Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect to http://63.209.69.107 (Firefox only)


  • This topic is locked This topic is locked
20 replies to this topic

#1 MICOLINO

MICOLINO

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 16 June 2013 - 11:27 PM

Hello World.

 

Im having this annoying problem since about a week.

When clicking on google search results, the click is redirecting to "http://63.209.69.107/see.php?q=" + a random query.

it doesnt load anyting else.

happens only on firefox.

 

Today i tried malwarebytes, tdsskiller, and combobox,  but could achieve anything.

 

i hope you can help.

ill paste combobox and tdskiller logs

 

thanks! C:

 

 

 

 

combobox log:

 

ComboFix 13-06-15.01 - MICOSYS 16-06-2013  23:58:23.1.6 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.8174.6716 [GMT -7:00]
Running from: c:\users\MICOSYS\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-17 to 2013-06-17  )))))))))))))))))))))))))))))))
.
.
2013-06-17 07:01 . 2013-06-17 07:01    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-06-17 06:00 . 2013-06-17 06:00    --------    d-----w-    c:\programdata\Malwarebytes
2013-06-17 06:00 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-06-17 06:00 . 2013-06-17 06:00    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-17 04:55 . 2013-06-17 04:55    --------    d-----w-    c:\program files (x86)\Alcohol Soft
2013-06-17 04:53 . 2013-06-17 04:53    871408    ----a-w-    c:\windows\system32\drivers\sptd.sys
2013-06-15 09:05 . 2013-06-15 09:05    --------    d-----w-    c:\program files (x86)\SquareEnix
2013-06-11 04:48 . 2013-06-11 04:48    --------    d-----w-    c:\programdata\Hewlett-Packard
2013-06-10 04:23 . 2013-06-10 04:23    --------    d-----w-    c:\program files (x86)\Hewlett-Packard
2013-06-10 04:22 . 2012-09-26 05:45    49664    ----a-r-    c:\windows\system32\HP1100SMs.dll
2013-06-10 04:22 . 2012-08-31 22:10    350720    ----a-w-    c:\windows\system32\mvhlewsi.DLL
2013-06-10 04:22 . 2012-08-31 22:03    1696256    ----a-w-    c:\windows\system32\HP1100SM.EXE
2013-06-10 04:22 . 2012-08-31 22:03    288768    ----a-w-    c:\windows\system32\HP1100LM.DLL
2013-06-10 04:22 . 2012-08-31 22:02    74240    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\HP1100PP.dll
2013-06-10 04:22 . 2012-09-27 00:27    126880    ----a-w-    c:\windows\system32\HPSIsvc.exe
2013-06-10 04:22 . 2013-06-10 04:22    --------    d-----w-    c:\programdata\HPSSUPPLY
2013-06-10 04:21 . 2013-06-10 04:22    --------    d-----w-    c:\program files (x86)\HP
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    c:\program files\HP
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    c:\program files (x86)\Common Files\SWF Studio
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    C:\LJP1100_P1560_P1600_Full_Solution
2013-06-09 00:38 . 2013-06-09 00:38    294912    --sha-r-    c:\windows\SysWow64\rpchttpd.dll
2013-06-03 05:13 . 2013-06-03 05:13    --------    d-----w-    c:\program files (x86)\MSECache
2013-06-01 23:45 . 2013-03-17 16:21    3649536    ----a-w-    c:\windows\SysWow64\x264vfw.dll
2013-06-01 23:45 . 2011-12-07 17:32    216064    ----a-w-    c:\windows\SysWow64\lagarith.dll
2013-06-01 23:45 . 2011-06-24 14:44    243200    ----a-w-    c:\windows\SysWow64\xvidvfw.dll
2013-06-01 23:45 . 2011-06-24 14:28    650752    ----a-w-    c:\windows\SysWow64\xvidcore.dll
2013-06-01 23:45 . 2012-06-09 17:21    178688    ----a-w-    c:\windows\SysWow64\unrar.dll
2013-06-01 23:45 . 2011-12-21 17:14    151552    ----a-w-    c:\windows\SysWow64\ac3acm.acm
2013-06-01 23:45 . 2013-05-31 18:00    112640    ----a-w-    c:\windows\SysWow64\ff_vfw.dll
2013-06-01 23:45 . 2013-06-01 23:45    --------    d-----w-    c:\program files (x86)\K-Lite Codec Pack
2013-06-01 23:25 . 2013-06-01 23:25    --------    d-----w-    c:\program files (x86)\Common Files\MainConcept
2013-06-01 23:24 . 2013-06-01 23:24    --------    d-----w-    c:\windows\Downloaded Installations
2013-06-01 23:17 . 2013-06-01 23:17    --------    d-----w-    c:\program files (x86)\Common Files\Adobe Systems Shared
2013-06-01 22:57 . 2013-06-01 23:03    --------    d-----w-    C:\_RAMMSTEIN DVD
2013-06-01 22:53 . 2013-06-15 06:17    --------    d-----w-    c:\program files (x86)\Guild Wars 2
2013-06-01 06:07 . 2013-06-01 06:07    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\program files (x86)\Microsoft Works
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\windows\PCHEALTH
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\program files (x86)\Microsoft.NET
2013-06-01 04:28 . 2013-06-01 04:28    --------    d-----w-    c:\program files (x86)\Google
2013-06-01 03:21 . 2013-06-01 03:21    --------    d-----w-    c:\program files\Adobe
2013-06-01 03:20 . 2013-06-01 03:21    --------    d-----w-    c:\program files\Common Files\Adobe
2013-06-01 03:19 . 2013-06-01 03:19    --------    d-----w-    c:\program files (x86)\Adobe Media Player
2013-06-01 03:14 . 2013-06-01 03:14    --------    d-----w-    c:\program files (x86)\Common Files\Adobe AIR
2013-06-01 03:10 . 2013-06-01 23:18    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2013-06-01 03:05 . 2013-06-01 03:06    --------    d-----w-    c:\program files\WinRAR
2013-05-31 08:23 . 2013-05-31 08:23    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-31 08:23 . 2013-05-31 08:23    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-31 08:23 . 2013-05-31 08:23    --------    d-----w-    c:\windows\SysWow64\Macromed
2013-05-31 08:23 . 2013-05-31 08:23    --------    d-----w-    c:\windows\system32\Macromed
2013-05-31 08:16 . 2009-09-05 00:29    1892184    ----a-w-    c:\windows\SysWow64\D3DX9_42.dll
2013-05-31 08:16 . 2006-09-28 23:05    2414360    ----a-w-    c:\windows\SysWow64\d3dx9_31.dll
2013-05-31 08:15 . 2013-05-31 08:15    --------    d-----w-    c:\program files (x86)\Common Files\PX Storage Engine
2013-05-31 08:15 . 2013-05-31 08:16    --------    d-----w-    c:\program files (x86)\Winamp
2013-05-31 08:15 . 2013-05-31 07:22    --------    d-----w-    c:\windows\Panther
2013-05-31 08:00 . 2013-05-31 08:00    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2013-05-31 08:00 . 2013-05-31 08:00    --------    d-----r-    c:\program files (x86)\Skype
2013-05-31 08:00 . 2013-05-31 08:01    --------    d-----w-    c:\programdata\Skype
2013-05-31 07:58 . 2013-05-14 08:48    9460464    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{35E345C3-78C0-470E-AEF5-8840F4B39479}\mpengine.dll
2013-05-31 07:57 . 2013-05-02 09:06    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-05-31 07:57 . 2008-07-31 17:41    68616    ----a-w-    c:\windows\SysWow64\XAPOFX1_1.dll
2013-05-31 07:57 . 2008-07-31 17:40    509448    ----a-w-    c:\windows\SysWow64\XAudio2_2.dll
2013-05-31 07:57 . 2008-07-12 15:18    467984    ----a-w-    c:\windows\SysWow64\d3dx10_39.dll
2013-05-31 07:57 . 2008-07-12 15:18    1493528    ----a-w-    c:\windows\SysWow64\D3DCompiler_39.dll
2013-05-31 07:57 . 2008-07-12 15:18    3851784    ----a-w-    c:\windows\SysWow64\D3DX9_39.dll
2013-05-31 07:57 . 2013-05-31 07:57    --------    d-sh--w-    c:\windows\SysWow64\AI_RecycleBin
2013-05-31 07:57 . 2013-05-31 07:57    --------    d-----w-    C:\Riot Games
2013-05-31 07:53 . 2013-06-16 22:31    --------    d-----w-    c:\programdata\PMB Files
2013-05-31 07:53 . 2013-05-31 07:53    --------    d-----w-    c:\program files (x86)\Pando Networks
2013-05-31 07:50 . 2013-06-01 03:04    --------    d-----w-    c:\program files (x86)\Foxit Software
2013-05-31 07:43 . 2012-06-02 22:19    2428952    ----a-w-    c:\windows\system32\wuaueng.dll
2013-05-31 07:43 . 2012-06-02 22:19    57880    ----a-w-    c:\windows\system32\wuauclt.exe
2013-05-31 07:43 . 2012-06-02 22:19    44056    ----a-w-    c:\windows\system32\wups2.dll
2013-05-31 07:43 . 2012-06-02 22:15    2622464    ----a-w-    c:\windows\system32\wucltux.dll
2013-05-31 07:43 . 2012-06-02 22:19    38424    ----a-w-    c:\windows\system32\wups.dll
2013-05-31 07:43 . 2012-06-02 22:19    701976    ----a-w-    c:\windows\system32\wuapi.dll
2013-05-31 07:43 . 2012-06-02 22:15    99840    ----a-w-    c:\windows\system32\wudriver.dll
2013-05-31 07:43 . 2012-06-02 22:19    186752    ----a-w-    c:\windows\system32\wuwebv.dll
2013-05-31 07:43 . 2012-06-02 22:15    36864    ----a-w-    c:\windows\system32\wuapp.exe
2013-05-31 07:41 . 2010-07-12 21:39    302080    ----a-w-    c:\windows\lwd.exe
2013-05-31 07:40 . 2010-05-29 14:58    15872    ----a-w-    c:\windows\system32\drivers\anodlwfx.sys
2013-05-31 07:40 . 2013-05-31 07:40    --------    d-----w-    c:\program files (x86)\D-Link
2013-05-31 07:40 . 2011-04-28 21:20    1617472    ----a-w-    c:\windows\system32\drivers\Dnetr28ux.sys
2013-05-31 07:40 . 2011-04-28 21:17    327008    ----a-w-    c:\windows\system32\RaCoInstx.dll
2013-05-31 07:38 . 2013-05-31 07:38    --------    d-----w-    c:\program files\ATI
2013-05-31 07:38 . 2010-05-20 10:30    16440    ----a-w-    c:\windows\system32\drivers\AtiPcie.sys
2013-05-31 07:37 . 2013-05-31 07:37    --------    d-----w-    c:\program files\ATI Technologies
2013-05-31 07:37 . 2013-06-15 09:05    --------    d--h--w-    c:\program files (x86)\InstallShield Installation Information
2013-05-31 07:36 . 2013-05-31 07:37    --------    d-----w-    c:\program files (x86)\VIA
2013-05-31 07:36 . 2007-04-11 10:35    414632    ------w-    c:\windows\difxapi.dll
2013-05-31 07:36 . 2013-05-31 07:36    --------    d-----w-    c:\program files (x86)\Common Files\InstallShield
2013-05-31 07:35 . 2013-05-31 07:35    --------    d-----w-    c:\program files (x86)\ASM104xUSB3
2013-05-31 07:35 . 2013-06-10 04:22    --------    d-sh--w-    c:\windows\Installer
2013-05-31 07:34 . 2009-04-02 15:30    10296    ----a-w-    c:\windows\SysWow64\drivers\ASUSHWIO.SYS
2013-05-31 07:34 . 2009-02-21 22:35    49152    ----a-w-    c:\windows\DAOD.exe
2013-05-31 07:22 . 2013-05-31 07:22    --------    d-----w-    c:\users\MICOSYS
2013-05-31 07:21 . 2013-05-31 07:21    --------    d-----w-    C:\Recovery
2013-05-31 07:19 . 2013-05-31 07:19    0    ----a-w-    c:\windows\ativpsrm.bin
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"D-Link D-Link DWA-125"="c:\program files (x86)\D-Link\DWA-125 revA\AirNCFG.exe" [2011-06-10 1074496]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-05 30264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040]
.
c:\users\MICOSYS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 08600064
*Deregistered* - 08600064
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-17 c:\windows\Tasks\Ctxiammuu.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\system32\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MICOSYS\AppData\Roaming\Mozilla\Firefox\Profiles\s0gnu2v7.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedia (es)
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-17  00:02:57
ComboFix-quarantined-files.txt  2013-06-17 07:02
.
Pre-Run: 868.232.040.448 bytes free
Post-Run: 868.201.836.544 bytes free
.
- - End Of File - - 2BC55DB60C3D8DDEC49CA56085B7EAD6
A36C5E4F47E84449FF07ED3517B43A31

 

 

 

 

 

TDSKILLER log:

 

