 PM) (Source: Brother BrLog) (User: )
Description: TWN BrtTWN: [2012/08/20 18:44:35.870]: [00004724]: Initialize TwdsMain Class failed!


System errors:
=============
Error: (08/19/2012 08:04:46 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.2322.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/18/2012 10:16:59 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error: (08/18/2012 10:16:14 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/18/2012 05:46:31 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error: (08/18/2012 05:46:06 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/18/2012 04:18:58 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PxHelp20

Error: (08/18/2012 04:18:29 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\PxHelp20.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/18/2012 04:18:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted: %24

Error Code: 0x80070002

Error description: The system cannot find the file specified.

Signature version: 1.131.1989.0;1.131.1989.0

Engine version: %600

Error: (08/18/2012 04:14:46 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VideoAcceleratorService service.

Error: (08/18/2012 08:40:18 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{78c518ee-7d1d-11e1-ad59-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{6408C4A4-EF41-4848-A620-AD6ED2208140}


Microsoft Office Sessions:
=========================
Error: (08/20/2012 08:07:52 PM) (Source: Application Hang)(User: )
Description: winpoint.exe7.6.1419.531159c01cd7f063de3b40940C:\winpoint\winpoint.exe9d00bb2f-eb2c-11e1-b677-5404a61c3618

Error: (08/20/2012 07:14:46 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 19:14:46.235]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 07:14:46 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 19:14:46.235]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 07:12:14 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 19:12:14.362]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 07:12:14 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 19:12:14.362]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 07:02:16 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 19:02:16.781]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 07:02:16 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 19:02:16.781]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 06:58:07 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 18:58:07.135]: [00004724]: Initialize TwdsMain Class failed!

Error: (08/20/2012 06:58:07 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 18:58:07.135]: [00004724]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (08/20/2012 06:44:35 PM) (Source: Brother BrLog)(User: )
Description: TWNBrtTWN: [2012/08/20 18:44:35.870]: [00004724]: Initialize TwdsMain Class failed!


=========================== Installed Programs ============================

Adobe AIR (Version: 3.3.0.3670)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Adobe Support Advisor (Version: 1.6.0)
Adobe Support Advisor (Version: 1.6.0.20110628)
Akamai NetSession Interface
Alcor Micro USB Card Reader (Version: 1.7.17.25416)
ASUS FancyStart (Version: 1.1.1)
ASUS LifeFrame3 (Version: 3.0.21)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.43)
ASUS Secure Delete (Version: 1.00.0006)
ASUS SmartLogon (Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0033)
ASUS U Series ScreenSaver (Version: 1.0.0002)
ASUS USB Charger Plus (Version: 2.0.2)
ASUS Virtual Camera (Version: 1.0.21)
ATK Package (Version: 1.0.0008)
Bing Bar (Version: 7.1.391.0)
Brother MFL-Pro Suite MFC-7860DW (Version: 1.0.7.0)
CCleaner (Version: 3.18)
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
eFax Messenger (Version: 4.4.1.528)
eReg (Version: 1.20.138.34)
erLT (Version: 1.20.0137)
ETDWare PS/2-X64 8.0.5.0_WHQL (Version: 8.0.5.0)
Fast Boot (Version: 1.0.10)
FLV Player
Fresco Logic USB3.0 Host Controller (Version: 3.0.119.1)
Intel PROSet Wireless
Intel® Processor Graphics (Version: 8.15.10.2656)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.1.0170)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Intel® WiDi (Version: 2.1.35.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.01.1500.1034)
Intel® PROSet/Wireless WiMAX Software (Version: 6.02.0000)
InterActual Player
Internet Explorer (Enable DEP)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 33 (64-bit) (Version: 6.0.330)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
Java™ 7 Update 5 (Version: 7.0.50)
Junk Mail filter update (Version: 15.4.3502.0922)
LinkedIn Outlook Connector (Version: 1.1.10.0)
Logitech SetPoint 6.32 (Version: 6.32.20)
Loki ActiveX Control (Version: 3.4.2.20)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (64-bit) (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Communicator 2007 R2 (Version: 3.5.6907.253)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Facebook 32-bit (Version: 14.0.6114.5003)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC90_CRT_x86 (Version: 1.0.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
PaperPort Image Printer 64-bit (Version: 1.00.0000)
PC Tools Performance Toolkit 2.0 (Version: 2.0)
PDF-Viewer (Version: 2.5.204.0)
Picasa 3 (Version: 3.8)
Point (Version: 1.0.0.370)
Point 7.5 SP1 (Version: 7.5.1381)
Point 7.6 (Version: 7.6.1417)
Point 7.6 SP1 (Version: 7.6.1419)
Point Old Verison Clean up Tool
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
Realtek High Definition Audio Driver (Version: 6.0.1.6428)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.94 (Version: 1.94)
SceneSwitch (Version: 1.0.6)
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
SUPERAntiSpyware (Version: 5.0.1134)
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.5.5.0)
TweakMASTER (Version: 3.14)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows 7 Codec Pack 4.0.2 (Version: 4.0.2)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.31.1)
Wireless Console 3 (Version: 3.0.27)
WModem Driver Installer (Version: 2.0.6.9)
Xobni (Version: 2.0.3.13734)
Xobni Core (Version: 1.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 8102.76 MB
Available physical RAM: 5122.77 MB
Total Pagefile: 16203.71 MB
Available Pagefile: 12715.86 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.9 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:898.18 GB) (Free:693.89 GB) NTFS

