Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zombie has taken over computer


  • This topic is locked This topic is locked
15 replies to this topic

#1 ChiroCalvinist

ChiroCalvinist

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 31 March 2012 - 12:55 AM

About 3 weeks ago the operating system crashed on this computer and I had to reinstall it but things have not been right since. When the computer boots in regular mode the HD light comes on and hardly ever goes out. The task manager does not seem to show what is writing or reading to the drive. I am having trouble running Hijack This. It seems like something is lurking in the background. It has blue screened a couple of times when trying to run explorer. Here are the files:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by Dr. Neill H. Payne at 1:18:43 on 2012-03-31
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3887.3243 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll
BHO: HP ProtectTools Security Manager Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [DTRun] C:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [MVS Splash] C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\Splash.exe
mRun: [McAfee Managed Services Tray] C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe
mRun: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [FaxCenterServer] "C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe" /s
mRun: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{BD038790-B830-41CF-BF2E-DFEF36CE5E84} : DhcpNameServer = 192.168.2.1
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.358.dll
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll
Notify: DeviceNP - DeviceNP.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll
BHO-X64: HP ProtectTools Security Manager Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
BHO-X64: HP ProtectTools Security Manager Extension - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: McAfee SiteAdvisor: {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun-x64: [DTRun] C:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [MVS Splash] C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\Splash.exe
mRun-x64: [McAfee Managed Services Tray] C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe
mRun-x64: [SiteAdvisor] C:\Program Files (x86)\SiteAdvisor\6173\SiteAdv.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [FaxCenterServer] "C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe" /s
mRun-x64: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dr. Neill H. Payne\AppData\Roaming\Mozilla\Firefox\Profiles\5px6xl6s.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
S1 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-3-25 913752]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2012-2-26 89600]
S2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
S2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
S2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-3-25 44768]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2012-2-26 677128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 EngineServer;EngineServer;C:\PROGRA~2\McAfee\MANAGE~1\VScan\ENGINE~1.EXE [2012-2-26 14144]
S2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-12-18 189736]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-26 136176]
S2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
S2 HP ProtectTools Service;HP ProtectTools Service;C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-4-5 103992]
S2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-5-10 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-10 251448]
S2 hpHotkeyMonitor;HP Hotkey Monitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-3-1 264248]
S2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
S2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-3-30 821592]
S2 lxdn_device;lxdn_device;C:\Windows\system32\lxdncoms.exe -service --> C:\Windows\system32\lxdncoms.exe -service [?]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdnserv.exe [2008-2-27 33960]
S2 McShield;McShield;C:\PROGRA~2\McAfee\MANAGE~1\VScan\McShield.exe [2012-2-26 144704]
S2 myAgtSvc;McAfee Virus and Spyware Protection Service;"C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart --> C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [?]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-2-26 635416]
S2 uArcCapture;ArcCapture;C:\Windows\system\uArcCapture.exe [2012-2-26 506472]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.EXE [2012-2-26 2320920]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys --> C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [?]
S3 Bluetooth Device Manager;Bluetooth Device Manager;C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2012-2-26 4170504]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2012-2-26 1096456]
S3 BTMCOM;Bluetooth Serial Port;C:\Windows\system32\Drivers\btmcom.sys --> C:\Windows\system32\Drivers\btmcom.sys [?]
S3 BTMUSB;Motorola Bluetooth Radio Service;C:\Windows\system32\Drivers\btmusb.sys --> C:\Windows\system32\Drivers\btmusb.sys [?]
S3 DAMDrv;DAMDrv;C:\Windows\system32\DRIVERS\DAMDrv64.sys --> C:\Windows\system32\DRIVERS\DAMDrv64.sys [?]
S3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-3-30 21384]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-2-26 1028096]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-26 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 MfeAVFK;McAfee Inc. MfeAVFK;C:\Windows\system32\drivers\MfeAVFK.sys --> C:\Windows\system32\drivers\MfeAVFK.sys [?]
S3 MfeRKDK;McAfee Inc. MfeRKDK;C:\Windows\system32\drivers\MfeRKDK.sys --> C:\Windows\system32\drivers\MfeRKDK.sys [?]
S3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2012-3-30 33184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2012-3-30 21872]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-03-30 20:23:18 388096 ----a-r- C:\Users\Dr. Neill H. Payne\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-03-30 20:23:17 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-03-30 04:12:14 -------- d-----w- C:\Users\Dr. Neill H. Payne\AppData\Roaming\Process Hacker 2
2012-03-30 04:05:16 -------- d-----w- C:\Program Files\Process Hacker 2
2012-03-26 10:00:18 24408 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2012-03-26 03:20:24 -------- d-----w- C:\ProgramData\IObit
2012-03-26 03:20:10 -------- d-----w- C:\Users\Dr. Neill H. Payne\AppData\Roaming\IObit
2012-03-26 03:20:00 -------- d-----w- C:\Program Files (x86)\IObit
2012-03-26 01:46:52 -------- d-----w- C:\Program Files (x86)\ESET
2012-03-18 19:18:38 -------- d-----w- C:\Users\Dr. Neill H. Payne\AppData\Roaming\PhotoScape
2012-03-18 19:18:10 -------- d-----w- C:\Program Files (x86)\PhotoScape
2012-03-18 14:03:22 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-18 14:03:21 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-18 14:03:21 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-18 13:57:49 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 13:57:49 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-17 15:51:12 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-17 15:51:10 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-17 15:51:09 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-17 15:44:53 -------- d-----w- C:\Windows\System32\SPReview
2012-03-17 15:44:10 -------- d-----w- C:\Windows\System32\EventProviders
2012-03-17 15:27:32 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-17 15:27:30 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-17 15:27:30 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-17 15:23:50 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-17 15:23:49 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-17 15:23:49 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-17 15:23:49 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-10 17:10:42 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-03-09 19:42:46 -------- d-----w- C:\Program Files (x86)\Auralog
2012-03-05 04:39:24 -------- d-----w- C:\4754dbf046b7e6a464fa8d14c434be35
2012-03-05 03:38:59 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-03-05 03:37:59 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-03-05 03:36:59 782336 ----a-w- C:\Windows\SysWow64\webservices.dll
2012-03-05 03:35:59 451072 ----a-w- C:\Windows\System32\shwebsvc.dll
2012-03-05 03:34:59 90112 ----a-w- C:\Windows\SysWow64\srvcli.dll
2012-03-05 03:33:59 8192 ----a-w- C:\Windows\System32\KBDCZ1.DLL
2012-03-05 03:32:29 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-05 03:32:28 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2012-03-05 03:32:28 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2012-03-05 03:27:40 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2012-03-05 03:27:40 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2012-03-05 03:27:10 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2012-03-05 01:57:32 -------- d-----w- C:\Users\Dr. Neill H. Payne\AppData\Roaming\SUPERAntiSpyware.com
2012-03-05 01:56:54 -------- d-----w- C:\ProgramData\!SASCORE
2012-03-05 01:56:48 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-03-02 20:46:12 -------- d-----w- C:\Program Files (x86)\directx
2012-03-02 20:43:15 -------- d-----w- C:\Program Files (x86)\Majestic Chess
2012-03-02 20:42:41 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\ctor.dll
2012-03-02 20:42:41 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe
2012-03-02 20:42:41 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2012-03-02 20:42:41 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iscript.dll
2012-03-02 20:42:41 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iuser.dll
2012-03-02 20:42:40 733184 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iKernel.dll
2012-03-02 20:42:39 180356 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\iGdi.dll
2012-03-02 20:42:38 303236 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\setup.dll
.
==================== Find3M ====================
.
2012-03-17 16:01:30 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-03-17 16:01:29 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-03-06 23:15:19 41184 ----a-w- C:\Windows\avastSS.scr
2012-03-06 23:04:06 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-03-06 23:02:20 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-03-06 23:01:52 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-02-27 03:45:42 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-26 19:17:37 368912 ----a-w- C:\Windows\SysWow64\VBAR332.DLL
2012-02-26 19:17:37 252176 ----a-w- C:\Windows\SysWow64\MSRD2X35.DLL
2012-02-26 19:17:37 24848 ----a-w- C:\Windows\SysWow64\MSJTER35.DLL
2012-02-26 19:17:37 123664 ----a-w- C:\Windows\SysWow64\MSJINT35.DLL
2012-02-26 19:17:37 1045776 ----a-w- C:\Windows\SysWow64\MSJET35.DLL
2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
.
============= FINISH: 1:19:21.52 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/25/2012 7:29:19 PM
System Uptime: 3/31/2012 1:10:46 AM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 1413
Processor: Intel® Core™ i5 CPU M 450 @ 2.40GHz | CPU 1 | 2394/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 296 GiB total, 261.911 GiB free.
D: is CDROM ()
E: is FIXED (FAT32) - 2 GiB total, 1.488 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: avast! Network Shield Support
Device ID: ROOT\LEGACY_ASWTDI\0000
Manufacturer:
Name: avast! Network Shield Support
PNP Device ID: ROOT\LEGACY_ASWTDI\0000
Service: aswTdi
.
==== System Restore Points ===================
.
RP21: 3/17/2012 11:44:42 AM - Windows 7 Service Pack 1
RP22: 3/18/2012 5:19:59 PM - Windows Update
RP23: 3/30/2012 1:01:55 AM - HPSF Applying updates
RP24: 3/30/2012 4:21:54 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Advanced SystemCare 5
ArcSoft TotalMedia
ArcSoft Webcam Sharing Manager
avast! Free Antivirus
Carbonite Online Backup Setup
Corel Home Office
Corel Home Office - CS Templates
Corel Home Office - CT Templates
Corel Home Office - IPM
Corel Home Office - JP Templates
Corel Home Office - KR Templates
Corel Home Office - Launcher
Corel Home Office - Templates RU
Corel Home Office - Templates1
ESET Online Scanner v3
Google Update Helper
HiJackThis
HP Customer Experience Enhancements
HP QuickWeb
HP Software Framework
HP Support Assistant
HP User Guides 0189
HP Webcam Driver
HPAsset component for HP Active Support Library
IDT Audio
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
IObit Malware Fighter
LightScribe System Software
Majestic Chess
McAfee Browser Protection Service
McAfee Security Scan Plus
McAfee Virus and Spyware Protection Service
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 11.0 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal Seagate Edition
PDF Complete Special Edition
PhotoScape
Realtek Ethernet Controller All-In-One Windows Driver
Realtek USB 2.0 Card Reader
Seagate Manager Installer
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
TELL ME MORE
Theft Recovery
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Visual C++ 8.0 x86 Runtime Setup Package
.
==== Event Viewer Messages From Past Week ========
.
3/31/2012 12:53:04 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk0\DR0.
3/31/2012 1:11:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/31/2012 1:11:29 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/31/2012 1:11:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/31/2012 1:11:17 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/31/2012 1:11:12 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswSnx aswSP aswTdi discache mfehidk SASDIFSV SASKUTIL spldr Wanarpv6
3/30/2012 9:59:15 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
3/30/2012 9:50:03 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
3/30/2012 4:19:24 PM, Error: Service Control Manager [7000] - The McAfee Virus and Spyware Protection Service service failed to start due to the following error: The system cannot find the file specified.
3/30/2012 4:19:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the lxdnCATSCustConnectService service to connect.
3/30/2012 4:19:23 PM, Error: Service Control Manager [7000] - The lxdnCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
3/30/2012 2:05:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McComponentHostService with arguments "" in order to run the server: {CC6F4D12-8575-4CFF-9455-CF5774AEB13B}
3/30/2012 11:26:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
3/30/2012 10:05:14 PM, Error: Service Control Manager [7034] - The McShield service terminated unexpectedly. It has done this 1 time(s).
3/30/2012 10:00:54 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UNS service.
3/30/2012 10:00:23 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPDayStarterService service.
3/29/2012 11:23:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff86002e566bc, 0x0000000000000001, 0xfffff80002e0efa2, 0x0000000000000005). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032912-39125-01.
3/29/2012 11:16:47 PM, Error: Service Control Manager [7031] - The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
3/25/2012 9:37:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
3/25/2012 8:44:36 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service Bluetooth Device Manager with arguments "" in order to run the server: {3428CA47-50B8-48C2-8839-48D3C4C59B23}
3/25/2012 8:43:59 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/25/2012 8:43:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/25/2012 8:43:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/25/2012 8:43:07 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD aswRdr aswSnx aswSP aswTdi CSC DfsC discache mfehidk mfetdik NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf
3/25/2012 8:43:07 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/25/2012 8:43:07 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/25/2012 8:43:07 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/25/2012 8:43:07 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/25/2012 8:43:07 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/25/2012 8:43:07 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/25/2012 8:43:06 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/25/2012 8:43:06 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
3/25/2012 8:43:06 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/25/2012 8:43:06 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/25/2012 12:50:02 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff80002daf9bc, 0xfffff88003d80390, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 032512-16692-01.
3/25/2012 11:20:19 PM, Error: Service Control Manager [7030] - The Advanced SystemCare Service 5 service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/25/2012 10:00:52 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Wireless Assistant Service service.
3/25/2012 10:00:22 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP Power Assistant Service service.
.
==== End Of File ===========================

Attached Files

  • Attached File  gmer.log   407bytes   0 downloads


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,633 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:48 AM

Posted 06 April 2012 - 01:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/448262 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,971 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:48 AM

Posted 08 April 2012 - 08:41 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

===

Please post the logs for my review.

#4 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 08 April 2012 - 01:52 PM