23:33:27.0743 4512  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:33:28.0445 4512  ============================================================
23:33:28.0445 4512  Current date / time: 2013/06/16 23:33:28.0445
23:33:28.0445 4512  SystemInfo:
23:33:28.0445 4512  
23:33:28.0445 4512  OS Version: 6.1.7600 ServicePack: 0.0
23:33:28.0445 4512  Product type: Workstation
23:33:28.0445 4512  ComputerName: MICOSYS-PC
23:33:28.0445 4512  UserName: MICOSYS
23:33:28.0445 4512  Windows directory: C:\Windows
23:33:28.0445 4512  System windows directory: C:\Windows
23:33:28.0445 4512  Running under WOW64
23:33:28.0445 4512  Processor architecture: Intel x64
23:33:28.0445 4512  Number of processors: 6
23:33:28.0445 4512  Page size: 0x1000
23:33:28.0445 4512  Boot type: Normal boot
23:33:28.0445 4512  ============================================================
23:33:29.0147 4512  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:33:29.0147 4512  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:33:29.0162 4512  ============================================================
23:33:29.0162 4512  \Device\Harddisk0\DR0:
23:33:29.0162 4512  MBR partitions:
23:33:29.0162 4512  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:33:29.0162 4512  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
23:33:29.0162 4512  \Device\Harddisk1\DR1:
23:33:29.0162 4512  MBR partitions:
23:33:29.0162 4512  ============================================================
23:33:29.0178 4512  C: <-> \Device\Harddisk0\DR0\Partition2
23:33:29.0178 4512  ============================================================
23:33:29.0178 4512  Initialize success
23:33:29.0178 4512  ============================================================
23:33:30.0442 4004  ============================================================
23:33:30.0442 4004  Scan started
23:33:30.0442 4004  Mode: Manual;
23:33:30.0442 4004  ============================================================
23:33:31.0034 4004  ================ Scan system memory ========================
23:33:31.0034 4004  System memory - ok
23:33:31.0034 4004  ================ Scan services =============================
23:33:31.0112 4004  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:33:31.0112 4004  1394ohci - ok
23:33:31.0128 4004  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
23:33:31.0128 4004  ACPI - ok
23:33:31.0128 4004  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
23:33:31.0128 4004  AcpiPmi - ok
23:33:31.0190 4004  [ 4BC381316F422F3A5D5A957D3AA2224E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:33:31.0190 4004  Adobe LM Service - ok
23:33:31.0222 4004  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:33:31.0222 4004  adp94xx - ok
23:33:31.0237 4004  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:33:31.0253 4004  adpahci - ok
23:33:31.0253 4004  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:33:31.0253 4004  adpu320 - ok
23:33:31.0268 4004  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:33:31.0268 4004  AeLookupSvc - ok
23:33:31.0300 4004  [ B9384E03479D2506BC924C16A3DB87BC ] AFD             C:\Windows\system32\drivers\afd.sys
23:33:31.0300 4004  AFD - ok
23:33:31.0315 4004  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
23:33:31.0315 4004  agp440 - ok
23:33:31.0331 4004  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:33:31.0331 4004  ALG - ok
23:33:31.0331 4004  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
23:33:31.0331 4004  aliide - ok
23:33:31.0346 4004  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:33:31.0346 4004  amdide - ok
23:33:31.0346 4004  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:33:31.0346 4004  AmdK8 - ok
23:33:31.0346 4004  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:33:31.0346 4004  AmdPPM - ok
23:33:31.0362 4004  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:33:31.0362 4004  amdsata - ok
23:33:31.0378 4004  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:33:31.0378 4004  amdsbs - ok
23:33:31.0378 4004  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:33:31.0378 4004  amdxata - ok
23:33:31.0409 4004  [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf         C:\Windows\system32\DRIVERS\anodlwfx.sys
23:33:31.0409 4004  anodlwf - ok
23:33:31.0440 4004  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
23:33:31.0456 4004  AppID - ok
23:33:31.0471 4004  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:33:31.0471 4004  AppIDSvc - ok
23:33:31.0471 4004  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
23:33:31.0471 4004  Appinfo - ok
23:33:31.0502 4004  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:33:31.0502 4004  AppMgmt - ok
23:33:31.0518 4004  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:33:31.0518 4004  arc - ok
23:33:31.0518 4004  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:33:31.0518 4004  arcsas - ok
23:33:31.0549 4004  [ 22842362DF890F5492F85AA60916A697 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
23:33:31.0549 4004  asmthub3 - ok
23:33:31.0565 4004  [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
23:33:31.0565 4004  asmtxhci - ok
23:33:31.0580 4004  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:33:31.0580 4004  AsyncMac - ok
23:33:31.0596 4004  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
23:33:31.0596 4004  atapi - ok
23:33:31.0658 4004  [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:33:31.0705 4004  atikmdag - ok
23:33:31.0736 4004  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
23:33:31.0736 4004  AtiPcie - ok
23:33:31.0768 4004  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:33:31.0768 4004  AudioEndpointBuilder - ok
23:33:31.0783 4004  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:33:31.0783 4004  AudioSrv - ok
23:33:31.0799 4004  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:33:31.0799 4004  AxInstSV - ok
23:33:31.0814 4004  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:33:31.0830 4004  b06bdrv - ok
23:33:31.0846 4004  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:33:31.0846 4004  b57nd60a - ok
23:33:31.0861 4004  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:33:31.0861 4004  BDESVC - ok
23:33:31.0892 4004  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:33:31.0892 4004  Beep - ok
23:33:31.0939 4004  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
23:33:31.0939 4004  BFE - ok
23:33:31.0970 4004  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
23:33:31.0970 4004  BITS - ok
23:33:31.0986 4004  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:33:31.0986 4004  blbdrive - ok
23:33:32.0002 4004  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:33:32.0002 4004  bowser - ok
23:33:32.0017 4004  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:33:32.0017 4004  BrFiltLo - ok
23:33:32.0033 4004  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:33:32.0033 4004  BrFiltUp - ok
23:33:32.0048 4004  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
23:33:32.0048 4004  Browser - ok
23:33:32.0064 4004  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:33:32.0064 4004  Brserid - ok
23:33:32.0064 4004  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:33:32.0064 4004  BrSerWdm - ok
23:33:32.0064 4004  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:33:32.0064 4004  BrUsbMdm - ok
23:33:32.0080 4004  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:33:32.0080 4004  BrUsbSer - ok
23:33:32.0080 4004  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:33:32.0095 4004  BTHMODEM - ok
23:33:32.0111 4004  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:33:32.0111 4004  bthserv - ok
23:33:32.0126 4004  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:33:32.0126 4004  cdfs - ok
23:33:32.0158 4004  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:33:32.0158 4004  cdrom - ok
23:33:32.0189 4004  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:33:32.0189 4004  CertPropSvc - ok
23:33:32.0189 4004  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:33:32.0189 4004  circlass - ok
23:33:32.0204 4004  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:33:32.0204 4004  CLFS - ok
23:33:32.0236 4004  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:33:32.0236 4004  clr_optimization_v2.0.50727_32 - ok
23:33:32.0267 4004  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:33:32.0267 4004  clr_optimization_v2.0.50727_64 - ok
23:33:32.0282 4004  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:33:32.0282 4004  CmBatt - ok
23:33:32.0314 4004  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
23:33:32.0314 4004  cmdide - ok
23:33:32.0329 4004  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:33:32.0329 4004  CNG - ok
23:33:32.0329 4004  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:33:32.0329 4004  Compbatt - ok
23:33:32.0329 4004  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:33:32.0329 4004  CompositeBus - ok
23:33:32.0345 4004  COMSysApp - ok
23:33:32.0345 4004  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:33:32.0345 4004  crcdisk - ok
23:33:32.0360 4004  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:33:32.0360 4004  CryptSvc - ok
23:33:32.0376 4004  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
23:33:32.0376 4004  CSC - ok
23:33:32.0407 4004  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
23:33:32.0407 4004  CscService - ok
23:33:32.0438 4004  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:33:32.0454 4004  DcomLaunch - ok
23:33:32.0470 4004  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:33:32.0470 4004  defragsvc - ok
23:33:32.0501 4004  [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:33:32.0501 4004  DfsC - ok
23:33:32.0516 4004  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:33:32.0516 4004  Dhcp - ok
23:33:32.0516 4004  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:33:32.0516 4004  discache - ok
23:33:32.0532 4004  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:33:32.0532 4004  Disk - ok
23:33:32.0532 4004  [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:33:32.0548 4004  Dnscache - ok
23:33:32.0548 4004  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
23:33:32.0548 4004  dot3svc - ok
23:33:32.0563 4004  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
23:33:32.0563 4004  DPS - ok
23:33:32.0579 4004  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:33:32.0579 4004  drmkaud - ok
23:33:32.0610 4004  [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:33:32.0610 4004  DXGKrnl - ok
23:33:32.0657 4004  [ C062A2B158ED9C643D24F8E33A607C9F ] D_Link_DWA-125_WPS C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
23:33:32.0657 4004  D_Link_DWA-125_WPS - ok
23:33:32.0672 4004  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:33:32.0672 4004  EapHost - ok
23:33:32.0719 4004  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:33:32.0750 4004  ebdrv - ok
23:33:32.0766 4004  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
23:33:32.0766 4004  EFS - ok
23:33:32.0797 4004  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:33:32.0797 4004  ehRecvr - ok
23:33:32.0813 4004  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:33:32.0813 4004  ehSched - ok
23:33:32.0844 4004  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:33:32.0844 4004  elxstor - ok
23:33:32.0860 4004  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
23:33:32.0860 4004  ErrDev - ok
23:33:32.0891 4004  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:33:32.0891 4004  EventSystem - ok
23:33:32.0906 4004  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:33:32.0906 4004  exfat - ok
23:33:32.0906 4004  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:33:32.0906 4004  fastfat - ok
23:33:32.0938 4004  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
23:33:32.0938 4004  Fax - ok
23:33:32.0953 4004  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:33:32.0953 4004  fdc - ok
23:33:32.0953 4004  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:33:32.0953 4004  fdPHost - ok
23:33:32.0969 4004  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:33:32.0969 4004  FDResPub - ok
23:33:32.0984 4004  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:33:32.0984 4004  FileInfo - ok
23:33:32.0984 4004  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:33:33.0000 4004  Filetrace - ok
23:33:33.0000 4004  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:33:33.0000 4004  flpydisk - ok
23:33:33.0000 4004  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:33:33.0000 4004  FltMgr - ok
23:33:33.0016 4004  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll
23:33:33.0031 4004  FontCache - ok
23:33:33.0062 4004  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:33:33.0062 4004  FontCache3.0.0.0 - ok
23:33:33.0062 4004  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:33:33.0062 4004  FsDepends - ok
23:33:33.0078 4004  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:33:33.0078 4004  Fs_Rec - ok
23:33:33.0094 4004  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:33:33.0094 4004  fvevol - ok
23:33:33.0109 4004  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:33:33.0109 4004  gagp30kx - ok
23:33:33.0140 4004  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
23:33:33.0140 4004  gpsvc - ok
23:33:33.0156 4004  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:33:33.0156 4004  hcw85cir - ok
23:33:33.0172 4004  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:33:33.0172 4004  HdAudAddService - ok
23:33:33.0187 4004  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:33:33.0187 4004  HDAudBus - ok
23:33:33.0187 4004  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:33:33.0187 4004  HidBatt - ok
23:33:33.0187 4004  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:33:33.0187 4004  HidBth - ok
23:33:33.0203 4004  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:33:33.0203 4004  HidIr - ok
23:33:33.0218 4004  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:33:33.0218 4004  hidserv - ok
23:33:33.0250 4004  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:33:33.0250 4004  HidUsb - ok
23:33:33.0265 4004  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:33:33.0265 4004  hkmsvc - ok
23:33:33.0281 4004  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:33:33.0281 4004  HomeGroupListener - ok
23:33:33.0312 4004  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:33:33.0312 4004  HomeGroupProvider - ok
23:33:33.0359 4004  [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
23:33:33.0359 4004  HP LaserJet Service - ok
23:33:33.0374 4004  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
23:33:33.0374 4004  HpSAMD - ok
23:33:33.0374 4004  [ B557F0B6F3B22E6F67EE314B378DFAB2 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
23:33:33.0374 4004  HPSIService - ok
23:33:33.0390 4004  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:33:33.0406 4004  HTTP - ok
23:33:33.0406 4004  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:33:33.0406 4004  hwpolicy - ok
23:33:33.0421 4004  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:33:33.0437 4004  i8042prt - ok
23:33:33.0437 4004  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
23:33:33.0437 4004  iaStorV - ok
23:33:33.0484 4004  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:33:33.0484 4004  idsvc - ok
23:33:33.0484 4004  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:33:33.0484 4004  iirsp - ok
23:33:33.0530 4004  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
23:33:33.0530 4004  IKEEXT - ok
23:33:33.0546 4004  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
23:33:33.0546 4004  intelide - ok
23:33:33.0562 4004  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:33:33.0562 4004  intelppm - ok
23:33:33.0577 4004  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:33:33.0577 4004  IPBusEnum - ok
23:33:33.0593 4004  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:33:33.0593 4004  IpFilterDriver - ok
23:33:33.0608 4004  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:33:33.0608 4004  iphlpsvc - ok
23:33:33.0608 4004  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:33:33.0608 4004  IPMIDRV - ok
23:33:33.0624 4004  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:33:33.0624 4004  IPNAT - ok
23:33:33.0624 4004  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:33:33.0624 4004  IRENUM - ok
23:33:33.0640 4004  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
23:33:33.0640 4004  isapnp - ok
23:33:33.0655 4004  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:33:33.0655 4004  iScsiPrt - ok
23:33:33.0671 4004  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:33:33.0671 4004  kbdclass - ok
23:33:33.0671 4004  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:33:33.0671 4004  kbdhid - ok
23:33:33.0671 4004  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
23:33:33.0671 4004  KeyIso - ok
23:33:33.0686 4004  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:33:33.0686 4004  KSecDD - ok
23:33:33.0702 4004  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:33:33.0702 4004  KSecPkg - ok
23:33:33.0702 4004  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:33:33.0702 4004  ksthunk - ok
23:33:33.0718 4004  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:33:33.0733 4004  KtmRm - ok
23:33:33.0749 4004  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:33:33.0749 4004  LanmanServer - ok
23:33:33.0764 4004  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:33:33.0764 4004  LanmanWorkstation - ok
23:33:33.0780 4004  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:33:33.0780 4004  lltdio - ok
23:33:33.0811 4004  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:33:33.0811 4004  lltdsvc - ok
23:33:33.0827 4004  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:33:33.0827 4004  lmhosts - ok
23:33:33.0858 4004  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:33:33.0858 4004  LSI_FC - ok
23:33:33.0858 4004  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:33:33.0858 4004  LSI_SAS - ok
23:33:33.0858 4004  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:33:33.0858 4004  LSI_SAS2 - ok
23:33:33.0858 4004  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:33:33.0858 4004  LSI_SCSI - ok
23:33:33.0874 4004  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:33:33.0874 4004  luafv - ok
23:33:33.0889 4004  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:33:33.0889 4004  Mcx2Svc - ok
23:33:33.0936 4004  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:33:33.0952 4004  MDM - ok
23:33:33.0952 4004  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:33:33.0952 4004  megasas - ok
23:33:33.0952 4004  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:33:33.0952 4004  MegaSR - ok
23:33:33.0983 4004  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:33:33.0983 4004  MMCSS - ok
23:33:33.0983 4004  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:33:33.0983 4004  Modem - ok
23:33:34.0014 4004  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:33:34.0014 4004  monitor - ok
23:33:34.0030 4004  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:33:34.0030 4004  mouclass - ok
23:33:34.0045 4004  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:33:34.0045 4004  mouhid - ok
23:33:34.0045 4004  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:33:34.0045 4004  mountmgr - ok
23:33:34.0045 4004  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
23:33:34.0061 4004  mpio - ok
23:33:34.0061 4004  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:33:34.0061 4004  mpsdrv - ok
23:33:34.0076 4004  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:33:34.0092 4004  MpsSvc - ok
23:33:34.0108 4004  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:33:34.0108 4004  MRxDAV - ok
23:33:34.0108 4004  [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:34.0108 4004  mrxsmb - ok
23:33:34.0123 4004  [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:34.0123 4004  mrxsmb10 - ok
23:33:34.0139 4004  [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:34.0139 4004  mrxsmb20 - ok
23:33:34.0154 4004  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
23:33:34.0154 4004  msahci - ok
23:33:34.0154 4004  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
23:33:34.0154 4004  msdsm - ok
23:33:34.0170 4004  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:33:34.0170 4004  MSDTC - ok
23:33:34.0170 4004  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:33:34.0170 4004  Msfs - ok
23:33:34.0186 4004  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:33:34.0201 4004  mshidkmdf - ok
23:33:34.0201 4004  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
23:33:34.0201 4004  msisadrv - ok
23:33:34.0232 4004  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:33:34.0232 4004  MSiSCSI - ok
23:33:34.0232 4004  msiserver - ok
23:33:34.0248 4004  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:33:34.0248 4004  MSKSSRV - ok
23:33:34.0264 4004  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:34.0264 4004  MSPCLOCK - ok
23:33:34.0279 4004  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:33:34.0279 4004  MSPQM - ok
23:33:34.0295 4004  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:33:34.0295 4004  MsRPC - ok
23:33:34.0310 4004  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:34.0310 4004  mssmbios - ok
23:33:34.0310 4004  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:33:34.0310 4004  MSTEE - ok
23:33:34.0326 4004  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:33:34.0326 4004  MTConfig - ok
23:33:34.0357 4004  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
23:33:34.0357 4004  MTsensor - ok
23:33:34.0373 4004  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:33:34.0373 4004  Mup - ok
23:33:34.0388 4004  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
23:33:34.0388 4004  napagent - ok
23:33:34.0420 4004  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:33:34.0435 4004  NativeWifiP - ok
23:33:34.0451 4004  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:33:34.0451 4004  NDIS - ok
23:33:34.0466 4004  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:33:34.0466 4004  NdisCap - ok
23:33:34.0482 4004  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:34.0482 4004  NdisTapi - ok
23:33:34.0498 4004  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:34.0498 4004  Ndisuio - ok