========================= Users: ========================================

User accounts for \\BTBRAUN_RSMC-PC

Administrator btbraun_rsmc Guest


**** End of log ****


20:19:17.0163 7772 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
20:19:17.0880 7772 ============================================================
20:19:17.0880 7772 Current date / time: 2012/08/20 20:19:17.0880
20:19:17.0880 7772 SystemInfo:
20:19:17.0880 7772
20:19:17.0880 7772 OS Version: 6.1.7601 ServicePack: 1.0
20:19:17.0880 7772 Product type: Workstation
20:19:17.0880 7772 ComputerName: BTBRAUN_RSMC-PC
20:19:17.0880 7772 UserName: btbraun_rsmc
20:19:17.0880 7772 Windows directory: C:\Windows
20:19:17.0880 7772 System windows directory: C:\Windows
20:19:17.0880 7772 Running under WOW64
20:19:17.0880 7772 Processor architecture: Intel x64
20:19:17.0880 7772 Number of processors: 4
20:19:17.0880 7772 Page size: 0x1000
20:19:17.0880 7772 Boot type: Normal boot
20:19:17.0880 7772 ============================================================
20:19:18.0582 7772 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:19:18.0629 7772 ============================================================
20:19:18.0629 7772 \Device\Harddisk0\DR0:
20:19:18.0629 7772 MBR partitions:
20:19:18.0629 7772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x42AA000, BlocksNum 0x7045C800
20:19:18.0629 7772 ============================================================
20:19:18.0660 7772 C: <-> \Device\Harddisk0\DR0\Partition1
20:19:18.0660 7772 ============================================================
20:19:18.0660 7772 Initialize success
20:19:18.0660 7772 ============================================================
20:19:21.0000 8000 ============================================================
20:19:21.0000 8000 Scan started
20:19:21.0000 8000 Mode: Manual;
20:19:21.0000 8000 ============================================================
20:19:21.0281 8000 ================ Scan system memory ========================
20:19:21.0281 8000 System memory - ok
20:19:21.0281 8000 ================ Scan services =============================
20:19:21.0359 8000 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:19:21.0359 8000 !SASCORE - ok
20:19:21.0546 8000 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:19:21.0546 8000 1394ohci - ok
20:19:21.0656 8000 A2DDA - ok
20:19:21.0718 8000 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:19:21.0718 8000 ACPI - ok
20:19:21.0780 8000 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:19:21.0780 8000 AcpiPmi - ok
20:19:21.0874 8000 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:19:21.0874 8000 AdobeARMservice - ok
20:19:22.0030 8000 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:19:22.0046 8000 AdobeFlashPlayerUpdateSvc - ok
20:19:22.0108 8000 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:19:22.0124 8000 adp94xx - ok
20:19:22.0186 8000 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:19:22.0202 8000 adpahci - ok
20:19:22.0233 8000 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:19:22.0233 8000 adpu320 - ok
20:19:22.0264 8000 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:19:22.0264 8000 AeLookupSvc - ok
20:19:22.0326 8000 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:19:22.0342 8000 AFD - ok
20:19:22.0389 8000 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:19:22.0389 8000 agp440 - ok
20:19:22.0451 8000 [ 14370049D8C9912EAC7603809A77C378 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
20:19:22.0451 8000 AiCharger - ok
20:19:22.0514 8000 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:19:22.0514 8000 ALG - ok
20:19:22.0576 8000 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:19:22.0576 8000 aliide - ok
20:19:22.0592 8000 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:19:22.0592 8000 amdide - ok
20:19:22.0654 8000 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:19:22.0654 8000 AmdK8 - ok
20:19:22.0670 8000 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:19:22.0670 8000 AmdPPM - ok
20:19:22.0716 8000 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:19:22.0716 8000 amdsata - ok
20:19:22.0763 8000 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:19:22.0779 8000 amdsbs - ok
20:19:22.0794 8000 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:19:22.0794 8000 amdxata - ok
20:19:22.0857 8000 [ B147910D07F862F1F5B7B80BF5D800BF ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
20:19:22.0872 8000 AMPPAL - ok
20:19:22.0919 8000 [ B147910D07F862F1F5B7B80BF5D800BF ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
20:19:22.0935 8000 AMPPALP - ok
20:19:23.0013 8000 [ 86DC20FF914596983023E9E4544667EE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:19:23.0028 8000 AMPPALR3 - ok
20:19:23.0106 8000 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:19:23.0106 8000 AppID - ok
20:19:23.0138 8000 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:19:23.0138 8000 AppIDSvc - ok
20:19:23.0153 8000 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:19:23.0153 8000 Appinfo - ok
20:19:23.0216 8000 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:19:23.0216 8000 AppMgmt - ok
20:19:23.0263 8000 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
20:19:23.0263 8000 arc - ok
20:19:23.0294 8000 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:19:23.0294 8000 arcsas - ok
20:19:23.0356 8000 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:19:23.0356 8000 ASLDRService - ok
20:19:23.0387 8000 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:19:23.0387 8000 ASMMAP64 - ok
20:19:23.0434 8000 [ A7E7AE771A2FCDBD5F28910A38D9A82C ] assd C:\Windows\system32\drivers\assd.sys
20:19:23.0434 8000 assd - ok
20:19:23.0481 8000 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:19:23.0481 8000 AsyncMac - ok
20:19:23.0528 8000 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:19:23.0543 8000 atapi - ok
20:19:23.0575 8000 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:19:23.0575 8000 ATKGFNEXSrv - ok
20:19:23.0637 8000 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:19:23.0637 8000 ATKWMIACPIIO - ok
20:19:23.0715 8000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:19:23.0731 8000 AudioEndpointBuilder - ok
20:19:23.0746 8000 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:19:23.0762 8000 AudioSrv - ok
20:19:23.0809 8000 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:19:23.0809 8000 AxInstSV - ok
20:19:23.0902 8000 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:19:23.0918 8000 b06bdrv - ok
20:19:23.0980 8000 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:19:23.0980 8000 b57nd60a - ok
20:19:24.0105 8000 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
20:19:24.0105 8000 BBSvc - ok
20:19:24.0167 8000 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
20:19:24.0167 8000 BBUpdate - ok
20:19:24.0214 8000 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:19:24.0214 8000 BDESVC - ok
20:19:24.0261 8000 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:19:24.0261 8000 Beep - ok
20:19:24.0339 8000 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:19:24.0370 8000 BFE - ok
20:19:24.0417 8000 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:19:24.0464 8000 BITS - ok
20:19:24.0511 8000 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:19:24.0511 8000 blbdrive - ok
20:19:24.0557 8000 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:19:24.0557 8000 bowser - ok
20:19:24.0604 8000 [ 0AA04E09C6B7CD806A64489C3078E6E1 ] bpenum C:\Windows\system32\DRIVERS\bpenum.sys
20:19:24.0620 8000 bpenum - ok
20:19:24.0635 8000 [ 960F860F4C3C469BAE94B3E867116AE0 ] bpmp C:\Windows\system32\DRIVERS\bpmp.sys
20:19:24.0635 8000 bpmp - ok
20:19:24.0667 8000 [ 7959EC01D55B9D838C27D5153CF55858 ] bpusb C:\Windows\system32\Drivers\bpusb.sys
20:19:24.0667 8000 bpusb - ok
20:19:24.0713 8000 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:19:24.0713 8000 BrFiltLo - ok
20:19:24.0729 8000 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:19:24.0729 8000 BrFiltUp - ok
20:19:24.0791 8000 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:19:24.0807 8000 Browser - ok
20:19:24.0854 8000 [ E5E9B1625A767CEB6F319C12D33EAB78 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
20:19:24.0854 8000 BrSerIb - ok
20:19:24.0916 8000 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\system32\DRIVERS\BrSerId.sys
20:19:24.0916 8000 Brserid - ok
20:19:24.0932 8000 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:19:24.0947 8000 BrSerWdm - ok
20:19:24.0994 8000 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:19:24.0994 8000 BrUsbMdm - ok
20:19:25.0010 8000 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
20:19:25.0010 8000 BrUsbSer - ok
20:19:25.0025 8000 [ D9F6B30AD93CBD165EC71FADF51DF25E ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
20:19:25.0025 8000 BrUsbSIb - ok
20:19:25.0088 8000 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:19:25.0088 8000 BrYNSvc - ok
20:19:25.0119 8000 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:19:25.0119 8000 BTHMODEM - ok