14:33:30.0472 1960 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
14:33:30.0746 1960 ============================================================
14:33:30.0746 1960 Current date / time: 2012/04/08 14:33:30.0746
14:33:30.0746 1960 SystemInfo:
14:33:30.0746 1960
14:33:30.0746 1960 OS Version: 6.1.7601 ServicePack: 1.0
14:33:30.0746 1960 Product type: Workstation
14:33:30.0746 1960 ComputerName: CLINICLAPTOP
14:33:30.0746 1960 UserName: Dr. Neill H. Payne
14:33:30.0746 1960 Windows directory: C:\Windows
14:33:30.0746 1960 System windows directory: C:\Windows
14:33:30.0746 1960 Running under WOW64
14:33:30.0746 1960 Processor architecture: Intel x64
14:33:30.0746 1960 Number of processors: 4
14:33:30.0746 1960 Page size: 0x1000
14:33:30.0746 1960 Boot type: Safe boot with network
14:33:30.0746 1960 ============================================================
14:33:31.0087 1960 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:33:31.0090 1960 \Device\Harddisk0\DR0:
14:33:31.0090 1960 MBR used
14:33:31.0090 1960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:33:31.0090 1960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24FF7800
14:33:31.0090 1960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x2502A000, BlocksNum 0x400000
14:33:31.0140 1960 Initialize success
14:33:31.0140 1960 ============================================================
14:33:33.0214 0704 ============================================================
14:33:33.0214 0704 Scan started
14:33:33.0214 0704 Mode: Manual;
14:33:33.0214 0704 ============================================================
14:33:33.0429 0704 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:33:33.0430 0704 !SASCORE - ok
14:33:33.0568 0704 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:33:33.0569 0704 1394ohci - ok
14:33:33.0609 0704 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
14:33:33.0609 0704 Accelerometer - ok
14:33:33.0690 0704 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:33:33.0691 0704 ACDaemon - ok
14:33:33.0723 0704 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:33:33.0725 0704 ACPI - ok
14:33:33.0746 0704 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:33:33.0746 0704 AcpiPmi - ok
14:33:33.0782 0704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:33:33.0785 0704 adp94xx - ok
14:33:33.0798 0704 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:33:33.0800 0704 adpahci - ok
14:33:33.0828 0704 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:33:33.0829 0704 adpu320 - ok
14:33:33.0970 0704 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
14:33:33.0975 0704 AdvancedSystemCareService5 - ok
14:33:34.0076 0704 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:33:34.0076 0704 AeLookupSvc - ok
14:33:34.0167 0704 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
14:33:34.0167 0704 AESTFilters - ok
14:33:34.0277 0704 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
14:33:34.0278 0704 Afc - ok
14:33:34.0336 0704 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:33:34.0338 0704 AFD - ok
14:33:34.0392 0704 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
14:33:34.0397 0704 AgereSoftModem - ok
14:33:34.0533 0704 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:33:34.0533 0704 agp440 - ok
14:33:34.0570 0704 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:33:34.0571 0704 ALG - ok
14:33:34.0595 0704 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:33:34.0595 0704 aliide - ok
14:33:34.0638 0704 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:33:34.0638 0704 amdide - ok
14:33:34.0683 0704 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:33:34.0684 0704 AmdK8 - ok
14:33:34.0691 0704 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:33:34.0692 0704 AmdPPM - ok
14:33:34.0715 0704 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:33:34.0716 0704 amdsata - ok
14:33:34.0748 0704 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:33:34.0749 0704 amdsbs - ok
14:33:34.0766 0704 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:33:34.0766 0704 amdxata - ok
14:33:34.0797 0704 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:33:34.0798 0704 AppID - ok
14:33:34.0830 0704 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:33:34.0831 0704 AppIDSvc - ok
14:33:34.0858 0704 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:33:34.0858 0704 Appinfo - ok
14:33:34.0956 0704 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:33:34.0957 0704 AppMgmt - ok
14:33:34.0975 0704 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:33:34.0976 0704 arc - ok
14:33:34.0983 0704 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:33:34.0984 0704 arcsas - ok
14:33:35.0029 0704 ARCVCAM (ce2168c926927ba926301baf172bc693) C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys
14:33:35.0030 0704 ARCVCAM - ok
14:33:35.0083 0704 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
14:33:35.0084 0704 aswFsBlk - ok
14:33:35.0091 0704 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
14:33:35.0092 0704 aswMonFlt - ok
14:33:35.0114 0704 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
14:33:35.0115 0704 aswRdr - ok
14:33:35.0151 0704 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
14:33:35.0154 0704 aswSnx - ok
14:33:35.0180 0704 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
14:33:35.0182 0704 aswSP - ok
14:33:35.0205 0704 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
14:33:35.0206 0704 aswTdi - ok
14:33:35.0239 0704 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:33:35.0240 0704 AsyncMac - ok
14:33:35.0338 0704 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:33:35.0338 0704 atapi - ok
14:33:35.0368 0704 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:33:35.0372 0704 AudioEndpointBuilder - ok
14:33:35.0381 0704 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:33:35.0384 0704 AudioSrv - ok
14:33:35.0508 0704 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:33:35.0508 0704 avast! Antivirus - ok
14:33:35.0549 0704 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:33:35.0550 0704 AxInstSV - ok
14:33:35.0608 0704 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:33:35.0610 0704 b06bdrv - ok
14:33:35.0701 0704 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:33:35.0702 0704 b57nd60a - ok
14:33:35.0736 0704 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:33:35.0737 0704 BDESVC - ok
14:33:35.0753 0704 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:33:35.0753 0704 Beep - ok
14:33:35.0812 0704 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:33:35.0815 0704 BFE - ok
14:33:35.0858 0704 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:33:35.0863 0704 BITS - ok
14:33:35.0897 0704 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:33:35.0897 0704 blbdrive - ok
14:33:36.0043 0704 Bluetooth Device Manager (bb745548b1e73f8f6f260677786b2be3) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
14:33:36.0062 0704 Bluetooth Device Manager - ok
14:33:36.0102 0704 Bluetooth Media Service (449d09f3d9cdf02bf594b1513257969e) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
14:33:36.0107 0704 Bluetooth Media Service - ok
14:33:36.0125 0704 Bluetooth OBEX Service (41d5b8ee393d815aa82a9b2116f90bcf) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
14:33:36.0128 0704 Bluetooth OBEX Service - ok
14:33:36.0224 0704 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:33:36.0225 0704 bowser - ok
14:33:36.0252 0704 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:33:36.0252 0704 BrFiltLo - ok
14:33:36.0261 0704 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:33:36.0261 0704 BrFiltUp - ok
14:33:36.0311 0704 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:33:36.0312 0704 Browser - ok
14:33:36.0336 0704 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:33:36.0338 0704 Brserid - ok
14:33:36.0360 0704 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:33:36.0361 0704 BrSerWdm - ok
14:33:36.0369 0704 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:33:36.0369 0704 BrUsbMdm - ok
14:33:36.0377 0704 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:33:36.0377 0704 BrUsbSer - ok
14:33:36.0419 0704 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:33:36.0420 0704 BthEnum - ok
14:33:36.0433 0704 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:33:36.0433 0704 BTHMODEM - ok
14:33:36.0468 0704 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:33:36.0469 0704 BthPan - ok
14:33:36.0515 0704 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
14:33:36.0518 0704 BTHPORT - ok
14:33:36.0548 0704 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:33:36.0549 0704 bthserv - ok
14:33:36.0660 0704 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
14:33:36.0660 0704 BTHUSB - ok
14:33:36.0712 0704 BTMCOM (e588420b950dac5ac397f76660bce520) C:\Windows\system32\Drivers\btmcom.sys
14:33:36.0712 0704 BTMCOM - ok
14:33:36.0811 0704 BTMUSB (22a24c45a21ab98afcd09229f6ee5fcf) C:\Windows\system32\Drivers\btmusb.sys
14:33:36.0825 0704 BTMUSB - ok
14:33:36.0851 0704 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:33:36.0852 0704 cdfs - ok
14:33:36.0886 0704 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:33:36.0886 0704 cdrom - ok
14:33:36.0914 0704 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:33:36.0914 0704 CertPropSvc - ok
14:33:37.0013 0704 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:33:37.0014 0704 circlass - ok
14:33:37.0047 0704 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:33:37.0049 0704 CLFS - ok
14:33:37.0097 0704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:33:37.0098 0704 clr_optimization_v2.0.50727_32 - ok
14:33:37.0144 0704 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:33:37.0145 0704 clr_optimization_v2.0.50727_64 - ok
14:33:37.0234 0704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:33:37.0235 0704 clr_optimization_v4.0.30319_32 - ok
14:33:37.0320 0704 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:33:37.0321 0704 clr_optimization_v4.0.30319_64 - ok
14:33:37.0370 0704 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:33:37.0370 0704 CmBatt - ok
14:33:37.0398 0704 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:33:37.0398 0704 cmdide - ok
14:33:37.0449 0704 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:33:37.0451 0704 CNG - ok
14:33:37.0487 0704 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:33:37.0488 0704 Compbatt - ok
14:33:37.0510 0704 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:33:37.0511 0704 CompositeBus - ok
14:33:37.0517 0704 COMSysApp - ok
14:33:37.0536 0704 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:33:37.0536 0704 crcdisk - ok
14:33:37.0571 0704 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:33:37.0572 0704 CryptSvc - ok
14:33:37.0652 0704 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
14:33:37.0655 0704 CSC - ok
14:33:37.0708 0704 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
14:33:37.0711 0704 CscService - ok
14:33:37.0767 0704 DAMDrv (a8ba4da23ac20bda23ca15234d42a3fa) C:\Windows\system32\DRIVERS\DAMDrv64.sys
14:33:37.0767 0704 DAMDrv - ok
14:33:37.0801 0704 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:33:37.0804 0704 DcomLaunch - ok
14:33:37.0855 0704 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:33:37.0856 0704 defragsvc - ok
14:33:37.0886 0704 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:33:37.0886 0704 DfsC - ok
14:33:37.0910 0704 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:33:37.0912 0704 Dhcp - ok
14:33:37.0980 0704 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:33:37.0981 0704 discache - ok
14:33:38.0015 0704 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:33:38.0015 0704 Disk - ok
14:33:38.0054 0704 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:33:38.0055 0704 Dnscache - ok
14:33:38.0090 0704 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:33:38.0092 0704 dot3svc - ok
14:33:38.0192 0704 DpHost (ef8004b4a9552c77fd0e99ab08841d13) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
14:33:38.0194 0704 DpHost - ok
14:33:38.0240 0704 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:33:38.0241 0704 DPS - ok
14:33:38.0324 0704 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:33:38.0325 0704 drmkaud - ok
14:33:38.0434 0704 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:33:38.0438 0704 DXGKrnl - ok
14:33:38.0483 0704 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:33:38.0484 0704 EapHost - ok
14:33:38.0563 0704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:33:38.0578 0704 ebdrv - ok
14:33:38.0676 0704 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:33:38.0676 0704 EFS - ok
14:33:38.0748 0704 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:33:38.0752 0704 ehRecvr - ok
14:33:38.0775 0704 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:33:38.0776 0704 ehSched - ok
14:33:38.0839 0704 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:33:38.0842 0704 elxstor - ok
14:33:38.0929 0704 EngineServer (6fd79878e320793fe8dadb5958d399ac) C:\PROGRA~2\McAfee\MANAGE~1\VScan\ENGINE~1.EXE
14:33:38.0929 0704 EngineServer - ok
14:33:39.0012 0704 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:33:39.0013 0704 ErrDev - ok
14:33:39.0043 0704 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:33:39.0045 0704 EventSystem - ok
14:33:39.0069 0704 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:33:39.0070 0704 exfat - ok
14:33:39.0117 0704 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:33:39.0118 0704 fastfat - ok
14:33:39.0157 0704 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:33:39.0161 0704 Fax - ok
14:33:39.0191 0704 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:33:39.0192 0704 fdc - ok
14:33:39.0209 0704 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:33:39.0209 0704 fdPHost - ok
14:33:39.0223 0704 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:33:39.0223 0704 FDResPub - ok
14:33:39.0242 0704 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:33:39.0242 0704 FileInfo - ok
14:33:39.0255 0704 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:33:39.0255 0704 Filetrace - ok
14:33:39.0306 0704 FLCDLOCK (7e728680aa428506a82351d859c32c95) C:\Windows\SysWOW64\flcdlock.exe
14:33:39.0309 0704 FLCDLOCK - ok
14:33:39.0390 0704 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:33:39.0393 0704 FLEXnet Licensing Service - ok
14:33:39.0459 0704 FLEXnet Licensing Service 64 (52c0312ab35eb7187015fb6a99136bb5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:33:39.0464 0704 FLEXnet Licensing Service 64 - ok
14:33:39.0560 0704 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:33:39.0560 0704 flpydisk - ok
14:33:39.0597 0704 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:33:39.0599 0704 FltMgr - ok
14:33:39.0641 0704 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
14:33:39.0647 0704 FontCache - ok
14:33:39.0715 0704 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:33:39.0715 0704 FontCache3.0.0.0 - ok
14:33:39.0809 0704 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
14:33:39.0810 0704 FreeAgentGoNext Service - ok
14:33:39.0901 0704 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:33:39.0902 0704 FsDepends - ok
14:33:39.0921 0704 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:33:39.0921 0704 Fs_Rec - ok
14:33:39.0962 0704 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:33:39.0963 0704 fvevol - ok
14:33:39.0986 0704 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:33:39.0987 0704 gagp30kx - ok
14:33:40.0040 0704 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:33:40.0044 0704 gpsvc - ok
14:33:40.0110 0704 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:40.0111 0704 gupdate - ok
14:33:40.0115 0704 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:40.0116 0704 gupdatem - ok
14:33:40.0169 0704 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:33:40.0169 0704 hcw85cir - ok
14:33:40.0244 0704 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:33:40.0245 0704 HdAudAddService - ok
14:33:40.0288 0704 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:33:40.0289 0704 HDAudBus - ok
14:33:40.0329 0704 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
14:33:40.0330 0704 HECIx64 - ok
14:33:40.0354 0704 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:33:40.0355 0704 HidBatt - ok
14:33:40.0373 0704 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:33:40.0374 0704 HidBth - ok
14:33:40.0398 0704 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:33:40.0399 0704 HidIr - ok
14:33:40.0422 0704 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:33:40.0423 0704 hidserv - ok
14:33:40.0439 0704 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
14:33:40.0439 0704 HidUsb - ok
14:33:40.0477 0704 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:33:40.0478 0704 hkmsvc - ok
14:33:40.0501 0704 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:33:40.0502 0704 HomeGroupListener - ok
14:33:40.0602 0704 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:33:40.0604 0704 HomeGroupProvider - ok
14:33:40.0709 0704 HP Health Check Service (58c91cca61a948dc6e789c93c05a1d6f) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
14:33:40.0710 0704 HP Health Check Service - ok
14:33:40.0783 0704 HP Power Assistant Service (cf3ae4aeab7e3ab87122dc4ddd3a6947) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
14:33:40.0784 0704 HP Power Assistant Service - ok
14:33:40.0821 0704 HP ProtectTools Service (ae2a8c80205f06be5edc63be0ae9a756) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
14:33:40.0823 0704 HP ProtectTools Service - ok
14:33:40.0852 0704 HP Wireless Assistant Service (58cc11d14d88ef70ef7abbc75b5eebd8) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:33:40.0853 0704 HP Wireless Assistant Service - ok
14:33:40.0882 0704 HPDayStarterService (94c74d758e0f7b1d962da452b4d28c91) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
14:33:40.0883 0704 HPDayStarterService - ok
14:33:40.0922 0704 HPDrvMntSvc.exe (50afb68513014a6894d78014483f0432) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:33:40.0923 0704 HPDrvMntSvc.exe - ok
14:33:41.0022 0704 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
14:33:41.0023 0704 hpdskflt - ok
14:33:41.0110 0704 hpHotkeyMonitor (4d94f4d7782657e79eb1352570b563db) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
14:33:41.0112 0704 hpHotkeyMonitor - ok
14:33:41.0148 0704 HpqKbFiltr (b98ee5d4535a685634b90f7e04de0df7) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:33:41.0149 0704 HpqKbFiltr - ok
14:33:41.0190 0704 hpqwmiex (ef3ea06057132138b4e5895a61601dbe) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:33:41.0191 0704 hpqwmiex - ok
14:33:41.0227 0704 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:33:41.0227 0704 HpSAMD - ok
14:33:41.0238 0704 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
14:33:41.0239 0704 hpsrv - ok
14:33:41.0276 0704 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:33:41.0279 0704 HTTP - ok
14:33:41.0392 0704 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:33:41.0392 0704 hwpolicy - ok
14:33:41.0435 0704 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:33:41.0435 0704 i8042prt - ok
14:33:41.0546 0704 IAANTMON (f54b3db096abd6e9bbbd052fd3878a48) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:33:41.0548 0704 IAANTMON - ok
14:33:41.0578 0704 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
14:33:41.0580 0704 iaStor - ok
14:33:41.0624 0704 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:33:41.0626 0704 iaStorV - ok
14:33:41.0769 0704 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:33:41.0773 0704 idsvc - ok
14:33:42.0028 0704 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:33:42.0073 0704 igfx - ok
14:33:42.0183 0704 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:33:42.0183 0704 iirsp - ok
14:33:42.0224 0704 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:33:42.0228 0704 IKEEXT - ok
14:33:42.0360 0704 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
14:33:42.0364 0704 IMFservice - ok
14:33:42.0409 0704 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
14:33:42.0410 0704 Impcd - ok
14:33:42.0519 0704 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:33:42.0520 0704 IntcDAud - ok
14:33:42.0539 0704 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:33:42.0539 0704 intelide - ok
14:33:42.0567 0704 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:33:42.0567 0704 intelppm - ok
14:33:42.0599 0704 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:33:42.0600 0704 IPBusEnum - ok
14:33:42.0635 0704 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:33:42.0636 0704 IpFilterDriver - ok
14:33:42.0656 0704 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:33:42.0659 0704 iphlpsvc - ok
14:33:42.0703 0704 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:33:42.0704 0704 IPMIDRV - ok
14:33:42.0724 0704 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:33:42.0725 0704 IPNAT - ok
14:33:42.0811 0704 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:33:42.0812 0704 IRENUM - ok
14:33:42.0835 0704 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:33:42.0835 0704 isapnp - ok
14:33:42.0855 0704 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:33:42.0856 0704 iScsiPrt - ok
14:33:42.0875 0704 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:33:42.0875 0704 kbdclass - ok
14:33:42.0901 0704 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:33:42.0902 0704 kbdhid - ok
14:33:42.0935 0704 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:42.0936 0704 KeyIso - ok
14:33:42.0965 0704 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:33:42.0966 0704 KSecDD - ok
14:33:42.0983 0704 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:33:42.0984 0704 KSecPkg - ok
14:33:43.0026 0704 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:33:43.0026 0704 ksthunk - ok
14:33:43.0053 0704 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:33:43.0055 0704 KtmRm - ok
14:33:43.0094 0704 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:33:43.0096 0704 LanmanServer - ok
14:33:43.0192 0704 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:33:43.0194 0704 LanmanWorkstation - ok
14:33:43.0291 0704 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:33:43.0292 0704 LightScribeService - ok
14:33:43.0312 0704 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:33:43.0313 0704 lltdio - ok
14:33:43.0362 0704 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:33:43.0364 0704 lltdsvc - ok
14:33:43.0383 0704 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:33:43.0384 0704 lmhosts - ok
14:33:43.0427 0704 LMS (bb4e55778d8de3885e1cdac795de7bce) C:\Program Files (x86)\Intel\Intel« Management Engine Components\LMS\LMS.exe
14:33:43.0428 0704 LMS - ok
14:33:43.0462 0704 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:33:43.0463 0704 LSI_FC - ok
14:33:43.0547 0704 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:33:43.0548 0704 LSI_SAS - ok
14:33:43.0557 0704 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:33:43.0557 0704 LSI_SAS2 - ok
14:33:43.0567 0704 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:33:43.0568 0704 LSI_SCSI - ok
14:33:43.0577 0704 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:33:43.0578 0704 luafv - ok
14:33:43.0621 0704 lxdnCATSCustConnectService (dbf0114cc6896c213f3d6a3517c62f49) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
14:33:43.0622 0704 lxdnCATSCustConnectService - ok
14:33:43.0629 0704 lxdn_device - ok
14:33:43.0762 0704 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
14:33:43.0763 0704 McComponentHostService - ok
14:33:43.0817 0704 McShield (823746f78213054e90ab2ffb316d9925) C:\PROGRA~2\McAfee\MANAGE~1\VScan\McShield.exe
14:33:43.0818 0704 McShield - ok
14:33:43.0914 0704 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:33:43.0915 0704 Mcx2Svc - ok
14:33:43.0958 0704 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:33:43.0959 0704 megasas - ok
14:33:43.0969 0704 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:33:43.0971 0704 MegaSR - ok
14:33:44.0016 0704 MfeAVFK (088620da20b98578bfc4b97043f24042) C:\Windows\system32\drivers\MfeAVFK.sys
14:33:44.0017 0704 MfeAVFK - ok
14:33:44.0034 0704 mfehidk (239e677e3e9047550c18b30c26c3ba3e) C:\Windows\system32\drivers\mfehidk.sys
14:33:44.0035 0704 mfehidk - ok
14:33:44.0048 0704 MfeRKDK (ba2aaa62628ca6dea56a62a0e530d014) C:\Windows\system32\drivers\MfeRKDK.sys
14:33:44.0048 0704 MfeRKDK - ok
14:33:44.0076 0704 mfetdik (bd5de25a8ca211484fd61fa9b25c5d1c) C:\Windows\system32\drivers\mfetdik.sys
14:33:44.0076 0704 mfetdik - ok
14:33:44.0104 0704 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:33:44.0105 0704 MMCSS - ok
14:33:44.0113 0704 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:33:44.0114 0704 Modem - ok
14:33:44.0134 0704 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:33:44.0134 0704 monitor - ok
14:33:44.0179 0704 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
14:33:44.0179 0704 mouclass - ok
14:33:44.0210 0704 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:33:44.0211 0704 mouhid - ok
14:33:44.0236 0704 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:33:44.0236 0704 mountmgr - ok
14:33:44.0354 0704 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:33:44.0355 0704 mpio - ok
14:33:44.0409 0704 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:33:44.0409 0704 mpsdrv - ok
14:33:44.0454 0704 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:33:44.0458 0704 MpsSvc - ok
14:33:44.0488 0704 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:33:44.0489 0704 MRxDAV - ok
14:33:44.0532 0704 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:33:44.0533 0704 mrxsmb - ok
14:33:44.0543 0704 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:33:44.0545 0704 mrxsmb10 - ok
14:33:44.0561 0704 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:33:44.0562 0704 mrxsmb20 - ok
14:33:44.0591 0704 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:33:44.0592 0704 msahci - ok
14:33:44.0697 0704 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:33:44.0698 0704 msdsm - ok
14:33:44.0732 0704 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:33:44.0733 0704 MSDTC - ok
14:33:44.0777 0704 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:33:44.0777 0704 Msfs - ok
14:33:44.0799 0704 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:33:44.0799 0704 mshidkmdf - ok
14:33:44.0820 0704 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:33:44.0821 0704 msisadrv - ok
14:33:44.0863 0704 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:33:44.0864 0704 MSiSCSI - ok
14:33:44.0871 0704 msiserver - ok
14:33:44.0887 0704 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:33:44.0887 0704 MSKSSRV - ok
14:33:44.0895 0704 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:33:44.0895 0704 MSPCLOCK - ok
14:33:44.0915 0704 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:33:44.0916 0704 MSPQM - ok
14:33:44.0949 0704 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:33:44.0951 0704 MsRPC - ok
14:33:44.0970 0704 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:33:44.0970 0704 mssmbios - ok
14:33:45.0071 0704 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:33:45.0071 0704 MSTEE - ok
14:33:45.0079 0704 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:33:45.0080 0704 MTConfig - ok
14:33:45.0099 0704 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:33:45.0100 0704 Mup - ok
14:33:45.0187 0704 myAgtSvc - ok
14:33:45.0218 0704 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:33:45.0221 0704 napagent - ok
14:33:45.0272 0704 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:33:45.0274 0704 NativeWifiP - ok
14:33:45.0337 0704 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:33:45.0341 0704 NDIS - ok
14:33:45.0434 0704 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:33:45.0435 0704 NdisCap - ok
14:33:45.0460 0704 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:33:45.0460 0704 NdisTapi - ok
14:33:45.0489 0704 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:33:45.0490 0704 Ndisuio - ok
14:33:45.0530 0704 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:33:45.0531 0704 NdisWan - ok
14:33:45.0569 0704 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:33:45.0569 0704 NDProxy - ok
14:33:45.0615 0704 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:33:45.0616 0704 NetBIOS - ok
14:33:45.0649 0704 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:33:45.0650 0704 NetBT - ok
14:33:45.0685 0704 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:45.0686 0704 Netlogon - ok
14:33:45.0732 0704 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:33:45.0735 0704 Netman - ok
14:33:45.0825 0704 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:33:45.0829 0704 netprofm - ok
14:33:45.0873 0704 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
14:33:45.0876 0704 netr28x - ok
14:33:45.0928 0704 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:33:45.0928 0704 NetTcpPortSharing - ok
14:33:45.0970 0704 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:33:45.0971 0704 nfrd960 - ok
14:33:46.0009 0704 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:33:46.0011 0704 NlaSvc - ok
14:33:46.0089 0704 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:33:46.0089 0704 Npfs - ok
14:33:46.0109 0704 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:33:46.0110 0704 nsi - ok
14:33:46.0118 0704 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:33:46.0119 0704 nsiproxy - ok
14:33:46.0191 0704 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:33:46.0199 0704 Ntfs - ok
14:33:46.0228 0704 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:33:46.0228 0704 Null - ok
14:33:46.0264 0704 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:33:46.0265 0704 nvraid - ok
14:33:46.0298 0704 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:33:46.0299 0704 nvstor - ok
14:33:46.0323 0704 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:33:46.0324 0704 nv_agp - ok
14:33:46.0368 0704 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:33:46.0369 0704 ohci1394 - ok
14:33:46.0471 0704 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:33:46.0474 0704 p2pimsvc - ok
14:33:46.0504 0704 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:33:46.0507 0704 p2psvc - ok
14:33:46.0537 0704 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:33:46.0538 0704 Parport - ok
14:33:46.0575 0704 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:33:46.0575 0704 partmgr - ok
14:33:46.0595 0704 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:33:46.0597 0704 PcaSvc - ok
14:33:46.0632 0704 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:33:46.0633 0704 pci - ok
14:33:46.0663 0704 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:33:46.0664 0704 pciide - ok
14:33:46.0700 0704 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:33:46.0702 0704 pcmcia - ok
14:33:46.0718 0704 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:33:46.0718 0704 pcw - ok
14:33:46.0777 0704 pdfcDispatcher - ok
14:33:46.0869 0704 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:33:46.0872 0704 PEAUTH - ok
14:33:46.0937 0704 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:33:46.0944 0704 PeerDistSvc - ok
14:33:46.0995 0704 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:33:46.0996 0704 PerfHost - ok
14:33:47.0061 0704 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:33:47.0068 0704 pla - ok
14:33:47.0113 0704 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:33:47.0116 0704 PlugPlay - ok
14:33:47.0209 0704 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:33:47.0210 0704 PNRPAutoReg - ok
14:33:47.0230 0704 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:33:47.0232 0704 PNRPsvc - ok
14:33:47.0262 0704 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:33:47.0265 0704 PolicyAgent - ok
14:33:47.0301 0704 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:33:47.0303 0704 Power - ok
14:33:47.0344 0704 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:33:47.0345 0704 PptpMiniport - ok
14:33:47.0376 0704 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:33:47.0376 0704 Processor - ok
14:33:47.0420 0704 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:33:47.0422 0704 ProfSvc - ok
14:33:47.0502 0704 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:47.0503 0704 ProtectedStorage - ok
14:33:47.0573 0704 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:33:47.0574 0704 Psched - ok
14:33:47.0677 0704 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:33:47.0678 0704 PSI_SVC_2 - ok
14:33:47.0723 0704 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:33:47.0730 0704 ql2300 - ok
14:33:47.0758 0704 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:33:47.0759 0704 ql40xx - ok
14:33:47.0798 0704 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:33:47.0800 0704 QWAVE - ok
14:33:47.0819 0704 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:33:47.0819 0704 QWAVEdrv - ok
14:33:47.0864 0704 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:33:47.0864 0704 RasAcd - ok
14:33:47.0901 0704 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:33:47.0902 0704 RasAgileVpn - ok
14:33:47.0968 0704 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:33:47.0970 0704 RasAuto - ok
14:33:48.0017 0704 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:33:48.0018 0704 Rasl2tp - ok
14:33:48.0063 0704 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:33:48.0066 0704 RasMan - ok
14:33:48.0075 0704 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:33:48.0076 0704 RasPppoe - ok
14:33:48.0098 0704 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:33:48.0098 0704 RasSstp - ok
14:33:48.0152 0704 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:33:48.0154 0704 rdbss - ok
14:33:48.0162 0704 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:33:48.0163 0704 rdpbus - ok
14:33:48.0202 0704 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:33:48.0202 0704 RDPCDD - ok
14:33:48.0239 0704 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
14:33:48.0240 0704 RDPDR - ok
14:33:48.0304 0704 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:33:48.0305 0704 RDPENCDD - ok
14:33:48.0338 0704 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:33:48.0338 0704 RDPREFMP - ok
14:33:48.0390 0704 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:33:48.0391 0704 RDPWD - ok
14:33:48.0419 0704 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:33:48.0420 0704 rdyboost - ok
14:33:48.0484 0704 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:33:48.0485 0704 RemoteAccess - ok
14:33:48.0523 0704 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:33:48.0524 0704 RemoteRegistry - ok
14:33:48.0572 0704 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:33:48.0573 0704 RFCOMM - ok
14:33:48.0595 0704 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:33:48.0596 0704 RpcEptMapper - ok
14:33:48.0636 0704 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:33:48.0637 0704 RpcLocator - ok
14:33:48.0711 0704 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:33:48.0714 0704 RpcSs - ok
14:33:48.0772 0704 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:33:48.0772 0704 rspndr - ok
14:33:48.0802 0704 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
14:33:48.0803 0704 RSUSBSTOR - ok
14:33:48.0842 0704 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:33:48.0844 0704 RTL8167 - ok
14:33:48.0890 0704 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
14:33:48.0890 0704 s3cap - ok
14:33:48.0927 0704 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:48.0928 0704 SamSs - ok
14:33:49.0036 0704 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:33:49.0036 0704 SASDIFSV - ok
14:33:49.0050 0704 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:33:49.0050 0704 SASKUTIL - ok
14:33:49.0132 0704 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:33:49.0133 0704 sbp2port - ok
14:33:49.0157 0704 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:33:49.0159 0704 SCardSvr - ok
14:33:49.0196 0704 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:33:49.0196 0704 scfilter - ok
14:33:49.0242 0704 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:33:49.0247 0704 Schedule - ok
14:33:49.0290 0704 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:33:49.0291 0704 SCPolicySvc - ok
14:33:49.0310 0704 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:33:49.0312 0704 SDRSVC - ok
14:33:49.0356 0704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:33:49.0357 0704 secdrv - ok
14:33:49.0384 0704 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:33:49.0385 0704 seclogon - ok
14:33:49.0493 0704 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:33:49.0494 0704 SENS - ok
14:33:49.0509 0704 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:33:49.0511 0704 SensrSvc - ok
14:33:49.0552 0704 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:33:49.0553 0704 Serenum - ok
14:33:49.0562 0704 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:33:49.0563 0704 Serial - ok
14:33:49.0601 0704 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:33:49.0602 0704 sermouse - ok
14:33:49.0633 0704 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:33:49.0635 0704 SessionEnv - ok
14:33:49.0666 0704 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:33:49.0667 0704 sffdisk - ok
14:33:49.0680 0704 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:33:49.0681 0704 sffp_mmc - ok
14:33:49.0697 0704 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:33:49.0698 0704 sffp_sd - ok
14:33:49.0733 0704 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:33:49.0733 0704 sfloppy - ok
14:33:49.0804 0704 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:33:49.0806 0704 SharedAccess - ok
14:33:49.0894 0704 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:33:49.0897 0704 ShellHWDetection - ok
14:33:49.0933 0704 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:33:49.0933 0704 SiSRaid2 - ok
14:33:49.0942 0704 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:33:49.0943 0704 SiSRaid4 - ok
14:33:50.0014 0704 SiteAdvisor Service (bb2facf58f87c299e823110c7921619c) C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
14:33:50.0015 0704 SiteAdvisor Service - ok
14:33:50.0036 0704 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:33:50.0037 0704 Smb - ok
14:33:50.0084 0704 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:33:50.0085 0704 SNMPTRAP - ok
14:33:50.0178 0704 SNP2UVC (6fc63b4b19fb809336034d5c5c4d2bc0) C:\Windows\system32\DRIVERS\snp2uvc.sys
14:33:50.0187 0704 SNP2UVC - ok
14:33:50.0317 0704 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:33:50.0317 0704 spldr - ok
14:33:50.0351 0704 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:33:50.0355 0704 Spooler - ok
14:33:50.0469 0704 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:33:50.0486 0704 sppsvc - ok
14:33:50.0532 0704 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:33:50.0533 0704 sppuinotify - ok
14:33:50.0584 0704 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:33:50.0586 0704 srv - ok
14:33:50.0678 0704 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:33:50.0680 0704 srv2 - ok
14:33:50.0709 0704 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:33:50.0710 0704 srvnet - ok
14:33:50.0732 0704 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:33:50.0733 0704 SSDPSRV - ok
14:33:50.0750 0704 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:33:50.0751 0704 SstpSvc - ok
14:33:50.0833 0704 STacSV (e455f5fe92edc3cad3f2963c5cca47e6) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
14:33:50.0835 0704 STacSV - ok
14:33:50.0856 0704 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:33:50.0856 0704 stexstor - ok
14:33:50.0881 0704 STHDA (4a9d087c9a97071b9d06db38567da906) C:\Windows\system32\DRIVERS\stwrt64.sys
14:33:50.0883 0704 STHDA - ok
14:33:50.0937 0704 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:33:50.0940 0704 stisvc - ok
14:33:51.0065 0704 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
14:33:51.0066 0704 storflt - ok
14:33:51.0100 0704 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
14:33:51.0101 0704 StorSvc - ok
14:33:51.0122 0704 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
14:33:51.0123 0704 storvsc - ok
14:33:51.0146 0704 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:33:51.0147 0704 swenum - ok
14:33:51.0188 0704 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:33:51.0191 0704 swprv - ok
14:33:51.0244 0704 SynTP (1f298c285d48ce42eb6b7f8d4f0d8120) C:\Windows\system32\DRIVERS\SynTP.sys
14:33:51.0246 0704 SynTP - ok
14:33:51.0320 0704 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:33:51.0329 0704 SysMain - ok
14:33:51.0429 0704 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:33:51.0431 0704 TabletInputService - ok
14:33:51.0453 0704 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:33:51.0456 0704 TapiSrv - ok
14:33:51.0491 0704 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:33:51.0492 0704 TBS - ok
14:33:51.0571 0704 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:33:51.0579 0704 Tcpip - ok
14:33:51.0621 0704 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:33:51.0630 0704 TCPIP6 - ok
14:33:51.0665 0704 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:33:51.0665 0704 tcpipreg - ok
14:33:51.0770 0704 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:33:51.0770 0704 TDPIPE - ok
14:33:51.0812 0704 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:33:51.0812 0704 TDTCP - ok
14:33:51.0836 0704 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:33:51.0837 0704 tdx - ok
14:33:51.0884 0704 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:33:51.0885 0704 TermDD - ok
14:33:51.0918 0704 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:33:51.0922 0704 TermService - ok
14:33:51.0961 0704 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:33:51.0962 0704 Themes - ok
14:33:51.0988 0704 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:33:51.0989 0704 THREADORDER - ok
14:33:52.0021 0704 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:33:52.0022 0704 TrkWks - ok
14:33:52.0055 0704 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:33:52.0056 0704 TrustedInstaller - ok
14:33:52.0168 0704 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:33:52.0168 0704 tssecsrv - ok
14:33:52.0217 0704 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:33:52.0218 0704 TsUsbFlt - ok
14:33:52.0257 0704 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:33:52.0258 0704 tunnel - ok
14:33:52.0294 0704 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:33:52.0295 0704 uagp35 - ok
14:33:52.0345 0704 uArcCapture (9eea84226ed2a028bc3fdfdde03fe95c) C:\Windows\system\uArcCapture.exe
14:33:52.0347 0704 uArcCapture - ok
14:33:52.0376 0704 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:33:52.0378 0704 udfs - ok
14:33:52.0432 0704 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:33:52.0433 0704 UI0Detect - ok
14:33:52.0479 0704 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:33:52.0479 0704 uliagpkx - ok
14:33:52.0573 0704 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:33:52.0573 0704 umbus - ok
14:33:52.0603 0704 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:33:52.0604 0704 UmPass - ok
14:33:52.0631 0704 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
14:33:52.0633 0704 UmRdpService - ok
14:33:52.0759 0704 UNS (44aa8d5d3b3b5610fef46ca8a9c52d8c) C:\Program Files (x86)\Intel\Intel« Management Engine Components\UNS\UNS.exe
14:33:52.0770 0704 UNS - ok
14:33:52.0800 0704 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:33:52.0803 0704 upnphost - ok
14:33:52.0919 0704 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:33:52.0920 0704 usbccgp - ok
14:33:52.0965 0704 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:33:52.0965 0704 usbcir - ok
14:33:52.0987 0704 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
14:33:52.0988 0704 usbehci - ok
14:33:53.0016 0704 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:33:53.0018 0704 usbhub - ok
14:33:53.0048 0704 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:33:53.0048 0704 usbohci - ok
14:33:53.0076 0704 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:33:53.0077 0704 usbprint - ok
14:33:53.0122 0704 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:33:53.0122 0704 usbscan - ok
14:33:53.0154 0704 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
14:33:53.0155 0704 USBSTOR - ok
14:33:53.0180 0704 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:33:53.0180 0704 usbuhci - ok
14:33:53.0255 0704 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:33:53.0256 0704 usbvideo - ok
14:33:53.0307 0704 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:33:53.0309 0704 UxSms - ok
14:33:53.0344 0704 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:53.0345 0704 VaultSvc - ok
14:33:53.0405 0704 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:33:53.0405 0704 vdrvroot - ok
14:33:53.0455 0704 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:33:53.0459 0704 vds - ok
14:33:53.0492 0704 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:33:53.0493 0704 vga - ok
14:33:53.0509 0704 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:33:53.0509 0704 VgaSave - ok
14:33:53.0536 0704 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:33:53.0537 0704 vhdmp - ok
14:33:53.0571 0704 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:33:53.0571 0704 viaide - ok
14:33:53.0640 0704 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
14:33:53.0642 0704 vmbus - ok
14:33:53.0688 0704 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
14:33:53.0688 0704 VMBusHID - ok
14:33:53.0706 0704 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:33:53.0707 0704 volmgr - ok
14:33:53.0746 0704 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:33:53.0747 0704 volmgrx - ok
14:33:53.0780 0704 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:33:53.0781 0704 volsnap - ok
14:33:53.0798 0704 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:33:53.0799 0704 vsmraid - ok
14:33:53.0866 0704 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:33:53.0874 0704 VSS - ok
14:33:53.0900 0704 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:33:53.0901 0704 vwifibus - ok
14:33:53.0948 0704 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:33:53.0948 0704 vwififlt - ok
14:33:53.0975 0704 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:33:53.0976 0704 vwifimp - ok
14:33:54.0043 0704 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:33:54.0046 0704 W32Time - ok
14:33:54.0057 0704 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:33:54.0058 0704 WacomPen - ok
14:33:54.0094 0704 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:33:54.0095 0704 WANARP - ok
14:33:54.0099 0704 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:33:54.0100 0704 Wanarpv6 - ok
14:33:54.0159 0704 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:33:54.0165 0704 WatAdminSvc - ok
14:33:54.0222 0704 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:33:54.0230 0704 wbengine - ok
14:33:54.0297 0704 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:33:54.0299 0704 WbioSrvc - ok
14:33:54.0333 0704 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:33:54.0336 0704 wcncsvc - ok
14:33:54.0390 0704 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:33:54.0391 0704 WcsPlugInService - ok
14:33:54.0426 0704 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:33:54.0427 0704 Wd - ok
14:33:54.0443 0704 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:33:54.0446 0704 Wdf01000 - ok
14:33:54.0462 0704 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:33:54.0464 0704 WdiServiceHost - ok
14:33:54.0478 0704 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:33:54.0479 0704 WdiSystemHost - ok
14:33:54.0514 0704 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:33:54.0517 0704 WebClient - ok
14:33:54.0552 0704 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:33:54.0554 0704 Wecsvc - ok
14:33:54.0569 0704 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:33:54.0571 0704 wercplsupport - ok
14:33:54.0631 0704 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:33:54.0633 0704 WerSvc - ok
14:33:54.0642 0704 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:33:54.0642 0704 WfpLwf - ok
14:33:54.0679 0704 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:33:54.0679 0704 WIMMount - ok
14:33:54.0724 0704 WinDefend - ok
14:33:54.0731 0704 WinHttpAutoProxySvc - ok
14:33:54.0804 0704 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:33:54.0805 0704 Winmgmt - ok
14:33:54.0863 0704 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:33:54.0873 0704 WinRM - ok
14:33:54.0917 0704 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:33:54.0922 0704 Wlansvc - ok
14:33:55.0008 0704 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:33:55.0009 0704 WmiAcpi - ok
14:33:55.0034 0704 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:33:55.0035 0704 wmiApSrv - ok
14:33:55.0072 0704 WMPNetworkSvc - ok
14:33:55.0132 0704 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:33:55.0133 0704 WPCSvc - ok
14:33:55.0169 0704 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:33:55.0171 0704 WPDBusEnum - ok
14:33:55.0221 0704 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:33:55.0222 0704 ws2ifsl - ok
14:33:55.0240 0704 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:33:55.0242 0704 wscsvc - ok
14:33:55.0259 0704 WSearch - ok
14:33:55.0327 0704 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:33:55.0339 0704 wuauserv - ok
14:33:55.0421 0704 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:33:55.0422 0704 WudfPf - ok
14:33:55.0442 0704 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:33:55.0443 0704 WUDFRd - ok
14:33:55.0501 0704 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:33:55.0503 0704 wudfsvc - ok
14:33:55.0543 0704 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:33:55.0546 0704 WwanSvc - ok
14:33:55.0573 0704 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:33:55.0642 0704 \Device\Harddisk0\DR0 - ok
14:33:55.0645 0704 Boot (0x1200) (2bcc95a8bb45c98f9994690610e6bca3) \Device\Harddisk0\DR0\Partition0
14:33:55.0646 0704 \Device\Harddisk0\DR0\Partition0 - ok
14:33:55.0655 0704 Boot (0x1200) (717a7ff4e86479a100f54a6ffd6a0b70) \Device\Harddisk0\DR0\Partition1
14:33:55.0657 0704 \Device\Harddisk0\DR0\Partition1 - ok
14:33:55.0684 0704 Boot (0x1200) (24ef2b8e5e308f2c2f97d2c87965e711) \Device\Harddisk0\DR0\Partition2
14:33:55.0684 0704 \Device\Harddisk0\DR0\Partition2 - ok
14:33:55.0685 0704 ============================================================
14:33:55.0685 0704 Scan finished
14:33:55.0685 0704 ============================================================
14:33:55.0707 1212 Detected object count: 0
14:33:55.0707 1212 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyrightę 2011 AVAST Software
Run date: 2012-04-08 14:36:31
-----------------------------
14:36:31.638 OS Version: Windows x64 6.1.7601 Service Pack 1
14:36:31.638 Number of processors: 4 586 0x2505
14:36:31.638 ComputerName: CLINICLAPTOP UserName:
14:36:32.431 Initialize success
14:45:20.092 AVAST engine error: 2
14:45:28.727 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:45:28.729 Disk 0 Vendor: TOSHIBA_ LH01 Size: 305245MB BusType: 3
14:45:28.751 Disk 0 MBR read successfully
14:45:28.761 Disk 0 MBR scan
14:45:28.763 Disk 0 Windows 7 default MBR code
14:45:28.770 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:45:28.783 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 303087 MB offset 206848
14:45:28.812 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2048 MB offset 620929024
14:45:28.858 Disk 0 scanning C:\Windows\system32\drivers
14:45:34.496 Service scanning
14:45:50.000 Modules scanning
14:45:50.006 Disk 0 trace - called modules:
14:45:50.044 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
14:45:50.055 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005797060]
14:45:50.059 3 CLASSPNP.SYS[fffff88001b8843f] -> nt!IofCallDriver -> [0xfffffa800562cb10]
14:45:50.063 5 hpdskflt.sys[fffff88001b2f289] -> nt!IofCallDriver -> [0xfffffa8003bb49a0]
14:45:50.068 7 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049c8050]
14:45:50.072 Scan finished successfully
14:46:22.244 Disk 0 MBR has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\MBR.dat"
14:46:22.268 The log file has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\aswMBR.txt"