23:33:34.0498 4004  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:34.0498 4004  NdisWan - ok
23:33:34.0513 4004  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:33:34.0513 4004  NDProxy - ok
23:33:34.0513 4004  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:33:34.0513 4004  NetBIOS - ok
23:33:34.0513 4004  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:33:34.0513 4004  NetBT - ok
23:33:34.0544 4004  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
23:33:34.0544 4004  Netlogon - ok
23:33:34.0576 4004  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:33:34.0576 4004  Netman - ok
23:33:34.0576 4004  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:33:34.0591 4004  netprofm - ok
23:33:34.0622 4004  [ D60945C192EC4A7C6455B11B0D7C4610 ] netr28ux        C:\Windows\system32\DRIVERS\Dnetr28ux.sys
23:33:34.0638 4004  netr28ux - ok
23:33:34.0654 4004  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:33:34.0654 4004  NetTcpPortSharing - ok
23:33:34.0685 4004  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:33:34.0685 4004  nfrd960 - ok
23:33:34.0716 4004  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:33:34.0716 4004  NlaSvc - ok
23:33:34.0716 4004  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:33:34.0716 4004  Npfs - ok
23:33:34.0732 4004  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:33:34.0732 4004  nsi - ok
23:33:34.0747 4004  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:33:34.0747 4004  nsiproxy - ok
23:33:34.0778 4004  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:33:34.0794 4004  Ntfs - ok
23:33:34.0794 4004  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:33:34.0794 4004  Null - ok
23:33:34.0810 4004  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
23:33:34.0810 4004  nvraid - ok
23:33:34.0810 4004  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
23:33:34.0810 4004  nvstor - ok
23:33:34.0825 4004  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
23:33:34.0841 4004  nv_agp - ok
23:33:34.0841 4004  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:33:34.0841 4004  ohci1394 - ok
23:33:34.0872 4004  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:33:34.0872 4004  ose - ok
23:33:34.0888 4004  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:33:34.0888 4004  p2pimsvc - ok
23:33:34.0919 4004  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:33:34.0919 4004  p2psvc - ok
23:33:34.0934 4004  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:33:34.0934 4004  Parport - ok
23:33:34.0950 4004  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:33:34.0950 4004  partmgr - ok
23:33:34.0966 4004  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:33:34.0966 4004  PcaSvc - ok
23:33:34.0966 4004  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
23:33:34.0966 4004  pci - ok
23:33:34.0981 4004  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
23:33:34.0981 4004  pciide - ok
23:33:34.0981 4004  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:33:34.0981 4004  pcmcia - ok
23:33:34.0997 4004  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:33:34.0997 4004  pcw - ok
23:33:35.0012 4004  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:33:35.0012 4004  PEAUTH - ok
23:33:35.0044 4004  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:33:35.0059 4004  PeerDistSvc - ok
23:33:35.0090 4004  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:33:35.0090 4004  PerfHost - ok
23:33:35.0122 4004  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
23:33:35.0137 4004  pla - ok
23:33:35.0153 4004  [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:33:35.0168 4004  PlugPlay - ok
23:33:35.0168 4004  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:33:35.0168 4004  PNRPAutoReg - ok
23:33:35.0184 4004  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:33:35.0200 4004  PNRPsvc - ok
23:33:35.0215 4004  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:33:35.0215 4004  PolicyAgent - ok
23:33:35.0231 4004  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:33:35.0231 4004  Power - ok
23:33:35.0262 4004  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:33:35.0262 4004  PptpMiniport - ok
23:33:35.0278 4004  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:33:35.0278 4004  Processor - ok
23:33:35.0293 4004  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
23:33:35.0293 4004  ProfSvc - ok
23:33:35.0309 4004  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
23:33:35.0309 4004  ProtectedStorage - ok
23:33:35.0324 4004  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:33:35.0324 4004  Psched - ok
23:33:35.0340 4004  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:33:35.0356 4004  ql2300 - ok
23:33:35.0356 4004  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:33:35.0356 4004  ql40xx - ok
23:33:35.0371 4004  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:33:35.0371 4004  QWAVE - ok
23:33:35.0387 4004  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:33:35.0387 4004  QWAVEdrv - ok
23:33:35.0402 4004  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:33:35.0402 4004  RasAcd - ok
23:33:35.0418 4004  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:33:35.0418 4004  RasAgileVpn - ok
23:33:35.0449 4004  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:33:35.0480 4004  RasAuto - ok
23:33:35.0496 4004  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:35.0527 4004  Rasl2tp - ok
23:33:35.0621 4004  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
23:33:35.0636 4004  RasMan - ok
23:33:35.0652 4004  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:35.0652 4004  RasPppoe - ok
23:33:35.0668 4004  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:33:35.0668 4004  RasSstp - ok
23:33:35.0668 4004  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:33:35.0668 4004  rdbss - ok
23:33:35.0683 4004  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:33:35.0683 4004  rdpbus - ok
23:33:35.0683 4004  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:35.0683 4004  RDPCDD - ok
23:33:35.0714 4004  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:33:35.0714 4004  RDPDR - ok
23:33:35.0730 4004  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:33:35.0730 4004  RDPENCDD - ok
23:33:35.0746 4004  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:33:35.0746 4004  RDPREFMP - ok
23:33:35.0746 4004  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:33:35.0746 4004  RDPWD - ok
23:33:35.0761 4004  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:33:35.0761 4004  rdyboost - ok
23:33:35.0777 4004  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:33:35.0792 4004  RemoteAccess - ok
23:33:35.0808 4004  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:33:35.0808 4004  RemoteRegistry - ok
23:33:35.0824 4004  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:33:35.0824 4004  RpcEptMapper - ok
23:33:35.0839 4004  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:33:35.0839 4004  RpcLocator - ok
23:33:35.0855 4004  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
23:33:35.0870 4004  RpcSs - ok
23:33:35.0886 4004  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:33:35.0886 4004  rspndr - ok
23:33:35.0886 4004  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
23:33:35.0886 4004  s3cap - ok
23:33:35.0902 4004  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
23:33:35.0902 4004  SamSs - ok
23:33:35.0902 4004  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
23:33:35.0917 4004  sbp2port - ok
23:33:35.0917 4004  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:33:35.0933 4004  SCardSvr - ok
23:33:35.0948 4004  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:33:35.0948 4004  scfilter - ok
23:33:35.0980 4004  [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule        C:\Windows\system32\schedsvc.dll
23:33:35.0980 4004  Schedule - ok
23:33:35.0995 4004  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:33:35.0995 4004  SCPolicySvc - ok
23:33:36.0011 4004  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:33:36.0011 4004  SDRSVC - ok
23:33:36.0042 4004  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:33:36.0042 4004  secdrv - ok
23:33:36.0042 4004  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
23:33:36.0042 4004  seclogon - ok
23:33:36.0058 4004  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:33:36.0058 4004  SENS - ok
23:33:36.0073 4004  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:33:36.0073 4004  SensrSvc - ok
23:33:36.0073 4004  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:33:36.0073 4004  Serenum - ok
23:33:36.0089 4004  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:33:36.0089 4004  Serial - ok
23:33:36.0104 4004  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:33:36.0104 4004  sermouse - ok
23:33:36.0120 4004  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
23:33:36.0136 4004  SessionEnv - ok
23:33:36.0136 4004  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:33:36.0136 4004  sffdisk - ok
23:33:36.0136 4004  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:33:36.0136 4004  sffp_mmc - ok
23:33:36.0136 4004  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:33:36.0136 4004  sffp_sd - ok
23:33:36.0136 4004  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:33:36.0136 4004  sfloppy - ok
23:33:36.0151 4004  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:33:36.0167 4004  SharedAccess - ok
23:33:36.0182 4004  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:33:36.0182 4004  ShellHWDetection - ok
23:33:36.0198 4004  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:33:36.0198 4004  SiSRaid2 - ok
23:33:36.0214 4004  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:33:36.0214 4004  SiSRaid4 - ok
23:33:36.0229 4004  [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:33:36.0229 4004  SkypeUpdate - ok
23:33:36.0245 4004  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:33:36.0260 4004  Smb - ok
23:33:36.0276 4004  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:33:36.0292 4004  SNMPTRAP - ok
23:33:36.0292 4004  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:33:36.0292 4004  spldr - ok
23:33:36.0307 4004  [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler         C:\Windows\System32\spoolsv.exe
23:33:36.0307 4004  Spooler - ok
23:33:36.0354 4004  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:33:36.0385 4004  sppsvc - ok
23:33:36.0416 4004  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:33:36.0416 4004  sppuinotify - ok
23:33:36.0479 4004  [ 88E5162E58C8919CC873F5D8946197CF ] sptd            C:\Windows\system32\Drivers\sptd.sys
23:33:36.0479 4004  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
23:33:36.0479 4004  sptd ( LockedFile.Multi.Generic ) - warning
23:33:36.0479 4004  sptd - detected LockedFile.Multi.Generic (1)
23:33:36.0510 4004  [ DE6F5658DA951C4BC8E498570B5B0D5F ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:33:36.0510 4004  srv - ok
23:33:36.0510 4004  [ 4D33D59C0B930C523D29F9BD40CDA9D2 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:33:36.0526 4004  srv2 - ok
23:33:36.0526 4004  [ 5A663FD67049267BC5C3F3279E631FFB ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:33:36.0526 4004  srvnet - ok
23:33:36.0557 4004  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:33:36.0557 4004  SSDPSRV - ok
23:33:36.0557 4004  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:33:36.0557 4004  SstpSvc - ok
23:33:36.0557 4004  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:33:36.0557 4004  stexstor - ok
23:33:36.0588 4004  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
23:33:36.0604 4004  stisvc - ok
23:33:36.0604 4004  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
23:33:36.0604 4004  storflt - ok
23:33:36.0619 4004  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
23:33:36.0619 4004  storvsc - ok
23:33:36.0619 4004  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:33:36.0619 4004  swenum - ok
23:33:36.0697 4004  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:33:36.0697 4004  SwitchBoard - ok
23:33:36.0728 4004  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:33:36.0744 4004  swprv - ok
23:33:36.0775 4004  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
23:33:36.0791 4004  SysMain - ok
23:33:36.0806 4004  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:33:36.0806 4004  TabletInputService - ok
23:33:36.0822 4004  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:33:36.0822 4004  TapiSrv - ok
23:33:36.0822 4004  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:33:36.0822 4004  TBS - ok
23:33:36.0869 4004  [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:33:36.0884 4004  Tcpip - ok
23:33:36.0916 4004  [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:33:36.0916 4004  TCPIP6 - ok
23:33:36.0916 4004  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:33:36.0916 4004  tcpipreg - ok
23:33:36.0947 4004  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:33:36.0947 4004  TDPIPE - ok
23:33:36.0947 4004  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:33:36.0947 4004  TDTCP - ok
23:33:36.0947 4004  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:33:36.0947 4004  tdx - ok
23:33:36.0962 4004  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:33:36.0962 4004  TermDD - ok
23:33:36.0978 4004  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
23:33:36.0994 4004  TermService - ok
23:33:36.0994 4004  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:33:36.0994 4004  Themes - ok
23:33:37.0009 4004  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:33:37.0009 4004  THREADORDER - ok
23:33:37.0009 4004  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:33:37.0009 4004  TrkWks - ok
23:33:37.0056 4004  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:33:37.0056 4004  TrustedInstaller - ok
23:33:37.0056 4004  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:37.0056 4004  tssecsrv - ok
23:33:37.0087 4004  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:33:37.0087 4004  tunnel - ok
23:33:37.0103 4004  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:33:37.0103 4004  uagp35 - ok
23:33:37.0103 4004  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:33:37.0103 4004  udfs - ok
23:33:37.0134 4004  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:33:37.0134 4004  UI0Detect - ok
23:33:37.0134 4004  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
23:33:37.0134 4004  uliagpkx - ok
23:33:37.0150 4004  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:33:37.0150 4004  umbus - ok
23:33:37.0165 4004  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:33:37.0165 4004  UmPass - ok
23:33:37.0165 4004  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:33:37.0165 4004  UmRdpService - ok
23:33:37.0181 4004  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:33:37.0181 4004  upnphost - ok
23:33:37.0181 4004  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:37.0181 4004  usbccgp - ok
23:33:37.0196 4004  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
23:33:37.0196 4004  usbcir - ok
23:33:37.0196 4004  [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:33:37.0196 4004  usbehci - ok
23:33:37.0196 4004  [ 372A91BC3C6603080A793880B0873785 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:33:37.0196 4004  usbhub - ok
23:33:37.0212 4004  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:33:37.0212 4004  usbohci - ok
23:33:37.0228 4004  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:33:37.0228 4004  usbprint - ok
23:33:37.0228 4004  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:37.0243 4004  USBSTOR - ok
23:33:37.0243 4004  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:33:37.0243 4004  usbuhci - ok
23:33:37.0243 4004  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:33:37.0243 4004  UxSms - ok
23:33:37.0259 4004  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
23:33:37.0259 4004  VaultSvc - ok
23:33:37.0274 4004  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
23:33:37.0274 4004  vdrvroot - ok
23:33:37.0290 4004  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
23:33:37.0290 4004  vds - ok
23:33:37.0306 4004  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:37.0306 4004  vga - ok
23:33:37.0306 4004  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:33:37.0321 4004  VgaSave - ok
23:33:37.0321 4004  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
23:33:37.0321 4004  vhdmp - ok
23:33:37.0368 4004  [ EECF5B7210D773F3501CEDA848D53D31 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
23:33:37.0368 4004  VIAHdAudAddService - ok
23:33:37.0399 4004  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
23:33:37.0399 4004  viaide - ok
23:33:37.0415 4004  [ 43412F74D9516EF87988F2397A9B8E78 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
23:33:37.0415 4004  VIAKaraokeService - ok
23:33:37.0430 4004  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
23:33:37.0430 4004  vmbus - ok
23:33:37.0430 4004  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
23:33:37.0430 4004  VMBusHID - ok
23:33:37.0446 4004  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
23:33:37.0446 4004  volmgr - ok
23:33:37.0462 4004  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:33:37.0462 4004  volmgrx - ok
23:33:37.0477 4004  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
23:33:37.0477 4004  volsnap - ok
23:33:37.0477 4004  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:33:37.0477 4004  vsmraid - ok
23:33:37.0508 4004  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
23:33:37.0524 4004  VSS - ok
23:33:37.0540 4004  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:33:37.0540 4004  vwifibus - ok
23:33:37.0555 4004  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:33:37.0555 4004  vwififlt - ok
23:33:37.0571 4004  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:33:37.0571 4004  W32Time - ok
23:33:37.0586 4004  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:33:37.0586 4004  WacomPen - ok
23:33:37.0602 4004  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:33:37.0602 4004  WANARP - ok
23:33:37.0602 4004  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:33:37.0602 4004  Wanarpv6 - ok
23:33:37.0649 4004  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
23:33:37.0664 4004  wbengine - ok
23:33:37.0664 4004  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:33:37.0664 4004  WbioSrvc - ok
23:33:37.0696 4004  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:33:37.0696 4004  wcncsvc - ok
23:33:37.0696 4004  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:33:37.0696 4004  WcsPlugInService - ok
23:33:37.0711 4004  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:33:37.0711 4004  Wd - ok
23:33:37.0727 4004  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:33:37.0727 4004  Wdf01000 - ok
23:33:37.0758 4004  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:33:37.0758 4004  WdiServiceHost - ok
23:33:37.0758 4004  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:33:37.0758 4004  WdiSystemHost - ok
23:33:37.0774 4004  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll
23:33:37.0774 4004  WebClient - ok
23:33:37.0789 4004  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:33:37.0789 4004  Wecsvc - ok
23:33:37.0789 4004  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:33:37.0805 4004  wercplsupport - ok
23:33:37.0805 4004  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:33:37.0820 4004  WerSvc - ok
23:33:37.0820 4004  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:33:37.0820 4004  WfpLwf - ok
23:33:37.0836 4004  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:33:37.0836 4004  WIMMount - ok
23:33:37.0836 4004  WinDefend - ok
23:33:37.0836 4004  WinHttpAutoProxySvc - ok
23:33:37.0883 4004  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:33:37.0883 4004  Winmgmt - ok
23:33:37.0914 4004  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:33:37.0930 4004  WinRM - ok
23:33:37.0961 4004  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:33:37.0976 4004  Wlansvc - ok
23:33:37.0992 4004  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:33:37.0992 4004  WmiAcpi - ok
23:33:38.0008 4004  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:33:38.0008 4004  wmiApSrv - ok
23:33:38.0023 4004  WMPNetworkSvc - ok
23:33:38.0054 4004  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:33:38.0054 4004  WPCSvc - ok
23:33:38.0054 4004  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:33:38.0054 4004  WPDBusEnum - ok
23:33:38.0070 4004  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:33:38.0070 4004  ws2ifsl - ok
23:33:38.0086 4004  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:33:38.0086 4004  wscsvc - ok
23:33:38.0086 4004  WSearch - ok
23:33:38.0132 4004  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:33:38.0148 4004  wuauserv - ok
23:33:38.0164 4004  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:33:38.0164 4004  WudfPf - ok
23:33:38.0195 4004  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:33:38.0195 4004  WUDFRd - ok
23:33:38.0210 4004  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:33:38.0210 4004  wudfsvc - ok
23:33:38.0226 4004  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:33:38.0226 4004  WwanSvc - ok
23:33:38.0242 4004  ================ Scan global ===============================
23:33:38.0257 4004  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:33:38.0288 4004  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
23:33:38.0288 4004  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
23:33:38.0304 4004  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:33:38.0320 4004  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:33:38.0320 4004  [Global] - ok
23:33:38.0320 4004  ================ Scan MBR ==================================
23:33:38.0335 4004  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:33:38.0569 4004  \Device\Harddisk0\DR0 - ok
23:33:38.0569 4004  [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk1\DR1
23:33:38.0569 4004  \Device\Harddisk1\DR1 - ok
23:33:38.0569 4004  ================ Scan VBR ==================================
23:33:38.0569 4004  [ 624853D03A828168542FD1F1BE94659A ] \Device\Harddisk0\DR0\Partition1
23:33:38.0569 4004  \Device\Harddisk0\DR0\Partition1 - ok