20:19:25.0197 8000 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:19:25.0197 8000 bthserv - ok
20:19:25.0275 8000 [ 34C60D1F16D8FE67277DBB9D7E59F89D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:19:25.0275 8000 BTHSSecurityMgr - ok
20:19:25.0322 8000 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:19:25.0322 8000 cdfs - ok
20:19:25.0384 8000 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:19:25.0384 8000 cdrom - ok
20:19:25.0431 8000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:19:25.0447 8000 CertPropSvc - ok
20:19:25.0462 8000 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
20:19:25.0478 8000 circlass - ok
20:19:25.0509 8000 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:19:25.0509 8000 CLFS - ok
20:19:25.0571 8000 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:19:25.0587 8000 clr_optimization_v2.0.50727_32 - ok
20:19:25.0634 8000 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:19:25.0634 8000 clr_optimization_v2.0.50727_64 - ok
20:19:25.0696 8000 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:19:25.0712 8000 clr_optimization_v4.0.30319_32 - ok
20:19:25.0743 8000 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:19:25.0743 8000 clr_optimization_v4.0.30319_64 - ok
20:19:25.0790 8000 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:19:25.0790 8000 CmBatt - ok
20:19:25.0805 8000 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:19:25.0805 8000 cmdide - ok
20:19:25.0868 8000 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:19:25.0883 8000 CNG - ok
20:19:25.0915 8000 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:19:25.0915 8000 Compbatt - ok
20:19:25.0961 8000 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:19:25.0961 8000 CompositeBus - ok
20:19:25.0993 8000 COMSysApp - ok
20:19:26.0039 8000 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:19:26.0055 8000 cphs - ok
20:19:26.0071 8000 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:19:26.0071 8000 crcdisk - ok
20:19:26.0133 8000 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:19:26.0133 8000 CryptSvc - ok
20:19:26.0180 8000 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
20:19:26.0211 8000 CSC - ok
20:19:26.0273 8000 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
20:19:26.0305 8000 CscService - ok
20:19:26.0398 8000 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
20:19:26.0398 8000 dc3d - ok
20:19:26.0461 8000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:19:26.0476 8000 DcomLaunch - ok
20:19:26.0539 8000 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:19:26.0539 8000 defragsvc - ok
20:19:26.0585 8000 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:19:26.0585 8000 DfsC - ok
20:19:26.0648 8000 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:19:26.0648 8000 Dhcp - ok
20:19:26.0679 8000 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:19:26.0695 8000 discache - ok
20:19:26.0741 8000 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
20:19:26.0757 8000 Disk - ok
20:19:26.0851 8000 [ 948E8B99BD47A53DCFFBF07EC8A2CF58 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
20:19:26.0866 8000 DMAgent - ok
20:19:26.0975 8000 [ 2D124258A5A85169FE71B1DBF82BE913 ] DMDefragService C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
20:19:27.0022 8000 DMDefragService - ok
20:19:27.0069 8000 [ FD8D3E2E706BDA77A84588637560ADE2 ] DMRepairService C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
20:19:27.0085 8000 DMRepairService - ok
20:19:27.0131 8000 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:19:27.0131 8000 dmvsc - ok
20:19:27.0163 8000 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:19:27.0178 8000 Dnscache - ok
20:19:27.0209 8000 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:19:27.0209 8000 dot3svc - ok
20:19:27.0256 8000 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:19:27.0256 8000 Dot4 - ok
20:19:27.0272 8000 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:19:27.0272 8000 Dot4Print - ok
20:19:27.0287 8000 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:19:27.0287 8000 dot4usb - ok
20:19:27.0303 8000 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:19:27.0303 8000 DPS - ok
20:19:27.0350 8000 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:19:27.0350 8000 drmkaud - ok
20:19:27.0381 8000 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:19:27.0412 8000 DXGKrnl - ok
20:19:27.0459 8000 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:19:27.0475 8000 EapHost - ok
20:19:27.0553 8000 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:19:27.0631 8000 ebdrv - ok
20:19:27.0646 8000 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:19:27.0646 8000 EFS - ok
20:19:27.0709 8000 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:19:27.0724 8000 ehRecvr - ok
20:19:27.0771 8000 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:19:27.0771 8000 ehSched - ok
20:19:27.0865 8000 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:19:27.0896 8000 elxstor - ok
20:19:27.0911 8000 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:19:27.0911 8000 ErrDev - ok
20:19:27.0989 8000 [ 5B042AA9CEBDAB5B61E747DDCEBFF51B ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:19:27.0989 8000 ETD - ok
20:19:28.0021 8000 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:19:28.0036 8000 EventSystem - ok
20:19:28.0145 8000 [ 3A65D4AF876F6CD47B22AA93A31E4646 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:19:28.0161 8000 EvtEng - ok
20:19:28.0223 8000 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:19:28.0223 8000 exfat - ok
20:19:28.0239 8000 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:19:28.0255 8000 fastfat - ok
20:19:28.0317 8000 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:19:28.0348 8000 Fax - ok
20:19:28.0426 8000 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
20:19:28.0426 8000 fdc - ok
20:19:28.0473 8000 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:19:28.0473 8000 fdPHost - ok
20:19:28.0489 8000 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:19:28.0489 8000 FDResPub - ok
20:19:28.0535 8000 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:19:28.0535 8000 FileInfo - ok
20:19:28.0551 8000 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:19:28.0551 8000 Filetrace - ok
20:19:28.0613 8000 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:19:28.0613 8000 flpydisk - ok
20:19:28.0629 8000 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:19:28.0645 8000 FltMgr - ok
20:19:28.0691 8000 [ 7DE8A770487FC4B5E3A168AD97E1D370 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
20:19:28.0707 8000 FLxHCIc - ok
20:19:28.0707 8000 [ 2D54A3319FC955029E4B371CDC088FF4 ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
20:19:28.0707 8000 FLxHCIh - ok
20:19:28.0754 8000 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:19:28.0769 8000 FontCache - ok
20:19:28.0816 8000 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:19:28.0816 8000 FontCache3.0.0.0 - ok
20:19:28.0847 8000 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:19:28.0847 8000 FsDepends - ok
20:19:28.0941 8000 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:19:28.0941 8000 fssfltr - ok
20:19:29.0035 8000 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:19:29.0066 8000 fsssvc - ok
20:19:29.0113 8000 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:19:29.0113 8000 Fs_Rec - ok
20:19:29.0175 8000 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:19:29.0191 8000 fvevol - ok
20:19:29.0237 8000 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:19:29.0237 8000 gagp30kx - ok
20:19:29.0300 8000 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:19:29.0331 8000 gpsvc - ok
20:19:29.0425 8000 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:19:29.0440 8000 gupdate - ok
20:19:29.0471 8000 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:19:29.0471 8000 gupdatem - ok
20:19:29.0565 8000 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:19:29.0565 8000 gusvc - ok
20:19:29.0627 8000 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:19:29.0627 8000 hcw85cir - ok
20:19:29.0690 8000 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:19:29.0705 8000 HdAudAddService - ok
20:19:29.0768 8000 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:19:29.0768 8000 HDAudBus - ok
20:19:29.0799 8000 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:19:29.0799 8000 HidBatt - ok
20:19:29.0815 8000 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:19:29.0830 8000 HidBth - ok
20:19:29.0877 8000 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
20:19:29.0877 8000 HidIr - ok
20:19:29.0893 8000 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:19:29.0893 8000 hidserv - ok
20:19:29.0971 8000 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:19:29.0971 8000 HidUsb - ok
20:19:30.0002 8000 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:19:30.0017 8000 hkmsvc - ok
20:19:30.0033 8000 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:19:30.0033 8000 HomeGroupListener - ok