#5 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 08 April 2012 - 01:54 PM

Thank you for responding and for your help. Here are the files:


14:33:30.0472 1960 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
14:33:30.0746 1960 ============================================================
14:33:30.0746 1960 Current date / time: 2012/04/08 14:33:30.0746
14:33:30.0746 1960 SystemInfo:
14:33:30.0746 1960
14:33:30.0746 1960 OS Version: 6.1.7601 ServicePack: 1.0
14:33:30.0746 1960 Product type: Workstation
14:33:30.0746 1960 ComputerName: CLINICLAPTOP
14:33:30.0746 1960 UserName: Dr. Neill H. Payne
14:33:30.0746 1960 Windows directory: C:\Windows
14:33:30.0746 1960 System windows directory: C:\Windows
14:33:30.0746 1960 Running under WOW64
14:33:30.0746 1960 Processor architecture: Intel x64
14:33:30.0746 1960 Number of processors: 4
14:33:30.0746 1960 Page size: 0x1000
14:33:30.0746 1960 Boot type: Safe boot with network
14:33:30.0746 1960 ============================================================
14:33:31.0087 1960 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:33:31.0090 1960 \Device\Harddisk0\DR0:
14:33:31.0090 1960 MBR used
14:33:31.0090 1960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:33:31.0090 1960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24FF7800
14:33:31.0090 1960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x2502A000, BlocksNum 0x400000
14:33:31.0140 1960 Initialize success
14:33:31.0140 1960 ============================================================
14:33:33.0214 0704 ============================================================
14:33:33.0214 0704 Scan started
14:33:33.0214 0704 Mode: Manual;
14:33:33.0214 0704 ============================================================
14:33:33.0429 0704 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:33:33.0430 0704 !SASCORE - ok
14:33:33.0568 0704 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
14:33:33.0569 0704 1394ohci - ok
14:33:33.0609 0704 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
14:33:33.0609 0704 Accelerometer - ok
14:33:33.0690 0704 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:33:33.0691 0704 ACDaemon - ok
14:33:33.0723 0704 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
14:33:33.0725 0704 ACPI - ok
14:33:33.0746 0704 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
14:33:33.0746 0704 AcpiPmi - ok
14:33:33.0782 0704 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:33:33.0785 0704 adp94xx - ok
14:33:33.0798 0704 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:33:33.0800 0704 adpahci - ok
14:33:33.0828 0704 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:33:33.0829 0704 adpu320 - ok
14:33:33.0970 0704 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
14:33:33.0975 0704 AdvancedSystemCareService5 - ok
14:33:34.0076 0704 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:33:34.0076 0704 AeLookupSvc - ok
14:33:34.0167 0704 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
14:33:34.0167 0704 AESTFilters - ok
14:33:34.0277 0704 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
14:33:34.0278 0704 Afc - ok
14:33:34.0336 0704 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
14:33:34.0338 0704 AFD - ok
14:33:34.0392 0704 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
14:33:34.0397 0704 AgereSoftModem - ok
14:33:34.0533 0704 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:33:34.0533 0704 agp440 - ok
14:33:34.0570 0704 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:33:34.0571 0704 ALG - ok
14:33:34.0595 0704 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:33:34.0595 0704 aliide - ok
14:33:34.0638 0704 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:33:34.0638 0704 amdide - ok
14:33:34.0683 0704 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:33:34.0684 0704 AmdK8 - ok
14:33:34.0691 0704 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:33:34.0692 0704 AmdPPM - ok
14:33:34.0715 0704 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
14:33:34.0716 0704 amdsata - ok
14:33:34.0748 0704 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:33:34.0749 0704 amdsbs - ok
14:33:34.0766 0704 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
14:33:34.0766 0704 amdxata - ok
14:33:34.0797 0704 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
14:33:34.0798 0704 AppID - ok
14:33:34.0830 0704 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:33:34.0831 0704 AppIDSvc - ok
14:33:34.0858 0704 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
14:33:34.0858 0704 Appinfo - ok
14:33:34.0956 0704 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:33:34.0957 0704 AppMgmt - ok
14:33:34.0975 0704 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:33:34.0976 0704 arc - ok
14:33:34.0983 0704 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:33:34.0984 0704 arcsas - ok
14:33:35.0029 0704 ARCVCAM (ce2168c926927ba926301baf172bc693) C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys
14:33:35.0030 0704 ARCVCAM - ok
14:33:35.0083 0704 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
14:33:35.0084 0704 aswFsBlk - ok
14:33:35.0091 0704 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
14:33:35.0092 0704 aswMonFlt - ok
14:33:35.0114 0704 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
14:33:35.0115 0704 aswRdr - ok
14:33:35.0151 0704 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
14:33:35.0154 0704 aswSnx - ok
14:33:35.0180 0704 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
14:33:35.0182 0704 aswSP - ok
14:33:35.0205 0704 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
14:33:35.0206 0704 aswTdi - ok
14:33:35.0239 0704 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:33:35.0240 0704 AsyncMac - ok
14:33:35.0338 0704 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:33:35.0338 0704 atapi - ok
14:33:35.0368 0704 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:33:35.0372 0704 AudioEndpointBuilder - ok
14:33:35.0381 0704 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
14:33:35.0384 0704 AudioSrv - ok
14:33:35.0508 0704 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:33:35.0508 0704 avast! Antivirus - ok
14:33:35.0549 0704 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
14:33:35.0550 0704 AxInstSV - ok
14:33:35.0608 0704 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:33:35.0610 0704 b06bdrv - ok
14:33:35.0701 0704 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:33:35.0702 0704 b57nd60a - ok
14:33:35.0736 0704 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:33:35.0737 0704 BDESVC - ok
14:33:35.0753 0704 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:33:35.0753 0704 Beep - ok
14:33:35.0812 0704 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
14:33:35.0815 0704 BFE - ok
14:33:35.0858 0704 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
14:33:35.0863 0704 BITS - ok
14:33:35.0897 0704 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:33:35.0897 0704 blbdrive - ok
14:33:36.0043 0704 Bluetooth Device Manager (bb745548b1e73f8f6f260677786b2be3) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
14:33:36.0062 0704 Bluetooth Device Manager - ok
14:33:36.0102 0704 Bluetooth Media Service (449d09f3d9cdf02bf594b1513257969e) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
14:33:36.0107 0704 Bluetooth Media Service - ok
14:33:36.0125 0704 Bluetooth OBEX Service (41d5b8ee393d815aa82a9b2116f90bcf) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
14:33:36.0128 0704 Bluetooth OBEX Service - ok
14:33:36.0224 0704 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
14:33:36.0225 0704 bowser - ok
14:33:36.0252 0704 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:33:36.0252 0704 BrFiltLo - ok
14:33:36.0261 0704 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:33:36.0261 0704 BrFiltUp - ok
14:33:36.0311 0704 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
14:33:36.0312 0704 Browser - ok
14:33:36.0336 0704 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:33:36.0338 0704 Brserid - ok
14:33:36.0360 0704 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:33:36.0361 0704 BrSerWdm - ok
14:33:36.0369 0704 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:33:36.0369 0704 BrUsbMdm - ok
14:33:36.0377 0704 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:33:36.0377 0704 BrUsbSer - ok
14:33:36.0419 0704 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
14:33:36.0420 0704 BthEnum - ok
14:33:36.0433 0704 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:33:36.0433 0704 BTHMODEM - ok
14:33:36.0468 0704 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:33:36.0469 0704 BthPan - ok
14:33:36.0515 0704 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
14:33:36.0518 0704 BTHPORT - ok
14:33:36.0548 0704 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:33:36.0549 0704 bthserv - ok
14:33:36.0660 0704 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
14:33:36.0660 0704 BTHUSB - ok
14:33:36.0712 0704 BTMCOM (e588420b950dac5ac397f76660bce520) C:\Windows\system32\Drivers\btmcom.sys
14:33:36.0712 0704 BTMCOM - ok
14:33:36.0811 0704 BTMUSB (22a24c45a21ab98afcd09229f6ee5fcf) C:\Windows\system32\Drivers\btmusb.sys
14:33:36.0825 0704 BTMUSB - ok
14:33:36.0851 0704 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:33:36.0852 0704 cdfs - ok
14:33:36.0886 0704 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
14:33:36.0886 0704 cdrom - ok
14:33:36.0914 0704 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:33:36.0914 0704 CertPropSvc - ok
14:33:37.0013 0704 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:33:37.0014 0704 circlass - ok
14:33:37.0047 0704 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:33:37.0049 0704 CLFS - ok
14:33:37.0097 0704 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:33:37.0098 0704 clr_optimization_v2.0.50727_32 - ok
14:33:37.0144 0704 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:33:37.0145 0704 clr_optimization_v2.0.50727_64 - ok
14:33:37.0234 0704 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:33:37.0235 0704 clr_optimization_v4.0.30319_32 - ok
14:33:37.0320 0704 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:33:37.0321 0704 clr_optimization_v4.0.30319_64 - ok
14:33:37.0370 0704 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:33:37.0370 0704 CmBatt - ok
14:33:37.0398 0704 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:33:37.0398 0704 cmdide - ok
14:33:37.0449 0704 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
14:33:37.0451 0704 CNG - ok
14:33:37.0487 0704 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:33:37.0488 0704 Compbatt - ok
14:33:37.0510 0704 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
14:33:37.0511 0704 CompositeBus - ok
14:33:37.0517 0704 COMSysApp - ok
14:33:37.0536 0704 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:33:37.0536 0704 crcdisk - ok
14:33:37.0571 0704 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
14:33:37.0572 0704 CryptSvc - ok
14:33:37.0652 0704 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
14:33:37.0655 0704 CSC - ok
14:33:37.0708 0704 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
14:33:37.0711 0704 CscService - ok
14:33:37.0767 0704 DAMDrv (a8ba4da23ac20bda23ca15234d42a3fa) C:\Windows\system32\DRIVERS\DAMDrv64.sys
14:33:37.0767 0704 DAMDrv - ok
14:33:37.0801 0704 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:33:37.0804 0704 DcomLaunch - ok
14:33:37.0855 0704 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:33:37.0856 0704 defragsvc - ok
14:33:37.0886 0704 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
14:33:37.0886 0704 DfsC - ok
14:33:37.0910 0704 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
14:33:37.0912 0704 Dhcp - ok
14:33:37.0980 0704 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:33:37.0981 0704 discache - ok
14:33:38.0015 0704 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:33:38.0015 0704 Disk - ok
14:33:38.0054 0704 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
14:33:38.0055 0704 Dnscache - ok
14:33:38.0090 0704 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
14:33:38.0092 0704 dot3svc - ok
14:33:38.0192 0704 DpHost (ef8004b4a9552c77fd0e99ab08841d13) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
14:33:38.0194 0704 DpHost - ok
14:33:38.0240 0704 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
14:33:38.0241 0704 DPS - ok
14:33:38.0324 0704 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:33:38.0325 0704 drmkaud - ok
14:33:38.0434 0704 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
14:33:38.0438 0704 DXGKrnl - ok
14:33:38.0483 0704 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:33:38.0484 0704 EapHost - ok
14:33:38.0563 0704 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:33:38.0578 0704 ebdrv - ok
14:33:38.0676 0704 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
14:33:38.0676 0704 EFS - ok
14:33:38.0748 0704 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
14:33:38.0752 0704 ehRecvr - ok
14:33:38.0775 0704 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:33:38.0776 0704 ehSched - ok
14:33:38.0839 0704 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:33:38.0842 0704 elxstor - ok
14:33:38.0929 0704 EngineServer (6fd79878e320793fe8dadb5958d399ac) C:\PROGRA~2\McAfee\MANAGE~1\VScan\ENGINE~1.EXE
14:33:38.0929 0704 EngineServer - ok
14:33:39.0012 0704 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:33:39.0013 0704 ErrDev - ok
14:33:39.0043 0704 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:33:39.0045 0704 EventSystem - ok
14:33:39.0069 0704 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:33:39.0070 0704 exfat - ok
14:33:39.0117 0704 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:33:39.0118 0704 fastfat - ok
14:33:39.0157 0704 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
14:33:39.0161 0704 Fax - ok
14:33:39.0191 0704 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:33:39.0192 0704 fdc - ok
14:33:39.0209 0704 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:33:39.0209 0704 fdPHost - ok
14:33:39.0223 0704 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:33:39.0223 0704 FDResPub - ok
14:33:39.0242 0704 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:33:39.0242 0704 FileInfo - ok
14:33:39.0255 0704 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:33:39.0255 0704 Filetrace - ok
14:33:39.0306 0704 FLCDLOCK (7e728680aa428506a82351d859c32c95) C:\Windows\SysWOW64\flcdlock.exe
14:33:39.0309 0704 FLCDLOCK - ok
14:33:39.0390 0704 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:33:39.0393 0704 FLEXnet Licensing Service - ok
14:33:39.0459 0704 FLEXnet Licensing Service 64 (52c0312ab35eb7187015fb6a99136bb5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:33:39.0464 0704 FLEXnet Licensing Service 64 - ok
14:33:39.0560 0704 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:33:39.0560 0704 flpydisk - ok
14:33:39.0597 0704 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
14:33:39.0599 0704 FltMgr - ok
14:33:39.0641 0704 FontCache (b4447f606bb19fd8ad0bafb59b90f5d9) C:\Windows\system32\FntCache.dll
14:33:39.0647 0704 FontCache - ok
14:33:39.0715 0704 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:33:39.0715 0704 FontCache3.0.0.0 - ok
14:33:39.0809 0704 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
14:33:39.0810 0704 FreeAgentGoNext Service - ok
14:33:39.0901 0704 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:33:39.0902 0704 FsDepends - ok
14:33:39.0921 0704 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:33:39.0921 0704 Fs_Rec - ok
14:33:39.0962 0704 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:33:39.0963 0704 fvevol - ok
14:33:39.0986 0704 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:33:39.0987 0704 gagp30kx - ok
14:33:40.0040 0704 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
14:33:40.0044 0704 gpsvc - ok
14:33:40.0110 0704 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:40.0111 0704 gupdate - ok
14:33:40.0115 0704 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:33:40.0116 0704 gupdatem - ok
14:33:40.0169 0704 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:33:40.0169 0704 hcw85cir - ok
14:33:40.0244 0704 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
14:33:40.0245 0704 HdAudAddService - ok
14:33:40.0288 0704 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
14:33:40.0289 0704 HDAudBus - ok
14:33:40.0329 0704 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
14:33:40.0330 0704 HECIx64 - ok
14:33:40.0354 0704 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:33:40.0355 0704 HidBatt - ok
14:33:40.0373 0704 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:33:40.0374 0704 HidBth - ok
14:33:40.0398 0704 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:33:40.0399 0704 HidIr - ok
14:33:40.0422 0704 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:33:40.0423 0704 hidserv - ok
14:33:40.0439 0704 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
14:33:40.0439 0704 HidUsb - ok
14:33:40.0477 0704 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
14:33:40.0478 0704 hkmsvc - ok
14:33:40.0501 0704 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
14:33:40.0502 0704 HomeGroupListener - ok
14:33:40.0602 0704 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
14:33:40.0604 0704 HomeGroupProvider - ok
14:33:40.0709 0704 HP Health Check Service (58c91cca61a948dc6e789c93c05a1d6f) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
14:33:40.0710 0704 HP Health Check Service - ok
14:33:40.0783 0704 HP Power Assistant Service (cf3ae4aeab7e3ab87122dc4ddd3a6947) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
14:33:40.0784 0704 HP Power Assistant Service - ok
14:33:40.0821 0704 HP ProtectTools Service (ae2a8c80205f06be5edc63be0ae9a756) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
14:33:40.0823 0704 HP ProtectTools Service - ok
14:33:40.0852 0704 HP Wireless Assistant Service (58cc11d14d88ef70ef7abbc75b5eebd8) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
14:33:40.0853 0704 HP Wireless Assistant Service - ok
14:33:40.0882 0704 HPDayStarterService (94c74d758e0f7b1d962da452b4d28c91) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
14:33:40.0883 0704 HPDayStarterService - ok
14:33:40.0922 0704 HPDrvMntSvc.exe (50afb68513014a6894d78014483f0432) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
14:33:40.0923 0704 HPDrvMntSvc.exe - ok
14:33:41.0022 0704 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
14:33:41.0023 0704 hpdskflt - ok
14:33:41.0110 0704 hpHotkeyMonitor (4d94f4d7782657e79eb1352570b563db) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
14:33:41.0112 0704 hpHotkeyMonitor - ok
14:33:41.0148 0704 HpqKbFiltr (b98ee5d4535a685634b90f7e04de0df7) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
14:33:41.0149 0704 HpqKbFiltr - ok
14:33:41.0190 0704 hpqwmiex (ef3ea06057132138b4e5895a61601dbe) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:33:41.0191 0704 hpqwmiex - ok
14:33:41.0227 0704 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
14:33:41.0227 0704 HpSAMD - ok
14:33:41.0238 0704 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
14:33:41.0239 0704 hpsrv - ok
14:33:41.0276 0704 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
14:33:41.0279 0704 HTTP - ok
14:33:41.0392 0704 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
14:33:41.0392 0704 hwpolicy - ok
14:33:41.0435 0704 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
14:33:41.0435 0704 i8042prt - ok
14:33:41.0546 0704 IAANTMON (f54b3db096abd6e9bbbd052fd3878a48) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:33:41.0548 0704 IAANTMON - ok
14:33:41.0578 0704 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
14:33:41.0580 0704 iaStor - ok
14:33:41.0624 0704 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
14:33:41.0626 0704 iaStorV - ok
14:33:41.0769 0704 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:33:41.0773 0704 idsvc - ok
14:33:42.0028 0704 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:33:42.0073 0704 igfx - ok
14:33:42.0183 0704 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:33:42.0183 0704 iirsp - ok
14:33:42.0224 0704 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
14:33:42.0228 0704 IKEEXT - ok
14:33:42.0360 0704 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
14:33:42.0364 0704 IMFservice - ok
14:33:42.0409 0704 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
14:33:42.0410 0704 Impcd - ok
14:33:42.0519 0704 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:33:42.0520 0704 IntcDAud - ok
14:33:42.0539 0704 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:33:42.0539 0704 intelide - ok
14:33:42.0567 0704 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:33:42.0567 0704 intelppm - ok
14:33:42.0599 0704 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:33:42.0600 0704 IPBusEnum - ok
14:33:42.0635 0704 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:33:42.0636 0704 IpFilterDriver - ok
14:33:42.0656 0704 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
14:33:42.0659 0704 iphlpsvc - ok
14:33:42.0703 0704 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
14:33:42.0704 0704 IPMIDRV - ok
14:33:42.0724 0704 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:33:42.0725 0704 IPNAT - ok
14:33:42.0811 0704 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:33:42.0812 0704 IRENUM - ok
14:33:42.0835 0704 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:33:42.0835 0704 isapnp - ok
14:33:42.0855 0704 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
14:33:42.0856 0704 iScsiPrt - ok
14:33:42.0875 0704 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
14:33:42.0875 0704 kbdclass - ok
14:33:42.0901 0704 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
14:33:42.0902 0704 kbdhid - ok
14:33:42.0935 0704 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:42.0936 0704 KeyIso - ok
14:33:42.0965 0704 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
14:33:42.0966 0704 KSecDD - ok
14:33:42.0983 0704 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
14:33:42.0984 0704 KSecPkg - ok
14:33:43.0026 0704 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:33:43.0026 0704 ksthunk - ok
14:33:43.0053 0704 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:33:43.0055 0704 KtmRm - ok
14:33:43.0094 0704 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
14:33:43.0096 0704 LanmanServer - ok
14:33:43.0192 0704 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
14:33:43.0194 0704 LanmanWorkstation - ok
14:33:43.0291 0704 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
14:33:43.0292 0704 LightScribeService - ok
14:33:43.0312 0704 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:33:43.0313 0704 lltdio - ok
14:33:43.0362 0704 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:33:43.0364 0704 lltdsvc - ok
14:33:43.0383 0704 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:33:43.0384 0704 lmhosts - ok
14:33:43.0427 0704 LMS (bb4e55778d8de3885e1cdac795de7bce) C:\Program Files (x86)\Intel\Intel« Management Engine Components\LMS\LMS.exe
14:33:43.0428 0704 LMS - ok
14:33:43.0462 0704 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:33:43.0463 0704 LSI_FC - ok
14:33:43.0547 0704 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:33:43.0548 0704 LSI_SAS - ok
14:33:43.0557 0704 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:33:43.0557 0704 LSI_SAS2 - ok
14:33:43.0567 0704 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:33:43.0568 0704 LSI_SCSI - ok
14:33:43.0577 0704 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:33:43.0578 0704 luafv - ok
14:33:43.0621 0704 lxdnCATSCustConnectService (dbf0114cc6896c213f3d6a3517c62f49) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
14:33:43.0622 0704 lxdnCATSCustConnectService - ok
14:33:43.0629 0704 lxdn_device - ok
14:33:43.0762 0704 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
14:33:43.0763 0704 McComponentHostService - ok
14:33:43.0817 0704 McShield (823746f78213054e90ab2ffb316d9925) C:\PROGRA~2\McAfee\MANAGE~1\VScan\McShield.exe
14:33:43.0818 0704 McShield - ok
14:33:43.0914 0704 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
14:33:43.0915 0704 Mcx2Svc - ok
14:33:43.0958 0704 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:33:43.0959 0704 megasas - ok
14:33:43.0969 0704 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:33:43.0971 0704 MegaSR - ok
14:33:44.0016 0704 MfeAVFK (088620da20b98578bfc4b97043f24042) C:\Windows\system32\drivers\MfeAVFK.sys
14:33:44.0017 0704 MfeAVFK - ok
14:33:44.0034 0704 mfehidk (239e677e3e9047550c18b30c26c3ba3e) C:\Windows\system32\drivers\mfehidk.sys
14:33:44.0035 0704 mfehidk - ok
14:33:44.0048 0704 MfeRKDK (ba2aaa62628ca6dea56a62a0e530d014) C:\Windows\system32\drivers\MfeRKDK.sys
14:33:44.0048 0704 MfeRKDK - ok
14:33:44.0076 0704 mfetdik (bd5de25a8ca211484fd61fa9b25c5d1c) C:\Windows\system32\drivers\mfetdik.sys
14:33:44.0076 0704 mfetdik - ok
14:33:44.0104 0704 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:33:44.0105 0704 MMCSS - ok
14:33:44.0113 0704 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:33:44.0114 0704 Modem - ok
14:33:44.0134 0704 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:33:44.0134 0704 monitor - ok
14:33:44.0179 0704 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
14:33:44.0179 0704 mouclass - ok
14:33:44.0210 0704 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:33:44.0211 0704 mouhid - ok
14:33:44.0236 0704 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
14:33:44.0236 0704 mountmgr - ok
14:33:44.0354 0704 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
14:33:44.0355 0704 mpio - ok
14:33:44.0409 0704 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:33:44.0409 0704 mpsdrv - ok
14:33:44.0454 0704 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
14:33:44.0458 0704 MpsSvc - ok
14:33:44.0488 0704 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
14:33:44.0489 0704 MRxDAV - ok
14:33:44.0532 0704 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:33:44.0533 0704 mrxsmb - ok
14:33:44.0543 0704 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:33:44.0545 0704 mrxsmb10 - ok
14:33:44.0561 0704 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:33:44.0562 0704 mrxsmb20 - ok
14:33:44.0591 0704 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
14:33:44.0592 0704 msahci - ok
14:33:44.0697 0704 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
14:33:44.0698 0704 msdsm - ok
14:33:44.0732 0704 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:33:44.0733 0704 MSDTC - ok
14:33:44.0777 0704 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:33:44.0777 0704 Msfs - ok
14:33:44.0799 0704 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:33:44.0799 0704 mshidkmdf - ok
14:33:44.0820 0704 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:33:44.0821 0704 msisadrv - ok
14:33:44.0863 0704 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:33:44.0864 0704 MSiSCSI - ok
14:33:44.0871 0704 msiserver - ok
14:33:44.0887 0704 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:33:44.0887 0704 MSKSSRV - ok
14:33:44.0895 0704 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:33:44.0895 0704 MSPCLOCK - ok
14:33:44.0915 0704 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:33:44.0916 0704 MSPQM - ok
14:33:44.0949 0704 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
14:33:44.0951 0704 MsRPC - ok
14:33:44.0970 0704 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:33:44.0970 0704 mssmbios - ok
14:33:45.0071 0704 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:33:45.0071 0704 MSTEE - ok
14:33:45.0079 0704 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:33:45.0080 0704 MTConfig - ok
14:33:45.0099 0704 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:33:45.0100 0704 Mup - ok
14:33:45.0187 0704 myAgtSvc - ok
14:33:45.0218 0704 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
14:33:45.0221 0704 napagent - ok
14:33:45.0272 0704 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:33:45.0274 0704 NativeWifiP - ok
14:33:45.0337 0704 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
14:33:45.0341 0704 NDIS - ok
14:33:45.0434 0704 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:33:45.0435 0704 NdisCap - ok
14:33:45.0460 0704 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:33:45.0460 0704 NdisTapi - ok
14:33:45.0489 0704 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
14:33:45.0490 0704 Ndisuio - ok
14:33:45.0530 0704 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
14:33:45.0531 0704 NdisWan - ok
14:33:45.0569 0704 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
14:33:45.0569 0704 NDProxy - ok
14:33:45.0615 0704 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:33:45.0616 0704 NetBIOS - ok
14:33:45.0649 0704 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
14:33:45.0650 0704 NetBT - ok
14:33:45.0685 0704 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:45.0686 0704 Netlogon - ok
14:33:45.0732 0704 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:33:45.0735 0704 Netman - ok
14:33:45.0825 0704 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:33:45.0829 0704 netprofm - ok
14:33:45.0873 0704 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
14:33:45.0876 0704 netr28x - ok
14:33:45.0928 0704 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:33:45.0928 0704 NetTcpPortSharing - ok
14:33:45.0970 0704 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:33:45.0971 0704 nfrd960 - ok
14:33:46.0009 0704 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
14:33:46.0011 0704 NlaSvc - ok
14:33:46.0089 0704 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:33:46.0089 0704 Npfs - ok
14:33:46.0109 0704 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:33:46.0110 0704 nsi - ok
14:33:46.0118 0704 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:33:46.0119 0704 nsiproxy - ok
14:33:46.0191 0704 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
14:33:46.0199 0704 Ntfs - ok
14:33:46.0228 0704 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:33:46.0228 0704 Null - ok
14:33:46.0264 0704 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
14:33:46.0265 0704 nvraid - ok
14:33:46.0298 0704 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
14:33:46.0299 0704 nvstor - ok
14:33:46.0323 0704 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:33:46.0324 0704 nv_agp - ok
14:33:46.0368 0704 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:33:46.0369 0704 ohci1394 - ok
14:33:46.0471 0704 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:33:46.0474 0704 p2pimsvc - ok
14:33:46.0504 0704 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:33:46.0507 0704 p2psvc - ok
14:33:46.0537 0704 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:33:46.0538 0704 Parport - ok
14:33:46.0575 0704 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
14:33:46.0575 0704 partmgr - ok
14:33:46.0595 0704 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:33:46.0597 0704 PcaSvc - ok
14:33:46.0632 0704 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
14:33:46.0633 0704 pci - ok
14:33:46.0663 0704 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:33:46.0664 0704 pciide - ok
14:33:46.0700 0704 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:33:46.0702 0704 pcmcia - ok
14:33:46.0718 0704 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:33:46.0718 0704 pcw - ok
14:33:46.0777 0704 pdfcDispatcher - ok
14:33:46.0869 0704 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:33:46.0872 0704 PEAUTH - ok
14:33:46.0937 0704 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:33:46.0944 0704 PeerDistSvc - ok
14:33:46.0995 0704 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:33:46.0996 0704 PerfHost - ok
14:33:47.0061 0704 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
14:33:47.0068 0704 pla - ok
14:33:47.0113 0704 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
14:33:47.0116 0704 PlugPlay - ok
14:33:47.0209 0704 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:33:47.0210 0704 PNRPAutoReg - ok
14:33:47.0230 0704 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:33:47.0232 0704 PNRPsvc - ok
14:33:47.0262 0704 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
14:33:47.0265 0704 PolicyAgent - ok
14:33:47.0301 0704 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:33:47.0303 0704 Power - ok
14:33:47.0344 0704 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
14:33:47.0345 0704 PptpMiniport - ok
14:33:47.0376 0704 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:33:47.0376 0704 Processor - ok
14:33:47.0420 0704 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
14:33:47.0422 0704 ProfSvc - ok
14:33:47.0502 0704 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:47.0503 0704 ProtectedStorage - ok
14:33:47.0573 0704 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
14:33:47.0574 0704 Psched - ok
14:33:47.0677 0704 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:33:47.0678 0704 PSI_SVC_2 - ok
14:33:47.0723 0704 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:33:47.0730 0704 ql2300 - ok
14:33:47.0758 0704 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:33:47.0759 0704 ql40xx - ok
14:33:47.0798 0704 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:33:47.0800 0704 QWAVE - ok
14:33:47.0819 0704 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:33:47.0819 0704 QWAVEdrv - ok
14:33:47.0864 0704 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:33:47.0864 0704 RasAcd - ok
14:33:47.0901 0704 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:33:47.0902 0704 RasAgileVpn - ok
14:33:47.0968 0704 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:33:47.0970 0704 RasAuto - ok
14:33:48.0017 0704 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:33:48.0018 0704 Rasl2tp - ok
14:33:48.0063 0704 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
14:33:48.0066 0704 RasMan - ok
14:33:48.0075 0704 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:33:48.0076 0704 RasPppoe - ok
14:33:48.0098 0704 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:33:48.0098 0704 RasSstp - ok
14:33:48.0152 0704 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
14:33:48.0154 0704 rdbss - ok
14:33:48.0162 0704 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:33:48.0163 0704 rdpbus - ok
14:33:48.0202 0704 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:33:48.0202 0704 RDPCDD - ok
14:33:48.0239 0704 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
14:33:48.0240 0704 RDPDR - ok
14:33:48.0304 0704 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:33:48.0305 0704 RDPENCDD - ok
14:33:48.0338 0704 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:33:48.0338 0704 RDPREFMP - ok
14:33:48.0390 0704 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
14:33:48.0391 0704 RDPWD - ok
14:33:48.0419 0704 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
14:33:48.0420 0704 rdyboost - ok
14:33:48.0484 0704 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:33:48.0485 0704 RemoteAccess - ok
14:33:48.0523 0704 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:33:48.0524 0704 RemoteRegistry - ok
14:33:48.0572 0704 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:33:48.0573 0704 RFCOMM - ok
14:33:48.0595 0704 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:33:48.0596 0704 RpcEptMapper - ok
14:33:48.0636 0704 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:33:48.0637 0704 RpcLocator - ok
14:33:48.0711 0704 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
14:33:48.0714 0704 RpcSs - ok
14:33:48.0772 0704 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:33:48.0772 0704 rspndr - ok
14:33:48.0802 0704 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
14:33:48.0803 0704 RSUSBSTOR - ok
14:33:48.0842 0704 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:33:48.0844 0704 RTL8167 - ok
14:33:48.0890 0704 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
14:33:48.0890 0704 s3cap - ok
14:33:48.0927 0704 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:48.0928 0704 SamSs - ok
14:33:49.0036 0704 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:33:49.0036 0704 SASDIFSV - ok
14:33:49.0050 0704 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:33:49.0050 0704 SASKUTIL - ok
14:33:49.0132 0704 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
14:33:49.0133 0704 sbp2port - ok
14:33:49.0157 0704 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:33:49.0159 0704 SCardSvr - ok
14:33:49.0196 0704 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
14:33:49.0196 0704 scfilter - ok
14:33:49.0242 0704 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
14:33:49.0247 0704 Schedule - ok
14:33:49.0290 0704 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
14:33:49.0291 0704 SCPolicySvc - ok
14:33:49.0310 0704 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
14:33:49.0312 0704 SDRSVC - ok
14:33:49.0356 0704 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:33:49.0357 0704 secdrv - ok
14:33:49.0384 0704 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
14:33:49.0385 0704 seclogon - ok
14:33:49.0493 0704 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:33:49.0494 0704 SENS - ok
14:33:49.0509 0704 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:33:49.0511 0704 SensrSvc - ok
14:33:49.0552 0704 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:33:49.0553 0704 Serenum - ok
14:33:49.0562 0704 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:33:49.0563 0704 Serial - ok
14:33:49.0601 0704 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:33:49.0602 0704 sermouse - ok
14:33:49.0633 0704 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
14:33:49.0635 0704 SessionEnv - ok
14:33:49.0666 0704 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:33:49.0667 0704 sffdisk - ok
14:33:49.0680 0704 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:33:49.0681 0704 sffp_mmc - ok
14:33:49.0697 0704 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
14:33:49.0698 0704 sffp_sd - ok
14:33:49.0733 0704 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:33:49.0733 0704 sfloppy - ok
14:33:49.0804 0704 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:33:49.0806 0704 SharedAccess - ok
14:33:49.0894 0704 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
14:33:49.0897 0704 ShellHWDetection - ok
14:33:49.0933 0704 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:33:49.0933 0704 SiSRaid2 - ok
14:33:49.0942 0704 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:33:49.0943 0704 SiSRaid4 - ok
14:33:50.0014 0704 SiteAdvisor Service (bb2facf58f87c299e823110c7921619c) C:\Program Files (x86)\SiteAdvisor\6173\SAService.exe
14:33:50.0015 0704 SiteAdvisor Service - ok
14:33:50.0036 0704 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:33:50.0037 0704 Smb - ok
14:33:50.0084 0704 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:33:50.0085 0704 SNMPTRAP - ok
14:33:50.0178 0704 SNP2UVC (6fc63b4b19fb809336034d5c5c4d2bc0) C:\Windows\system32\DRIVERS\snp2uvc.sys
14:33:50.0187 0704 SNP2UVC - ok
14:33:50.0317 0704 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:33:50.0317 0704 spldr - ok
14:33:50.0351 0704 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
14:33:50.0355 0704 Spooler - ok
14:33:50.0469 0704 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
14:33:50.0486 0704 sppsvc - ok
14:33:50.0532 0704 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:33:50.0533 0704 sppuinotify - ok
14:33:50.0584 0704 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
14:33:50.0586 0704 srv - ok
14:33:50.0678 0704 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
14:33:50.0680 0704 srv2 - ok
14:33:50.0709 0704 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
14:33:50.0710 0704 srvnet - ok
14:33:50.0732 0704 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:33:50.0733 0704 SSDPSRV - ok
14:33:50.0750 0704 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:33:50.0751 0704 SstpSvc - ok
14:33:50.0833 0704 STacSV (e455f5fe92edc3cad3f2963c5cca47e6) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
14:33:50.0835 0704 STacSV - ok
14:33:50.0856 0704 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:33:50.0856 0704 stexstor - ok
14:33:50.0881 0704 STHDA (4a9d087c9a97071b9d06db38567da906) C:\Windows\system32\DRIVERS\stwrt64.sys
14:33:50.0883 0704 STHDA - ok
14:33:50.0937 0704 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
14:33:50.0940 0704 stisvc - ok
14:33:51.0065 0704 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
14:33:51.0066 0704 storflt - ok
14:33:51.0100 0704 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
14:33:51.0101 0704 StorSvc - ok
14:33:51.0122 0704 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
14:33:51.0123 0704 storvsc - ok
14:33:51.0146 0704 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:33:51.0147 0704 swenum - ok
14:33:51.0188 0704 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:33:51.0191 0704 swprv - ok
14:33:51.0244 0704 SynTP (1f298c285d48ce42eb6b7f8d4f0d8120) C:\Windows\system32\DRIVERS\SynTP.sys
14:33:51.0246 0704 SynTP - ok
14:33:51.0320 0704 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
14:33:51.0329 0704 SysMain - ok
14:33:51.0429 0704 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
14:33:51.0431 0704 TabletInputService - ok
14:33:51.0453 0704 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
14:33:51.0456 0704 TapiSrv - ok
14:33:51.0491 0704 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:33:51.0492 0704 TBS - ok
14:33:51.0571 0704 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
14:33:51.0579 0704 Tcpip - ok
14:33:51.0621 0704 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
14:33:51.0630 0704 TCPIP6 - ok
14:33:51.0665 0704 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
14:33:51.0665 0704 tcpipreg - ok
14:33:51.0770 0704 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:33:51.0770 0704 TDPIPE - ok
14:33:51.0812 0704 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
14:33:51.0812 0704 TDTCP - ok
14:33:51.0836 0704 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
14:33:51.0837 0704 tdx - ok
14:33:51.0884 0704 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
14:33:51.0885 0704 TermDD - ok
14:33:51.0918 0704 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
14:33:51.0922 0704 TermService - ok
14:33:51.0961 0704 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:33:51.0962 0704 Themes - ok
14:33:51.0988 0704 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:33:51.0989 0704 THREADORDER - ok
14:33:52.0021 0704 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:33:52.0022 0704 TrkWks - ok
14:33:52.0055 0704 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
14:33:52.0056 0704 TrustedInstaller - ok
14:33:52.0168 0704 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:33:52.0168 0704 tssecsrv - ok
14:33:52.0217 0704 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
14:33:52.0218 0704 TsUsbFlt - ok
14:33:52.0257 0704 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
14:33:52.0258 0704 tunnel - ok
14:33:52.0294 0704 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:33:52.0295 0704 uagp35 - ok
14:33:52.0345 0704 uArcCapture (9eea84226ed2a028bc3fdfdde03fe95c) C:\Windows\system\uArcCapture.exe
14:33:52.0347 0704 uArcCapture - ok
14:33:52.0376 0704 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
14:33:52.0378 0704 udfs - ok
14:33:52.0432 0704 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:33:52.0433 0704 UI0Detect - ok
14:33:52.0479 0704 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:33:52.0479 0704 uliagpkx - ok
14:33:52.0573 0704 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
14:33:52.0573 0704 umbus - ok
14:33:52.0603 0704 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:33:52.0604 0704 UmPass - ok
14:33:52.0631 0704 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
14:33:52.0633 0704 UmRdpService - ok
14:33:52.0759 0704 UNS (44aa8d5d3b3b5610fef46ca8a9c52d8c) C:\Program Files (x86)\Intel\Intel« Management Engine Components\UNS\UNS.exe
14:33:52.0770 0704 UNS - ok
14:33:52.0800 0704 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:33:52.0803 0704 upnphost - ok
14:33:52.0919 0704 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
14:33:52.0920 0704 usbccgp - ok
14:33:52.0965 0704 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:33:52.0965 0704 usbcir - ok
14:33:52.0987 0704 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
14:33:52.0988 0704 usbehci - ok
14:33:53.0016 0704 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
14:33:53.0018 0704 usbhub - ok
14:33:53.0048 0704 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
14:33:53.0048 0704 usbohci - ok
14:33:53.0076 0704 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:33:53.0077 0704 usbprint - ok
14:33:53.0122 0704 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:33:53.0122 0704 usbscan - ok
14:33:53.0154 0704 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
14:33:53.0155 0704 USBSTOR - ok
14:33:53.0180 0704 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
14:33:53.0180 0704 usbuhci - ok
14:33:53.0255 0704 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
14:33:53.0256 0704 usbvideo - ok
14:33:53.0307 0704 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:33:53.0309 0704 UxSms - ok
14:33:53.0344 0704 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
14:33:53.0345 0704 VaultSvc - ok
14:33:53.0405 0704 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:33:53.0405 0704 vdrvroot - ok
14:33:53.0455 0704 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
14:33:53.0459 0704 vds - ok
14:33:53.0492 0704 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:33:53.0493 0704 vga - ok
14:33:53.0509 0704 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:33:53.0509 0704 VgaSave - ok
14:33:53.0536 0704 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
14:33:53.0537 0704 vhdmp - ok
14:33:53.0571 0704 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:33:53.0571 0704 viaide - ok
14:33:53.0640 0704 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
14:33:53.0642 0704 vmbus - ok
14:33:53.0688 0704 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
14:33:53.0688 0704 VMBusHID - ok
14:33:53.0706 0704 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
14:33:53.0707 0704 volmgr - ok
14:33:53.0746 0704 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
14:33:53.0747 0704 volmgrx - ok
14:33:53.0780 0704 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
14:33:53.0781 0704 volsnap - ok
14:33:53.0798 0704 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:33:53.0799 0704 vsmraid - ok
14:33:53.0866 0704 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
14:33:53.0874 0704 VSS - ok
14:33:53.0900 0704 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:33:53.0901 0704 vwifibus - ok
14:33:53.0948 0704 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:33:53.0948 0704 vwififlt - ok
14:33:53.0975 0704 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:33:53.0976 0704 vwifimp - ok
14:33:54.0043 0704 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:33:54.0046 0704 W32Time - ok
14:33:54.0057 0704 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:33:54.0058 0704 WacomPen - ok
14:33:54.0094 0704 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:33:54.0095 0704 WANARP - ok
14:33:54.0099 0704 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
14:33:54.0100 0704 Wanarpv6 - ok
14:33:54.0159 0704 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:33:54.0165 0704 WatAdminSvc - ok
14:33:54.0222 0704 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
14:33:54.0230 0704 wbengine - ok
14:33:54.0297 0704 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:33:54.0299 0704 WbioSrvc - ok
14:33:54.0333 0704 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
14:33:54.0336 0704 wcncsvc - ok
14:33:54.0390 0704 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:33:54.0391 0704 WcsPlugInService - ok
14:33:54.0426 0704 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:33:54.0427 0704 Wd - ok
14:33:54.0443 0704 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:33:54.0446 0704 Wdf01000 - ok
14:33:54.0462 0704 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:33:54.0464 0704 WdiServiceHost - ok
14:33:54.0478 0704 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:33:54.0479 0704 WdiSystemHost - ok
14:33:54.0514 0704 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
14:33:54.0517 0704 WebClient - ok
14:33:54.0552 0704 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:33:54.0554 0704 Wecsvc - ok
14:33:54.0569 0704 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:33:54.0571 0704 wercplsupport - ok
14:33:54.0631 0704 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:33:54.0633 0704 WerSvc - ok
14:33:54.0642 0704 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:33:54.0642 0704 WfpLwf - ok
14:33:54.0679 0704 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:33:54.0679 0704 WIMMount - ok
14:33:54.0724 0704 WinDefend - ok
14:33:54.0731 0704 WinHttpAutoProxySvc - ok
14:33:54.0804 0704 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:33:54.0805 0704 Winmgmt - ok
14:33:54.0863 0704 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
14:33:54.0873 0704 WinRM - ok
14:33:54.0917 0704 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:33:54.0922 0704 Wlansvc - ok
14:33:55.0008 0704 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:33:55.0009 0704 WmiAcpi - ok
14:33:55.0034 0704 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:33:55.0035 0704 wmiApSrv - ok
14:33:55.0072 0704 WMPNetworkSvc - ok
14:33:55.0132 0704 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:33:55.0133 0704 WPCSvc - ok
14:33:55.0169 0704 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
14:33:55.0171 0704 WPDBusEnum - ok
14:33:55.0221 0704 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:33:55.0222 0704 ws2ifsl - ok
14:33:55.0240 0704 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
14:33:55.0242 0704 wscsvc - ok
14:33:55.0259 0704 WSearch - ok
14:33:55.0327 0704 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
14:33:55.0339 0704 wuauserv - ok
14:33:55.0421 0704 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
14:33:55.0422 0704 WudfPf - ok
14:33:55.0442 0704 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:33:55.0443 0704 WUDFRd - ok
14:33:55.0501 0704 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
14:33:55.0503 0704 wudfsvc - ok
14:33:55.0543 0704 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:33:55.0546 0704 WwanSvc - ok
14:33:55.0573 0704 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:33:55.0642 0704 \Device\Harddisk0\DR0 - ok
14:33:55.0645 0704 Boot (0x1200) (2bcc95a8bb45c98f9994690610e6bca3) \Device\Harddisk0\DR0\Partition0
14:33:55.0646 0704 \Device\Harddisk0\DR0\Partition0 - ok
14:33:55.0655 0704 Boot (0x1200) (717a7ff4e86479a100f54a6ffd6a0b70) \Device\Harddisk0\DR0\Partition1
14:33:55.0657 0704 \Device\Harddisk0\DR0\Partition1 - ok
14:33:55.0684 0704 Boot (0x1200) (24ef2b8e5e308f2c2f97d2c87965e711) \Device\Harddisk0\DR0\Partition2
14:33:55.0684 0704 \Device\Harddisk0\DR0\Partition2 - ok
14:33:55.0685 0704 ============================================================
14:33:55.0685 0704 Scan finished
14:33:55.0685 0704 ============================================================
14:33:55.0707 1212 Detected object count: 0
14:33:55.0707 1212 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyrightę 2011 AVAST Software
Run date: 2012-04-08 14:36:31
-----------------------------
14:36:31.638 OS Version: Windows x64 6.1.7601 Service Pack 1
14:36:31.638 Number of processors: 4 586 0x2505
14:36:31.638 ComputerName: CLINICLAPTOP UserName:
14:36:32.431 Initialize success
14:45:20.092 AVAST engine error: 2
14:45:28.727 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:45:28.729 Disk 0 Vendor: TOSHIBA_ LH01 Size: 305245MB BusType: 3
14:45:28.751 Disk 0 MBR read successfully
14:45:28.761 Disk 0 MBR scan
14:45:28.763 Disk 0 Windows 7 default MBR code
14:45:28.770 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:45:28.783 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 303087 MB offset 206848
14:45:28.812 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2048 MB offset 620929024
14:45:28.858 Disk 0 scanning C:\Windows\system32\drivers
14:45:34.496 Service scanning
14:45:50.000 Modules scanning
14:45:50.006 Disk 0 trace - called modules:
14:45:50.044 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
14:45:50.055 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005797060]
14:45:50.059 3 CLASSPNP.SYS[fffff88001b8843f] -> nt!IofCallDriver -> [0xfffffa800562cb10]
14:45:50.063 5 hpdskflt.sys[fffff88001b2f289] -> nt!IofCallDriver -> [0xfffffa8003bb49a0]
14:45:50.068 7 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049c8050]
14:45:50.072 Scan finished successfully
14:46:22.244 Disk 0 MBR has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\MBR.dat"
14:46:22.268 The log file has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\aswMBR.txt"