23:33:38.0585 4004  [ 4D213DD4CD5C4D1942E559B6921C617C ] \Device\Harddisk0\DR0\Partition2
23:33:38.0585 4004  \Device\Harddisk0\DR0\Partition2 - ok
23:33:38.0585 4004  ============================================================
23:33:38.0585 4004  Scan finished
23:33:38.0585 4004  ============================================================
23:33:38.0600 4800  Detected object count: 1
23:33:38.0600 4800  Actual detected object count: 1
23:33:50.0768 4800  sptd ( LockedFile.Multi.Generic ) - skipped by user
23:33:50.0768 4800  sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:33:53.0046 3144  ============================================================
23:33:53.0046 3144  Scan started
23:33:53.0046 3144  Mode: Manual;
23:33:53.0046 3144  ============================================================
23:33:53.0233 3144  ================ Scan system memory ========================
23:33:53.0233 3144  System memory - ok
23:33:53.0233 3144  ================ Scan services =============================
23:33:53.0296 3144  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
23:33:53.0296 3144  1394ohci - ok
23:33:53.0311 3144  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
23:33:53.0311 3144  ACPI - ok
23:33:53.0327 3144  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
23:33:53.0327 3144  AcpiPmi - ok
23:33:53.0358 3144  [ 4BC381316F422F3A5D5A957D3AA2224E ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:33:53.0358 3144  Adobe LM Service - ok
23:33:53.0374 3144  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:33:53.0374 3144  adp94xx - ok
23:33:53.0389 3144  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:33:53.0389 3144  adpahci - ok
23:33:53.0389 3144  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:33:53.0389 3144  adpu320 - ok
23:33:53.0405 3144  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:33:53.0405 3144  AeLookupSvc - ok
23:33:53.0405 3144  [ B9384E03479D2506BC924C16A3DB87BC ] AFD             C:\Windows\system32\drivers\afd.sys
23:33:53.0405 3144  AFD - ok
23:33:53.0420 3144  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
23:33:53.0420 3144  agp440 - ok
23:33:53.0436 3144  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:33:53.0436 3144  ALG - ok
23:33:53.0436 3144  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
23:33:53.0436 3144  aliide - ok
23:33:53.0452 3144  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:33:53.0452 3144  amdide - ok
23:33:53.0467 3144  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:33:53.0467 3144  AmdK8 - ok
23:33:53.0467 3144  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:33:53.0467 3144  AmdPPM - ok
23:33:53.0467 3144  [ 7A4B413614C055935567CF88A9734D38 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:33:53.0467 3144  amdsata - ok
23:33:53.0483 3144  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:33:53.0483 3144  amdsbs - ok
23:33:53.0483 3144  [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:33:53.0483 3144  amdxata - ok
23:33:53.0514 3144  [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf         C:\Windows\system32\DRIVERS\anodlwfx.sys
23:33:53.0514 3144  anodlwf - ok
23:33:53.0514 3144  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
23:33:53.0514 3144  AppID - ok
23:33:53.0530 3144  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:33:53.0530 3144  AppIDSvc - ok
23:33:53.0545 3144  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
23:33:53.0545 3144  Appinfo - ok
23:33:53.0545 3144  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:33:53.0545 3144  AppMgmt - ok
23:33:53.0561 3144  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:33:53.0561 3144  arc - ok
23:33:53.0561 3144  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:33:53.0576 3144  arcsas - ok
23:33:53.0576 3144  [ 22842362DF890F5492F85AA60916A697 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
23:33:53.0576 3144  asmthub3 - ok
23:33:53.0592 3144  [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
23:33:53.0592 3144  asmtxhci - ok
23:33:53.0608 3144  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:33:53.0608 3144  AsyncMac - ok
23:33:53.0608 3144  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
23:33:53.0608 3144  atapi - ok
23:33:53.0670 3144  [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:33:53.0686 3144  atikmdag - ok
23:33:53.0701 3144  [ C07A040D6B5A42DD41EE386CF90974C8 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
23:33:53.0701 3144  AtiPcie - ok
23:33:53.0717 3144  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:33:53.0717 3144  AudioEndpointBuilder - ok
23:33:53.0732 3144  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:33:53.0732 3144  AudioSrv - ok
23:33:53.0748 3144  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:33:53.0748 3144  AxInstSV - ok
23:33:53.0764 3144  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:33:53.0764 3144  b06bdrv - ok
23:33:53.0779 3144  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:33:53.0779 3144  b57nd60a - ok
23:33:53.0795 3144  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:33:53.0795 3144  BDESVC - ok
23:33:53.0795 3144  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:33:53.0795 3144  Beep - ok
23:33:53.0810 3144  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
23:33:53.0826 3144  BFE - ok
23:33:53.0842 3144  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
23:33:53.0842 3144  BITS - ok
23:33:53.0857 3144  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:33:53.0857 3144  blbdrive - ok
23:33:53.0857 3144  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:33:53.0857 3144  bowser - ok
23:33:53.0873 3144  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:33:53.0873 3144  BrFiltLo - ok
23:33:53.0873 3144  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:33:53.0873 3144  BrFiltUp - ok
23:33:53.0904 3144  [ 94FBC06F294D58D02361918418F996E3 ] Browser         C:\Windows\System32\browser.dll
23:33:53.0904 3144  Browser - ok
23:33:53.0920 3144  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:33:53.0920 3144  Brserid - ok
23:33:53.0920 3144  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:33:53.0920 3144  BrSerWdm - ok
23:33:53.0920 3144  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:33:53.0920 3144  BrUsbMdm - ok
23:33:53.0935 3144  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:33:53.0935 3144  BrUsbSer - ok
23:33:53.0935 3144  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:33:53.0935 3144  BTHMODEM - ok
23:33:53.0966 3144  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:33:53.0966 3144  bthserv - ok
23:33:53.0966 3144  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:33:53.0966 3144  cdfs - ok
23:33:53.0966 3144  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:33:53.0966 3144  cdrom - ok
23:33:53.0982 3144  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:33:53.0982 3144  CertPropSvc - ok
23:33:53.0982 3144  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:33:53.0982 3144  circlass - ok
23:33:53.0998 3144  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:33:53.0998 3144  CLFS - ok
23:33:54.0044 3144  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:33:54.0044 3144  clr_optimization_v2.0.50727_32 - ok
23:33:54.0076 3144  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:33:54.0076 3144  clr_optimization_v2.0.50727_64 - ok
23:33:54.0091 3144  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:33:54.0091 3144  CmBatt - ok
23:33:54.0107 3144  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
23:33:54.0107 3144  cmdide - ok
23:33:54.0107 3144  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:33:54.0122 3144  CNG - ok
23:33:54.0122 3144  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:33:54.0122 3144  Compbatt - ok
23:33:54.0122 3144  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
23:33:54.0122 3144  CompositeBus - ok
23:33:54.0122 3144  COMSysApp - ok
23:33:54.0154 3144  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:33:54.0154 3144  crcdisk - ok
23:33:54.0169 3144  [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:33:54.0169 3144  CryptSvc - ok
23:33:54.0169 3144  [ 4A6173C2279B498CD8F57CAE504564CB ] CSC             C:\Windows\system32\drivers\csc.sys
23:33:54.0169 3144  CSC - ok
23:33:54.0185 3144  [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService      C:\Windows\System32\cscsvc.dll
23:33:54.0185 3144  CscService - ok
23:33:54.0216 3144  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:33:54.0216 3144  DcomLaunch - ok
23:33:54.0232 3144  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:33:54.0232 3144  defragsvc - ok
23:33:54.0247 3144  [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:33:54.0247 3144  DfsC - ok
23:33:54.0263 3144  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:33:54.0263 3144  Dhcp - ok
23:33:54.0278 3144  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:33:54.0278 3144  discache - ok
23:33:54.0294 3144  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:33:54.0294 3144  Disk - ok
23:33:54.0294 3144  [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:33:54.0294 3144  Dnscache - ok
23:33:54.0310 3144  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
23:33:54.0310 3144  dot3svc - ok
23:33:54.0310 3144  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
23:33:54.0310 3144  DPS - ok
23:33:54.0341 3144  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:33:54.0341 3144  drmkaud - ok
23:33:54.0356 3144  [ EBCE0B0924835F635F620D19F0529DCE ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:33:54.0356 3144  DXGKrnl - ok
23:33:54.0388 3144  [ C062A2B158ED9C643D24F8E33A607C9F ] D_Link_DWA-125_WPS C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
23:33:54.0388 3144  D_Link_DWA-125_WPS - ok
23:33:54.0403 3144  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:33:54.0403 3144  EapHost - ok
23:33:54.0466 3144  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:33:54.0466 3144  ebdrv - ok
23:33:54.0497 3144  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
23:33:54.0497 3144  EFS - ok
23:33:54.0528 3144  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:33:54.0528 3144  ehRecvr - ok
23:33:54.0544 3144  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:33:54.0544 3144  ehSched - ok
23:33:54.0559 3144  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:33:54.0559 3144  elxstor - ok
23:33:54.0575 3144  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
23:33:54.0575 3144  ErrDev - ok
23:33:54.0606 3144  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:33:54.0606 3144  EventSystem - ok
23:33:54.0622 3144  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:33:54.0622 3144  exfat - ok
23:33:54.0622 3144  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:33:54.0622 3144  fastfat - ok
23:33:54.0637 3144  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
23:33:54.0653 3144  Fax - ok
23:33:54.0653 3144  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:33:54.0653 3144  fdc - ok
23:33:54.0653 3144  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:33:54.0653 3144  fdPHost - ok
23:33:54.0668 3144  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:33:54.0668 3144  FDResPub - ok
23:33:54.0668 3144  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:33:54.0668 3144  FileInfo - ok
23:33:54.0684 3144  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:33:54.0684 3144  Filetrace - ok
23:33:54.0684 3144  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:33:54.0684 3144  flpydisk - ok
23:33:54.0700 3144  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:33:54.0700 3144  FltMgr - ok
23:33:54.0715 3144  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache       C:\Windows\system32\FntCache.dll
23:33:54.0731 3144  FontCache - ok
23:33:54.0746 3144  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:33:54.0746 3144  FontCache3.0.0.0 - ok
23:33:54.0762 3144  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:33:54.0762 3144  FsDepends - ok
23:33:54.0778 3144  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:33:54.0778 3144  Fs_Rec - ok
23:33:54.0778 3144  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:33:54.0778 3144  fvevol - ok
23:33:54.0793 3144  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:33:54.0793 3144  gagp30kx - ok
23:33:54.0809 3144  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
23:33:54.0824 3144  gpsvc - ok
23:33:54.0840 3144  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:33:54.0840 3144  hcw85cir - ok
23:33:54.0856 3144  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:33:54.0856 3144  HdAudAddService - ok
23:33:54.0856 3144  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:33:54.0856 3144  HDAudBus - ok
23:33:54.0871 3144  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:33:54.0871 3144  HidBatt - ok
23:33:54.0871 3144  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:33:54.0871 3144  HidBth - ok
23:33:54.0887 3144  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:33:54.0887 3144  HidIr - ok
23:33:54.0887 3144  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:33:54.0887 3144  hidserv - ok
23:33:54.0902 3144  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:33:54.0902 3144  HidUsb - ok
23:33:54.0918 3144  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:33:54.0934 3144  hkmsvc - ok
23:33:54.0949 3144  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:33:54.0949 3144  HomeGroupListener - ok
23:33:54.0965 3144  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:33:54.0965 3144  HomeGroupProvider - ok
23:33:54.0996 3144  [ 53DCA61931847E35C950504BFB7559C6 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
23:33:54.0996 3144  HP LaserJet Service - ok
23:33:54.0996 3144  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
23:33:54.0996 3144  HpSAMD - ok
23:33:55.0012 3144  [ B557F0B6F3B22E6F67EE314B378DFAB2 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
23:33:55.0012 3144  HPSIService - ok
23:33:55.0027 3144  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:33:55.0027 3144  HTTP - ok
23:33:55.0043 3144  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:33:55.0043 3144  hwpolicy - ok
23:33:55.0058 3144  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
23:33:55.0058 3144  i8042prt - ok
23:33:55.0058 3144  [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
23:33:55.0058 3144  iaStorV - ok
23:33:55.0105 3144  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:33:55.0105 3144  idsvc - ok
23:33:55.0105 3144  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:33:55.0105 3144  iirsp - ok
23:33:55.0136 3144  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
23:33:55.0136 3144  IKEEXT - ok
23:33:55.0152 3144  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
23:33:55.0152 3144  intelide - ok
23:33:55.0168 3144  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:33:55.0168 3144  intelppm - ok
23:33:55.0183 3144  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:33:55.0183 3144  IPBusEnum - ok
23:33:55.0183 3144  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:33:55.0183 3144  IpFilterDriver - ok
23:33:55.0199 3144  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:33:55.0199 3144  iphlpsvc - ok
23:33:55.0214 3144  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:33:55.0214 3144  IPMIDRV - ok
23:33:55.0214 3144  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:33:55.0230 3144  IPNAT - ok
23:33:55.0230 3144  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:33:55.0230 3144  IRENUM - ok
23:33:55.0230 3144  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
23:33:55.0230 3144  isapnp - ok
23:33:55.0246 3144  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
23:33:55.0246 3144  iScsiPrt - ok
23:33:55.0261 3144  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:33:55.0261 3144  kbdclass - ok
23:33:55.0261 3144  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:33:55.0261 3144  kbdhid - ok
23:33:55.0277 3144  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
23:33:55.0277 3144  KeyIso - ok
23:33:55.0277 3144  [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:33:55.0277 3144  KSecDD - ok
23:33:55.0277 3144  [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:33:55.0277 3144  KSecPkg - ok
23:33:55.0292 3144  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:33:55.0292 3144  ksthunk - ok
23:33:55.0308 3144  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:33:55.0308 3144  KtmRm - ok
23:33:55.0324 3144  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:33:55.0339 3144  LanmanServer - ok
23:33:55.0339 3144  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:33:55.0339 3144  LanmanWorkstation - ok
23:33:55.0339 3144  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:33:55.0339 3144  lltdio - ok
23:33:55.0370 3144  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:33:55.0370 3144  lltdsvc - ok
23:33:55.0386 3144  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:33:55.0386 3144  lmhosts - ok
23:33:55.0402 3144  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:33:55.0402 3144  LSI_FC - ok
23:33:55.0402 3144  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:33:55.0402 3144  LSI_SAS - ok
23:33:55.0402 3144  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:33:55.0402 3144  LSI_SAS2 - ok
23:33:55.0417 3144  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:33:55.0417 3144  LSI_SCSI - ok
23:33:55.0417 3144  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:33:55.0417 3144  luafv - ok
23:33:55.0433 3144  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:33:55.0433 3144  Mcx2Svc - ok
23:33:55.0480 3144  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:33:55.0480 3144  MDM - ok
23:33:55.0480 3144  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:33:55.0480 3144  megasas - ok
23:33:55.0480 3144  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:33:55.0480 3144  MegaSR - ok
23:33:55.0495 3144  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:33:55.0495 3144  MMCSS - ok
23:33:55.0511 3144  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:33:55.0511 3144  Modem - ok
23:33:55.0526 3144  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:33:55.0526 3144  monitor - ok
23:33:55.0526 3144  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:33:55.0526 3144  mouclass - ok
23:33:55.0526 3144  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:33:55.0526 3144  mouhid - ok
23:33:55.0542 3144  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:33:55.0542 3144  mountmgr - ok
23:33:55.0558 3144  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
23:33:55.0558 3144  mpio - ok
23:33:55.0558 3144  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:33:55.0558 3144  mpsdrv - ok
23:33:55.0573 3144  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:33:55.0589 3144  MpsSvc - ok
23:33:55.0589 3144  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:33:55.0589 3144  MRxDAV - ok
23:33:55.0589 3144  [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:55.0589 3144  mrxsmb - ok
23:33:55.0604 3144  [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:55.0604 3144  mrxsmb10 - ok
23:33:55.0604 3144  [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:55.0604 3144  mrxsmb20 - ok
23:33:55.0620 3144  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
23:33:55.0620 3144  msahci - ok
23:33:55.0620 3144  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
23:33:55.0620 3144  msdsm - ok
23:33:55.0636 3144  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:33:55.0636 3144  MSDTC - ok
23:33:55.0636 3144  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:33:55.0636 3144  Msfs - ok
23:33:55.0651 3144  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:33:55.0651 3144  mshidkmdf - ok
23:33:55.0667 3144  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
23:33:55.0667 3144  msisadrv - ok
23:33:55.0682 3144  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:33:55.0682 3144  MSiSCSI - ok
23:33:55.0682 3144  msiserver - ok
23:33:55.0698 3144  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:33:55.0698 3144  MSKSSRV - ok
23:33:55.0714 3144  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:55.0714 3144  MSPCLOCK - ok
23:33:55.0729 3144  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:33:55.0729 3144  MSPQM - ok
23:33:55.0729 3144  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:33:55.0745 3144  MsRPC - ok
23:33:55.0745 3144  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:55.0745 3144  mssmbios - ok
23:33:55.0760 3144  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:33:55.0760 3144  MSTEE - ok
23:33:55.0776 3144  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:33:55.0776 3144  MTConfig - ok
23:33:55.0792 3144  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
23:33:55.0792 3144  MTsensor - ok
23:33:55.0792 3144  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:33:55.0792 3144  Mup - ok
23:33:55.0807 3144  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
23:33:55.0807 3144  napagent - ok
23:33:55.0823 3144  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:33:55.0823 3144  NativeWifiP - ok
23:33:55.0838 3144  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:33:55.0838 3144  NDIS - ok
23:33:55.0854 3144  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:33:55.0854 3144  NdisCap - ok
23:33:55.0870 3144  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:55.0870 3144  NdisTapi - ok
23:33:55.0885 3144  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:55.0885 3144  Ndisuio - ok
23:33:55.0885 3144  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:55.0901 3144  NdisWan - ok
23:33:55.0901 3144  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:33:55.0901 3144  NDProxy - ok
23:33:55.0901 3144  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:33:55.0901 3144  NetBIOS - ok
23:33:55.0901 3144  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:33:55.0901 3144  NetBT - ok
23:33:55.0916 3144  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
23:33:55.0916 3144  Netlogon - ok
23:33:55.0948 3144  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:33:55.0948 3144  Netman - ok
23:33:55.0948 3144  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:33:55.0948 3144  netprofm - ok
23:33:56.0010 3144  [ D60945C192EC4A7C6455B11B0D7C4610 ] netr28ux        C:\Windows\system32\DRIVERS\Dnetr28ux.sys
23:33:56.0010 3144  netr28ux - ok