20:19:30.0064 8000 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:19:30.0064 8000 HomeGroupProvider - ok
20:19:30.0111 8000 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:19:30.0111 8000 HpSAMD - ok
20:19:30.0189 8000 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:19:30.0189 8000 HTCAND64 - ok
20:19:30.0251 8000 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:19:30.0267 8000 HTTP - ok
20:19:30.0345 8000 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:19:30.0345 8000 hwpolicy - ok
20:19:30.0376 8000 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:19:30.0376 8000 i8042prt - ok
20:19:30.0439 8000 [ D1753C06EE17E29352B065EACF3F10D0 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:19:30.0454 8000 iaStor - ok
20:19:30.0517 8000 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:19:30.0517 8000 iaStorV - ok
20:19:30.0579 8000 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:19:30.0595 8000 idsvc - ok
20:19:30.0829 8000 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:19:31.0047 8000 igfx - ok
20:19:31.0109 8000 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:19:31.0125 8000 iirsp - ok
20:19:31.0172 8000 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:19:31.0203 8000 IKEEXT - ok
20:19:31.0265 8000 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
20:19:31.0265 8000 intaud_WaveExtensible - ok
20:19:31.0390 8000 [ 5205DE9BD47F633E06EF3EF3DE11EF99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:19:31.0437 8000 IntcAzAudAddService - ok
20:19:31.0499 8000 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:19:31.0499 8000 IntcDAud - ok
20:19:31.0562 8000 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:19:31.0562 8000 intelide - ok
20:19:31.0624 8000 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:19:31.0624 8000 intelppm - ok
20:19:31.0671 8000 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:19:31.0687 8000 IPBusEnum - ok
20:19:31.0702 8000 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:19:31.0702 8000 IpFilterDriver - ok
20:19:31.0765 8000 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:19:31.0796 8000 iphlpsvc - ok
20:19:31.0796 8000 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:19:31.0811 8000 IPMIDRV - ok
20:19:31.0843 8000 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:19:31.0843 8000 IPNAT - ok
20:19:31.0889 8000 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:19:31.0889 8000 IRENUM - ok
20:19:31.0905 8000 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:19:31.0905 8000 isapnp - ok
20:19:31.0936 8000 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:19:31.0952 8000 iScsiPrt - ok
20:19:31.0999 8000 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
20:19:31.0999 8000 iwdbus - ok
20:19:32.0061 8000 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:19:32.0061 8000 kbdclass - ok
20:19:32.0092 8000 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:19:32.0092 8000 kbdhid - ok
20:19:32.0155 8000 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
20:19:32.0155 8000 kbfiltr - ok
20:19:32.0186 8000 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:19:32.0201 8000 KeyIso - ok
20:19:32.0217 8000 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:19:32.0233 8000 KSecDD - ok
20:19:32.0248 8000 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:19:32.0248 8000 KSecPkg - ok
20:19:32.0311 8000 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:19:32.0311 8000 ksthunk - ok
20:19:32.0342 8000 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:19:32.0342 8000 KtmRm - ok
20:19:32.0404 8000 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:19:32.0420 8000 L1C - ok
20:19:32.0467 8000 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:19:32.0482 8000 LanmanServer - ok
20:19:32.0529 8000 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:19:32.0529 8000 LanmanWorkstation - ok
20:19:32.0638 8000 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
20:19:32.0654 8000 LBTServ - ok
20:19:32.0716 8000 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
20:19:32.0716 8000 LEqdUsb - ok
20:19:32.0763 8000 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
20:19:32.0763 8000 LHidEqd - ok
20:19:32.0810 8000 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
20:19:32.0810 8000 LHidFilt - ok
20:19:32.0872 8000 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:19:32.0872 8000 lltdio - ok
20:19:32.0903 8000 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:19:32.0919 8000 lltdsvc - ok
20:19:32.0950 8000 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:19:32.0950 8000 lmhosts - ok
20:19:33.0013 8000 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
20:19:33.0013 8000 LMouFilt - ok
20:19:33.0059 8000 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:19:33.0075 8000 LSI_FC - ok
20:19:33.0091 8000 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:19:33.0091 8000 LSI_SAS - ok
20:19:33.0106 8000 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:19:33.0106 8000 LSI_SAS2 - ok
20:19:33.0137 8000 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:19:33.0137 8000 LSI_SCSI - ok
20:19:33.0169 8000 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:19:33.0169 8000 luafv - ok
20:19:33.0247 8000 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:19:33.0247 8000 MBAMProtector - ok
20:19:33.0325 8000 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:19:33.0325 8000 MBAMService - ok
20:19:33.0371 8000 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:19:33.0371 8000 Mcx2Svc - ok
20:19:33.0403 8000 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
20:19:33.0418 8000 megasas - ok
20:19:33.0434 8000 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:19:33.0434 8000 MegaSR - ok
20:19:33.0481 8000 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:19:33.0481 8000 MEIx64 - ok
20:19:33.0496 8000 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:19:33.0512 8000 MMCSS - ok
20:19:33.0527 8000 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:19:33.0527 8000 Modem - ok
20:19:33.0574 8000 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:19:33.0574 8000 monitor - ok
20:19:33.0621 8000 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:19:33.0621 8000 mouclass - ok
20:19:33.0668 8000 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:19:33.0668 8000 mouhid - ok
20:19:33.0715 8000 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:19:33.0715 8000 mountmgr - ok
20:19:33.0793 8000 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:19:33.0808 8000 MozillaMaintenance - ok
20:19:33.0871 8000 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:19:33.0871 8000 MpFilter - ok
20:19:33.0902 8000 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:19:33.0902 8000 mpio - ok
20:19:33.0917 8000 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:19:33.0917 8000 mpsdrv - ok
20:19:33.0964 8000 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:19:33.0980 8000 MpsSvc - ok
20:19:34.0042 8000 MREMP50 - ok
20:19:34.0058 8000 MREMP50a64 - ok
20:19:34.0073 8000 MREMPR5 - ok
20:19:34.0073 8000 MRENDIS5 - ok
20:19:34.0105 8000 MRESP50 - ok
20:19:34.0120 8000 MRESP50a64 - ok
20:19:34.0151 8000 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:19:34.0151 8000 MRxDAV - ok
20:19:34.0167 8000 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:19:34.0183 8000 mrxsmb - ok
20:19:34.0198 8000 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:19:34.0198 8000 mrxsmb10 - ok
20:19:34.0229 8000 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:19:34.0229 8000 mrxsmb20 - ok
20:19:34.0261 8000 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:19:34.0261 8000 msahci - ok
20:19:34.0276 8000 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:19:34.0276 8000 msdsm - ok
20:19:34.0292 8000 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:19:34.0292 8000 MSDTC - ok
20:19:34.0354 8000 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:19:34.0354 8000 Msfs - ok
20:19:34.0401 8000 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:19:34.0401 8000 mshidkmdf - ok
20:19:34.0417 8000 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:19:34.0417 8000 msisadrv - ok
20:19:34.0448 8000 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:19:34.0448 8000 MSiSCSI - ok
20:19:34.0463 8000 msiserver - ok
20:19:34.0479 8000 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:19:34.0479 8000 MSKSSRV - ok
20:19:34.0541 8000 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
20:19:34.0541 8000 MsMpSvc - ok
20:19:34.0588 8000 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:19:34.0588 8000 MSPCLOCK - ok
20:19:34.0604 8000 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:19:34.0604 8000 MSPQM - ok
20:19:34.0651 8000 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:19:34.0651 8000 MsRPC - ok
20:19:34.0697 8000 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:19:34.0713 8000 mssmbios - ok
20:19:34.0729 8000 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:19:34.0744 8000 MSTEE - ok