Attached Files

  • Attached File  MBR.zip   571bytes   0 downloads


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,971 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:48 AM

Posted 09 April 2012 - 08:59 AM

The logs are clean.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.

Please post the logs for my review.

#7 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 09 April 2012 - 12:10 PM

Thanks for your help. Here are the logs:

ComboFix 12-04-09.04 - Dr. Neill H. Payne 04/09/2012 12:59:48.1.4 - x64 NETWORK
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3887.3214 [GMT -4:00]
Running from: c:\users\Dr. Neill H. Payne\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-09 17:04 . 2012-04-09 17:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-30 04:12 . 2012-03-30 04:19 -------- d-----w- c:\users\Dr. Neill H. Payne\AppData\Roaming\Process Hacker 2
2012-03-30 04:05 . 2012-03-30 04:05 -------- d-----w- c:\program files\Process Hacker 2
2012-03-26 10:00 . 2012-02-23 18:24 24408 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-03-26 03:20 . 2012-03-26 03:20 -------- d-----w- c:\programdata\IObit
2012-03-26 03:20 . 2012-04-07 15:32 -------- d-----w- c:\users\Dr. Neill H. Payne\AppData\Roaming\IObit
2012-03-26 03:20 . 2012-03-30 18:10 -------- d-----w- c:\program files (x86)\IObit
2012-03-26 01:46 . 2012-03-26 01:46 -------- d-----w- c:\program files (x86)\ESET
2012-03-18 19:18 . 2012-03-18 21:19 -------- d-----w- c:\users\Dr. Neill H. Payne\AppData\Roaming\PhotoScape
2012-03-18 19:18 . 2012-03-18 19:18 -------- d-----w- c:\program files (x86)\PhotoScape
2012-03-18 14:03 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-18 14:03 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-18 14:03 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-18 13:57 . 2012-03-18 13:57 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-18 13:57 . 2012-03-18 13:57 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-17 15:51 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-17 15:51 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-17 15:51 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-17 15:44 . 2012-03-17 15:44 -------- d-----w- c:\windows\system32\SPReview
2012-03-17 15:44 . 2012-03-17 15:44 -------- d-----w- c:\windows\system32\EventProviders
2012-03-17 15:27 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-17 15:27 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-17 15:27 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-17 15:23 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-17 15:23 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-17 15:23 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-17 15:23 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-10 17:10 . 2012-03-10 17:10 -------- d-----w- c:\program files (x86)\MSXML 4.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-17 16:01 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-03-17 16:01 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-03-06 23:15 . 2012-02-27 02:28 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2012-02-27 02:28 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-06 23:15 . 2012-02-27 02:29 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:04 . 2012-02-27 02:29 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:04 . 2012-02-27 02:29 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2012-02-27 02:29 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01 . 2012-02-27 02:29 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2012-02-27 02:29 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2012-02-27 02:29 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-05 02:35 . 2012-03-05 02:35 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-03-05 02:35 . 2012-03-05 02:35 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-03-05 02:35 . 2012-03-05 02:35 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-03-05 02:35 . 2012-03-05 02:35 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-03-05 02:35 . 2012-03-05 02:35 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-03-05 02:35 . 2012-03-05 02:35 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-03-05 02:35 . 2012-03-05 02:35 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-03-05 02:35 . 2012-03-05 02:35 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-03-05 02:35 . 2012-03-05 02:35 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-03-05 02:35 . 2012-03-05 02:35 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-03-05 02:35 . 2012-03-05 02:35 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-03-05 02:35 . 2012-03-05 02:35 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-03-05 02:35 . 2012-03-05 02:35 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-03-05 02:35 . 2012-03-05 02:35 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-03-05 02:35 . 2012-03-05 02:35 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-03-05 02:35 . 2012-03-05 02:35 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-03-05 02:35 . 2012-03-05 02:35 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-03-05 02:35 . 2012-03-05 02:35 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-03-05 02:35 . 2012-03-05 02:35 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-03-05 02:35 . 2012-03-05 02:35 222208 ----a-w- c:\windows\system32\msls31.dll
2012-03-05 02:35 . 2012-03-05 02:35 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-03-05 02:35 . 2012-03-05 02:35 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-03-05 02:35 . 2012-03-05 02:35 12288 ----a-w- c:\windows\system32\mshta.exe
2012-03-05 02:35 . 2012-03-05 02:35 114176 ----a-w- c:\windows\system32\admparse.dll
2012-03-05 02:35 . 2012-03-05 02:35 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-03-05 02:35 . 2012-03-05 02:35 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-03-05 02:35 . 2012-03-05 02:35 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-03-05 02:35 . 2012-03-05 02:35 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-03-05 02:35 . 2012-03-05 02:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-03-05 02:35 . 2012-03-05 02:35 448512 ----a-w- c:\windows\system32\html.iec
2012-03-05 02:35 . 2012-03-05 02:35 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-05 02:35 . 2012-03-05 02:35 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-03-05 02:35 . 2012-03-05 02:35 160256 ----a-w- c:\windows\system32\wextract.exe
2012-03-05 02:35 . 2012-03-05 02:35 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-27 03:45 . 2012-02-27 03:35 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-26 19:17 . 2012-02-26 19:17 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2012-02-26 19:17 . 2012-02-26 19:17 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2012-02-26 19:17 . 2012-02-26 19:17 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2012-02-26 19:17 . 2012-02-26 19:17 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2012-02-26 19:17 . 2012-02-26 19:17 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-03-10 4785536]
"Advanced SystemCare 5"="c:\program files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-03-06 574296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-19 518656]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"SiteAdvisor"="c:\program files (x86)\SiteAdvisor\6173\SiteAdv.exe" [2007-08-28 36640]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"FaxCenterServer"="c:\program files (x86)\Lexmark Fax Solutions\fm3032.exe" [2009-01-29 320168]
"CarboniteSetupLite"="c:\program files (x86)\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096]
"MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-12-18 197928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 19:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-04-22 677128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-12-18 189736]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-27 136176]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-10 251448]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
R2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-10 821592]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2008-02-27 1044648]
R2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2008-02-27 33960]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [x]
R2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe [2009-12-04 506472]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
R3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-04-15 4170504]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-04-15 1096456]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-02-26 1028096]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-27 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-03-05 140672]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 17:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-27 02:29]
.
2012-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-27 02:29]
.
2012-03-30 c:\windows\Tasks\HPCeeScheduleForDr. Neill H. Payne.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 09:22]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2009-12-16 1690680]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-04-22 19645704]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-24 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-24 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-24 410648]
"lxdnmon.exe"="c:\program files (x86)\Lexmark 2600 Series\lxdnmon.exe" [2009-01-29 660136]
"lxdnamon"="c:\program files (x86)\Lexmark 2600 Series\lxdnamon.exe" [2009-01-29 16040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Dr. Neill H. Payne\AppData\Roaming\Mozilla\Firefox\Profiles\5px6xl6s.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-MVS Splash - c:\program files (x86)\McAfee\Managed VirusScan\Agent\Splash.exe
Wow6432Node-HKLM-Run-McAfee Managed Services Tray - c:\program files (x86)\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-MVS - c:\program files (x86)\McAfee\Managed VirusScan\Agent\myinx
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\mcafee\ManagedServices]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\mcafee\VSCORE]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-09 13:05:55
ComboFix-quarantined-files.txt 2012-04-09 17:05
.
Pre-Run: 280,519,000,064 bytes free
Post-Run: 285,499,252,736 bytes free
.
- - End Of File - - 193C97EEBE57A80CCE02BD3E104EB4F6



Results of screen317's Security Check version 0.99.32
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
avast! Free Antivirus
ESET Online Scanner v3
McAfee Virus and Spyware Protection Service
McAfee Security Scan Plus
McAfee Browser Protection Service
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

McAfee Virus and Spyware Protection Service
Mozilla Firefox (11.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,971 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:48 AM

Posted 09 April 2012 - 12:46 PM

Nothing suspicious was found on your log.

avast! Free Antivirus

McAfee Virus and Spyware Protection Service
McAfee Security Scan Plus
McAfee Browser Protection Service


I hope you are not running both of these programs simultaneously.

What issues remains on this computer?