23:33:56.0041 3144  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:33:56.0041 3144  NetTcpPortSharing - ok
23:33:56.0057 3144  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:33:56.0057 3144  nfrd960 - ok
23:33:56.0072 3144  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:33:56.0072 3144  NlaSvc - ok
23:33:56.0072 3144  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:33:56.0072 3144  Npfs - ok
23:33:56.0088 3144  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:33:56.0088 3144  nsi - ok
23:33:56.0088 3144  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:33:56.0088 3144  nsiproxy - ok
23:33:56.0119 3144  [ 356698A13C4630D5B31C37378D469196 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:33:56.0119 3144  Ntfs - ok
23:33:56.0135 3144  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:33:56.0135 3144  Null - ok
23:33:56.0135 3144  [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
23:33:56.0135 3144  nvraid - ok
23:33:56.0150 3144  [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
23:33:56.0150 3144  nvstor - ok
23:33:56.0150 3144  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
23:33:56.0150 3144  nv_agp - ok
23:33:56.0166 3144  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
23:33:56.0166 3144  ohci1394 - ok
23:33:56.0182 3144  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:33:56.0182 3144  ose - ok
23:33:56.0213 3144  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:33:56.0213 3144  p2pimsvc - ok
23:33:56.0228 3144  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:33:56.0228 3144  p2psvc - ok
23:33:56.0244 3144  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:33:56.0244 3144  Parport - ok
23:33:56.0260 3144  [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:33:56.0260 3144  partmgr - ok
23:33:56.0275 3144  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:33:56.0275 3144  PcaSvc - ok
23:33:56.0275 3144  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
23:33:56.0275 3144  pci - ok
23:33:56.0275 3144  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
23:33:56.0275 3144  pciide - ok
23:33:56.0291 3144  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:33:56.0291 3144  pcmcia - ok
23:33:56.0291 3144  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:33:56.0291 3144  pcw - ok
23:33:56.0306 3144  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:33:56.0306 3144  PEAUTH - ok
23:33:56.0322 3144  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:33:56.0338 3144  PeerDistSvc - ok
23:33:56.0369 3144  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:33:56.0369 3144  PerfHost - ok
23:33:56.0400 3144  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
23:33:56.0416 3144  pla - ok
23:33:56.0447 3144  [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:33:56.0447 3144  PlugPlay - ok
23:33:56.0462 3144  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:33:56.0462 3144  PNRPAutoReg - ok
23:33:56.0478 3144  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:33:56.0478 3144  PNRPsvc - ok
23:33:56.0509 3144  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:33:56.0509 3144  PolicyAgent - ok
23:33:56.0525 3144  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:33:56.0525 3144  Power - ok
23:33:56.0540 3144  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:33:56.0540 3144  PptpMiniport - ok
23:33:56.0556 3144  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:33:56.0556 3144  Processor - ok
23:33:56.0587 3144  [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc         C:\Windows\system32\profsvc.dll
23:33:56.0587 3144  ProfSvc - ok
23:33:56.0587 3144  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
23:33:56.0587 3144  ProtectedStorage - ok
23:33:56.0587 3144  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:33:56.0587 3144  Psched - ok
23:33:56.0603 3144  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:33:56.0618 3144  ql2300 - ok
23:33:56.0618 3144  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:33:56.0618 3144  ql40xx - ok
23:33:56.0634 3144  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:33:56.0634 3144  QWAVE - ok
23:33:56.0650 3144  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:33:56.0650 3144  QWAVEdrv - ok
23:33:56.0665 3144  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:33:56.0665 3144  RasAcd - ok
23:33:56.0681 3144  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:33:56.0681 3144  RasAgileVpn - ok
23:33:56.0696 3144  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:33:56.0696 3144  RasAuto - ok
23:33:56.0696 3144  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:56.0696 3144  Rasl2tp - ok
23:33:56.0728 3144  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
23:33:56.0728 3144  RasMan - ok
23:33:56.0728 3144  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:56.0728 3144  RasPppoe - ok
23:33:56.0728 3144  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:33:56.0728 3144  RasSstp - ok
23:33:56.0743 3144  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:33:56.0743 3144  rdbss - ok
23:33:56.0743 3144  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:33:56.0743 3144  rdpbus - ok
23:33:56.0759 3144  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:56.0759 3144  RDPCDD - ok
23:33:56.0774 3144  [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:33:56.0774 3144  RDPDR - ok
23:33:56.0790 3144  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:33:56.0790 3144  RDPENCDD - ok
23:33:56.0806 3144  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:33:56.0806 3144  RDPREFMP - ok
23:33:56.0806 3144  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:33:56.0806 3144  RDPWD - ok
23:33:56.0821 3144  [ 634B9A2181D98F15941236886164EC8B ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:33:56.0821 3144  rdyboost - ok
23:33:56.0837 3144  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:33:56.0837 3144  RemoteAccess - ok
23:33:56.0868 3144  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:33:56.0868 3144  RemoteRegistry - ok
23:33:56.0884 3144  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:33:56.0884 3144  RpcEptMapper - ok
23:33:56.0899 3144  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:33:56.0899 3144  RpcLocator - ok
23:33:56.0915 3144  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
23:33:56.0915 3144  RpcSs - ok
23:33:56.0930 3144  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:33:56.0930 3144  rspndr - ok
23:33:56.0946 3144  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
23:33:56.0946 3144  s3cap - ok
23:33:56.0946 3144  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
23:33:56.0962 3144  SamSs - ok
23:33:56.0962 3144  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
23:33:56.0962 3144  sbp2port - ok
23:33:56.0977 3144  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:33:56.0977 3144  SCardSvr - ok
23:33:56.0993 3144  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:33:56.0993 3144  scfilter - ok
23:33:57.0008 3144  [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule        C:\Windows\system32\schedsvc.dll
23:33:57.0024 3144  Schedule - ok
23:33:57.0040 3144  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:33:57.0040 3144  SCPolicySvc - ok
23:33:57.0055 3144  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:33:57.0055 3144  SDRSVC - ok
23:33:57.0071 3144  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:33:57.0071 3144  secdrv - ok
23:33:57.0071 3144  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
23:33:57.0071 3144  seclogon - ok
23:33:57.0086 3144  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:33:57.0086 3144  SENS - ok
23:33:57.0102 3144  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:33:57.0102 3144  SensrSvc - ok
23:33:57.0118 3144  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:33:57.0118 3144  Serenum - ok
23:33:57.0133 3144  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:33:57.0133 3144  Serial - ok
23:33:57.0133 3144  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:33:57.0133 3144  sermouse - ok
23:33:57.0164 3144  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
23:33:57.0164 3144  SessionEnv - ok
23:33:57.0164 3144  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
23:33:57.0164 3144  sffdisk - ok
23:33:57.0164 3144  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:33:57.0164 3144  sffp_mmc - ok
23:33:57.0164 3144  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
23:33:57.0164 3144  sffp_sd - ok
23:33:57.0164 3144  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:33:57.0164 3144  sfloppy - ok
23:33:57.0196 3144  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:33:57.0196 3144  SharedAccess - ok
23:33:57.0227 3144  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:33:57.0227 3144  ShellHWDetection - ok
23:33:57.0227 3144  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:33:57.0227 3144  SiSRaid2 - ok
23:33:57.0227 3144  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:33:57.0227 3144  SiSRaid4 - ok
23:33:57.0258 3144  [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:33:57.0258 3144  SkypeUpdate - ok
23:33:57.0258 3144  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:33:57.0258 3144  Smb - ok
23:33:57.0274 3144  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:33:57.0274 3144  SNMPTRAP - ok
23:33:57.0274 3144  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:33:57.0274 3144  spldr - ok
23:33:57.0289 3144  [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler         C:\Windows\System32\spoolsv.exe
23:33:57.0289 3144  Spooler - ok
23:33:57.0336 3144  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:33:57.0352 3144  sppsvc - ok
23:33:57.0367 3144  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:33:57.0367 3144  sppuinotify - ok
23:33:57.0414 3144  [ 88E5162E58C8919CC873F5D8946197CF ] sptd            C:\Windows\system32\Drivers\sptd.sys
23:33:57.0414 3144  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
23:33:57.0414 3144  sptd ( LockedFile.Multi.Generic ) - warning
23:33:57.0414 3144  sptd - detected LockedFile.Multi.Generic (1)
23:33:57.0445 3144  [ DE6F5658DA951C4BC8E498570B5B0D5F ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:33:57.0445 3144  srv - ok
23:33:57.0445 3144  [ 4D33D59C0B930C523D29F9BD40CDA9D2 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:33:57.0461 3144  srv2 - ok
23:33:57.0461 3144  [ 5A663FD67049267BC5C3F3279E631FFB ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:33:57.0461 3144  srvnet - ok
23:33:57.0476 3144  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:33:57.0476 3144  SSDPSRV - ok
23:33:57.0492 3144  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:33:57.0492 3144  SstpSvc - ok
23:33:57.0492 3144  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:33:57.0492 3144  stexstor - ok
23:33:57.0523 3144  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
23:33:57.0523 3144  stisvc - ok
23:33:57.0539 3144  [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
23:33:57.0539 3144  storflt - ok
23:33:57.0539 3144  [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
23:33:57.0539 3144  storvsc - ok
23:33:57.0554 3144  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
23:33:57.0554 3144  swenum - ok
23:33:57.0617 3144  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:33:57.0617 3144  SwitchBoard - ok
23:33:57.0632 3144  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:33:57.0632 3144  swprv - ok
23:33:57.0664 3144  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
23:33:57.0679 3144  SysMain - ok
23:33:57.0710 3144  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:33:57.0710 3144  TabletInputService - ok
23:33:57.0726 3144  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:33:57.0726 3144  TapiSrv - ok
23:33:57.0742 3144  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:33:57.0742 3144  TBS - ok
23:33:57.0773 3144  [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:33:57.0788 3144  Tcpip - ok
23:33:57.0804 3144  [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:33:57.0804 3144  TCPIP6 - ok
23:33:57.0820 3144  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:33:57.0820 3144  tcpipreg - ok
23:33:57.0835 3144  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:33:57.0835 3144  TDPIPE - ok
23:33:57.0851 3144  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:33:57.0851 3144  TDTCP - ok
23:33:57.0851 3144  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:33:57.0851 3144  tdx - ok
23:33:57.0851 3144  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
23:33:57.0851 3144  TermDD - ok
23:33:57.0882 3144  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
23:33:57.0882 3144  TermService - ok
23:33:57.0898 3144  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:33:57.0898 3144  Themes - ok
23:33:57.0898 3144  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:33:57.0898 3144  THREADORDER - ok
23:33:57.0913 3144  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:33:57.0913 3144  TrkWks - ok
23:33:57.0976 3144  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:33:57.0976 3144  TrustedInstaller - ok
23:33:57.0976 3144  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:57.0976 3144  tssecsrv - ok
23:33:57.0991 3144  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:33:57.0991 3144  tunnel - ok
23:33:57.0991 3144  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:33:57.0991 3144  uagp35 - ok
23:33:58.0007 3144  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:33:58.0007 3144  udfs - ok
23:33:58.0022 3144  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:33:58.0022 3144  UI0Detect - ok
23:33:58.0022 3144  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
23:33:58.0022 3144  uliagpkx - ok
23:33:58.0038 3144  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:33:58.0038 3144  umbus - ok
23:33:58.0038 3144  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:33:58.0038 3144  UmPass - ok
23:33:58.0054 3144  [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:33:58.0054 3144  UmRdpService - ok
23:33:58.0054 3144  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:33:58.0054 3144  upnphost - ok
23:33:58.0069 3144  [ B26AFB54A534D634523C4FB66765B026 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:58.0069 3144  usbccgp - ok
23:33:58.0069 3144  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
23:33:58.0069 3144  usbcir - ok
23:33:58.0069 3144  [ DF9F9AFC9AAABD8ED47975D44E38169A ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:33:58.0069 3144  usbehci - ok
23:33:58.0085 3144  [ 372A91BC3C6603080A793880B0873785 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:33:58.0085 3144  usbhub - ok
23:33:58.0100 3144  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:33:58.0100 3144  usbohci - ok
23:33:58.0100 3144  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:33:58.0100 3144  usbprint - ok
23:33:58.0100 3144  [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:58.0116 3144  USBSTOR - ok
23:33:58.0116 3144  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
23:33:58.0116 3144  usbuhci - ok
23:33:58.0116 3144  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:33:58.0116 3144  UxSms - ok
23:33:58.0132 3144  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
23:33:58.0132 3144  VaultSvc - ok
23:33:58.0147 3144  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
23:33:58.0147 3144  vdrvroot - ok
23:33:58.0163 3144  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
23:33:58.0163 3144  vds - ok
23:33:58.0163 3144  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:58.0163 3144  vga - ok
23:33:58.0178 3144  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:33:58.0178 3144  VgaSave - ok
23:33:58.0178 3144  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
23:33:58.0178 3144  vhdmp - ok
23:33:58.0225 3144  [ EECF5B7210D773F3501CEDA848D53D31 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
23:33:58.0225 3144  VIAHdAudAddService - ok
23:33:58.0256 3144  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
23:33:58.0256 3144  viaide - ok
23:33:58.0272 3144  [ 43412F74D9516EF87988F2397A9B8E78 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
23:33:58.0272 3144  VIAKaraokeService - ok
23:33:58.0288 3144  [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
23:33:58.0288 3144  vmbus - ok
23:33:58.0288 3144  [ AE10C35761889E65A6F7176937C5592C ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
23:33:58.0288 3144  VMBusHID - ok
23:33:58.0303 3144  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
23:33:58.0303 3144  volmgr - ok
23:33:58.0303 3144  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:33:58.0303 3144  volmgrx - ok
23:33:58.0319 3144  [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
23:33:58.0319 3144  volsnap - ok
23:33:58.0319 3144  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:33:58.0319 3144  vsmraid - ok
23:33:58.0350 3144  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
23:33:58.0350 3144  VSS - ok
23:33:58.0366 3144  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:33:58.0366 3144  vwifibus - ok
23:33:58.0381 3144  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:33:58.0381 3144  vwififlt - ok
23:33:58.0397 3144  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:33:58.0397 3144  W32Time - ok
23:33:58.0412 3144  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:33:58.0412 3144  WacomPen - ok
23:33:58.0428 3144  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:33:58.0428 3144  WANARP - ok
23:33:58.0428 3144  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:33:58.0428 3144  Wanarpv6 - ok
23:33:58.0459 3144  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
23:33:58.0459 3144  wbengine - ok
23:33:58.0490 3144  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:33:58.0490 3144  WbioSrvc - ok
23:33:58.0506 3144  [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:33:58.0506 3144  wcncsvc - ok
23:33:58.0506 3144  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:33:58.0506 3144  WcsPlugInService - ok
23:33:58.0522 3144  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:33:58.0522 3144  Wd - ok
23:33:58.0522 3144  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:33:58.0537 3144  Wdf01000 - ok
23:33:58.0537 3144  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:33:58.0537 3144  WdiServiceHost - ok
23:33:58.0537 3144  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:33:58.0537 3144  WdiSystemHost - ok
23:33:58.0553 3144  [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient       C:\Windows\System32\webclnt.dll
23:33:58.0553 3144  WebClient - ok
23:33:58.0584 3144  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:33:58.0584 3144  Wecsvc - ok
23:33:58.0600 3144  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:33:58.0600 3144  wercplsupport - ok
23:33:58.0600 3144  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:33:58.0600 3144  WerSvc - ok
23:33:58.0615 3144  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:33:58.0615 3144  WfpLwf - ok
23:33:58.0631 3144  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:33:58.0631 3144  WIMMount - ok
23:33:58.0631 3144  WinDefend - ok
23:33:58.0646 3144  WinHttpAutoProxySvc - ok
23:33:58.0678 3144  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:33:58.0678 3144  Winmgmt - ok
23:33:58.0709 3144  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:33:58.0724 3144  WinRM - ok
23:33:58.0756 3144  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:33:58.0756 3144  Wlansvc - ok
23:33:58.0787 3144  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
23:33:58.0787 3144  WmiAcpi - ok
23:33:58.0802 3144  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:33:58.0802 3144  wmiApSrv - ok
23:33:58.0818 3144  WMPNetworkSvc - ok
23:33:58.0834 3144  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:33:58.0834 3144  WPCSvc - ok
23:33:58.0834 3144  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:33:58.0849 3144  WPDBusEnum - ok
23:33:58.0849 3144  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:33:58.0849 3144  ws2ifsl - ok
23:33:58.0865 3144  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:33:58.0865 3144  wscsvc - ok
23:33:58.0865 3144  WSearch - ok
23:33:58.0912 3144  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:33:58.0912 3144  wuauserv - ok
23:33:58.0943 3144  [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:33:58.0943 3144  WudfPf - ok
23:33:58.0958 3144  [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:33:58.0958 3144  WUDFRd - ok
23:33:58.0974 3144  [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:33:58.0974 3144  wudfsvc - ok
23:33:58.0990 3144  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:33:58.0990 3144  WwanSvc - ok
23:33:58.0990 3144  ================ Scan global ===============================
23:33:59.0021 3144  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:33:59.0036 3144  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
23:33:59.0036 3144  [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
23:33:59.0052 3144  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:33:59.0068 3144  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:33:59.0068 3144  [Global] - ok
23:33:59.0068 3144  ================ Scan MBR ==================================
23:33:59.0068 3144  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:33:59.0302 3144  \Device\Harddisk0\DR0 - ok
23:33:59.0302 3144  [ 792F61657FECE3D17A9122B4EE282847 ] \Device\Harddisk1\DR1
23:33:59.0302 3144  \Device\Harddisk1\DR1 - ok
23:33:59.0302 3144  ================ Scan VBR ==================================
23:33:59.0302 3144  [ 624853D03A828168542FD1F1BE94659A ] \Device\Harddisk0\DR0\Partition1
23:33:59.0302 3144  \Device\Harddisk0\DR0\Partition1 - ok
23:33:59.0317 3144  [ 4D213DD4CD5C4D1942E559B6921C617C ] \Device\Harddisk0\DR0\Partition2
23:33:59.0317 3144  \Device\Harddisk0\DR0\Partition2 - ok
23:33:59.0317 3144  ============================================================
23:33:59.0317 3144  Scan finished
23:33:59.0317 3144  ============================================================
23:33:59.0317 1548  Detected object count: 1
23:33:59.0317 1548  Actual detected object count: 1
23:34:29.0254 1548  sptd ( LockedFile.Multi.Generic ) - skipped by user
23:34:29.0254 1548  sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:34:45.0790 3660  Deinitialize success