20:19:34.0775 8000 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:19:34.0775 8000 MTConfig - ok
20:19:34.0791 8000 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:19:34.0791 8000 Mup - ok
20:19:34.0869 8000 [ 08835780CC6A5CFF5275101B5A9D17A4 ] MxEFUF C:\Windows\system32\DRIVERS\MxEFUF64.sys
20:19:34.0869 8000 MxEFUF - ok
20:19:34.0963 8000 [ 22299BBED2FD0DFFC0FA1D46496C6D19 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:19:34.0963 8000 MyWiFiDHCPDNS - ok
20:19:34.0994 8000 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:19:34.0994 8000 napagent - ok
20:19:35.0025 8000 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:19:35.0025 8000 NativeWifiP - ok
20:19:35.0056 8000 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
20:19:35.0072 8000 NDIS - ok
20:19:35.0072 8000 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:19:35.0072 8000 NdisCap - ok
20:19:35.0134 8000 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:19:35.0134 8000 NdisTapi - ok
20:19:35.0181 8000 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:19:35.0181 8000 Ndisuio - ok
20:19:35.0212 8000 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:19:35.0212 8000 NdisWan - ok
20:19:35.0228 8000 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:19:35.0228 8000 NDProxy - ok
20:19:35.0275 8000 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:19:35.0275 8000 NetBIOS - ok
20:19:35.0290 8000 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:19:35.0306 8000 NetBT - ok
20:19:35.0353 8000 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:19:35.0353 8000 Netlogon - ok
20:19:35.0415 8000 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:19:35.0415 8000 Netman - ok
20:19:35.0446 8000 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:19:35.0462 8000 netprofm - ok
20:19:35.0493 8000 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:19:35.0493 8000 NetTcpPortSharing - ok
20:19:35.0711 8000 [ 262225F08B891FD7F16B3B93A3177C1F ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
20:19:35.0883 8000 NETwNs64 - ok
20:19:35.0945 8000 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:19:35.0945 8000 nfrd960 - ok
20:19:36.0023 8000 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:19:36.0039 8000 NisDrv - ok
20:19:36.0070 8000 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
20:19:36.0086 8000 NisSrv - ok
20:19:36.0133 8000 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:19:36.0148 8000 NlaSvc - ok
20:19:36.0164 8000 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:19:36.0164 8000 Npfs - ok
20:19:36.0179 8000 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:19:36.0195 8000 nsi - ok
20:19:36.0226 8000 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:19:36.0226 8000 nsiproxy - ok
20:19:36.0289 8000 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:19:36.0320 8000 Ntfs - ok
20:19:36.0335 8000 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:19:36.0335 8000 Null - ok
20:19:36.0382 8000 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:19:36.0382 8000 nvraid - ok
20:19:36.0429 8000 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:19:36.0429 8000 nvstor - ok
20:19:36.0476 8000 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:19:36.0476 8000 nv_agp - ok
20:19:36.0491 8000 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:19:36.0507 8000 ohci1394 - ok
20:19:36.0569 8000 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:19:36.0585 8000 ose - ok
20:19:36.0741 8000 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:19:36.0772 8000 osppsvc - ok
20:19:36.0819 8000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:19:36.0835 8000 p2pimsvc - ok
20:19:36.0866 8000 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:19:36.0866 8000 p2psvc - ok
20:19:36.0881 8000 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
20:19:36.0897 8000 Parport - ok
20:19:36.0913 8000 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:19:36.0913 8000 partmgr - ok
20:19:36.0928 8000 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:19:36.0944 8000 PcaSvc - ok
20:19:36.0944 8000 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:19:36.0944 8000 pci - ok
20:19:36.0991 8000 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:19:36.0991 8000 pciide - ok
20:19:37.0053 8000 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:19:37.0053 8000 pcmcia - ok
20:19:37.0115 8000 [ FC507B2C75BE6AEA3DED5582CD3C9990 ] PCTDMDefrag C:\Windows\system32\drivers\PCTDMDefrag.sys
20:19:37.0115 8000 PCTDMDefrag - ok
20:19:37.0131 8000 [ DD8798DAEFDAC380DE4D9C5DCB619D67 ] PCTDSMon C:\Windows\system32\drivers\PCTDSMon.sys
20:19:37.0131 8000 PCTDSMon - ok
20:19:37.0178 8000 [ FC0B1577C1EB68B29FFB1AF726558297 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
20:19:37.0193 8000 PCToolsSSDMonitorSvc - ok
20:19:37.0209 8000 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:19:37.0209 8000 pcw - ok
20:19:37.0240 8000 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:19:37.0240 8000 PEAUTH - ok
20:19:37.0287 8000 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:19:37.0303 8000 PeerDistSvc - ok
20:19:37.0412 8000 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:19:37.0412 8000 PerfHost - ok
20:19:37.0505 8000 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:19:37.0552 8000 pla - ok
20:19:37.0615 8000 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:19:37.0630 8000 PlugPlay - ok
20:19:37.0646 8000 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:19:37.0646 8000 PNRPAutoReg - ok
20:19:37.0661 8000 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:19:37.0677 8000 PNRPsvc - ok
20:19:37.0755 8000 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
20:19:37.0755 8000 Point64 - ok
20:19:37.0786 8000 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:19:37.0802 8000 PolicyAgent - ok
20:19:37.0833 8000 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:19:37.0833 8000 Power - ok
20:19:37.0880 8000 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:19:37.0880 8000 PptpMiniport - ok
20:19:37.0895 8000 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
20:19:37.0895 8000 Processor - ok
20:19:37.0942 8000 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:19:37.0958 8000 ProfSvc - ok
20:19:37.0973 8000 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:19:37.0989 8000 ProtectedStorage - ok
20:19:38.0036 8000 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:19:38.0036 8000 Psched - ok
20:19:38.0067 8000 PxHelp20 - ok
20:19:38.0129 8000 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:19:38.0129 8000 PxHlpa64 - ok
20:19:38.0254 8000 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:19:38.0301 8000 ql2300 - ok
20:19:38.0363 8000 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:19:38.0363 8000 ql40xx - ok
20:19:38.0395 8000 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:19:38.0395 8000 QWAVE - ok
20:19:38.0410 8000 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:19:38.0410 8000 QWAVEdrv - ok
20:19:38.0426 8000 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:19:38.0426 8000 RasAcd - ok
20:19:38.0473 8000 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:19:38.0473 8000 RasAgileVpn - ok
20:19:38.0488 8000 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:19:38.0488 8000 RasAuto - ok
20:19:38.0519 8000 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:19:38.0519 8000 Rasl2tp - ok
20:19:38.0551 8000 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:19:38.0551 8000 RasMan - ok
20:19:38.0566 8000 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:19:38.0566 8000 RasPppoe - ok
20:19:38.0613 8000 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:19:38.0613 8000 RasSstp - ok
20:19:38.0629 8000 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:19:38.0644 8000 rdbss - ok
20:19:38.0660 8000 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:19:38.0660 8000 rdpbus - ok
20:19:38.0707 8000 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:19:38.0707 8000 RDPCDD - ok
20:19:38.0738 8000 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:19:38.0738 8000 RDPDR - ok
20:19:38.0753 8000 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:19:38.0753 8000 RDPENCDD - ok
20:19:38.0769 8000 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:19:38.0769 8000 RDPREFMP - ok
20:19:38.0800 8000 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:19:38.0800 8000 RDPWD - ok
20:19:38.0863 8000 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:19:38.0863 8000 rdyboost - ok
20:19:38.0956 8000 [ B29F5BD169CDDEE1049015255E7E3FBD ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:19:38.0956 8000 RegSrvc - ok
20:19:38.0987 8000 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:19:39.0003 8000 RemoteAccess - ok
20:19:39.0050 8000 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:19:39.0050 8000 RemoteRegistry - ok
20:19:39.0081 8000 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:19:39.0081 8000 RpcEptMapper - ok
20:19:39.0112 8000 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:19:39.0112 8000 RpcLocator - ok