#9 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 10 April 2012 - 03:08 PM

Nasdaq;

I took your hint and removed McAfee. It was installed by the HP installation disc when I had to reload the operating system.
I still seem to be having some problems with the HD running a lot and slowing the computer although removing those programs did help. I thought that I would re-run TDSS rootkit killer again and this is what I got:

15:36:03.0163 5352 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:36:03.0506 5352 ============================================================
15:36:03.0506 5352 Current date / time: 2012/04/10 15:36:03.0506
15:36:03.0506 5352 SystemInfo:
15:36:03.0506 5352
15:36:03.0506 5352 OS Version: 6.1.7601 ServicePack: 1.0
15:36:03.0506 5352 Product type: Workstation
15:36:03.0506 5352 ComputerName: CLINICLAPTOP
15:36:03.0521 5352 UserName: Dr. Neill H. Payne
15:36:03.0521 5352 Windows directory: C:\Windows
15:36:03.0521 5352 System windows directory: C:\Windows
15:36:03.0521 5352 Running under WOW64
15:36:03.0521 5352 Processor architecture: Intel x64
15:36:03.0521 5352 Number of processors: 4
15:36:03.0521 5352 Page size: 0x1000
15:36:03.0521 5352 Boot type: Normal boot
15:36:03.0521 5352 ============================================================
15:39:12.0363 5352 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:39:15.0421 5352 \Device\Harddisk0\DR0:
15:39:18.0541 5352 MBR used
15:39:18.0541 5352 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:39:18.0541 5352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24FF7800
15:39:18.0541 5352 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x2502A000, BlocksNum 0x400000
15:39:40.0053 5352 Initialize success
15:39:40.0053 5352 ============================================================
15:42:51.0638 2580 ============================================================
15:42:51.0638 2580 Scan started
15:42:51.0638 2580 Mode: Manual;
15:42:51.0638 2580 ============================================================
15:44:15.0130 2580 !SASCORE (3d41aeb931541acc9beb8f4df8bf79ed) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:44:15.0130 2580 Suspicious file (Forged): C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE. Real md5: 3d41aeb931541acc9beb8f4df8bf79ed, Fake md5: 7d9d615201a483d6fa99491c2e655a5a
15:44:15.0130 2580 !SASCORE ( ForgedFile.Multi.Generic ) - warning
15:44:15.0130 2580 !SASCORE - detected ForgedFile.Multi.Generic (1)
15:44:18.0468 2580 1394ohci - ok
15:44:24.0942 2580 Accelerometer - ok
15:44:59.0527 2580 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:44:59.0527 2580 ACDaemon - ok
15:45:02.0725 2580 ACPI - ok
15:45:06.0173 2580 AcpiPmi - ok
15:45:15.0611 2580 adp94xx - ok
15:45:18.0793 2580 adpahci - ok
15:45:22.0101 2580 adpu320 - ok
15:45:32.0194 2580 AdvancedSystemCareService5 - ok
15:45:35.0439 2580 AeLookupSvc - ok
15:45:38.0699 2580 AESTFilters - ok
15:45:41.0913 2580 Afc - ok
15:45:45.0236 2580 AFD - ok
15:45:48.0418 2580 AgereSoftModem - ok
15:45:51.0819 2580 agp440 - ok
15:45:54.0986 2580 ALG - ok
15:46:01.0413 2580 aliide - ok
15:46:04.0736 2580 amdide - ok
15:46:07.0965 2580 AmdK8 - ok
15:46:42.0488 2580 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:46:45.0623 2580 AmdPPM - ok
15:46:48.0837 2580 amdsata - ok
15:46:52.0019 2580 amdsbs - ok
15:47:01.0520 2580 amdxata - ok
15:47:04.0920 2580 AppID - ok
15:47:08.0134 2580 AppIDSvc - ok
15:47:11.0472 2580 Appinfo - ok
15:47:14.0686 2580 AppMgmt - ok
15:47:18.0025 2580 arc - ok
15:47:21.0441 2580 arcsas - ok
15:47:28.0024 2580 ARCVCAM - ok
15:47:31.0331 2580 aswFsBlk - ok
15:47:38.0008 2580 aswMonFlt - ok
15:47:41.0222 2580 aswRdr - ok
15:47:44.0435 2580 aswSnx - ok
15:47:47.0758 2580 aswSP - ok
15:47:54.0170 2580 aswTdi - ok
15:47:57.0493 2580 AsyncMac - ok
15:48:00.0815 2580 atapi - ok
15:48:07.0336 2580 AudioEndpointBuilder - ok
15:48:10.0675 2580 AudioSrv - ok
15:48:13.0966 2580 avast! Antivirus - ok
15:48:20.0503 2580 AxInstSV - ok
15:48:26.0961 2580 b06bdrv - ok
15:48:30.0377 2580 b57nd60a - ok
15:48:33.0622 2580 BDESVC - ok
15:48:40.0049 2580 Beep - ok
15:48:43.0263 2580 BFE - ok
15:48:46.0445 2580 BITS - ok
15:48:53.0075 2580 blbdrive - ok
15:48:56.0383 2580 Bluetooth Device Manager - ok
15:48:59.0768 2580 Bluetooth Media Service - ok
15:49:03.0091 2580 Bluetooth OBEX Service - ok
15:49:06.0398 2580 bowser - ok
15:49:09.0736 2580 BrFiltLo - ok
15:49:13.0122 2580 BrFiltUp - ok
15:49:16.0460 2580 BridgeMP - ok
15:49:19.0674 2580 Browser - ok
15:49:22.0996 2580 Brserid - ok
15:49:26.0350 2580 BrSerWdm - ok
15:49:32.0778 2580 BrUsbMdm - ok
15:49:35.0960 2580 BrUsbSer - ok
15:49:39.0267 2580 BthEnum - ok
15:49:42.0606 2580 BTHMODEM - ok
15:49:45.0772 2580 BthPan - ok
15:49:49.0048 2580 BTHPORT - ok
15:49:52.0324 2580 bthserv - ok
15:49:55.0647 2580 BTHUSB - ok
15:49:58.0954 2580 BTMCOM - ok
15:50:02.0262 2580 BTMUSB - ok
15:50:05.0600 2580 cdfs - ok
15:50:37.0128 2580 cdrom (4368eefd9e44d770c90a5e241139a7d3) C:\Windows\system32\drivers\cdrom.sys
15:50:37.0128 2580 Suspicious file (Forged): C:\Windows\system32\drivers\cdrom.sys. Real md5: 4368eefd9e44d770c90a5e241139a7d3, Fake md5: f036ce71586e93d94dab220d7bdf4416
15:50:37.0128 2580 cdrom ( ForgedFile.Multi.Generic ) - warning
15:50:37.0128 2580 cdrom - detected ForgedFile.Multi.Generic (1)
15:50:50.0044 2580 CertPropSvc - ok
15:50:53.0367 2580 circlass - ok
15:51:31.0010 2580 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:51:31.0026 2580 CLFS - ok
15:51:34.0177 2580 clr_optimization_v2.0.50727_32 - ok
15:51:37.0469 2580 clr_optimization_v2.0.50727_64 - ok
15:51:47.0000 2580 clr_optimization_v4.0.30319_32 - ok
15:51:50.0417 2580 clr_optimization_v4.0.30319_64 - ok
15:51:53.0661 2580 CmBatt - ok
15:51:56.0984 2580 cmdide - ok
15:52:00.0385 2580 CNG - ok
15:52:03.0630 2580 Compbatt - ok
15:52:13.0411 2580 CompositeBus - ok
15:52:16.0703 2580 COMSysApp - ok
15:52:19.0916 2580 crcdisk - ok
15:52:23.0223 2580 CryptSvc - ok
15:52:26.0577 2580 CSC - ok
15:52:29.0900 2580 CscService - ok
15:52:36.0499 2580 DAMDrv - ok
15:52:39.0869 2580 DcomLaunch - ok
15:52:46.0249 2580 defragsvc - ok
15:52:49.0478 2580 DfsC - ok
15:52:52.0926 2580 Dhcp - ok
15:52:56.0139 2580 discache - ok
15:52:59.0525 2580 Disk - ok
15:53:05.0858 2580 Dnscache - ok
15:53:09.0041 2580 dot3svc - ok
15:53:15.0593 2580 DpHost (9c9147bfa9784a60b8d8c4d02f1839fb) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
15:53:15.0593 2580 Suspicious file (Forged): C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe. Real md5: 9c9147bfa9784a60b8d8c4d02f1839fb, Fake md5: ef8004b4a9552c77fd0e99ab08841d13
15:53:15.0593 2580 DpHost ( ForgedFile.Multi.Generic ) - warning
15:53:15.0593 2580 DpHost - detected ForgedFile.Multi.Generic (1)
15:53:18.0822 2580 DPS - ok
15:53:21.0911 2580 drmkaud - ok
15:53:25.0187 2580 DXGKrnl - ok
15:53:28.0276 2580 EapHost - ok
15:53:31.0692 2580 ebdrv - ok
15:53:34.0952 2580 EFS - ok
15:53:38.0244 2580 ehRecvr - ok
15:53:41.0551 2580 ehSched - ok
15:53:48.0041 2580 elxstor - ok
15:53:51.0379 2580 ErrDev - ok
15:53:54.0608 2580 EventSystem - ok
15:53:57.0884 2580 exfat - ok
15:54:01.0207 2580 fastfat - ok
15:54:04.0592 2580 Fax - ok
15:54:07.0775 2580 fdc - ok
15:54:11.0129 2580 fdPHost - ok
15:54:14.0296 2580 FDResPub - ok
15:54:14.0498 2580 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:54:14.0498 2580 FileInfo - ok
15:54:17.0774 2580 Filetrace (900b81b35263780f2afb0eb74d7535c6) C:\Windows\system32\drivers\filetrace.sys
15:54:17.0868 2580 Suspicious file (Forged): C:\Windows\system32\drivers\filetrace.sys. Real md5: 900b81b35263780f2afb0eb74d7535c6, Fake md5: 5f671ab5bc87eea04ec38a6cd5962a47
15:54:17.0868 2580 Filetrace ( ForgedFile.Multi.Generic ) - warning
15:54:17.0868 2580 Filetrace - detected ForgedFile.Multi.Generic (1)
15:54:21.0097 2580 FLCDLOCK - ok
15:54:55.0621 2580 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:55:02.0267 2580 FLEXnet Licensing Service - ok
15:55:11.0736 2580 FLEXnet Licensing Service 64 (24510d768d371d928fc78e249203a113) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:55:11.0752 2580 Suspicious file (Forged): C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe. Real md5: 24510d768d371d928fc78e249203a113, Fake md5: 52c0312ab35eb7187015fb6a99136bb5
15:55:11.0752 2580 FLEXnet Licensing Service 64 ( ForgedFile.Multi.Generic ) - warning
15:55:11.0752 2580 FLEXnet Licensing Service 64 - detected ForgedFile.Multi.Generic (1)
15:55:14.0965 2580 flpydisk - ok
15:55:18.0335 2580 FltMgr - ok
15:55:21.0502 2580 FontCache - ok
15:55:27.0929 2580 FontCache3.0.0.0 - ok
15:55:34.0528 2580 FreeAgentGoNext Service - ok
15:55:37.0835 2580 FsDepends - ok
15:55:41.0173 2580 Fs_Rec - ok
15:55:44.0512 2580 fvevol - ok
15:55:47.0741 2580 gagp30kx - ok
15:55:51.0064 2580 gpsvc - ok
15:55:54.0386 2580 gupdate - ok
15:55:57.0662 2580 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:57.0678 2580 gupdatem - ok
15:56:00.0829 2580 hcw85cir - ok
15:56:04.0168 2580 HdAudAddService - ok
15:56:07.0334 2580 HDAudBus - ok
15:56:10.0626 2580 HECIx64 - ok
15:56:13.0871 2580 HidBatt - ok
15:56:17.0162 2580 HidBth - ok
15:56:20.0470 2580 HidIr - ok
15:56:23.0792 2580 hidserv - ok
15:56:27.0131 2580 HidUsb - ok
15:56:30.0469 2580 hkmsvc - ok
15:56:33.0901 2580 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:56:33.0917 2580 HomeGroupListener - ok
15:56:40.0313 2580 HomeGroupProvider - ok
15:56:43.0682 2580 HP Power Assistant Service - ok
15:56:50.0344 2580 HP ProtectTools Service - ok
15:56:56.0740 2580 HP Support Assistant Service - ok
15:56:59.0907 2580 HP Wireless Assistant Service - ok
15:57:06.0334 2580 HPDayStarterService - ok
15:57:16.0099 2580 HPDrvMntSvc.exe - ok
15:57:19.0485 2580 hpdskflt - ok
15:57:26.0130 2580 hpHotkeyMonitor - ok
15:57:32.0573 2580 HpqKbFiltr - ok
15:57:35.0771 2580 hpqwmiex - ok
15:57:42.0401 2580 HpSAMD - ok
15:57:45.0693 2580 hpsrv - ok
15:57:52.0369 2580 HTTP - ok
15:57:55.0755 2580 hwpolicy - ok
15:58:02.0447 2580 i8042prt - ok
15:58:05.0629 2580 IAANTMON - ok
15:58:09.0015 2580 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
15:58:09.0015 2580 iaStor - ok
15:58:09.0202 2580 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:58:09.0202 2580 iaStorV - ok
15:58:09.0576 2580 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:58:09.0592 2580 idsvc - ok
15:58:11.0011 2580 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:58:11.0199 2580 igfx - ok
15:58:11.0448 2580 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:58:11.0448 2580 iirsp - ok
15:58:11.0542 2580 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:58:11.0557 2580 IKEEXT - ok
15:58:11.0838 2580 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
15:58:11.0838 2580 IMFservice - ok
15:58:12.0088 2580 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
15:58:12.0103 2580 Impcd - ok
15:58:12.0181 2580 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:58:12.0181 2580 IntcDAud - ok
15:58:12.0213 2580 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:58:12.0213 2580 intelide - ok
15:58:12.0259 2580 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:58:12.0259 2580 intelppm - ok
15:58:12.0322 2580 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:58:12.0337 2580 IPBusEnum - ok
15:58:12.0478 2580 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:58:12.0478 2580 IpFilterDriver - ok
15:58:12.0556 2580 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:58:12.0571 2580 iphlpsvc - ok
15:58:12.0665 2580 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:58:12.0665 2580 IPMIDRV - ok
15:58:12.0743 2580 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:58:12.0743 2580 IPNAT - ok
15:58:12.0868 2580 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:58:12.0868 2580 IRENUM - ok
15:58:12.0946 2580 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:58:12.0946 2580 isapnp - ok
15:58:13.0008 2580 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:58:13.0008 2580 iScsiPrt - ok
15:58:13.0055 2580 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:58:13.0071 2580 kbdclass - ok
15:58:13.0117 2580 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:58:13.0117 2580 kbdhid - ok
15:58:13.0195 2580 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:13.0195 2580 KeyIso - ok
15:58:13.0305 2580 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:58:13.0320 2580 KSecDD - ok
15:58:13.0367 2580 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:58:13.0367 2580 KSecPkg - ok
15:58:13.0445 2580 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:58:13.0445 2580 ksthunk - ok
15:58:13.0570 2580 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:58:13.0570 2580 KtmRm - ok
15:58:13.0679 2580 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:58:13.0679 2580 LanmanServer - ok
15:58:13.0757 2580 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:58:13.0757 2580 LanmanWorkstation - ok
15:58:13.0882 2580 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:58:13.0882 2580 LightScribeService - ok
15:58:14.0022 2580 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:58:14.0022 2580 lltdio - ok
15:58:14.0194 2580 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:58:14.0194 2580 lltdsvc - ok
15:58:14.0225 2580 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:58:14.0225 2580 lmhosts - ok
15:58:14.0428 2580 LMS (bb4e55778d8de3885e1cdac795de7bce) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:58:14.0428 2580 LMS - ok
15:58:14.0771 2580 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:58:14.0771 2580 LSI_FC - ok
15:58:14.0787 2580 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:58:14.0787 2580 LSI_SAS - ok
15:58:14.0818 2580 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:58:14.0818 2580 LSI_SAS2 - ok
15:58:14.0833 2580 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:58:14.0833 2580 LSI_SCSI - ok
15:58:14.0849 2580 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:58:14.0849 2580 luafv - ok
15:58:14.0974 2580 lxdnCATSCustConnectService (dbf0114cc6896c213f3d6a3517c62f49) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
15:58:14.0989 2580 lxdnCATSCustConnectService - ok
15:58:15.0130 2580 lxdn_device - ok
15:58:15.0192 2580 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:58:15.0192 2580 Mcx2Svc - ok
15:58:15.0255 2580 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:58:15.0255 2580 megasas - ok
15:58:15.0333 2580 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:58:15.0333 2580 MegaSR - ok
15:58:15.0426 2580 MfeAVFK (088620da20b98578bfc4b97043f24042) C:\Windows\system32\drivers\MfeAVFK.sys
15:58:15.0426 2580 MfeAVFK - ok
15:58:15.0629 2580 mfehidk (239e677e3e9047550c18b30c26c3ba3e) C:\Windows\system32\drivers\mfehidk.sys
15:58:15.0629 2580 mfehidk - ok
15:58:15.0645 2580 MfeRKDK (ba2aaa62628ca6dea56a62a0e530d014) C:\Windows\system32\drivers\MfeRKDK.sys
15:58:15.0660 2580 MfeRKDK - ok
15:58:15.0691 2580 mfetdik (bd5de25a8ca211484fd61fa9b25c5d1c) C:\Windows\system32\drivers\mfetdik.sys
15:58:15.0691 2580 mfetdik - ok
15:58:15.0754 2580 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:58:15.0769 2580 MMCSS - ok
15:58:15.0972 2580 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:58:15.0972 2580 Modem - ok
15:58:15.0988 2580 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:58:15.0988 2580 monitor - ok
15:58:16.0035 2580 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:58:16.0035 2580 mouclass - ok
15:58:16.0066 2580 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:58:16.0066 2580 mouhid - ok
15:58:16.0128 2580 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:58:16.0128 2580 mountmgr - ok
15:58:16.0206 2580 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:58:16.0206 2580 mpio - ok
15:58:16.0534 2580 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:58:16.0534 2580 mpsdrv - ok
15:58:17.0688 2580 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:58:17.0704 2580 MpsSvc - ok
15:58:17.0891 2580 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:58:17.0891 2580 MRxDAV - ok
15:58:17.0938 2580 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:17.0938 2580 mrxsmb - ok
15:58:17.0969 2580 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:17.0969 2580 mrxsmb10 - ok
15:58:18.0000 2580 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:18.0016 2580 mrxsmb20 - ok
15:58:18.0172 2580 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:58:18.0187 2580 msahci - ok
15:58:18.0406 2580 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:58:18.0406 2580 msdsm - ok
15:58:18.0468 2580 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:58:18.0468 2580 MSDTC - ok
15:58:18.0655 2580 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:58:18.0655 2580 Msfs - ok
15:58:18.0702 2580 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:58:18.0702 2580 mshidkmdf - ok
15:58:18.0733 2580 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:58:18.0733 2580 msisadrv - ok
15:58:18.0780 2580 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:58:18.0780 2580 MSiSCSI - ok
15:58:18.0796 2580 msiserver - ok
15:58:18.0843 2580 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:58:18.0843 2580 MSKSSRV - ok
15:58:18.0858 2580 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:18.0858 2580 MSPCLOCK - ok
15:58:18.0874 2580 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:58:18.0874 2580 MSPQM - ok
15:58:18.0905 2580 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:58:18.0921 2580 MsRPC - ok
15:58:19.0077 2580 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:58:19.0077 2580 mssmbios - ok
15:58:19.0295 2580 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:58:19.0295 2580 MSTEE - ok
15:58:19.0373 2580 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:58:19.0373 2580 MTConfig - ok
15:58:19.0404 2580 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:58:19.0404 2580 Mup - ok
15:58:19.0498 2580 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:58:19.0498 2580 napagent - ok
15:58:19.0545 2580 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:58:19.0545 2580 NativeWifiP - ok
15:58:19.0623 2580 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:58:19.0623 2580 NDIS - ok
15:58:19.0810 2580 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:58:19.0810 2580 NdisCap - ok
15:58:19.0841 2580 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:19.0841 2580 NdisTapi - ok
15:58:19.0888 2580 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:19.0888 2580 Ndisuio - ok
15:58:19.0919 2580 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:19.0919 2580 NdisWan - ok
15:58:19.0981 2580 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:58:19.0981 2580 NDProxy - ok
15:58:20.0013 2580 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:58:20.0013 2580 NetBIOS - ok
15:58:20.0059 2580 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:58:20.0059 2580 NetBT - ok
15:58:20.0153 2580 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:20.0153 2580 Netlogon - ok
15:58:20.0200 2580 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:58:20.0200 2580 Netman - ok
15:58:20.0247 2580 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:58:20.0247 2580 netprofm - ok
15:58:20.0340 2580 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
15:58:20.0356 2580 netr28x - ok
15:58:20.0434 2580 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:58:20.0434 2580 NetTcpPortSharing - ok
15:58:20.0605 2580 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:58:20.0605 2580 nfrd960 - ok
15:58:20.0668 2580 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:58:20.0683 2580 NlaSvc - ok
15:58:20.0715 2580 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:58:20.0715 2580 Npfs - ok
15:58:20.0793 2580 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:58:20.0793 2580 nsi - ok
15:58:20.0824 2580 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:58:20.0824 2580 nsiproxy - ok
15:58:20.0964 2580 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:58:20.0980 2580 Ntfs - ok
15:58:21.0261 2580 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:58:21.0261 2580 Null - ok
15:58:21.0307 2580 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:58:21.0307 2580 nvraid - ok
15:58:21.0339 2580 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:58:21.0354 2580 nvstor - ok
15:58:21.0385 2580 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:58:21.0385 2580 nv_agp - ok
15:58:21.0448 2580 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:58:21.0448 2580 ohci1394 - ok
15:58:21.0495 2580 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:58:21.0495 2580 p2pimsvc - ok
15:58:21.0635 2580 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:58:21.0635 2580 p2psvc - ok
15:58:21.0697 2580 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:58:21.0697 2580 Parport - ok
15:58:21.0760 2580 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:58:21.0760 2580 partmgr - ok
15:58:21.0807 2580 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:58:21.0963 2580 PcaSvc - ok
15:58:22.0072 2580 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:58:22.0072 2580 pci - ok
15:58:22.0290 2580 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:58:22.0290 2580 pciide - ok
15:58:22.0368 2580 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:58:22.0368 2580 pcmcia - ok
15:58:22.0415 2580 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:58:22.0415 2580 pcw - ok
15:58:22.0477 2580 pdfcDispatcher - ok
15:58:22.0649 2580 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:58:22.0649 2580 PEAUTH - ok
15:58:22.0727 2580 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:58:22.0743 2580 PeerDistSvc - ok
15:58:22.0867 2580 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:58:22.0883 2580 PerfHost - ok
15:58:23.0101 2580 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:58:23.0117 2580 pla - ok
15:58:23.0273 2580 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:58:23.0289 2580 PlugPlay - ok
15:58:23.0351 2580 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:58:23.0351 2580 PNRPAutoReg - ok
15:58:23.0382 2580 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:58:23.0382 2580 PNRPsvc - ok
15:58:23.0507 2580 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:58:23.0523 2580 PolicyAgent - ok
15:58:23.0819 2580 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:58:23.0819 2580 Power - ok
15:58:23.0959 2580 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:58:23.0975 2580 PptpMiniport - ok
15:58:24.0006 2580 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:58:24.0006 2580 Processor - ok
15:58:24.0053 2580 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:58:24.0069 2580 ProfSvc - ok
15:58:24.0131 2580 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:24.0131 2580 ProtectedStorage - ok
15:58:24.0240 2580 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:58:24.0256 2580 Psched - ok
15:58:24.0381 2580 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:58:24.0381 2580 PSI_SVC_2 - ok
15:58:24.0615 2580 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:58:24.0630 2580 ql2300 - ok
15:58:24.0724 2580 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:58:24.0739 2580 ql40xx - ok
15:58:24.0817 2580 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:58:24.0833 2580 QWAVE - ok
15:58:25.0020 2580 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:58:25.0020 2580 QWAVEdrv - ok
15:58:25.0036 2580 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:58:25.0036 2580 RasAcd - ok
15:58:25.0083 2580 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:58:25.0098 2580 RasAgileVpn - ok
15:58:25.0207 2580 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:58:25.0223 2580 RasAuto - ok
15:58:25.0270 2580 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:25.0270 2580 Rasl2tp - ok
15:58:25.0363 2580 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:58:25.0379 2580 RasMan - ok
15:58:25.0426 2580 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:25.0426 2580 RasPppoe - ok
15:58:25.0441 2580 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:58:25.0441 2580 RasSstp - ok
15:58:25.0504 2580 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:58:25.0519 2580 rdbss - ok
15:58:25.0675 2580 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:58:25.0675 2580 rdpbus - ok
15:58:25.0722 2580 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:25.0722 2580 RDPCDD - ok
15:58:25.0831 2580 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:58:25.0831 2580 RDPDR - ok
15:58:25.0894 2580 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:58:25.0894 2580 RDPENCDD - ok
15:58:25.0925 2580 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:58:25.0925 2580 RDPREFMP - ok
15:58:26.0050 2580 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:58:26.0065 2580 RDPWD - ok
15:58:26.0190 2580 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:58:26.0190 2580 rdyboost - ok
15:58:26.0284 2580 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:58:26.0299 2580 RemoteAccess - ok
15:58:26.0346 2580 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:58:26.0362 2580 RemoteRegistry - ok
15:58:26.0502 2580 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:58:26.0502 2580 RFCOMM - ok
15:58:26.0643 2580 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:58:26.0643 2580 RpcEptMapper - ok
15:58:26.0689 2580 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:58:26.0689 2580 RpcLocator - ok
15:58:26.0752 2580 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:58:26.0767 2580 RpcSs - ok
15:58:26.0830 2580 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:58:26.0830 2580 rspndr - ok
15:58:26.0923 2580 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
15:58:26.0923 2580 RSUSBSTOR - ok
15:58:27.0079 2580 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:58:27.0079 2580 RTL8167 - ok
15:58:27.0142 2580 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:58:27.0142 2580 s3cap - ok
15:58:27.0189 2580 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:27.0189 2580 SamSs - ok
15:58:27.0376 2580 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:58:27.0376 2580 SASDIFSV - ok
15:58:27.0407 2580 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:58:27.0407 2580 SASKUTIL - ok
15:58:27.0735 2580 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:58:27.0735 2580 sbp2port - ok
15:58:27.0953 2580 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:58:27.0953 2580 SCardSvr - ok
15:58:28.0015 2580 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:58:28.0015 2580 scfilter - ok
15:58:28.0140 2580 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:58:28.0156 2580 Schedule - ok
15:58:28.0374 2580 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:58:28.0374 2580 SCPolicySvc - ok
15:58:28.0437 2580 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:58:28.0452 2580 SDRSVC - ok
15:58:28.0515 2580 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:58:28.0515 2580 secdrv - ok
15:58:28.0577 2580 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:58:28.0593 2580 seclogon - ok
15:58:28.0733 2580 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:58:28.0733 2580 SENS - ok
15:58:28.0780 2580 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:58:28.0780 2580 SensrSvc - ok
15:58:28.0858 2580 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:58:28.0858 2580 Serenum - ok
15:58:28.0873 2580 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:58:28.0873 2580 Serial - ok
15:58:28.0951 2580 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:58:28.0951 2580 sermouse - ok
15:58:29.0029 2580 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:58:29.0045 2580 SessionEnv - ok
15:58:29.0232 2580 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:58:29.0248 2580 sffdisk - ok
15:58:29.0295 2580 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:58:29.0295 2580 sffp_mmc - ok
15:58:29.0357 2580 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:58:29.0357 2580 sffp_sd - ok
15:58:29.0388 2580 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:58:29.0388 2580 sfloppy - ok
15:58:29.0653 2580 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:58:29.0653 2580 SharedAccess - ok
15:58:29.0747 2580 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:58:29.0763 2580 ShellHWDetection - ok
15:58:29.0825 2580 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:58:29.0825 2580 SiSRaid2 - ok
15:58:29.0934 2580 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:58:29.0950 2580 SiSRaid4 - ok
15:58:30.0075 2580 SiteAdvisor Service - ok
15:58:30.0121 2580 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:58:30.0121 2580 Smb - ok
15:58:30.0184 2580 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:58:30.0184 2580 SNMPTRAP - ok
15:58:30.0605 2580 SNP2UVC (6fc63b4b19fb809336034d5c5c4d2bc0) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:58:30.0621 2580 SNP2UVC - ok
15:58:30.0683 2580 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:58:30.0683 2580 spldr - ok
15:58:30.0823 2580 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:58:30.0823 2580 Spooler - ok
15:58:31.0291 2580 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:58:31.0307 2580 sppsvc - ok
15:58:31.0494 2580 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:58:31.0494 2580 sppuinotify - ok
15:58:31.0619 2580 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:58:31.0619 2580 srv - ok
15:58:31.0681 2580 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:58:31.0681 2580 srv2 - ok
15:58:31.0744 2580 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:58:31.0744 2580 srvnet - ok
15:58:31.0806 2580 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:58:31.0822 2580 SSDPSRV - ok
15:58:31.0993 2580 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:58:31.0993 2580 SstpSvc - ok
15:58:32.0149 2580 STacSV (e455f5fe92edc3cad3f2963c5cca47e6) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
15:58:32.0165 2580 STacSV - ok
15:58:32.0227 2580 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:58:32.0227 2580 stexstor - ok
15:58:32.0399 2580 STHDA (4a9d087c9a97071b9d06db38567da906) C:\Windows\system32\DRIVERS\stwrt64.sys
15:58:32.0399 2580 STHDA - ok
15:58:32.0524 2580 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:58:32.0539 2580 stisvc - ok
15:58:32.0633 2580 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:58:32.0633 2580 storflt - ok
15:58:32.0789 2580 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:58:32.0789 2580 StorSvc - ok
15:58:32.0867 2580 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:58:32.0867 2580 storvsc - ok
15:58:32.0914 2580 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:58:32.0914 2580 swenum - ok
15:58:33.0039 2580 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:58:33.0054 2580 swprv - ok
15:58:33.0289 2580 SynTP (1f298c285d48ce42eb6b7f8d4f0d8120) C:\Windows\system32\DRIVERS\SynTP.sys
15:58:33.0289 2580 SynTP - ok
15:58:33.0476 2580 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:58:33.0508 2580 SysMain - ok
15:58:33.0679 2580 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:58:33.0695 2580 TabletInputService - ok
15:58:33.0773 2580 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:58:33.0773 2580 TapiSrv - ok
15:58:33.0851 2580 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:58:33.0851 2580 TBS - ok
15:58:34.0022 2580 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:58:34.0085 2580 Tcpip - ok
15:58:34.0412 2580 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:58:34.0428 2580 TCPIP6 - ok
15:58:34.0475 2580 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:58:34.0475 2580 tcpipreg - ok
15:58:34.0880 2580 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:58:34.0880 2580 TDPIPE - ok
15:58:34.0958 2580 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:58:34.0958 2580 TDTCP - ok
15:58:34.0990 2580 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:58:34.0990 2580 tdx - ok
15:58:35.0083 2580 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:58:35.0083 2580 TermDD - ok
15:58:35.0270 2580 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:58:35.0286 2580 TermService - ok
15:58:35.0317 2580 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:58:35.0333 2580 Themes - ok
15:58:35.0411 2580 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:58:35.0411 2580 THREADORDER - ok
15:58:35.0489 2580 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:58:35.0489 2580 TrkWks - ok
15:58:35.0614 2580 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:58:35.0614 2580 TrustedInstaller - ok
15:58:35.0770 2580 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:35.0770 2580 tssecsrv - ok
15:58:35.0879 2580 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:58:35.0879 2580 TsUsbFlt - ok
15:58:35.0972 2580 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:58:35.0972 2580 tunnel - ok
15:58:36.0019 2580 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:58:36.0019 2580 uagp35 - ok
15:58:36.0144 2580 uArcCapture (9eea84226ed2a028bc3fdfdde03fe95c) C:\Windows\system\uArcCapture.exe
15:58:36.0144 2580 uArcCapture - ok
15:58:36.0253 2580 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:58:36.0269 2580 udfs - ok
15:58:36.0425 2580 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:58:36.0425 2580 UI0Detect - ok
15:58:36.0487 2580 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:58:36.0487 2580 uliagpkx - ok
15:58:36.0534 2580 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:58:36.0534 2580 umbus - ok
15:58:36.0643 2580 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:58:36.0643 2580 UmPass - ok
15:58:36.0768 2580 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:58:36.0768 2580 UmRdpService - ok
15:58:37.0111 2580 UNS (44aa8d5d3b3b5610fef46ca8a9c52d8c) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:58:37.0142 2580 UNS - ok
15:58:37.0376 2580 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:58:37.0392 2580 upnphost - ok
15:58:37.0486 2580 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:37.0501 2580 usbccgp - ok
15:58:37.0564 2580 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:58:37.0564 2580 usbcir - ok
15:58:37.0610 2580 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:58:37.0610 2580 usbehci - ok
15:58:37.0657 2580 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:58:37.0673 2580 usbhub - ok
15:58:37.0813 2580 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:58:37.0813 2580 usbohci - ok
15:58:37.0876 2580 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:58:37.0891 2580 usbprint - ok
15:58:37.0954 2580 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:58:37.0969 2580 usbscan - ok
15:58:38.0032 2580 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:58:38.0032 2580 USBSTOR - ok
15:58:38.0063 2580 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:58:38.0078 2580 usbuhci - ok
15:58:38.0281 2580 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:58:38.0281 2580 usbvideo - ok
15:58:38.0328 2580 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:58:38.0328 2580 UxSms - ok
15:58:38.0390 2580 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:38.0390 2580 VaultSvc - ok
15:58:38.0468 2580 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:58:38.0468 2580 vdrvroot - ok
15:58:38.0531 2580 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:58:38.0546 2580 vds - ok
15:58:38.0749 2580 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:38.0765 2580 vga - ok
15:58:38.0780 2580 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:58:38.0780 2580 VgaSave - ok
15:58:38.0827 2580 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:58:38.0843 2580 vhdmp - ok
15:58:38.0905 2580 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:58:38.0921 2580 viaide - ok
15:58:38.0952 2580 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:58:38.0952 2580 vmbus - ok
15:58:39.0155 2580 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:58:39.0155 2580 VMBusHID - ok
15:58:39.0186 2580 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:58:39.0186 2580 volmgr - ok
15:58:39.0264 2580 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:58:39.0280 2580 volmgrx - ok
15:58:39.0373 2580 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:58:39.0373 2580 volsnap - ok
15:58:39.0623 2580 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:58:39.0623 2580 vsmraid - ok
15:58:39.0779 2580 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:58:39.0810 2580 VSS - ok
15:58:39.0841 2580 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:58:39.0841 2580 vwifibus - ok
15:58:40.0028 2580 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:58:40.0028 2580 vwififlt - ok
15:58:40.0075 2580 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:58:40.0091 2580 vwifimp - ok
15:58:40.0153 2580 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:58:40.0169 2580 W32Time - ok
15:58:40.0200 2580 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:58:40.0200 2580 WacomPen - ok
15:58:40.0247 2580 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:58:40.0247 2580 WANARP - ok
15:58:40.0262 2580 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:58:40.0262 2580 Wanarpv6 - ok
15:58:40.0434 2580 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:58:40.0450 2580 WatAdminSvc - ok
15:58:40.0746 2580 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:58:40.0762 2580 wbengine - ok
15:58:40.0840 2580 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:58:40.0840 2580 WbioSrvc - ok
15:58:40.0933 2580 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:58:40.0949 2580 wcncsvc - ok
15:58:41.0089 2580 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:58:41.0089 2580 WcsPlugInService - ok
15:58:41.0167 2580 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:58:41.0167 2580 Wd - ok
15:58:41.0214 2580 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:58:41.0230 2580 Wdf01000 - ok
15:58:41.0292 2580 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:58:41.0292 2580 WdiServiceHost - ok
15:58:41.0308 2580 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:58:41.0308 2580 WdiSystemHost - ok
15:58:41.0370 2580 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:58:41.0370 2580 WebClient - ok
15:58:41.0604 2580 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:58:41.0604 2580 Wecsvc - ok
15:58:41.0635 2580 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:58:41.0651 2580 wercplsupport - ok
15:58:41.0698 2580 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:58:41.0698 2580 WerSvc - ok
15:58:41.0760 2580 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:58:41.0760 2580 WfpLwf - ok
15:58:41.0807 2580 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:58:41.0807 2580 WIMMount - ok
15:58:41.0854 2580 WinDefend - ok
15:58:41.0869 2580 WinHttpAutoProxySvc - ok
15:58:42.0119 2580 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:58:42.0119 2580 Winmgmt - ok
15:58:45.0208 2580 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:58:45.0239 2580 WinRM - ok
15:58:45.0551 2580 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:58:45.0567 2580 Wlansvc - ok
15:58:45.0629 2580 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:58:45.0629 2580 WmiAcpi - ok
15:58:45.0723 2580 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:58:45.0723 2580 wmiApSrv - ok
15:58:45.0785 2580 WMPNetworkSvc - ok
15:58:46.0050 2580 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:58:46.0050 2580 WPCSvc - ok
15:58:46.0113 2580 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:58:46.0128 2580 WPDBusEnum - ok
15:58:46.0222 2580 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:58:46.0222 2580 ws2ifsl - ok
15:58:46.0284 2580 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:58:46.0300 2580 wscsvc - ok
15:58:46.0331 2580 WSearch - ok
15:58:46.0549 2580 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:58:46.0581 2580 wuauserv - ok
15:58:46.0659 2580 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:58:46.0659 2580 WudfPf - ok
15:58:46.0799 2580 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:58:46.0799 2580 WUDFRd - ok
15:58:46.0846 2580 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:58:46.0861 2580 wudfsvc - ok
15:58:46.0893 2580 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:58:46.0893 2580 WwanSvc - ok
15:58:46.0939 2580 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:58:47.0033 2580 \Device\Harddisk0\DR0 - ok
15:58:47.0033 2580 Boot (0x1200) (2bcc95a8bb45c98f9994690610e6bca3) \Device\Harddisk0\DR0\Partition0
15:58:47.0033 2580 \Device\Harddisk0\DR0\Partition0 - ok
15:58:47.0064 2580 Boot (0x1200) (717a7ff4e86479a100f54a6ffd6a0b70) \Device\Harddisk0\DR0\Partition1
15:58:47.0064 2580 \Device\Harddisk0\DR0\Partition1 - ok
15:58:47.0095 2580 Boot (0x1200) (a125827035d0d278f0986ba4c35cfe9f) \Device\Harddisk0\DR0\Partition2
15:58:47.0095 2580 \Device\Harddisk0\DR0\Partition2 - ok
15:58:47.0095 2580 ============================================================
15:58:47.0095 2580 Scan finished
15:58:47.0095 2580 ============================================================
15:58:47.0111 3884 Detected object count: 5
15:58:47.0111 3884 Actual detected object count: 5
16:00:21.0569 3884 !SASCORE ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0569 3884 !SASCORE ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0569 3884 cdrom ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0569 3884 cdrom ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0569 3884 DpHost ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0569 3884 DpHost ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0585 3884 Filetrace ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0585 3884 Filetrace ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0585 3884 FLEXnet Licensing Service 64 ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0585 3884 FLEXnet Licensing Service 64 ( ForgedFile.Multi.Generic ) - User select action: Skip