 


Edited by MICOLINO, 17 June 2013 - 12:04 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 18 June 2013 - 12:08 AM


Hello MICOLINO,

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 19 June 2013 - 06:43 PM

Thanks Gringo!

after JTR ive made 30 google searchs in firefox and it seems like now is finally clean.

i suppose the problem was in the "minidumps" and/or the "ai_recylebin" thing

 

 

thanks a lot! :flowers:

 

 

the logs:

 

# AdwCleaner v2.303 - Logfile created 06/19/2013 at 19:29:01
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Ultimate  (64 bits)
# User : MICOSYS - MICOSYS-PC
# Boot Mode : Normal
# Running from : C:\Users\MICOSYS\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16671

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (es-CL)

File : C:\Users\MICOSYS\AppData\Roaming\Mozilla\Firefox\Profiles\s0gnu2v7.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [306 octets] - [19/06/2013 19:28:38]
AdwCleaner[S2].txt - [716 octets] - [19/06/2013 19:29:01]

########## EOF - C:\AdwCleaner[S2].txt - [775 octets] ##########

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Ultimate x64
Ran by MICOSYS on 19-06-2013 at 19:31:01,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2404845437-1790280595-4235739060-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\MICOSYS\AppData\Roaming\mozilla\firefox\profiles\s0gnu2v7.default\minidumps [14 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19-06-2013 at 19:33:04,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 



#4 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 19 June 2013 - 10:39 PM

oh no.

it returned  ¬_¬



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 21 June 2013 - 11:25 PM


Hello MICOLINO

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 23 June 2013 - 08:05 PM

Hey Gringo!

just runned combofix as you asked.

 

now ill test the computer for a while to check if the problem pops up again.

ill post tomorrow if anything happens or not.

 

 

this is Comobfix last log.