20:19:39.0143 8000 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:19:39.0159 8000 RpcSs - ok
20:19:39.0206 8000 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:19:39.0221 8000 rspndr - ok
20:19:39.0237 8000 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:19:39.0237 8000 s3cap - ok
20:19:39.0253 8000 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:19:39.0253 8000 SamSs - ok
20:19:39.0331 8000 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:19:39.0331 8000 SASDIFSV - ok
20:19:39.0346 8000 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:19:39.0346 8000 SASKUTIL - ok
20:19:39.0377 8000 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:19:39.0377 8000 sbp2port - ok
20:19:39.0409 8000 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:19:39.0409 8000 SCardSvr - ok
20:19:39.0424 8000 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:19:39.0424 8000 scfilter - ok
20:19:39.0455 8000 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:19:39.0487 8000 Schedule - ok
20:19:39.0502 8000 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:19:39.0502 8000 SCPolicySvc - ok
20:19:39.0518 8000 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:19:39.0518 8000 SDRSVC - ok
20:19:39.0565 8000 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:19:39.0565 8000 secdrv - ok
20:19:39.0580 8000 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:19:39.0580 8000 seclogon - ok
20:19:39.0596 8000 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:19:39.0596 8000 SENS - ok
20:19:39.0611 8000 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:19:39.0611 8000 SensrSvc - ok
20:19:39.0643 8000 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
20:19:39.0643 8000 Serenum - ok
20:19:39.0705 8000 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
20:19:39.0705 8000 Serial - ok
20:19:39.0767 8000 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:19:39.0767 8000 sermouse - ok
20:19:39.0799 8000 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:19:39.0814 8000 SessionEnv - ok
20:19:39.0830 8000 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:19:39.0830 8000 sffdisk - ok
20:19:39.0845 8000 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:19:39.0861 8000 sffp_mmc - ok
20:19:39.0861 8000 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:19:39.0861 8000 sffp_sd - ok
20:19:39.0908 8000 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:19:39.0908 8000 sfloppy - ok
20:19:39.0939 8000 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:19:39.0939 8000 SharedAccess - ok
20:19:39.0970 8000 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:19:39.0970 8000 ShellHWDetection - ok
20:19:40.0033 8000 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:19:40.0033 8000 SiSRaid2 - ok
20:19:40.0033 8000 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:19:40.0033 8000 SiSRaid4 - ok
20:19:40.0079 8000 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:19:40.0079 8000 Smb - ok
20:19:40.0157 8000 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:19:40.0157 8000 SNMPTRAP - ok
20:19:40.0189 8000 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:19:40.0189 8000 spldr - ok
20:19:40.0220 8000 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:19:40.0220 8000 Spooler - ok
20:19:40.0313 8000 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:19:40.0391 8000 sppsvc - ok
20:19:40.0407 8000 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:19:40.0407 8000 sppuinotify - ok
20:19:40.0438 8000 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:19:40.0438 8000 srv - ok
20:19:40.0469 8000 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:19:40.0485 8000 srv2 - ok
20:19:40.0485 8000 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:19:40.0485 8000 srvnet - ok
20:19:40.0532 8000 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:19:40.0547 8000 SSDPSRV - ok
20:19:40.0563 8000 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:19:40.0563 8000 SstpSvc - ok
20:19:40.0610 8000 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:19:40.0610 8000 stexstor - ok
20:19:40.0672 8000 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:19:40.0688 8000 stisvc - ok
20:19:40.0735 8000 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:19:40.0735 8000 storflt - ok
20:19:40.0750 8000 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
20:19:40.0750 8000 StorSvc - ok
20:19:40.0781 8000 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:19:40.0781 8000 storvsc - ok
20:19:40.0813 8000 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:19:40.0813 8000 swenum - ok
20:19:40.0844 8000 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:19:40.0844 8000 swprv - ok
20:19:40.0906 8000 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:19:40.0937 8000 SysMain - ok
20:19:40.0969 8000 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:19:40.0969 8000 TabletInputService - ok
20:19:40.0969 8000 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:19:40.0984 8000 TapiSrv - ok
20:19:40.0984 8000 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:19:40.0984 8000 TBS - ok
20:19:41.0062 8000 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:19:41.0093 8000 Tcpip - ok
20:19:41.0171 8000 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:19:41.0187 8000 TCPIP6 - ok
20:19:41.0218 8000 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:19:41.0218 8000 tcpipreg - ok
20:19:41.0234 8000 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:19:41.0234 8000 TDPIPE - ok
20:19:41.0265 8000 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:19:41.0265 8000 TDTCP - ok
20:19:41.0281 8000 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:19:41.0281 8000 tdx - ok
20:19:41.0296 8000 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:19:41.0296 8000 TermDD - ok
20:19:41.0343 8000 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:19:41.0343 8000 TermService - ok
20:19:41.0359 8000 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:19:41.0374 8000 Themes - ok
20:19:41.0390 8000 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:19:41.0390 8000 THREADORDER - ok
20:19:41.0405 8000 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:19:41.0405 8000 TrkWks - ok
20:19:41.0452 8000 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:19:41.0452 8000 TrustedInstaller - ok
20:19:41.0483 8000 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:19:41.0483 8000 tssecsrv - ok
20:19:41.0515 8000 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:19:41.0515 8000 TsUsbFlt - ok
20:19:41.0546 8000 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:19:41.0546 8000 TsUsbGD - ok
20:19:41.0593 8000 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:19:41.0608 8000 tunnel - ok
20:19:41.0639 8000 [ B355581A9DA34C92E2DBAFA410D2F829 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:19:41.0639 8000 TurboB - ok
20:19:41.0686 8000 [ 6564E84B1522C12EA1C3A181ED03276F ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:19:41.0686 8000 TurboBoost - ok
20:19:41.0717 8000 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:19:41.0717 8000 uagp35 - ok
20:19:41.0749 8000 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:19:41.0749 8000 udfs - ok
20:19:41.0780 8000 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:19:41.0795 8000 UI0Detect - ok
20:19:41.0811 8000 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:19:41.0827 8000 uliagpkx - ok
20:19:41.0873 8000 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:19:41.0873 8000 umbus - ok
20:19:41.0920 8000 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:19:41.0920 8000 UmPass - ok
20:19:41.0951 8000 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
20:19:41.0967 8000 UmRdpService - ok
20:19:41.0983 8000 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:19:41.0983 8000 upnphost - ok
20:19:42.0061 8000 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:19:42.0061 8000 usbccgp - ok
20:19:42.0092 8000 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:19:42.0107 8000 usbcir - ok
20:19:42.0139 8000 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:19:42.0139 8000 usbehci - ok
20:19:42.0185 8000 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:19:42.0185 8000 usbhub - ok
20:19:42.0217 8000 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:19:42.0217 8000 usbohci - ok
20:19:42.0232 8000 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:19:42.0232 8000 usbprint - ok
20:19:42.0295 8000 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:19:42.0295 8000 usbscan - ok
20:19:42.0326 8000 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:19:42.0326 8000 USBSTOR - ok
20:19:42.0373 8000 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:19:42.0388 8000 usbuhci - ok
20:19:42.0435 8000 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:19:42.0451 8000 usbvideo - ok
20:19:42.0482 8000 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:19:42.0482 8000 UxSms - ok