#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,971 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:48 AM

Posted 11 April 2012 - 07:43 AM

I want to check the availability of the following files on your computer.
The last log shows that they have been compromised since you executed the previous TDSSKiller tool.
You may have a hidden file infector on the computer.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


If your operating system is 64 bit download this tool:
SystemLook_x64.exe
  • Double-click SystemLook.exe to run it.
  • Copy and paste the content of the following bold text into the main textfield:


    :filefind
    SASCORE64.EXE
    cdrom.sys
    DpHostW.exe
    filetrace.sys
    FNPLicensingService64.exe

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
===

Please run the aswMBR and TDSSKiller tools again and post the fresh logs.

#11 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 11 April 2012 - 10:43 AM

Here are the logs you requested.



SystemLook 30.07.11 by jpshortstuff
Log created at 09:11 on 11/04/2012 by Dr. Neill H. Payne
Administrator - Elevation successful

========== filefind ==========

Searching for "SASCORE64.EXE"
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE --a---- 140672 bytes [00:01 19/07/2011] [02:04 05/03/2012] 7D9D615201A483D6FA99491C2E655A5A

Searching for "cdrom.sys"
C:\Windows\System32\drivers\cdrom.sys --a---- 147456 bytes [03:34 05/03/2012] [09:19 20/11/2010] F036CE71586E93D94DAB220D7BDF4416
C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys --a---- 147456 bytes [03:34 05/03/2012] [09:19 20/11/2010] F036CE71586E93D94DAB220D7BDF4416
C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys --a---- 147456 bytes [23:19 13/07/2009] [23:19 13/07/2009] 83D2D75E1EFB81B3450C18131443F7DB
C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys --a---- 147456 bytes [03:34 05/03/2012] [09:19 20/11/2010] F036CE71586E93D94DAB220D7BDF4416

Searching for "DpHostW.exe"
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe --a---- 462088 bytes [23:57 24/11/2009] [23:57 24/11/2009] EF8004B4A9552C77FD0E99AB08841D13

Searching for "filetrace.sys"
C:\Windows\System32\drivers\filetrace.sys --a---- 34304 bytes [23:25 13/07/2009] [23:25 13/07/2009] 5F671AB5BC87EEA04EC38A6CD5962A47
C:\Windows\winsxs\amd64_microsoft-windows-filetracefilter_31bf3856ad364e35_6.1.7600.16385_none_56b9458986cedf38\filetrace.sys --a---- 34304 bytes [23:25 13/07/2009] [23:25 13/07/2009] 5F671AB5BC87EEA04EC38A6CD5962A47

Searching for "FNPLicensingService64.exe"
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe --a---- 1028096 bytes [20:10 26/02/2012] [20:10 26/02/2012] 52C0312AB35EB7187015FB6A99136BB5

-= EOF =-

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-08 14:36:31
-----------------------------
14:36:31.638 OS Version: Windows x64 6.1.7601 Service Pack 1
14:36:31.638 Number of processors: 4 586 0x2505
14:36:31.638 ComputerName: CLINICLAPTOP UserName:
14:36:32.431 Initialize success
14:45:20.092 AVAST engine error: 2
14:45:28.727 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:45:28.729 Disk 0 Vendor: TOSHIBA_ LH01 Size: 305245MB BusType: 3
14:45:28.751 Disk 0 MBR read successfully
14:45:28.761 Disk 0 MBR scan
14:45:28.763 Disk 0 Windows 7 default MBR code
14:45:28.770 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:45:28.783 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 303087 MB offset 206848
14:45:28.812 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2048 MB offset 620929024
14:45:28.858 Disk 0 scanning C:\Windows\system32\drivers
14:45:34.496 Service scanning
14:45:50.000 Modules scanning
14:45:50.006 Disk 0 trace - called modules:
14:45:50.044 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
14:45:50.055 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005797060]
14:45:50.059 3 CLASSPNP.SYS[fffff88001b8843f] -> nt!IofCallDriver -> [0xfffffa800562cb10]
14:45:50.063 5 hpdskflt.sys[fffff88001b2f289] -> nt!IofCallDriver -> [0xfffffa8003bb49a0]
14:45:50.068 7 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049c8050]
14:45:50.072 Scan finished successfully
14:46:22.244 Disk 0 MBR has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\MBR.dat"
14:46:22.268 The log file has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-11 09:48:45
-----------------------------
09:48:45.545 OS Version: Windows x64 6.1.7601 Service Pack 1
09:48:45.545 Number of processors: 4 586 0x2505
09:48:45.545 ComputerName: CLINICLAPTOP UserName:
09:48:47.402 Initialize success
09:48:47.465 AVAST engine defs: 12041100
09:48:56.887 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:48:56.887 Disk 0 Vendor: TOSHIBA_ LH01 Size: 305245MB BusType: 3
09:48:56.903 Disk 0 MBR read successfully
09:48:56.903 Disk 0 MBR scan
09:48:56.903 Disk 0 Windows 7 default MBR code
09:48:56.918 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:48:56.934 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 303087 MB offset 206848
09:48:56.965 Disk 0 Partition 3 00 0C FAT32 LBA MSDOS5.0 2048 MB offset 620929024
09:48:56.996 Disk 0 scanning C:\Windows\system32\drivers
09:49:02.987 Service scanning
09:49:19.445 Modules scanning
09:49:19.445 Disk 0 trace - called modules:
09:49:19.492 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
09:49:19.507 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c77060]
09:49:19.507 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8004b14b10]
09:49:19.523 5 hpdskflt.sys[fffff88001bef289] -> nt!IofCallDriver -> [0xfffffa8004a22be0]
09:49:19.523 7 ACPI.sys[fffff88000ec17a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a21050]
09:49:20.958 AVAST engine scan C:\Windows
09:49:23.579 AVAST engine scan C:\Windows\system32
09:50:50.457 AVAST engine scan C:\Windows\system32\drivers
09:50:59.178 AVAST engine scan C:\Users\Dr. Neill H. Payne
09:51:19.239 AVAST engine scan C:\ProgramData
09:51:34.106 Scan finished successfully
11:39:30.098 Disk 0 MBR has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\MBR.dat"
11:39:30.103 The log file has been saved successfully to "C:\Users\Dr. Neill H. Payne\Desktop\aswMBR.txt"