 

 

 

ComboFix 13-06-22.01 - MICOSYS 23-06-2013  20:55:03.2.6 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.8174.6940 [GMT -7:00]
Running from: c:\users\MICOSYS\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-24 to 2013-06-24  )))))))))))))))))))))))))))))))
.
.
2013-06-24 03:57 . 2013-06-24 03:57    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-06-21 04:07 . 2013-06-21 04:08    --------    d-----w-    c:\programdata\Wacom
2013-06-21 04:06 . 2013-06-21 04:07    --------    d-----w-    c:\program files (x86)\Bamboo Dock
2013-06-20 07:17 . 2013-06-20 07:17    --------    d-----w-    c:\windows\SysWow64\Adobe
2013-06-20 06:56 . 2013-06-20 06:56    --------    d-----w-    c:\program files\CCleaner
2013-06-20 02:31 . 2013-06-20 02:31    --------    d-----w-    c:\windows\ERUNT
2013-06-20 02:30 . 2013-06-20 07:32    --------    d-----w-    C:\JRT
2013-06-17 06:00 . 2013-06-17 06:00    --------    d-----w-    c:\programdata\Malwarebytes
2013-06-17 06:00 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-06-17 06:00 . 2013-06-17 06:00    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-17 04:55 . 2013-06-17 04:55    --------    d-----w-    c:\program files (x86)\Alcohol Soft
2013-06-17 04:53 . 2013-06-17 04:53    871408    ----a-w-    c:\windows\system32\drivers\sptd.sys
2013-06-15 09:05 . 2013-06-15 09:05    --------    d-----w-    c:\program files (x86)\SquareEnix
2013-06-11 04:48 . 2013-06-11 04:48    --------    d-----w-    c:\programdata\Hewlett-Packard
2013-06-10 04:23 . 2013-06-10 04:23    --------    d-----w-    c:\program files (x86)\Hewlett-Packard
2013-06-10 04:22 . 2012-09-26 05:45    49664    ----a-r-    c:\windows\system32\HP1100SMs.dll
2013-06-10 04:22 . 2012-08-31 22:10    350720    ----a-w-    c:\windows\system32\mvhlewsi.DLL
2013-06-10 04:22 . 2012-08-31 22:03    1696256    ----a-w-    c:\windows\system32\HP1100SM.EXE
2013-06-10 04:22 . 2012-08-31 22:03    288768    ----a-w-    c:\windows\system32\HP1100LM.DLL
2013-06-10 04:22 . 2012-08-31 22:02    74240    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\HP1100PP.dll
2013-06-10 04:22 . 2012-09-27 00:27    126880    ----a-w-    c:\windows\system32\HPSIsvc.exe
2013-06-10 04:22 . 2013-06-10 04:22    --------    d-----w-    c:\programdata\HPSSUPPLY
2013-06-10 04:21 . 2013-06-10 04:22    --------    d-----w-    c:\program files (x86)\HP
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    c:\program files\HP
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    c:\program files (x86)\Common Files\SWF Studio
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    C:\LJP1100_P1560_P1600_Full_Solution
2013-06-09 00:38 . 2013-06-09 00:38    294912    --sha-r-    c:\windows\SysWow64\rpchttpd.dll
2013-06-03 05:13 . 2013-06-03 05:13    --------    d-----w-    c:\program files (x86)\MSECache
2013-06-01 23:45 . 2013-03-17 16:21    3649536    ----a-w-    c:\windows\SysWow64\x264vfw.dll
2013-06-01 23:45 . 2011-12-07 17:32    216064    ----a-w-    c:\windows\SysWow64\lagarith.dll
2013-06-01 23:45 . 2011-06-24 14:44    243200    ----a-w-    c:\windows\SysWow64\xvidvfw.dll
2013-06-01 23:45 . 2011-06-24 14:28    650752    ----a-w-    c:\windows\SysWow64\xvidcore.dll
2013-06-01 23:45 . 2012-06-09 17:21    178688    ----a-w-    c:\windows\SysWow64\unrar.dll
2013-06-01 23:45 . 2011-12-21 17:14    151552    ----a-w-    c:\windows\SysWow64\ac3acm.acm
2013-06-01 23:45 . 2013-05-31 18:00    112640    ----a-w-    c:\windows\SysWow64\ff_vfw.dll
2013-06-01 23:45 . 2013-06-01 23:45    --------    d-----w-    c:\program files (x86)\K-Lite Codec Pack
2013-06-01 23:25 . 2013-06-01 23:25    --------    d-----w-    c:\program files (x86)\Common Files\MainConcept
2013-06-01 23:24 . 2013-06-01 23:24    --------    d-----w-    c:\windows\Downloaded Installations
2013-06-01 23:17 . 2013-06-01 23:17    --------    d-----w-    c:\program files (x86)\Common Files\Adobe Systems Shared
2013-06-01 22:57 . 2013-06-01 23:03    --------    d-----w-    C:\_RAMMSTEIN DVD
2013-06-01 22:53 . 2013-06-15 06:17    --------    d-----w-    c:\program files (x86)\Guild Wars 2
2013-06-01 06:07 . 2013-06-01 06:07    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\program files (x86)\Microsoft Works
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\windows\PCHEALTH
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\program files (x86)\Microsoft.NET
2013-06-01 04:28 . 2013-06-01 04:28    --------    d-----w-    c:\program files (x86)\Google
2013-06-01 03:21 . 2013-06-01 03:21    --------    d-----w-    c:\program files\Adobe
2013-06-01 03:20 . 2013-06-01 03:21    --------    d-----w-    c:\program files\Common Files\Adobe
2013-06-01 03:19 . 2013-06-01 03:19    --------    d-----w-    c:\program files (x86)\Adobe Media Player
2013-06-01 03:14 . 2013-06-21 04:06    --------    d-----w-    c:\program files (x86)\Common Files\Adobe AIR
2013-06-01 03:10 . 2013-06-01 23:18    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2013-06-01 03:05 . 2013-06-01 03:06    --------    d-----w-    c:\program files\WinRAR
2013-05-31 08:23 . 2013-05-31 08:23    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-31 08:23 . 2013-05-31 08:23    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-31 08:23 . 2013-05-31 08:23    --------    d-----w-    c:\windows\SysWow64\Macromed
2013-05-31 08:23 . 2013-05-31 08:23    --------    d-----w-    c:\windows\system32\Macromed
2013-05-31 08:16 . 2009-09-05 00:29    1892184    ----a-w-    c:\windows\SysWow64\D3DX9_42.dll
2013-05-31 08:16 . 2006-09-28 23:05    2414360    ----a-w-    c:\windows\SysWow64\d3dx9_31.dll
2013-05-31 08:15 . 2013-05-31 08:15    --------    d-----w-    c:\program files (x86)\Common Files\PX Storage Engine
2013-05-31 08:15 . 2013-05-31 08:16    --------    d-----w-    c:\program files (x86)\Winamp
2013-05-31 08:15 . 2013-06-20 06:57    --------    d-----w-    c:\windows\Panther
2013-05-31 08:00 . 2013-05-31 08:00    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2013-05-31 08:00 . 2013-05-31 08:00    --------    d-----r-    c:\program files (x86)\Skype
2013-05-31 08:00 . 2013-05-31 08:01    --------    d-----w-    c:\programdata\Skype
2013-05-31 07:58 . 2013-05-14 08:48    9460464    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{35E345C3-78C0-470E-AEF5-8840F4B39479}\mpengine.dll
2013-05-31 07:57 . 2013-05-02 09:06    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-05-31 07:57 . 2008-07-31 17:41    68616    ----a-w-    c:\windows\SysWow64\XAPOFX1_1.dll
2013-05-31 07:57 . 2008-07-31 17:40    509448    ----a-w-    c:\windows\SysWow64\XAudio2_2.dll
2013-05-31 07:57 . 2008-07-12 15:18    467984    ----a-w-    c:\windows\SysWow64\d3dx10_39.dll
2013-05-31 07:57 . 2008-07-12 15:18    1493528    ----a-w-    c:\windows\SysWow64\D3DCompiler_39.dll
2013-05-31 07:57 . 2008-07-12 15:18    3851784    ----a-w-    c:\windows\SysWow64\D3DX9_39.dll
2013-05-31 07:57 . 2013-05-31 07:57    --------    d-----w-    C:\Riot Games
2013-05-31 07:53 . 2013-06-23 01:18    --------    d-----w-    c:\programdata\PMB Files
2013-05-31 07:53 . 2013-05-31 07:53    --------    d-----w-    c:\program files (x86)\Pando Networks
2013-05-31 07:50 . 2013-06-01 03:04    --------    d-----w-    c:\program files (x86)\Foxit Software
2013-05-31 07:43 . 2012-06-02 22:19    2428952    ----a-w-    c:\windows\system32\wuaueng.dll
2013-05-31 07:43 . 2012-06-02 22:19    57880    ----a-w-    c:\windows\system32\wuauclt.exe
2013-05-31 07:43 . 2012-06-02 22:19    44056    ----a-w-    c:\windows\system32\wups2.dll
2013-05-31 07:43 . 2012-06-02 22:15    2622464    ----a-w-    c:\windows\system32\wucltux.dll
2013-05-31 07:43 . 2012-06-02 22:19    38424    ----a-w-    c:\windows\system32\wups.dll
2013-05-31 07:43 . 2012-06-02 22:19    701976    ----a-w-    c:\windows\system32\wuapi.dll
2013-05-31 07:43 . 2012-06-02 22:15    99840    ----a-w-    c:\windows\system32\wudriver.dll
2013-05-31 07:43 . 2012-06-02 22:19    186752    ----a-w-    c:\windows\system32\wuwebv.dll
2013-05-31 07:43 . 2012-06-02 22:15    36864    ----a-w-    c:\windows\system32\wuapp.exe
2013-05-31 07:41 . 2010-07-12 21:39    302080    ----a-w-    c:\windows\lwd.exe
2013-05-31 07:40 . 2010-05-29 14:58    15872    ----a-w-    c:\windows\system32\drivers\anodlwfx.sys
2013-05-31 07:40 . 2013-05-31 07:40    --------    d-----w-    c:\program files (x86)\D-Link
2013-05-31 07:40 . 2011-04-28 21:20    1617472    ----a-w-    c:\windows\system32\drivers\Dnetr28ux.sys
2013-05-31 07:40 . 2011-04-28 21:17    327008    ----a-w-    c:\windows\system32\RaCoInstx.dll
2013-05-31 07:38 . 2013-05-31 07:38    --------    d-----w-    c:\program files\ATI
2013-05-31 07:38 . 2010-05-20 10:30    16440    ----a-w-    c:\windows\system32\drivers\AtiPcie.sys
2013-05-31 07:37 . 2013-05-31 07:37    --------    d-----w-    c:\program files\ATI Technologies
2013-05-31 07:37 . 2013-06-15 09:05    --------    d--h--w-    c:\program files (x86)\InstallShield Installation Information
2013-05-31 07:36 . 2013-05-31 07:37    --------    d-----w-    c:\program files (x86)\VIA
2013-05-31 07:36 . 2007-04-11 10:35    414632    ------w-    c:\windows\difxapi.dll
2013-05-31 07:36 . 2013-05-31 07:36    --------    d-----w-    c:\program files (x86)\Common Files\InstallShield
2013-05-31 07:35 . 2013-05-31 07:35    --------    d-----w-    c:\program files (x86)\ASM104xUSB3
2013-05-31 07:35 . 2013-06-21 04:07    --------    d-sh--w-    c:\windows\Installer
2013-05-31 07:34 . 2009-04-02 15:30    10296    ----a-w-    c:\windows\SysWow64\drivers\ASUSHWIO.SYS
2013-05-31 07:34 . 2009-02-21 22:35    49152    ----a-w-    c:\windows\DAOD.exe
2013-05-31 07:22 . 2013-06-21 04:06    --------    d-----w-    c:\users\MICOSYS
2013-05-31 07:21 . 2013-05-31 07:21    --------    d-----w-    C:\Recovery
2013-05-31 07:19 . 2013-05-31 07:19    0    ----a-w-    c:\windows\ativpsrm.bin
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"D-Link D-Link DWA-125"="c:\program files (x86)\D-Link\DWA-125 revA\AirNCFG.exe" [2011-06-10 1074496]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-05 30264]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744]
.
c:\users\MICOSYS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-23 c:\windows\Tasks\Ctxiammuu.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\system32\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MICOSYS\AppData\Roaming\Mozilla\Firefox\Profiles\83ea2jbl.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-23  20:58:59
ComboFix-quarantined-files.txt  2013-06-24 03:58
ComboFix2.txt  2013-06-17 07:02
.
Pre-Run: 881.183.211.520 bytes free
Post-Run: 881.245.708.288 bytes free
.
- - End Of File - - 3AD7025E91D0978710B9F4BA07D00369
A36C5E4F47E84449FF07ED3517B43A31



#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 23 June 2013 - 10:05 PM


Hello MICOLINO

we will run this now, it will help remove some files from the computer.


Blitzblank.

Download BlitzBlank and save it to your desktop. Open Blitzblank.exe
  • Click OK at the warning (and take note of it, this is a VERY powerful tool!).
  • Click the Script tab and copy/paste the following text there:
DeleteFile:
c:\windows\SysWow64\rpchttpd.dll
c:\windows\Tasks\Ctxiammuu.job
  • Click Execute Now. Your computer will need to reboot in order to replace the files.
  • When done, post me the report created by Blitzblank. you can find it at the root of the drive Normaly C:\
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 24 June 2013 - 12:09 AM

Heya Gringo,

Its done. n_n

 

 

Blitz Log:

 

BlitzBlank 1.0.0.32

File/Registry Modification Engine native application
MoveFileOnReboot: sourceFile = "\??\c:\windows\syswow64\rpchttpd.dll", destinationFile = "(null)", replaceWithDummy = 0
MoveFileOnReboot: sourceFile = "\??\c:\windows\tasks\ctxiammuu.job", destinationFile = "(null)", replaceWithDummy = 0
 



#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 24 June 2013 - 09:16 AM


Hello MICOLINO

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 24 June 2013 - 10:14 PM

Done.

no problems while browsing so far.