20:19:42.0497 8000 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:19:42.0497 8000 VaultSvc - ok
20:19:42.0560 8000 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:19:42.0575 8000 vdrvroot - ok
20:19:42.0591 8000 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:19:42.0607 8000 vds - ok
20:19:42.0638 8000 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:19:42.0653 8000 vga - ok
20:19:42.0669 8000 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:19:42.0669 8000 VgaSave - ok
20:19:42.0685 8000 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:19:42.0685 8000 vhdmp - ok
20:19:42.0747 8000 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:19:42.0747 8000 viaide - ok
20:19:42.0809 8000 VideoAcceleratorService - ok
20:19:42.0825 8000 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:19:42.0825 8000 vmbus - ok
20:19:42.0841 8000 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:19:42.0841 8000 VMBusHID - ok
20:19:42.0856 8000 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:19:42.0856 8000 volmgr - ok
20:19:42.0887 8000 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:19:42.0903 8000 volmgrx - ok
20:19:42.0919 8000 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:19:42.0919 8000 volsnap - ok
20:19:42.0965 8000 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:19:42.0965 8000 vsmraid - ok
20:19:43.0028 8000 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:19:43.0059 8000 VSS - ok
20:19:43.0075 8000 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:19:43.0090 8000 vwifibus - ok
20:19:43.0121 8000 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:19:43.0121 8000 vwififlt - ok
20:19:43.0137 8000 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:19:43.0137 8000 vwifimp - ok
20:19:43.0168 8000 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:19:43.0168 8000 W32Time - ok
20:19:43.0184 8000 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:19:43.0199 8000 WacomPen - ok
20:19:43.0246 8000 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:19:43.0246 8000 WANARP - ok
20:19:43.0262 8000 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:19:43.0262 8000 Wanarpv6 - ok
20:19:43.0340 8000 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:19:43.0387 8000 WatAdminSvc - ok
20:19:43.0449 8000 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:19:43.0496 8000 wbengine - ok
20:19:43.0527 8000 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:19:43.0527 8000 WbioSrvc - ok
20:19:43.0574 8000 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:19:43.0589 8000 wcncsvc - ok
20:19:43.0589 8000 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:19:43.0605 8000 WcsPlugInService - ok
20:19:43.0636 8000 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
20:19:43.0636 8000 Wd - ok
20:19:43.0667 8000 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:19:43.0683 8000 WDC_SAM - ok
20:19:43.0730 8000 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:19:43.0745 8000 Wdf01000 - ok
20:19:43.0761 8000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:19:43.0761 8000 WdiServiceHost - ok
20:19:43.0777 8000 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:19:43.0777 8000 WdiSystemHost - ok
20:19:43.0792 8000 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:19:43.0808 8000 WebClient - ok
20:19:43.0823 8000 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:19:43.0823 8000 Wecsvc - ok
20:19:43.0839 8000 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:19:43.0839 8000 wercplsupport - ok
20:19:43.0870 8000 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:19:43.0886 8000 WerSvc - ok
20:19:43.0933 8000 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:19:43.0933 8000 WfpLwf - ok
20:19:44.0026 8000 [ 81730F74EB47552F1ECE857B2F491A31 ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
20:19:44.0042 8000 WiMAXAppSrv - ok
20:19:44.0104 8000 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:19:44.0120 8000 WimFltr - ok
20:19:44.0135 8000 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:19:44.0135 8000 WIMMount - ok
20:19:44.0167 8000 WinDefend - ok
20:19:44.0182 8000 WinHttpAutoProxySvc - ok
20:19:44.0229 8000 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:19:44.0229 8000 Winmgmt - ok
20:19:44.0307 8000 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
20:19:44.0354 8000 WinRM - ok
20:19:44.0432 8000 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:19:44.0447 8000 Wlansvc - ok
20:19:44.0525 8000 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:19:44.0541 8000 wlcrasvc - ok
20:19:44.0666 8000 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:19:44.0681 8000 wlidsvc - ok
20:19:44.0728 8000 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:19:44.0728 8000 WmiAcpi - ok
20:19:44.0759 8000 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:19:44.0775 8000 wmiApSrv - ok
20:19:44.0822 8000 WMPNetworkSvc - ok
20:19:44.0853 8000 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:19:44.0853 8000 WPCSvc - ok
20:19:44.0900 8000 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:19:44.0900 8000 WPDBusEnum - ok
20:19:44.0931 8000 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:19:44.0931 8000 ws2ifsl - ok
20:19:44.0962 8000 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:19:44.0962 8000 wscsvc - ok
20:19:44.0978 8000 WSearch - ok
20:19:45.0056 8000 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:19:45.0118 8000 wuauserv - ok
20:19:45.0118 8000 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:19:45.0118 8000 WudfPf - ok
20:19:45.0181 8000 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:19:45.0181 8000 WUDFRd - ok
20:19:45.0196 8000 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:19:45.0212 8000 wudfsvc - ok
20:19:45.0227 8000 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
20:19:45.0227 8000 WwanSvc - ok
20:19:45.0321 8000 [ 12F9EAD58E8CA6C8377B0E61766C5A12 ] XobniService C:\Program Files (x86)\Xobni\XobniService.exe
20:19:45.0321 8000 XobniService - ok
20:19:45.0461 8000 [ 9E35C40B0952F27E3F57E8F1D449F0A0 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:19:45.0493 8000 ZeroConfigService - ok
20:19:45.0524 8000 ================ Scan global ===============================
20:19:45.0539 8000 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:19:45.0571 8000 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:19:45.0571 8000 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
20:19:45.0602 8000 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:19:45.0633 8000 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:19:45.0649 8000 [Global] - ok
20:19:45.0649 8000 ================ Scan MBR ==================================
20:19:45.0664 8000 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:19:45.0883 8000 \Device\Harddisk0\DR0 - ok
20:19:45.0883 8000 ================ Scan VBR ==================================
20:19:45.0883 8000 [ F7AFFF46909A6AEB9F315239FB227F48 ] \Device\Harddisk0\DR0\Partition1
20:19:45.0898 8000 \Device\Harddisk0\DR0\Partition1 - ok
20:19:45.0898 8000 ============================================================
20:19:45.0898 8000 Scan finished
20:19:45.0898 8000 ============================================================
20:19:45.0898 4956 Detected object count: 0
20:19:45.0898 4956 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-20 20:25:56
-----------------------------
20:25:56.725 OS Version: Windows x64 6.1.7601 Service Pack 1
20:25:56.725 Number of processors: 4 586 0x2A07
20:25:56.725 ComputerName: BTBRAUN_RSMC-PC UserName: btbraun_rsmc
20:25:58.160 Initialize success
20:27:15.348 AVAST engine defs: 12082000
20:27:29.466 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:27:29.481 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
20:27:29.497 Disk 0 MBR read successfully
20:27:29.497 Disk 0 MBR scan
20:27:29.513 Disk 0 Windows 7 default MBR code
20:27:29.513 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 34131 MB offset 2048
20:27:29.544 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 919737 MB offset 69902336
20:27:29.622 Disk 0 scanning C:\Windows\system32\drivers
20:27:44.411 Service scanning
20:28:32.693 Modules scanning
20:28:32.708 Disk 0 trace - called modules:
20:28:32.755 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
20:28:32.771 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ddc060]
20:28:32.786 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa80078946d0]
20:28:32.786 5 ACPI.sys[fffff88000f3f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800792d050]
20:28:34.315 AVAST engine scan C:\Windows
20:28:38.309 AVAST engine scan C:\Windows\system32
20:31:57.849 AVAST engine scan C:\Windows\system32\drivers
20:32:14.759 AVAST engine scan C:\Users\btbraun_rsmc
20:44:19.397 AVAST engine scan C:\ProgramData
20:45:25.932 Scan finished successfully
20:58:03.776 Disk 0 MBR has been saved successfully to "C:\Users\btbraun_rsmc\Desktop\Computer 08_20_2012\MBR.dat"
20:58:03.807 The log file has been saved successfully to "C:\Users\btbraun_rsmc\Desktop\Computer 08_20_2012\aswMBR.txt"