15:36:03.0163 5352 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
15:36:03.0506 5352 ============================================================
15:36:03.0506 5352 Current date / time: 2012/04/10 15:36:03.0506
15:36:03.0506 5352 SystemInfo:
15:36:03.0506 5352
15:36:03.0506 5352 OS Version: 6.1.7601 ServicePack: 1.0
15:36:03.0506 5352 Product type: Workstation
15:36:03.0506 5352 ComputerName: CLINICLAPTOP
15:36:03.0521 5352 UserName: Dr. Neill H. Payne
15:36:03.0521 5352 Windows directory: C:\Windows
15:36:03.0521 5352 System windows directory: C:\Windows
15:36:03.0521 5352 Running under WOW64
15:36:03.0521 5352 Processor architecture: Intel x64
15:36:03.0521 5352 Number of processors: 4
15:36:03.0521 5352 Page size: 0x1000
15:36:03.0521 5352 Boot type: Normal boot
15:36:03.0521 5352 ============================================================
15:39:12.0363 5352 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:39:15.0421 5352 \Device\Harddisk0\DR0:
15:39:18.0541 5352 MBR used
15:39:18.0541 5352 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:39:18.0541 5352 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24FF7800
15:39:18.0541 5352 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x2502A000, BlocksNum 0x400000
15:39:40.0053 5352 Initialize success
15:39:40.0053 5352 ============================================================
15:42:51.0638 2580 ============================================================
15:42:51.0638 2580 Scan started
15:42:51.0638 2580 Mode: Manual;
15:42:51.0638 2580 ============================================================
15:44:15.0130 2580 !SASCORE (3d41aeb931541acc9beb8f4df8bf79ed) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:44:15.0130 2580 Suspicious file (Forged): C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE. Real md5: 3d41aeb931541acc9beb8f4df8bf79ed, Fake md5: 7d9d615201a483d6fa99491c2e655a5a
15:44:15.0130 2580 !SASCORE ( ForgedFile.Multi.Generic ) - warning
15:44:15.0130 2580 !SASCORE - detected ForgedFile.Multi.Generic (1)
15:44:18.0468 2580 1394ohci - ok
15:44:24.0942 2580 Accelerometer - ok
15:44:59.0527 2580 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:44:59.0527 2580 ACDaemon - ok
15:45:02.0725 2580 ACPI - ok
15:45:06.0173 2580 AcpiPmi - ok
15:45:15.0611 2580 adp94xx - ok
15:45:18.0793 2580 adpahci - ok
15:45:22.0101 2580 adpu320 - ok
15:45:32.0194 2580 AdvancedSystemCareService5 - ok
15:45:35.0439 2580 AeLookupSvc - ok
15:45:38.0699 2580 AESTFilters - ok
15:45:41.0913 2580 Afc - ok
15:45:45.0236 2580 AFD - ok
15:45:48.0418 2580 AgereSoftModem - ok
15:45:51.0819 2580 agp440 - ok
15:45:54.0986 2580 ALG - ok
15:46:01.0413 2580 aliide - ok
15:46:04.0736 2580 amdide - ok
15:46:07.0965 2580 AmdK8 - ok
15:46:42.0488 2580 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:46:45.0623 2580 AmdPPM - ok
15:46:48.0837 2580 amdsata - ok
15:46:52.0019 2580 amdsbs - ok
15:47:01.0520 2580 amdxata - ok
15:47:04.0920 2580 AppID - ok
15:47:08.0134 2580 AppIDSvc - ok
15:47:11.0472 2580 Appinfo - ok
15:47:14.0686 2580 AppMgmt - ok
15:47:18.0025 2580 arc - ok
15:47:21.0441 2580 arcsas - ok
15:47:28.0024 2580 ARCVCAM - ok
15:47:31.0331 2580 aswFsBlk - ok
15:47:38.0008 2580 aswMonFlt - ok
15:47:41.0222 2580 aswRdr - ok
15:47:44.0435 2580 aswSnx - ok
15:47:47.0758 2580 aswSP - ok
15:47:54.0170 2580 aswTdi - ok
15:47:57.0493 2580 AsyncMac - ok
15:48:00.0815 2580 atapi - ok
15:48:07.0336 2580 AudioEndpointBuilder - ok
15:48:10.0675 2580 AudioSrv - ok
15:48:13.0966 2580 avast! Antivirus - ok
15:48:20.0503 2580 AxInstSV - ok
15:48:26.0961 2580 b06bdrv - ok
15:48:30.0377 2580 b57nd60a - ok
15:48:33.0622 2580 BDESVC - ok
15:48:40.0049 2580 Beep - ok
15:48:43.0263 2580 BFE - ok
15:48:46.0445 2580 BITS - ok
15:48:53.0075 2580 blbdrive - ok
15:48:56.0383 2580 Bluetooth Device Manager - ok
15:48:59.0768 2580 Bluetooth Media Service - ok
15:49:03.0091 2580 Bluetooth OBEX Service - ok
15:49:06.0398 2580 bowser - ok
15:49:09.0736 2580 BrFiltLo - ok
15:49:13.0122 2580 BrFiltUp - ok
15:49:16.0460 2580 BridgeMP - ok
15:49:19.0674 2580 Browser - ok
15:49:22.0996 2580 Brserid - ok
15:49:26.0350 2580 BrSerWdm - ok
15:49:32.0778 2580 BrUsbMdm - ok
15:49:35.0960 2580 BrUsbSer - ok
15:49:39.0267 2580 BthEnum - ok
15:49:42.0606 2580 BTHMODEM - ok
15:49:45.0772 2580 BthPan - ok
15:49:49.0048 2580 BTHPORT - ok
15:49:52.0324 2580 bthserv - ok
15:49:55.0647 2580 BTHUSB - ok
15:49:58.0954 2580 BTMCOM - ok
15:50:02.0262 2580 BTMUSB - ok
15:50:05.0600 2580 cdfs - ok
15:50:37.0128 2580 cdrom (4368eefd9e44d770c90a5e241139a7d3) C:\Windows\system32\drivers\cdrom.sys
15:50:37.0128 2580 Suspicious file (Forged): C:\Windows\system32\drivers\cdrom.sys. Real md5: 4368eefd9e44d770c90a5e241139a7d3, Fake md5: f036ce71586e93d94dab220d7bdf4416
15:50:37.0128 2580 cdrom ( ForgedFile.Multi.Generic ) - warning
15:50:37.0128 2580 cdrom - detected ForgedFile.Multi.Generic (1)
15:50:50.0044 2580 CertPropSvc - ok
15:50:53.0367 2580 circlass - ok
15:51:31.0010 2580 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:51:31.0026 2580 CLFS - ok
15:51:34.0177 2580 clr_optimization_v2.0.50727_32 - ok
15:51:37.0469 2580 clr_optimization_v2.0.50727_64 - ok
15:51:47.0000 2580 clr_optimization_v4.0.30319_32 - ok
15:51:50.0417 2580 clr_optimization_v4.0.30319_64 - ok
15:51:53.0661 2580 CmBatt - ok
15:51:56.0984 2580 cmdide - ok
15:52:00.0385 2580 CNG - ok
15:52:03.0630 2580 Compbatt - ok
15:52:13.0411 2580 CompositeBus - ok
15:52:16.0703 2580 COMSysApp - ok
15:52:19.0916 2580 crcdisk - ok
15:52:23.0223 2580 CryptSvc - ok
15:52:26.0577 2580 CSC - ok
15:52:29.0900 2580 CscService - ok
15:52:36.0499 2580 DAMDrv - ok
15:52:39.0869 2580 DcomLaunch - ok
15:52:46.0249 2580 defragsvc - ok
15:52:49.0478 2580 DfsC - ok
15:52:52.0926 2580 Dhcp - ok
15:52:56.0139 2580 discache - ok
15:52:59.0525 2580 Disk - ok
15:53:05.0858 2580 Dnscache - ok
15:53:09.0041 2580 dot3svc - ok
15:53:15.0593 2580 DpHost (9c9147bfa9784a60b8d8c4d02f1839fb) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
15:53:15.0593 2580 Suspicious file (Forged): C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe. Real md5: 9c9147bfa9784a60b8d8c4d02f1839fb, Fake md5: ef8004b4a9552c77fd0e99ab08841d13
15:53:15.0593 2580 DpHost ( ForgedFile.Multi.Generic ) - warning
15:53:15.0593 2580 DpHost - detected ForgedFile.Multi.Generic (1)
15:53:18.0822 2580 DPS - ok
15:53:21.0911 2580 drmkaud - ok
15:53:25.0187 2580 DXGKrnl - ok
15:53:28.0276 2580 EapHost - ok
15:53:31.0692 2580 ebdrv - ok
15:53:34.0952 2580 EFS - ok
15:53:38.0244 2580 ehRecvr - ok
15:53:41.0551 2580 ehSched - ok
15:53:48.0041 2580 elxstor - ok
15:53:51.0379 2580 ErrDev - ok
15:53:54.0608 2580 EventSystem - ok
15:53:57.0884 2580 exfat - ok
15:54:01.0207 2580 fastfat - ok
15:54:04.0592 2580 Fax - ok
15:54:07.0775 2580 fdc - ok
15:54:11.0129 2580 fdPHost - ok
15:54:14.0296 2580 FDResPub - ok
15:54:14.0498 2580 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:54:14.0498 2580 FileInfo - ok
15:54:17.0774 2580 Filetrace (900b81b35263780f2afb0eb74d7535c6) C:\Windows\system32\drivers\filetrace.sys
15:54:17.0868 2580 Suspicious file (Forged): C:\Windows\system32\drivers\filetrace.sys. Real md5: 900b81b35263780f2afb0eb74d7535c6, Fake md5: 5f671ab5bc87eea04ec38a6cd5962a47
15:54:17.0868 2580 Filetrace ( ForgedFile.Multi.Generic ) - warning
15:54:17.0868 2580 Filetrace - detected ForgedFile.Multi.Generic (1)
15:54:21.0097 2580 FLCDLOCK - ok
15:54:55.0621 2580 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:55:02.0267 2580 FLEXnet Licensing Service - ok
15:55:11.0736 2580 FLEXnet Licensing Service 64 (24510d768d371d928fc78e249203a113) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:55:11.0752 2580 Suspicious file (Forged): C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe. Real md5: 24510d768d371d928fc78e249203a113, Fake md5: 52c0312ab35eb7187015fb6a99136bb5
15:55:11.0752 2580 FLEXnet Licensing Service 64 ( ForgedFile.Multi.Generic ) - warning
15:55:11.0752 2580 FLEXnet Licensing Service 64 - detected ForgedFile.Multi.Generic (1)
15:55:14.0965 2580 flpydisk - ok
15:55:18.0335 2580 FltMgr - ok
15:55:21.0502 2580 FontCache - ok
15:55:27.0929 2580 FontCache3.0.0.0 - ok
15:55:34.0528 2580 FreeAgentGoNext Service - ok
15:55:37.0835 2580 FsDepends - ok
15:55:41.0173 2580 Fs_Rec - ok
15:55:44.0512 2580 fvevol - ok
15:55:47.0741 2580 gagp30kx - ok
15:55:51.0064 2580 gpsvc - ok
15:55:54.0386 2580 gupdate - ok
15:55:57.0662 2580 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:55:57.0678 2580 gupdatem - ok
15:56:00.0829 2580 hcw85cir - ok
15:56:04.0168 2580 HdAudAddService - ok
15:56:07.0334 2580 HDAudBus - ok
15:56:10.0626 2580 HECIx64 - ok
15:56:13.0871 2580 HidBatt - ok
15:56:17.0162 2580 HidBth - ok
15:56:20.0470 2580 HidIr - ok
15:56:23.0792 2580 hidserv - ok
15:56:27.0131 2580 HidUsb - ok
15:56:30.0469 2580 hkmsvc - ok
15:56:33.0901 2580 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:56:33.0917 2580 HomeGroupListener - ok
15:56:40.0313 2580 HomeGroupProvider - ok
15:56:43.0682 2580 HP Power Assistant Service - ok
15:56:50.0344 2580 HP ProtectTools Service - ok
15:56:56.0740 2580 HP Support Assistant Service - ok
15:56:59.0907 2580 HP Wireless Assistant Service - ok
15:57:06.0334 2580 HPDayStarterService - ok
15:57:16.0099 2580 HPDrvMntSvc.exe - ok
15:57:19.0485 2580 hpdskflt - ok
15:57:26.0130 2580 hpHotkeyMonitor - ok
15:57:32.0573 2580 HpqKbFiltr - ok
15:57:35.0771 2580 hpqwmiex - ok
15:57:42.0401 2580 HpSAMD - ok
15:57:45.0693 2580 hpsrv - ok
15:57:52.0369 2580 HTTP - ok
15:57:55.0755 2580 hwpolicy - ok
15:58:02.0447 2580 i8042prt - ok
15:58:05.0629 2580 IAANTMON - ok
15:58:09.0015 2580 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
15:58:09.0015 2580 iaStor - ok
15:58:09.0202 2580 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:58:09.0202 2580 iaStorV - ok
15:58:09.0576 2580 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:58:09.0592 2580 idsvc - ok
15:58:11.0011 2580 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:58:11.0199 2580 igfx - ok
15:58:11.0448 2580 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:58:11.0448 2580 iirsp - ok
15:58:11.0542 2580 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:58:11.0557 2580 IKEEXT - ok
15:58:11.0838 2580 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
15:58:11.0838 2580 IMFservice - ok
15:58:12.0088 2580 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
15:58:12.0103 2580 Impcd - ok
15:58:12.0181 2580 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:58:12.0181 2580 IntcDAud - ok
15:58:12.0213 2580 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:58:12.0213 2580 intelide - ok
15:58:12.0259 2580 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:58:12.0259 2580 intelppm - ok
15:58:12.0322 2580 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:58:12.0337 2580 IPBusEnum - ok
15:58:12.0478 2580 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:58:12.0478 2580 IpFilterDriver - ok
15:58:12.0556 2580 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:58:12.0571 2580 iphlpsvc - ok
15:58:12.0665 2580 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:58:12.0665 2580 IPMIDRV - ok
15:58:12.0743 2580 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:58:12.0743 2580 IPNAT - ok
15:58:12.0868 2580 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:58:12.0868 2580 IRENUM - ok
15:58:12.0946 2580 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:58:12.0946 2580 isapnp - ok
15:58:13.0008 2580 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:58:13.0008 2580 iScsiPrt - ok
15:58:13.0055 2580 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:58:13.0071 2580 kbdclass - ok
15:58:13.0117 2580 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:58:13.0117 2580 kbdhid - ok
15:58:13.0195 2580 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:13.0195 2580 KeyIso - ok
15:58:13.0305 2580 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:58:13.0320 2580 KSecDD - ok
15:58:13.0367 2580 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:58:13.0367 2580 KSecPkg - ok
15:58:13.0445 2580 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:58:13.0445 2580 ksthunk - ok
15:58:13.0570 2580 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:58:13.0570 2580 KtmRm - ok
15:58:13.0679 2580 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:58:13.0679 2580 LanmanServer - ok
15:58:13.0757 2580 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:58:13.0757 2580 LanmanWorkstation - ok
15:58:13.0882 2580 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:58:13.0882 2580 LightScribeService - ok
15:58:14.0022 2580 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:58:14.0022 2580 lltdio - ok
15:58:14.0194 2580 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:58:14.0194 2580 lltdsvc - ok
15:58:14.0225 2580 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:58:14.0225 2580 lmhosts - ok
15:58:14.0428 2580 LMS (bb4e55778d8de3885e1cdac795de7bce) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:58:14.0428 2580 LMS - ok
15:58:14.0771 2580 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:58:14.0771 2580 LSI_FC - ok
15:58:14.0787 2580 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:58:14.0787 2580 LSI_SAS - ok
15:58:14.0818 2580 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:58:14.0818 2580 LSI_SAS2 - ok
15:58:14.0833 2580 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:58:14.0833 2580 LSI_SCSI - ok
15:58:14.0849 2580 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:58:14.0849 2580 luafv - ok
15:58:14.0974 2580 lxdnCATSCustConnectService (dbf0114cc6896c213f3d6a3517c62f49) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe
15:58:14.0989 2580 lxdnCATSCustConnectService - ok
15:58:15.0130 2580 lxdn_device - ok
15:58:15.0192 2580 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:58:15.0192 2580 Mcx2Svc - ok
15:58:15.0255 2580 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:58:15.0255 2580 megasas - ok
15:58:15.0333 2580 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:58:15.0333 2580 MegaSR - ok
15:58:15.0426 2580 MfeAVFK (088620da20b98578bfc4b97043f24042) C:\Windows\system32\drivers\MfeAVFK.sys
15:58:15.0426 2580 MfeAVFK - ok
15:58:15.0629 2580 mfehidk (239e677e3e9047550c18b30c26c3ba3e) C:\Windows\system32\drivers\mfehidk.sys
15:58:15.0629 2580 mfehidk - ok
15:58:15.0645 2580 MfeRKDK (ba2aaa62628ca6dea56a62a0e530d014) C:\Windows\system32\drivers\MfeRKDK.sys
15:58:15.0660 2580 MfeRKDK - ok
15:58:15.0691 2580 mfetdik (bd5de25a8ca211484fd61fa9b25c5d1c) C:\Windows\system32\drivers\mfetdik.sys
15:58:15.0691 2580 mfetdik - ok
15:58:15.0754 2580 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:58:15.0769 2580 MMCSS - ok
15:58:15.0972 2580 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:58:15.0972 2580 Modem - ok
15:58:15.0988 2580 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:58:15.0988 2580 monitor - ok
15:58:16.0035 2580 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:58:16.0035 2580 mouclass - ok
15:58:16.0066 2580 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:58:16.0066 2580 mouhid - ok
15:58:16.0128 2580 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:58:16.0128 2580 mountmgr - ok
15:58:16.0206 2580 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:58:16.0206 2580 mpio - ok
15:58:16.0534 2580 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:58:16.0534 2580 mpsdrv - ok
15:58:17.0688 2580 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:58:17.0704 2580 MpsSvc - ok
15:58:17.0891 2580 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:58:17.0891 2580 MRxDAV - ok
15:58:17.0938 2580 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:17.0938 2580 mrxsmb - ok
15:58:17.0969 2580 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:17.0969 2580 mrxsmb10 - ok
15:58:18.0000 2580 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:18.0016 2580 mrxsmb20 - ok
15:58:18.0172 2580 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:58:18.0187 2580 msahci - ok
15:58:18.0406 2580 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:58:18.0406 2580 msdsm - ok
15:58:18.0468 2580 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:58:18.0468 2580 MSDTC - ok
15:58:18.0655 2580 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:58:18.0655 2580 Msfs - ok
15:58:18.0702 2580 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:58:18.0702 2580 mshidkmdf - ok
15:58:18.0733 2580 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:58:18.0733 2580 msisadrv - ok
15:58:18.0780 2580 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:58:18.0780 2580 MSiSCSI - ok
15:58:18.0796 2580 msiserver - ok
15:58:18.0843 2580 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:58:18.0843 2580 MSKSSRV - ok
15:58:18.0858 2580 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:18.0858 2580 MSPCLOCK - ok
15:58:18.0874 2580 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:58:18.0874 2580 MSPQM - ok
15:58:18.0905 2580 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:58:18.0921 2580 MsRPC - ok
15:58:19.0077 2580 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:58:19.0077 2580 mssmbios - ok
15:58:19.0295 2580 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:58:19.0295 2580 MSTEE - ok
15:58:19.0373 2580 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:58:19.0373 2580 MTConfig - ok
15:58:19.0404 2580 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:58:19.0404 2580 Mup - ok
15:58:19.0498 2580 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:58:19.0498 2580 napagent - ok
15:58:19.0545 2580 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:58:19.0545 2580 NativeWifiP - ok
15:58:19.0623 2580 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:58:19.0623 2580 NDIS - ok
15:58:19.0810 2580 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:58:19.0810 2580 NdisCap - ok
15:58:19.0841 2580 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:19.0841 2580 NdisTapi - ok
15:58:19.0888 2580 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:19.0888 2580 Ndisuio - ok
15:58:19.0919 2580 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:19.0919 2580 NdisWan - ok
15:58:19.0981 2580 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:58:19.0981 2580 NDProxy - ok
15:58:20.0013 2580 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:58:20.0013 2580 NetBIOS - ok
15:58:20.0059 2580 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:58:20.0059 2580 NetBT - ok
15:58:20.0153 2580 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:20.0153 2580 Netlogon - ok
15:58:20.0200 2580 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:58:20.0200 2580 Netman - ok
15:58:20.0247 2580 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:58:20.0247 2580 netprofm - ok
15:58:20.0340 2580 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
15:58:20.0356 2580 netr28x - ok
15:58:20.0434 2580 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:58:20.0434 2580 NetTcpPortSharing - ok
15:58:20.0605 2580 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:58:20.0605 2580 nfrd960 - ok
15:58:20.0668 2580 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:58:20.0683 2580 NlaSvc - ok
15:58:20.0715 2580 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:58:20.0715 2580 Npfs - ok
15:58:20.0793 2580 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:58:20.0793 2580 nsi - ok
15:58:20.0824 2580 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:58:20.0824 2580 nsiproxy - ok
15:58:20.0964 2580 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:58:20.0980 2580 Ntfs - ok
15:58:21.0261 2580 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:58:21.0261 2580 Null - ok
15:58:21.0307 2580 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:58:21.0307 2580 nvraid - ok
15:58:21.0339 2580 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:58:21.0354 2580 nvstor - ok
15:58:21.0385 2580 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:58:21.0385 2580 nv_agp - ok
15:58:21.0448 2580 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:58:21.0448 2580 ohci1394 - ok
15:58:21.0495 2580 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:58:21.0495 2580 p2pimsvc - ok
15:58:21.0635 2580 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:58:21.0635 2580 p2psvc - ok
15:58:21.0697 2580 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:58:21.0697 2580 Parport - ok
15:58:21.0760 2580 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:58:21.0760 2580 partmgr - ok
15:58:21.0807 2580 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:58:21.0963 2580 PcaSvc - ok
15:58:22.0072 2580 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:58:22.0072 2580 pci - ok
15:58:22.0290 2580 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:58:22.0290 2580 pciide - ok
15:58:22.0368 2580 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:58:22.0368 2580 pcmcia - ok
15:58:22.0415 2580 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:58:22.0415 2580 pcw - ok
15:58:22.0477 2580 pdfcDispatcher - ok
15:58:22.0649 2580 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:58:22.0649 2580 PEAUTH - ok
15:58:22.0727 2580 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:58:22.0743 2580 PeerDistSvc - ok
15:58:22.0867 2580 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:58:22.0883 2580 PerfHost - ok
15:58:23.0101 2580 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:58:23.0117 2580 pla - ok
15:58:23.0273 2580 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:58:23.0289 2580 PlugPlay - ok
15:58:23.0351 2580 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:58:23.0351 2580 PNRPAutoReg - ok
15:58:23.0382 2580 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:58:23.0382 2580 PNRPsvc - ok
15:58:23.0507 2580 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:58:23.0523 2580 PolicyAgent - ok
15:58:23.0819 2580 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:58:23.0819 2580 Power - ok
15:58:23.0959 2580 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:58:23.0975 2580 PptpMiniport - ok
15:58:24.0006 2580 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:58:24.0006 2580 Processor - ok
15:58:24.0053 2580 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:58:24.0069 2580 ProfSvc - ok
15:58:24.0131 2580 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:24.0131 2580 ProtectedStorage - ok
15:58:24.0240 2580 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:58:24.0256 2580 Psched - ok
15:58:24.0381 2580 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:58:24.0381 2580 PSI_SVC_2 - ok
15:58:24.0615 2580 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:58:24.0630 2580 ql2300 - ok
15:58:24.0724 2580 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:58:24.0739 2580 ql40xx - ok
15:58:24.0817 2580 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:58:24.0833 2580 QWAVE - ok
15:58:25.0020 2580 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:58:25.0020 2580 QWAVEdrv - ok
15:58:25.0036 2580 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:58:25.0036 2580 RasAcd - ok
15:58:25.0083 2580 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:58:25.0098 2580 RasAgileVpn - ok
15:58:25.0207 2580 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:58:25.0223 2580 RasAuto - ok
15:58:25.0270 2580 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:25.0270 2580 Rasl2tp - ok
15:58:25.0363 2580 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:58:25.0379 2580 RasMan - ok
15:58:25.0426 2580 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:25.0426 2580 RasPppoe - ok
15:58:25.0441 2580 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:58:25.0441 2580 RasSstp - ok
15:58:25.0504 2580 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:58:25.0519 2580 rdbss - ok
15:58:25.0675 2580 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:58:25.0675 2580 rdpbus - ok
15:58:25.0722 2580 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:25.0722 2580 RDPCDD - ok
15:58:25.0831 2580 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:58:25.0831 2580 RDPDR - ok
15:58:25.0894 2580 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:58:25.0894 2580 RDPENCDD - ok
15:58:25.0925 2580 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:58:25.0925 2580 RDPREFMP - ok
15:58:26.0050 2580 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:58:26.0065 2580 RDPWD - ok
15:58:26.0190 2580 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:58:26.0190 2580 rdyboost - ok
15:58:26.0284 2580 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:58:26.0299 2580 RemoteAccess - ok
15:58:26.0346 2580 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:58:26.0362 2580 RemoteRegistry - ok
15:58:26.0502 2580 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:58:26.0502 2580 RFCOMM - ok
15:58:26.0643 2580 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:58:26.0643 2580 RpcEptMapper - ok
15:58:26.0689 2580 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:58:26.0689 2580 RpcLocator - ok
15:58:26.0752 2580 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:58:26.0767 2580 RpcSs - ok
15:58:26.0830 2580 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:58:26.0830 2580 rspndr - ok
15:58:26.0923 2580 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
15:58:26.0923 2580 RSUSBSTOR - ok
15:58:27.0079 2580 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:58:27.0079 2580 RTL8167 - ok
15:58:27.0142 2580 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:58:27.0142 2580 s3cap - ok
15:58:27.0189 2580 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:27.0189 2580 SamSs - ok
15:58:27.0376 2580 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:58:27.0376 2580 SASDIFSV - ok
15:58:27.0407 2580 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:58:27.0407 2580 SASKUTIL - ok
15:58:27.0735 2580 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:58:27.0735 2580 sbp2port - ok
15:58:27.0953 2580 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:58:27.0953 2580 SCardSvr - ok
15:58:28.0015 2580 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:58:28.0015 2580 scfilter - ok
15:58:28.0140 2580 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:58:28.0156 2580 Schedule - ok
15:58:28.0374 2580 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:58:28.0374 2580 SCPolicySvc - ok
15:58:28.0437 2580 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:58:28.0452 2580 SDRSVC - ok
15:58:28.0515 2580 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:58:28.0515 2580 secdrv - ok
15:58:28.0577 2580 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:58:28.0593 2580 seclogon - ok
15:58:28.0733 2580 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:58:28.0733 2580 SENS - ok
15:58:28.0780 2580 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:58:28.0780 2580 SensrSvc - ok
15:58:28.0858 2580 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:58:28.0858 2580 Serenum - ok
15:58:28.0873 2580 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:58:28.0873 2580 Serial - ok
15:58:28.0951 2580 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:58:28.0951 2580 sermouse - ok
15:58:29.0029 2580 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:58:29.0045 2580 SessionEnv - ok
15:58:29.0232 2580 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:58:29.0248 2580 sffdisk - ok
15:58:29.0295 2580 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:58:29.0295 2580 sffp_mmc - ok
15:58:29.0357 2580 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:58:29.0357 2580 sffp_sd - ok
15:58:29.0388 2580 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:58:29.0388 2580 sfloppy - ok
15:58:29.0653 2580 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:58:29.0653 2580 SharedAccess - ok
15:58:29.0747 2580 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:58:29.0763 2580 ShellHWDetection - ok
15:58:29.0825 2580 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:58:29.0825 2580 SiSRaid2 - ok
15:58:29.0934 2580 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:58:29.0950 2580 SiSRaid4 - ok
15:58:30.0075 2580 SiteAdvisor Service - ok
15:58:30.0121 2580 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:58:30.0121 2580 Smb - ok
15:58:30.0184 2580 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:58:30.0184 2580 SNMPTRAP - ok
15:58:30.0605 2580 SNP2UVC (6fc63b4b19fb809336034d5c5c4d2bc0) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:58:30.0621 2580 SNP2UVC - ok
15:58:30.0683 2580 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:58:30.0683 2580 spldr - ok
15:58:30.0823 2580 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:58:30.0823 2580 Spooler - ok
15:58:31.0291 2580 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:58:31.0307 2580 sppsvc - ok
15:58:31.0494 2580 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:58:31.0494 2580 sppuinotify - ok
15:58:31.0619 2580 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:58:31.0619 2580 srv - ok
15:58:31.0681 2580 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:58:31.0681 2580 srv2 - ok
15:58:31.0744 2580 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:58:31.0744 2580 srvnet - ok
15:58:31.0806 2580 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:58:31.0822 2580 SSDPSRV - ok
15:58:31.0993 2580 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:58:31.0993 2580 SstpSvc - ok
15:58:32.0149 2580 STacSV (e455f5fe92edc3cad3f2963c5cca47e6) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
15:58:32.0165 2580 STacSV - ok
15:58:32.0227 2580 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:58:32.0227 2580 stexstor - ok
15:58:32.0399 2580 STHDA (4a9d087c9a97071b9d06db38567da906) C:\Windows\system32\DRIVERS\stwrt64.sys
15:58:32.0399 2580 STHDA - ok
15:58:32.0524 2580 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:58:32.0539 2580 stisvc - ok
15:58:32.0633 2580 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:58:32.0633 2580 storflt - ok
15:58:32.0789 2580 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:58:32.0789 2580 StorSvc - ok
15:58:32.0867 2580 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:58:32.0867 2580 storvsc - ok
15:58:32.0914 2580 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:58:32.0914 2580 swenum - ok
15:58:33.0039 2580 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:58:33.0054 2580 swprv - ok
15:58:33.0289 2580 SynTP (1f298c285d48ce42eb6b7f8d4f0d8120) C:\Windows\system32\DRIVERS\SynTP.sys
15:58:33.0289 2580 SynTP - ok
15:58:33.0476 2580 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:58:33.0508 2580 SysMain - ok
15:58:33.0679 2580 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:58:33.0695 2580 TabletInputService - ok
15:58:33.0773 2580 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:58:33.0773 2580 TapiSrv - ok
15:58:33.0851 2580 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:58:33.0851 2580 TBS - ok
15:58:34.0022 2580 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:58:34.0085 2580 Tcpip - ok
15:58:34.0412 2580 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:58:34.0428 2580 TCPIP6 - ok
15:58:34.0475 2580 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:58:34.0475 2580 tcpipreg - ok
15:58:34.0880 2580 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:58:34.0880 2580 TDPIPE - ok
15:58:34.0958 2580 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:58:34.0958 2580 TDTCP - ok
15:58:34.0990 2580 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:58:34.0990 2580 tdx - ok
15:58:35.0083 2580 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:58:35.0083 2580 TermDD - ok
15:58:35.0270 2580 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:58:35.0286 2580 TermService - ok
15:58:35.0317 2580 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:58:35.0333 2580 Themes - ok
15:58:35.0411 2580 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:58:35.0411 2580 THREADORDER - ok
15:58:35.0489 2580 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:58:35.0489 2580 TrkWks - ok
15:58:35.0614 2580 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:58:35.0614 2580 TrustedInstaller - ok
15:58:35.0770 2580 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:35.0770 2580 tssecsrv - ok
15:58:35.0879 2580 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:58:35.0879 2580 TsUsbFlt - ok
15:58:35.0972 2580 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:58:35.0972 2580 tunnel - ok
15:58:36.0019 2580 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:58:36.0019 2580 uagp35 - ok
15:58:36.0144 2580 uArcCapture (9eea84226ed2a028bc3fdfdde03fe95c) C:\Windows\system\uArcCapture.exe
15:58:36.0144 2580 uArcCapture - ok
15:58:36.0253 2580 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:58:36.0269 2580 udfs - ok
15:58:36.0425 2580 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:58:36.0425 2580 UI0Detect - ok
15:58:36.0487 2580 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:58:36.0487 2580 uliagpkx - ok
15:58:36.0534 2580 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:58:36.0534 2580 umbus - ok
15:58:36.0643 2580 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:58:36.0643 2580 UmPass - ok
15:58:36.0768 2580 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:58:36.0768 2580 UmRdpService - ok
15:58:37.0111 2580 UNS (44aa8d5d3b3b5610fef46ca8a9c52d8c) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:58:37.0142 2580 UNS - ok
15:58:37.0376 2580 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:58:37.0392 2580 upnphost - ok
15:58:37.0486 2580 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:37.0501 2580 usbccgp - ok
15:58:37.0564 2580 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:58:37.0564 2580 usbcir - ok
15:58:37.0610 2580 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:58:37.0610 2580 usbehci - ok
15:58:37.0657 2580 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:58:37.0673 2580 usbhub - ok
15:58:37.0813 2580 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:58:37.0813 2580 usbohci - ok
15:58:37.0876 2580 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:58:37.0891 2580 usbprint - ok
15:58:37.0954 2580 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:58:37.0969 2580 usbscan - ok
15:58:38.0032 2580 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
15:58:38.0032 2580 USBSTOR - ok
15:58:38.0063 2580 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:58:38.0078 2580 usbuhci - ok
15:58:38.0281 2580 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:58:38.0281 2580 usbvideo - ok
15:58:38.0328 2580 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:58:38.0328 2580 UxSms - ok
15:58:38.0390 2580 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:58:38.0390 2580 VaultSvc - ok
15:58:38.0468 2580 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:58:38.0468 2580 vdrvroot - ok
15:58:38.0531 2580 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:58:38.0546 2580 vds - ok
15:58:38.0749 2580 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:38.0765 2580 vga - ok
15:58:38.0780 2580 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:58:38.0780 2580 VgaSave - ok
15:58:38.0827 2580 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:58:38.0843 2580 vhdmp - ok
15:58:38.0905 2580 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:58:38.0921 2580 viaide - ok
15:58:38.0952 2580 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:58:38.0952 2580 vmbus - ok
15:58:39.0155 2580 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:58:39.0155 2580 VMBusHID - ok
15:58:39.0186 2580 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:58:39.0186 2580 volmgr - ok
15:58:39.0264 2580 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:58:39.0280 2580 volmgrx - ok
15:58:39.0373 2580 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:58:39.0373 2580 volsnap - ok
15:58:39.0623 2580 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:58:39.0623 2580 vsmraid - ok
15:58:39.0779 2580 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:58:39.0810 2580 VSS - ok
15:58:39.0841 2580 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:58:39.0841 2580 vwifibus - ok
15:58:40.0028 2580 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:58:40.0028 2580 vwififlt - ok
15:58:40.0075 2580 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
15:58:40.0091 2580 vwifimp - ok
15:58:40.0153 2580 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:58:40.0169 2580 W32Time - ok
15:58:40.0200 2580 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:58:40.0200 2580 WacomPen - ok
15:58:40.0247 2580 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:58:40.0247 2580 WANARP - ok
15:58:40.0262 2580 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:58:40.0262 2580 Wanarpv6 - ok
15:58:40.0434 2580 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:58:40.0450 2580 WatAdminSvc - ok