<3

 

Combofix report:

 

 

ComboFix 13-06-22.01 - MICOSYS 24-06-2013  19:26:53.3.6 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.8174.6892 [GMT -7:00]
Running from: c:\users\MICOSYS\Desktop\ComboFix.exe
Command switches used :: c:\users\MICOSYS\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-25 to 2013-06-25  )))))))))))))))))))))))))))))))
.
.
2013-06-25 02:29 . 2013-06-25 02:29    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-06-21 04:07 . 2013-06-21 04:08    --------    d-----w-    c:\programdata\Wacom
2013-06-21 04:06 . 2013-06-21 04:07    --------    d-----w-    c:\program files (x86)\Bamboo Dock
2013-06-20 07:17 . 2013-06-20 07:17    --------    d-----w-    c:\windows\SysWow64\Adobe
2013-06-20 06:56 . 2013-06-20 06:56    --------    d-----w-    c:\program files\CCleaner
2013-06-20 02:31 . 2013-06-20 02:31    --------    d-----w-    c:\windows\ERUNT
2013-06-20 02:30 . 2013-06-20 07:32    --------    d-----w-    C:\JRT
2013-06-17 06:00 . 2013-06-17 06:00    --------    d-----w-    c:\programdata\Malwarebytes
2013-06-17 06:00 . 2013-04-04 21:50    25928    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-06-17 06:00 . 2013-06-17 06:00    --------    d-----w-    c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-17 04:55 . 2013-06-17 04:55    --------    d-----w-    c:\program files (x86)\Alcohol Soft
2013-06-17 04:53 . 2013-06-17 04:53    871408    ----a-w-    c:\windows\system32\drivers\sptd.sys
2013-06-15 09:05 . 2013-06-15 09:05    --------    d-----w-    c:\program files (x86)\SquareEnix
2013-06-11 04:48 . 2013-06-11 04:48    --------    d-----w-    c:\programdata\Hewlett-Packard
2013-06-10 04:23 . 2013-06-10 04:23    --------    d-----w-    c:\program files (x86)\Hewlett-Packard
2013-06-10 04:22 . 2012-09-26 05:45    49664    ----a-r-    c:\windows\system32\HP1100SMs.dll
2013-06-10 04:22 . 2012-08-31 22:10    350720    ----a-w-    c:\windows\system32\mvhlewsi.DLL
2013-06-10 04:22 . 2012-08-31 22:03    1696256    ----a-w-    c:\windows\system32\HP1100SM.EXE
2013-06-10 04:22 . 2012-08-31 22:03    288768    ----a-w-    c:\windows\system32\HP1100LM.DLL
2013-06-10 04:22 . 2012-08-31 22:02    74240    ----a-w-    c:\windows\system32\Spool\prtprocs\x64\HP1100PP.dll
2013-06-10 04:22 . 2012-09-27 00:27    126880    ----a-w-    c:\windows\system32\HPSIsvc.exe
2013-06-10 04:22 . 2013-06-10 04:22    --------    d-----w-    c:\programdata\HPSSUPPLY
2013-06-10 04:21 . 2013-06-10 04:22    --------    d-----w-    c:\program files (x86)\HP
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    c:\program files\HP
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    c:\program files (x86)\Common Files\SWF Studio
2013-06-10 04:21 . 2013-06-10 04:21    --------    d-----w-    C:\LJP1100_P1560_P1600_Full_Solution
2013-06-03 05:13 . 2013-06-03 05:13    --------    d-----w-    c:\program files (x86)\MSECache
2013-06-01 23:45 . 2013-03-17 16:21    3649536    ----a-w-    c:\windows\SysWow64\x264vfw.dll
2013-06-01 23:45 . 2011-12-07 17:32    216064    ----a-w-    c:\windows\SysWow64\lagarith.dll
2013-06-01 23:45 . 2011-06-24 14:44    243200    ----a-w-    c:\windows\SysWow64\xvidvfw.dll
2013-06-01 23:45 . 2011-06-24 14:28    650752    ----a-w-    c:\windows\SysWow64\xvidcore.dll
2013-06-01 23:45 . 2012-06-09 17:21    178688    ----a-w-    c:\windows\SysWow64\unrar.dll
2013-06-01 23:45 . 2011-12-21 17:14    151552    ----a-w-    c:\windows\SysWow64\ac3acm.acm
2013-06-01 23:45 . 2013-05-31 18:00    112640    ----a-w-    c:\windows\SysWow64\ff_vfw.dll
2013-06-01 23:45 . 2013-06-01 23:45    --------    d-----w-    c:\program files (x86)\K-Lite Codec Pack
2013-06-01 23:25 . 2013-06-01 23:25    --------    d-----w-    c:\program files (x86)\Common Files\MainConcept
2013-06-01 23:24 . 2013-06-01 23:24    --------    d-----w-    c:\windows\Downloaded Installations
2013-06-01 23:17 . 2013-06-01 23:17    --------    d-----w-    c:\program files (x86)\Common Files\Adobe Systems Shared
2013-06-01 22:57 . 2013-06-01 23:03    --------    d-----w-    C:\_RAMMSTEIN DVD
2013-06-01 22:53 . 2013-06-15 06:17    --------    d-----w-    c:\program files (x86)\Guild Wars 2
2013-06-01 06:07 . 2013-06-01 06:07    --------    d-----w-    c:\programdata\regid.1986-12.com.adobe
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\program files (x86)\Microsoft Works
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\windows\PCHEALTH
2013-06-01 04:31 . 2013-06-01 04:31    --------    d-----w-    c:\program files (x86)\Microsoft.NET
2013-06-01 04:28 . 2013-06-01 04:28    --------    d-----w-    c:\program files (x86)\Google
2013-06-01 03:21 . 2013-06-01 03:21    --------    d-----w-    c:\program files\Adobe
2013-06-01 03:20 . 2013-06-01 03:21    --------    d-----w-    c:\program files\Common Files\Adobe
2013-06-01 03:19 . 2013-06-01 03:19    --------    d-----w-    c:\program files (x86)\Adobe Media Player
2013-06-01 03:14 . 2013-06-21 04:06    --------    d-----w-    c:\program files (x86)\Common Files\Adobe AIR
2013-06-01 03:10 . 2013-06-01 23:18    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2013-06-01 03:05 . 2013-06-01 03:06    --------    d-----w-    c:\program files\WinRAR
2013-05-31 08:23 . 2013-05-31 08:23    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-31 08:23 . 2013-05-31 08:23    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-31 08:23 . 2013-05-31 08:23    --------    d-----w-    c:\windows\SysWow64\Macromed
2013-05-31 08:23 . 2013-05-31 08:23    --------    d-----w-    c:\windows\system32\Macromed
2013-05-31 08:16 . 2009-09-05 00:29    1892184    ----a-w-    c:\windows\SysWow64\D3DX9_42.dll
2013-05-31 08:16 . 2006-09-28 23:05    2414360    ----a-w-    c:\windows\SysWow64\d3dx9_31.dll
2013-05-31 08:15 . 2013-05-31 08:15    --------    d-----w-    c:\program files (x86)\Common Files\PX Storage Engine
2013-05-31 08:15 . 2013-05-31 08:16    --------    d-----w-    c:\program files (x86)\Winamp
2013-05-31 08:15 . 2013-06-20 06:57    --------    d-----w-    c:\windows\Panther
2013-05-31 08:00 . 2013-05-31 08:00    --------    d-----w-    c:\program files (x86)\Common Files\Skype
2013-05-31 08:00 . 2013-05-31 08:00    --------    d-----r-    c:\program files (x86)\Skype
2013-05-31 08:00 . 2013-05-31 08:01    --------    d-----w-    c:\programdata\Skype
2013-05-31 07:58 . 2013-05-14 08:48    9460464    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{35E345C3-78C0-470E-AEF5-8840F4B39479}\mpengine.dll
2013-05-31 07:57 . 2013-05-02 09:06    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-05-31 07:57 . 2008-07-31 17:41    68616    ----a-w-    c:\windows\SysWow64\XAPOFX1_1.dll
2013-05-31 07:57 . 2008-07-31 17:40    509448    ----a-w-    c:\windows\SysWow64\XAudio2_2.dll
2013-05-31 07:57 . 2008-07-12 15:18    467984    ----a-w-    c:\windows\SysWow64\d3dx10_39.dll
2013-05-31 07:57 . 2008-07-12 15:18    1493528    ----a-w-    c:\windows\SysWow64\D3DCompiler_39.dll
2013-05-31 07:57 . 2008-07-12 15:18    3851784    ----a-w-    c:\windows\SysWow64\D3DX9_39.dll
2013-05-31 07:57 . 2013-05-31 07:57    --------    d-----w-    C:\Riot Games
2013-05-31 07:53 . 2013-06-25 02:22    --------    d-----w-    c:\programdata\PMB Files
2013-05-31 07:53 . 2013-05-31 07:53    --------    d-----w-    c:\program files (x86)\Pando Networks
2013-05-31 07:50 . 2013-06-01 03:04    --------    d-----w-    c:\program files (x86)\Foxit Software
2013-05-31 07:43 . 2012-06-02 22:19    2428952    ----a-w-    c:\windows\system32\wuaueng.dll
2013-05-31 07:43 . 2012-06-02 22:19    57880    ----a-w-    c:\windows\system32\wuauclt.exe
2013-05-31 07:43 . 2012-06-02 22:19    44056    ----a-w-    c:\windows\system32\wups2.dll
2013-05-31 07:43 . 2012-06-02 22:15    2622464    ----a-w-    c:\windows\system32\wucltux.dll
2013-05-31 07:43 . 2012-06-02 22:19    38424    ----a-w-    c:\windows\system32\wups.dll
2013-05-31 07:43 . 2012-06-02 22:19    701976    ----a-w-    c:\windows\system32\wuapi.dll
2013-05-31 07:43 . 2012-06-02 22:15    99840    ----a-w-    c:\windows\system32\wudriver.dll
2013-05-31 07:43 . 2012-06-02 22:19    186752    ----a-w-    c:\windows\system32\wuwebv.dll
2013-05-31 07:43 . 2012-06-02 22:15    36864    ----a-w-    c:\windows\system32\wuapp.exe
2013-05-31 07:41 . 2010-07-12 21:39    302080    ----a-w-    c:\windows\lwd.exe
2013-05-31 07:40 . 2010-05-29 14:58    15872    ----a-w-    c:\windows\system32\drivers\anodlwfx.sys
2013-05-31 07:40 . 2013-05-31 07:40    --------    d-----w-    c:\program files (x86)\D-Link
2013-05-31 07:40 . 2011-04-28 21:20    1617472    ----a-w-    c:\windows\system32\drivers\Dnetr28ux.sys
2013-05-31 07:40 . 2011-04-28 21:17    327008    ----a-w-    c:\windows\system32\RaCoInstx.dll
2013-05-31 07:38 . 2013-05-31 07:38    --------    d-----w-    c:\program files\ATI
2013-05-31 07:38 . 2010-05-20 10:30    16440    ----a-w-    c:\windows\system32\drivers\AtiPcie.sys
2013-05-31 07:37 . 2013-05-31 07:37    --------    d-----w-    c:\program files\ATI Technologies
2013-05-31 07:37 . 2013-06-15 09:05    --------    d--h--w-    c:\program files (x86)\InstallShield Installation Information
2013-05-31 07:36 . 2013-05-31 07:37    --------    d-----w-    c:\program files (x86)\VIA
2013-05-31 07:36 . 2007-04-11 10:35    414632    ------w-    c:\windows\difxapi.dll
2013-05-31 07:36 . 2013-05-31 07:36    --------    d-----w-    c:\program files (x86)\Common Files\InstallShield
2013-05-31 07:35 . 2013-05-31 07:35    --------    d-----w-    c:\program files (x86)\ASM104xUSB3
2013-05-31 07:35 . 2013-06-21 04:07    --------    d-sh--w-    c:\windows\Installer
2013-05-31 07:34 . 2009-04-02 15:30    10296    ----a-w-    c:\windows\SysWow64\drivers\ASUSHWIO.SYS
2013-05-31 07:34 . 2009-02-21 22:35    49152    ----a-w-    c:\windows\DAOD.exe
2013-05-31 07:22 . 2013-06-21 04:06    --------    d-----w-    c:\users\MICOSYS
2013-05-31 07:21 . 2013-05-31 07:21    --------    d-----w-    C:\Recovery
2013-05-31 07:19 . 2013-05-31 07:19    0    ----a-w-    c:\windows\ativpsrm.bin
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 5015040]
"D-Link D-Link DWA-125"="c:\program files (x86)\D-Link\DWA-125 revA\AirNCFG.exe" [2011-06-10 1074496]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-05 30264]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744]
.
c:\users\MICOSYS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\system32\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MICOSYS\AppData\Roaming\Mozilla\Firefox\Profiles\83ea2jbl.default\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-06-24  19:30:39
ComboFix-quarantined-files.txt  2013-06-25 02:30
ComboFix2.txt  2013-06-24 03:59
ComboFix3.txt  2013-06-17 07:02
.
Pre-Run: 877.944.057.856 bytes free
Post-Run: 877.894.148.096 bytes free
.
- - End Of File - - D5F4F7DAEDA369DD6493099F6C3B8E4D
A36C5E4F47E84449FF07ED3517B43A31
 



#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 24 June 2013 - 10:28 PM


Hello MICOLINO

I would like to see a report that combofix makes.

extra combofix report
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok
copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 25 June 2013 - 09:54 PM

the list.

WTF is marketresearch o.O

 

 

 

µTorrent
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Community Help
Adobe Flash Player 11 Plugin
Adobe Help Center 2.0
Adobe Media Player
Adobe Photoshop CS5
Adobe Premiere Pro 2.0
Adobe Shockwave Player 12.0
Adobe Stock Photos 1.0
Asmedia ASM104x USB 3.0 Host Controller Driver
Bamboo Dock
Compatibility Pack for the 2007 Office system
D-Link DWA-125
FINAL FANTASY XIV - A Realm Reborn (Beta Version)
Foxit Creator
Foxit PDF Editor
Foxit Reader
Google SketchUp Pro 8
hppLaserJetService
hppP1100P1560P1600SeriesLaserJetService
hppusgP1100P1560P1600Series
HPSSupply
K-Lite Mega Codec Pack 9.9.5
League of Legends
MainConcept MPEG Pro 3.3
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 21.0 (x86 es-CL)
Pando Media Booster
PDF Settings CS5
Platform
Skype™ 6.3
swMSM
VIA Platform Device Manager
WebTablet FB Plugin 32 bit
Winamp



#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 25 June 2013 - 10:12 PM


Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)
  • Programs to remove

    • µTorrent


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.



Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :


I see You have MBAM installed on the computer - that is great!! it is a very good program! I would like you to run a quick scan for me now
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 MICOLINO

MICOLINO
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 25 June 2013 - 10:47 PM

done. uninstall and ccleaner.

 

 

 

Mbam:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.25.10

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
MICOSYS :: MICOSYS-PC [administrator]

25-06-2013 23:44:06
mbam-log-2013-06-25 (23-44-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 208935
Time elapsed: 1 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

 

 

 

Hijack:

 

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:41:15, on 25-06-2013
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
C:\Users\MICOSYS\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files (x86)\D-Link\DWA-125 revA\AirNCFG.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) - Unknown owner - C:\Program Files (x86)\D-Link\DWA-125 revA\ANIWConnService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 6010 bytes
 



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 135,634 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:29 AM

Posted 26 June 2013 - 12:18 AM


Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.
  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
      O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      O4 - HKLM\..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
      O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
      O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.
    • NOTE**You can research each of those lines >here< and see if you want to keep them or not
      just copy the name between the brackets and paste into the search space
      O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
When the scan is complete
  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic


Please Only Copy And Paste Reports Into Topic - Do Not Attach

My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users