Do you see anything to be concerned with?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:36 AM

Posted 20 August 2012 - 09:43 PM

OK, these are the other files that may be on the machine and can be removed IF they exist.
The file at "<$DESKTOP>\FLV Player.lnk".
The file at "<$PROGRAMFILES>\FLVPlayer\FLVPlayer.exe".
The file at "<$PROGRAMS>\FLV Player\FLV Player.lnk".
The file at "<$PROGRAMS>\FLV Player\Uninstall FLV Player.lnk".

uninstall this
Java™ 6 Update 33 (64-bit) (Version: 6.0.330
Old Javas can be exploited.

Reboot


A lot of the errors shown are related to this application..Point
You may want to remove all of it Reboot and reinstall.


Now to be sure the is no other malware.. I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#7 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 21 August 2012 - 10:20 AM

Where am I looking for:

The file at "<$DESKTOP>\FLV Player.lnk".
The file at "<$PROGRAMFILES>\FLVPlayer\FLVPlayer.exe".
The file at "<$PROGRAMS>\FLV Player\FLV Player.lnk".
The file at "<$PROGRAMS>\FLV Player\Uninstall FLV Player.lnk".

#8 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 21 August 2012 - 01:41 PM

ESET is still running but there are 2 entry's for Win32/Bagle.gen.zip worm. Will ESET be able to remove it?

#9 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 21 August 2012 - 01:55 PM

C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud10.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud23.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:36 AM

Posted 21 August 2012 - 02:10 PM

Do a file search fo FLV Player.lnk see if they all show.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#11 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 21 August 2012 - 03:45 PM

I'm not sure I did this part right so here's how I did the search for FLV Player.lnk I clicked "start" and typed into the "search programs and files" FLV Player.lnk and it showed two files. Both were email notifications from this page. Please confirm that I did this correctly. Thanks! :)

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:36 AM

Posted 21 August 2012 - 04:01 PM

That's correct.. they don't exist then and that's good.

I think you are all good now.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#13 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 24 August 2012 - 11:43 AM

Hi Boopme - I'm sorry to bug you. Is it possible for WiIQfraud to return? I'm having problems again, I'm locked out of admin for some programs and Spybot found a it again just now when I did a scan. Programs freeze - etc. same stuff. Any thoughts?

Thanks
-Beans

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,705 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:36 AM

Posted 24 August 2012 - 04:17 PM

We may have a deeper issuie so let's get a deeper look.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#15 btbraun

btbraun
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brentwood, TN
  • Local time:05:36 AM

Posted 24 August 2012 - 04:48 PM

Will do - just found this little critter in the directory -
{8EC055D-047F-11D1-A537-0000F8753ED1}
(Default) Non-Plug and Play Drivers
Class LegacyDriver
ClassDesc @%SystemRoot%\System32SysClass.Dll,-3003
EnumPropPages32 SysClass.Dll,LegacyDriverPropPageProvider
IconPath %SystemRoot%\System32\setupapi.dll,-19
NoDisplayClass




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users