15:58:40.0746 2580 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:58:40.0762 2580 wbengine - ok
15:58:40.0840 2580 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:58:40.0840 2580 WbioSrvc - ok
15:58:40.0933 2580 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:58:40.0949 2580 wcncsvc - ok
15:58:41.0089 2580 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:58:41.0089 2580 WcsPlugInService - ok
15:58:41.0167 2580 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:58:41.0167 2580 Wd - ok
15:58:41.0214 2580 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:58:41.0230 2580 Wdf01000 - ok
15:58:41.0292 2580 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:58:41.0292 2580 WdiServiceHost - ok
15:58:41.0308 2580 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:58:41.0308 2580 WdiSystemHost - ok
15:58:41.0370 2580 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:58:41.0370 2580 WebClient - ok
15:58:41.0604 2580 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:58:41.0604 2580 Wecsvc - ok
15:58:41.0635 2580 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:58:41.0651 2580 wercplsupport - ok
15:58:41.0698 2580 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:58:41.0698 2580 WerSvc - ok
15:58:41.0760 2580 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:58:41.0760 2580 WfpLwf - ok
15:58:41.0807 2580 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:58:41.0807 2580 WIMMount - ok
15:58:41.0854 2580 WinDefend - ok
15:58:41.0869 2580 WinHttpAutoProxySvc - ok
15:58:42.0119 2580 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:58:42.0119 2580 Winmgmt - ok
15:58:45.0208 2580 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:58:45.0239 2580 WinRM - ok
15:58:45.0551 2580 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:58:45.0567 2580 Wlansvc - ok
15:58:45.0629 2580 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:58:45.0629 2580 WmiAcpi - ok
15:58:45.0723 2580 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:58:45.0723 2580 wmiApSrv - ok
15:58:45.0785 2580 WMPNetworkSvc - ok
15:58:46.0050 2580 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:58:46.0050 2580 WPCSvc - ok
15:58:46.0113 2580 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:58:46.0128 2580 WPDBusEnum - ok
15:58:46.0222 2580 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:58:46.0222 2580 ws2ifsl - ok
15:58:46.0284 2580 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:58:46.0300 2580 wscsvc - ok
15:58:46.0331 2580 WSearch - ok
15:58:46.0549 2580 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:58:46.0581 2580 wuauserv - ok
15:58:46.0659 2580 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:58:46.0659 2580 WudfPf - ok
15:58:46.0799 2580 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:58:46.0799 2580 WUDFRd - ok
15:58:46.0846 2580 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:58:46.0861 2580 wudfsvc - ok
15:58:46.0893 2580 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:58:46.0893 2580 WwanSvc - ok
15:58:46.0939 2580 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:58:47.0033 2580 \Device\Harddisk0\DR0 - ok
15:58:47.0033 2580 Boot (0x1200) (2bcc95a8bb45c98f9994690610e6bca3) \Device\Harddisk0\DR0\Partition0
15:58:47.0033 2580 \Device\Harddisk0\DR0\Partition0 - ok
15:58:47.0064 2580 Boot (0x1200) (717a7ff4e86479a100f54a6ffd6a0b70) \Device\Harddisk0\DR0\Partition1
15:58:47.0064 2580 \Device\Harddisk0\DR0\Partition1 - ok
15:58:47.0095 2580 Boot (0x1200) (a125827035d0d278f0986ba4c35cfe9f) \Device\Harddisk0\DR0\Partition2
15:58:47.0095 2580 \Device\Harddisk0\DR0\Partition2 - ok
15:58:47.0095 2580 ============================================================
15:58:47.0095 2580 Scan finished
15:58:47.0095 2580 ============================================================
15:58:47.0111 3884 Detected object count: 5
15:58:47.0111 3884 Actual detected object count: 5
16:00:21.0569 3884 !SASCORE ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0569 3884 !SASCORE ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0569 3884 cdrom ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0569 3884 cdrom ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0569 3884 DpHost ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0569 3884 DpHost ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0585 3884 Filetrace ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0585 3884 Filetrace ( ForgedFile.Multi.Generic ) - User select action: Skip
16:00:21.0585 3884 FLEXnet Licensing Service 64 ( ForgedFile.Multi.Generic ) - skipped by user
16:00:21.0585 3884 FLEXnet Licensing Service 64 ( ForgedFile.Multi.Generic ) - User select action: Skip
11:41:44.0986 0256 ============================================================
11:41:44.0986 0256 Scan started
11:41:44.0986 0256 Mode: Manual;
11:41:44.0986 0256 ============================================================
11:41:45.0236 0256 !SASCORE - ok
11:41:45.0344 0256 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:41:45.0349 0256 1394ohci - ok
11:41:45.0383 0256 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
11:41:45.0385 0256 Accelerometer - ok
11:41:45.0461 0256 ACDaemon (35f57598f0589feb3c3abc1621bf329f) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:41:45.0465 0256 ACDaemon - ok
11:41:45.0497 0256 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:41:45.0501 0256 ACPI - ok
11:41:45.0521 0256 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:41:45.0523 0256 AcpiPmi - ok
11:41:45.0567 0256 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:41:45.0575 0256 adp94xx - ok
11:41:45.0589 0256 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:41:45.0593 0256 adpahci - ok
11:41:45.0605 0256 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:41:45.0608 0256 adpu320 - ok
11:41:45.0665 0256 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
11:41:45.0677 0256 AdvancedSystemCareService5 - ok
11:41:45.0735 0256 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:41:45.0738 0256 AeLookupSvc - ok
11:41:45.0793 0256 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
11:41:45.0795 0256 AESTFilters - ok
11:41:45.0879 0256 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
11:41:45.0880 0256 Afc - ok
11:41:45.0921 0256 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:41:45.0928 0256 AFD - ok
11:41:45.0970 0256 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
11:41:45.0985 0256 AgereSoftModem - ok
11:41:46.0054 0256 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:41:46.0056 0256 agp440 - ok
11:41:46.0079 0256 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:41:46.0082 0256 ALG - ok
11:41:46.0113 0256 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:41:46.0115 0256 aliide - ok
11:41:46.0133 0256 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:41:46.0134 0256 amdide - ok
11:41:46.0167 0256 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:41:46.0169 0256 AmdK8 - ok
11:41:46.0179 0256 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:41:46.0181 0256 AmdPPM - ok
11:41:46.0199 0256 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:41:46.0202 0256 amdsata - ok
11:41:46.0224 0256 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:41:46.0227 0256 amdsbs - ok
11:41:46.0249 0256 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:41:46.0251 0256 amdxata - ok
11:41:46.0272 0256 AppID - ok
11:41:46.0298 0256 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:41:46.0300 0256 AppIDSvc - ok
11:41:46.0324 0256 Appinfo - ok
11:41:46.0382 0256 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
11:41:46.0386 0256 AppMgmt - ok
11:41:46.0409 0256 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:41:46.0411 0256 arc - ok
11:41:46.0422 0256 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:41:46.0424 0256 arcsas - ok
11:41:46.0454 0256 ARCVCAM (ce2168c926927ba926301baf172bc693) C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys
11:41:46.0455 0256 ARCVCAM - ok
11:41:46.0492 0256 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
11:41:46.0494 0256 aswFsBlk - ok
11:41:46.0504 0256 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
11:41:46.0506 0256 aswMonFlt - ok
11:41:46.0525 0256 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
11:41:46.0526 0256 aswRdr - ok
11:41:46.0563 0256 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
11:41:46.0574 0256 aswSnx - ok
11:41:46.0599 0256 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
11:41:46.0604 0256 aswSP - ok
11:41:46.0619 0256 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
11:41:46.0620 0256 aswTdi - ok
11:41:46.0648 0256 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:41:46.0650 0256 AsyncMac - ok
11:41:46.0701 0256 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:41:46.0702 0256 atapi - ok
11:41:46.0720 0256 AudioEndpointBuilder - ok
11:41:46.0731 0256 AudioSrv - ok
11:41:46.0796 0256 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:41:46.0798 0256 avast! Antivirus - ok
11:41:46.0837 0256 AxInstSV - ok
11:41:46.0877 0256 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:41:46.0884 0256 b06bdrv - ok
11:41:46.0901 0256 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:41:46.0904 0256 b57nd60a - ok
11:41:46.0937 0256 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:41:46.0938 0256 BDESVC - ok
11:41:46.0961 0256 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:41:46.0963 0256 Beep - ok
11:41:47.0009 0256 BFE - ok
11:41:47.0018 0256 BITS - ok
11:41:47.0039 0256 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:41:47.0040 0256 blbdrive - ok
11:41:47.0185 0256 Bluetooth Device Manager (bb745548b1e73f8f6f260677786b2be3) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
11:41:47.0227 0256 Bluetooth Device Manager - ok
11:41:47.0253 0256 Bluetooth Media Service (449d09f3d9cdf02bf594b1513257969e) C:\Program Files\Motorola\Bluetooth\audiosrv.exe
11:41:47.0264 0256 Bluetooth Media Service - ok
11:41:47.0284 0256 Bluetooth OBEX Service (41d5b8ee393d815aa82a9b2116f90bcf) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
11:41:47.0292 0256 Bluetooth OBEX Service - ok
11:41:47.0362 0256 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:41:47.0364 0256 bowser - ok
11:41:47.0394 0256 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:41:47.0396 0256 BrFiltLo - ok
11:41:47.0406 0256 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:41:47.0407 0256 BrFiltUp - ok
11:41:47.0428 0256 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
11:41:47.0430 0256 BridgeMP - ok
11:41:47.0450 0256 Browser - ok
11:41:47.0479 0256 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:41:47.0484 0256 Brserid - ok
11:41:47.0495 0256 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:41:47.0496 0256 BrSerWdm - ok
11:41:47.0507 0256 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:41:47.0508 0256 BrUsbMdm - ok
11:41:47.0519 0256 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:41:47.0520 0256 BrUsbSer - ok
11:41:47.0555 0256 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
11:41:47.0557 0256 BthEnum - ok
11:41:47.0567 0256 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:41:47.0568 0256 BTHMODEM - ok
11:41:47.0602 0256 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
11:41:47.0605 0256 BthPan - ok
11:41:47.0643 0256 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
11:41:47.0651 0256 BTHPORT - ok
11:41:47.0686 0256 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:41:47.0687 0256 bthserv - ok
11:41:47.0753 0256 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
11:41:47.0755 0256 BTHUSB - ok
11:41:47.0796 0256 BTMCOM (e588420b950dac5ac397f76660bce520) C:\Windows\system32\Drivers\btmcom.sys
11:41:47.0798 0256 BTMCOM - ok
11:41:47.0891 0256 BTMUSB (22a24c45a21ab98afcd09229f6ee5fcf) C:\Windows\system32\Drivers\btmusb.sys
11:41:47.0922 0256 BTMUSB - ok
11:41:47.0943 0256 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:41:47.0945 0256 cdfs - ok
11:41:47.0975 0256 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
11:41:47.0976 0256 cdrom - ok
11:41:47.0994 0256 CertPropSvc - ok
11:41:48.0017 0256 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:41:48.0018 0256 circlass - ok
11:41:48.0082 0256 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:41:48.0087 0256 CLFS - ok
11:41:48.0136 0256 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:41:48.0139 0256 clr_optimization_v2.0.50727_32 - ok
11:41:48.0179 0256 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:41:48.0182 0256 clr_optimization_v2.0.50727_64 - ok
11:41:48.0198 0256 clr_optimization_v4.0.30319_32 - ok
11:41:48.0205 0256 clr_optimization_v4.0.30319_64 - ok
11:41:48.0245 0256 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:41:48.0247 0256 CmBatt - ok
11:41:48.0273 0256 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:41:48.0274 0256 cmdide - ok
11:41:48.0310 0256 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
11:41:48.0317 0256 CNG - ok
11:41:48.0363 0256 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:41:48.0365 0256 Compbatt - ok
11:41:48.0396 0256 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:41:48.0398 0256 CompositeBus - ok
11:41:48.0407 0256 COMSysApp - ok
11:41:48.0428 0256 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:41:48.0430 0256 crcdisk - ok
11:41:48.0454 0256 CryptSvc - ok
11:41:48.0485 0256 CSC - ok
11:41:48.0495 0256 CscService - ok
11:41:48.0529 0256 DAMDrv (a8ba4da23ac20bda23ca15234d42a3fa) C:\Windows\system32\DRIVERS\DAMDrv64.sys
11:41:48.0531 0256 DAMDrv - ok
11:41:48.0543 0256 DcomLaunch - ok
11:41:48.0613 0256 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:41:48.0619 0256 defragsvc - ok
11:41:48.0651 0256 DfsC - ok
11:41:48.0662 0256 Dhcp - ok
11:41:48.0698 0256 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:41:48.0699 0256 discache - ok
11:41:48.0715 0256 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:41:48.0718 0256 Disk - ok
11:41:48.0746 0256 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:41:48.0751 0256 Dnscache - ok
11:41:48.0800 0256 dot3svc - ok
11:41:48.0894 0256 DpHost (ef8004b4a9552c77fd0e99ab08841d13) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
11:41:48.0899 0256 DpHost - ok
11:41:48.0917 0256 DPS - ok
11:41:48.0950 0256 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:41:48.0951 0256 drmkaud - ok
11:41:48.0984 0256 DXGKrnl - ok
11:41:49.0017 0256 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:41:49.0021 0256 EapHost - ok
11:41:49.0107 0256 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:41:49.0137 0256 ebdrv - ok
11:41:49.0188 0256 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:41:49.0192 0256 EFS - ok
11:41:49.0213 0256 ehRecvr - ok
11:41:49.0236 0256 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:41:49.0240 0256 ehSched - ok
11:41:49.0283 0256 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:41:49.0291 0256 elxstor - ok
11:41:49.0329 0256 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:41:49.0331 0256 ErrDev - ok
11:41:49.0395 0256 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:41:49.0402 0256 EventSystem - ok
11:41:49.0437 0256 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:41:49.0441 0256 exfat - ok
11:41:49.0483 0256 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:41:49.0487 0256 fastfat - ok
11:41:49.0506 0256 Fax - ok
11:41:49.0533 0256 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:41:49.0535 0256 fdc - ok
11:41:49.0551 0256 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:41:49.0553 0256 fdPHost - ok
11:41:49.0573 0256 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:41:49.0576 0256 FDResPub - ok
11:41:49.0604 0256 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:41:49.0606 0256 FileInfo - ok
11:41:49.0619 0256 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:41:49.0620 0256 Filetrace - ok
11:41:49.0683 0256 FLCDLOCK (7e728680aa428506a82351d859c32c95) C:\Windows\SysWOW64\flcdlock.exe
11:41:49.0691 0256 FLCDLOCK - ok
11:41:49.0754 0256 FLEXnet Licensing Service (3d9b36631032fde0ffea0dc0260e4e35) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
11:41:49.0764 0256 FLEXnet Licensing Service - ok
11:41:49.0821 0256 FLEXnet Licensing Service 64 (52c0312ab35eb7187015fb6a99136bb5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
11:41:49.0830 0256 FLEXnet Licensing Service 64 - ok
11:41:49.0902 0256 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:41:49.0904 0256 flpydisk - ok
11:41:49.0938 0256 FltMgr - ok
11:41:49.0971 0256 FontCache - ok
11:41:50.0036 0256 FontCache3.0.0.0 - ok
11:41:50.0111 0256 FreeAgentGoNext Service (81b4a2c6c9bd17ffb6031a0a61c09764) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
11:41:50.0113 0256 FreeAgentGoNext Service - ok
11:41:50.0135 0256 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:41:50.0137 0256 FsDepends - ok
11:41:50.0155 0256 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:41:50.0156 0256 Fs_Rec - ok
11:41:50.0177 0256 fvevol - ok
11:41:50.0204 0256 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:41:50.0206 0256 gagp30kx - ok
11:41:50.0237 0256 gpsvc - ok
11:41:50.0262 0256 gupdate - ok
11:41:50.0268 0256 gupdatem - ok
11:41:50.0311 0256 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:41:50.0313 0256 hcw85cir - ok
11:41:50.0351 0256 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:41:50.0356 0256 HdAudAddService - ok
11:41:50.0389 0256 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:41:50.0392 0256 HDAudBus - ok
11:41:50.0415 0256 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
11:41:50.0417 0256 HECIx64 - ok
11:41:50.0429 0256 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:41:50.0430 0256 HidBatt - ok
11:41:50.0458 0256 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:41:50.0459 0256 HidBth - ok
11:41:50.0471 0256 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:41:50.0473 0256 HidIr - ok
11:41:50.0506 0256 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:41:50.0509 0256 hidserv - ok
11:41:50.0531 0256 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
11:41:50.0533 0256 HidUsb - ok
11:41:50.0555 0256 hkmsvc - ok
11:41:50.0591 0256 HomeGroupListener - ok
11:41:50.0611 0256 HomeGroupProvider - ok
11:41:50.0675 0256 HP Power Assistant Service (cf3ae4aeab7e3ab87122dc4ddd3a6947) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
11:41:50.0678 0256 HP Power Assistant Service - ok
11:41:50.0748 0256 HP ProtectTools Service (ae2a8c80205f06be5edc63be0ae9a756) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
11:41:50.0753 0256 HP ProtectTools Service - ok
11:41:50.0799 0256 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:41:50.0801 0256 HP Support Assistant Service - ok
11:41:50.0836 0256 HP Wireless Assistant Service (58cc11d14d88ef70ef7abbc75b5eebd8) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
11:41:50.0839 0256 HP Wireless Assistant Service - ok
11:41:50.0866 0256 HPDayStarterService (94c74d758e0f7b1d962da452b4d28c91) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
11:41:50.0869 0256 HPDayStarterService - ok
11:41:50.0897 0256 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:41:50.0900 0256 HPDrvMntSvc.exe - ok
11:41:50.0955 0256 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
11:41:50.0958 0256 hpdskflt - ok
11:41:51.0036 0256 hpHotkeyMonitor (4d94f4d7782657e79eb1352570b563db) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
11:41:51.0039 0256 hpHotkeyMonitor - ok
11:41:51.0067 0256 HpqKbFiltr (b98ee5d4535a685634b90f7e04de0df7) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:41:51.0069 0256 HpqKbFiltr - ok
11:41:51.0119 0256 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:41:51.0129 0256 hpqwmiex - ok
11:41:51.0153 0256 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:41:51.0155 0256 HpSAMD - ok
11:41:51.0174 0256 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
11:41:51.0178 0256 hpsrv - ok
11:41:51.0204 0256 HTTP - ok
11:41:51.0260 0256 hwpolicy - ok
11:41:51.0299 0256 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:41:51.0302 0256 i8042prt - ok
11:41:51.0380 0256 IAANTMON (f54b3db096abd6e9bbbd052fd3878a48) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:41:51.0387 0256 IAANTMON - ok
11:41:51.0438 0256 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
11:41:51.0444 0256 iaStor - ok
11:41:51.0478 0256 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:41:51.0485 0256 iaStorV - ok
11:41:51.0531 0256 idsvc - ok
11:41:51.0780 0256 igfx (898ab5bfed7040d7ab07af01885eb944) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:41:51.0886 0256 igfx - ok
11:41:51.0957 0256 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:41:51.0959 0256 iirsp - ok
11:41:51.0980 0256 IKEEXT - ok
11:41:52.0079 0256 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
11:41:52.0091 0256 IMFservice - ok
11:41:52.0128 0256 Impcd (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
11:41:52.0132 0256 Impcd - ok
11:41:52.0162 0256 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:41:52.0166 0256 IntcDAud - ok
11:41:52.0194 0256 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:41:52.0195 0256 intelide - ok
11:41:52.0256 0256 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:41:52.0258 0256 intelppm - ok
11:41:52.0291 0256 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:41:52.0295 0256 IPBusEnum - ok
11:41:52.0319 0256 IpFilterDriver - ok
11:41:52.0332 0256 iphlpsvc - ok
11:41:52.0366 0256 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:41:52.0368 0256 IPMIDRV - ok
11:41:52.0399 0256 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:41:52.0402 0256 IPNAT - ok
11:41:52.0414 0256 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:41:52.0415 0256 IRENUM - ok
11:41:52.0440 0256 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:41:52.0442 0256 isapnp - ok
11:41:52.0480 0256 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:41:52.0486 0256 iScsiPrt - ok
11:41:52.0509 0256 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
11:41:52.0511 0256 kbdclass - ok
11:41:52.0534 0256 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
11:41:52.0536 0256 kbdhid - ok
11:41:52.0571 0256 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:41:52.0575 0256 KeyIso - ok
11:41:52.0658 0256 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
11:41:52.0661 0256 KSecDD - ok
11:41:52.0685 0256 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
11:41:52.0689 0256 KSecPkg - ok
11:41:52.0717 0256 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:41:52.0719 0256 ksthunk - ok
11:41:52.0753 0256 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:41:52.0761 0256 KtmRm - ok
11:41:52.0798 0256 LanmanServer - ok
11:41:52.0815 0256 LanmanWorkstation - ok
11:41:52.0882 0256 LightScribeService (83d8be94e1cbcbe2ea8372db1a95a159) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
11:41:52.0885 0256 LightScribeService - ok
11:41:52.0898 0256 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:41:52.0900 0256 lltdio - ok
11:41:52.0937 0256 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:41:52.0944 0256 lltdsvc - ok
11:41:52.0982 0256 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:41:52.0986 0256 lmhosts - ok
11:41:53.0044 0256 LMS (bb4e55778d8de3885e1cdac795de7bce) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:41:53.0048 0256 LMS - ok
11:41:53.0096 0256 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:41:53.0097 0256 LSI_FC - ok
11:41:53.0111 0256 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:41:53.0113 0256 LSI_SAS - ok
11:41:53.0125 0256 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:41:53.0127 0256 LSI_SAS2 - ok
11:41:53.0140 0256 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:41:53.0142 0256 LSI_SCSI - ok
11:41:53.0155 0256 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:41:53.0157 0256 luafv - ok
11:41:53.0203 0256 lxdnCATSCustConnectService - ok
11:41:53.0216 0256 lxdn_device - ok
11:41:53.0241 0256 Mcx2Svc - ok
11:41:53.0272 0256 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:41:53.0273 0256 megasas - ok
11:41:53.0289 0256 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:41:53.0293 0256 MegaSR - ok
11:41:53.0325 0256 MfeAVFK (088620da20b98578bfc4b97043f24042) C:\Windows\system32\drivers\MfeAVFK.sys
11:41:53.0328 0256 MfeAVFK - ok
11:41:53.0361 0256 mfehidk (239e677e3e9047550c18b30c26c3ba3e) C:\Windows\system32\drivers\mfehidk.sys
11:41:53.0367 0256 mfehidk - ok
11:41:53.0414 0256 MfeRKDK (ba2aaa62628ca6dea56a62a0e530d014) C:\Windows\system32\drivers\MfeRKDK.sys
11:41:53.0416 0256 MfeRKDK - ok
11:41:53.0446 0256 mfetdik (bd5de25a8ca211484fd61fa9b25c5d1c) C:\Windows\system32\drivers\mfetdik.sys
11:41:53.0448 0256 mfetdik - ok
11:41:53.0479 0256 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:41:53.0483 0256 MMCSS - ok
11:41:53.0517 0256 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:41:53.0518 0256 Modem - ok
11:41:53.0530 0256 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:41:53.0531 0256 monitor - ok
11:41:53.0561 0256 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
11:41:53.0563 0256 mouclass - ok
11:41:53.0585 0256 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:41:53.0587 0256 mouhid - ok
11:41:53.0611 0256 mountmgr - ok
11:41:53.0645 0256 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:41:53.0648 0256 mpio - ok
11:41:53.0683 0256 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:41:53.0686 0256 mpsdrv - ok
11:41:53.0705 0256 MpsSvc - ok
11:41:53.0720 0256 MRxDAV - ok
11:41:53.0748 0256 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:41:53.0751 0256 mrxsmb - ok
11:41:53.0809 0256 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:41:53.0815 0256 mrxsmb10 - ok
11:41:53.0834 0256 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:41:53.0838 0256 mrxsmb20 - ok
11:41:53.0859 0256 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:41:53.0861 0256 msahci - ok
11:41:53.0890 0256 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:41:53.0894 0256 msdsm - ok
11:41:53.0932 0256 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:41:53.0937 0256 MSDTC - ok
11:41:53.0965 0256 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:41:53.0967 0256 Msfs - ok
11:41:53.0990 0256 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:41:53.0992 0256 mshidkmdf - ok
11:41:54.0033 0256 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:41:54.0034 0256 msisadrv - ok
11:41:54.0071 0256 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:41:54.0077 0256 MSiSCSI - ok
11:41:54.0089 0256 msiserver - ok
11:41:54.0111 0256 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:41:54.0113 0256 MSKSSRV - ok
11:41:54.0147 0256 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:41:54.0148 0256 MSPCLOCK - ok
11:41:54.0162 0256 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:41:54.0163 0256 MSPQM - ok
11:41:54.0191 0256 MsRPC - ok
11:41:54.0219 0256 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:41:54.0221 0256 mssmbios - ok
11:41:54.0245 0256 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:41:54.0247 0256 MSTEE - ok
11:41:54.0271 0256 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:41:54.0273 0256 MTConfig - ok
11:41:54.0307 0256 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:41:54.0310 0256 Mup - ok
11:41:54.0321 0256 napagent - ok
11:41:54.0348 0256 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:41:54.0353 0256 NativeWifiP - ok
11:41:54.0379 0256 NDIS - ok
11:41:54.0409 0256 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:41:54.0411 0256 NdisCap - ok
11:41:54.0442 0256 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:41:54.0444 0256 NdisTapi - ok
11:41:54.0465 0256 Ndisuio - ok
11:41:54.0511 0256 NdisWan - ok
11:41:54.0531 0256 NDProxy - ok
11:41:54.0546 0256 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:41:54.0551 0256 NetBIOS - ok
11:41:54.0564 0256 NetBT - ok
11:41:54.0596 0256 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:41:54.0600 0256 Netlogon - ok
11:41:54.0658 0256 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:41:54.0668 0256 Netman - ok
11:41:54.0693 0256 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:41:54.0703 0256 netprofm - ok
11:41:54.0758 0256 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
11:41:54.0767 0256 netr28x - ok
11:41:54.0836 0256 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:41:54.0839 0256 NetTcpPortSharing - ok
11:41:54.0887 0256 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:41:54.0889 0256 nfrd960 - ok
11:41:54.0910 0256 NlaSvc - ok
11:41:54.0956 0256 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:41:54.0958 0256 Npfs - ok
11:41:54.0991 0256 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:41:54.0996 0256 nsi - ok
11:41:55.0009 0256 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:41:55.0010 0256 nsiproxy - ok
11:41:55.0085 0256 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:41:55.0109 0256 Ntfs - ok
11:41:55.0135 0256 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:41:55.0137 0256 Null - ok
11:41:55.0179 0256 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:41:55.0183 0256 nvraid - ok
11:41:55.0219 0256 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:41:55.0223 0256 nvstor - ok
11:41:55.0248 0256 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:41:55.0251 0256 nv_agp - ok
11:41:55.0278 0256 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:41:55.0280 0256 ohci1394 - ok
11:41:55.0347 0256 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:41:55.0356 0256 p2pimsvc - ok
11:41:55.0388 0256 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:41:55.0397 0256 p2psvc - ok
11:41:55.0426 0256 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:41:55.0429 0256 Parport - ok
11:41:55.0451 0256 partmgr - ok
11:41:55.0479 0256 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:41:55.0485 0256 PcaSvc - ok
11:41:55.0540 0256 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:41:55.0545 0256 pci - ok
11:41:55.0569 0256 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:41:55.0571 0256 pciide - ok
11:41:55.0598 0256 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:41:55.0602 0256 pcmcia - ok
11:41:55.0626 0256 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:41:55.0628 0256 pcw - ok
11:41:55.0668 0256 pdfcDispatcher - ok
11:41:55.0721 0256 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:41:55.0731 0256 PEAUTH - ok
11:41:55.0790 0256 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
11:41:55.0810 0256 PeerDistSvc - ok
11:41:55.0861 0256 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:41:55.0864 0256 PerfHost - ok
11:41:55.0904 0256 pla - ok
11:41:55.0943 0256 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:41:55.0950 0256 PlugPlay - ok
11:41:55.0984 0256 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:41:55.0987 0256 PNRPAutoReg - ok
11:41:56.0021 0256 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:41:56.0027 0256 PNRPsvc - ok
11:41:56.0062 0256 PolicyAgent - ok
11:41:56.0101 0256 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:41:56.0107 0256 Power - ok
11:41:56.0142 0256 PptpMiniport - ok
11:41:56.0175 0256 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:41:56.0177 0256 Processor - ok
11:41:56.0188 0256 ProfSvc - ok
11:41:56.0221 0256 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:41:56.0224 0256 ProtectedStorage - ok
11:41:56.0255 0256 Psched - ok
11:41:56.0309 0256 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
11:41:56.0313 0256 PSI_SVC_2 - ok
11:41:56.0360 0256 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:41:56.0380 0256 ql2300 - ok
11:41:56.0415 0256 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:41:56.0417 0256 ql40xx - ok
11:41:56.0448 0256 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:41:56.0453 0256 QWAVE - ok
11:41:56.0485 0256 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:41:56.0486 0256 QWAVEdrv - ok
11:41:56.0507 0256 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:41:56.0508 0256 RasAcd - ok
11:41:56.0534 0256 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:41:56.0535 0256 RasAgileVpn - ok
11:41:56.0559 0256 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:41:56.0563 0256 RasAuto - ok
11:41:56.0579 0256 Rasl2tp - ok
11:41:56.0618 0256 RasMan - ok
11:41:56.0636 0256 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:41:56.0640 0256 RasPppoe - ok
11:41:56.0672 0256 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:41:56.0674 0256 RasSstp - ok
11:41:56.0696 0256 rdbss - ok
11:41:56.0711 0256 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:41:56.0713 0256 rdpbus - ok
11:41:56.0735 0256 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:41:56.0736 0256 RDPCDD - ok
11:41:56.0768 0256 RDPDR - ok
11:41:56.0795 0256 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:41:56.0797 0256 RDPENCDD - ok
11:41:56.0821 0256 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:41:56.0822 0256 RDPREFMP - ok
11:41:56.0881 0256 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
11:41:56.0886 0256 RDPWD - ok
11:41:56.0911 0256 rdyboost - ok
11:41:56.0950 0256 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:41:56.0955 0256 RemoteAccess - ok
11:41:56.0981 0256 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:41:56.0988 0256 RemoteRegistry - ok
11:41:57.0026 0256 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
11:41:57.0029 0256 RFCOMM - ok
11:41:57.0061 0256 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:41:57.0065 0256 RpcEptMapper - ok
11:41:57.0106 0256 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:41:57.0110 0256 RpcLocator - ok
11:41:57.0137 0256 RpcSs - ok
11:41:57.0171 0256 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:41:57.0173 0256 rspndr - ok
11:41:57.0236 0256 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
11:41:57.0241 0256 RSUSBSTOR - ok
11:41:57.0284 0256 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:41:57.0290 0256 RTL8167 - ok
11:41:57.0339 0256 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:41:57.0341 0256 s3cap - ok
11:41:57.0370 0256 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:41:57.0373 0256 SamSs - ok
11:41:57.0422 0256 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:41:57.0423 0256 SASDIFSV - ok
11:41:57.0437 0256 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:41:57.0438 0256 SASKUTIL - ok
11:41:57.0476 0256 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:41:57.0479 0256 sbp2port - ok
11:41:57.0507 0256 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:41:57.0514 0256 SCardSvr - ok
11:41:57.0538 0256 scfilter - ok
11:41:57.0590 0256 Schedule - ok
11:41:57.0612 0256 SCPolicySvc - ok
11:41:57.0626 0256 SDRSVC - ok
11:41:57.0672 0256 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:41:57.0674 0256 secdrv - ok
11:41:57.0702 0256 seclogon - ok
11:41:57.0734 0256 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:41:57.0740 0256 SENS - ok
11:41:57.0759 0256 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:41:57.0765 0256 SensrSvc - ok
11:41:57.0785 0256 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:41:57.0787 0256 Serenum - ok
11:41:57.0804 0256 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:41:57.0805 0256 Serial - ok
11:41:57.0842 0256 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:41:57.0844 0256 sermouse - ok
11:41:57.0884 0256 SessionEnv - ok
11:41:57.0941 0256 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:41:57.0942 0256 sffdisk - ok
11:41:57.0963 0256 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:41:57.0965 0256 sffp_mmc - ok
11:41:57.0980 0256 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:41:57.0981 0256 sffp_sd - ok
11:41:58.0024 0256 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:41:58.0025 0256 sfloppy - ok
11:41:58.0081 0256 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:41:58.0088 0256 SharedAccess - ok
11:41:58.0114 0256 ShellHWDetection - ok
11:41:58.0165 0256 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:41:58.0167 0256 SiSRaid2 - ok
11:41:58.0183 0256 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:41:58.0185 0256 SiSRaid4 - ok
11:41:58.0229 0256 SiteAdvisor Service - ok
11:41:58.0269 0256 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:41:58.0271 0256 Smb - ok
11:41:58.0316 0256 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:41:58.0320 0256 SNMPTRAP - ok
11:41:58.0384 0256 SNP2UVC (6fc63b4b19fb809336034d5c5c4d2bc0) C:\Windows\system32\DRIVERS\snp2uvc.sys
11:41:58.0405 0256 SNP2UVC - ok
11:41:58.0439 0256 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:41:58.0442 0256 spldr - ok
11:41:58.0475 0256 Spooler - ok
11:41:58.0495 0256 sppsvc - ok
11:41:58.0523 0256 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:41:58.0532 0256 sppuinotify - ok
11:41:58.0597 0256 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:41:58.0606 0256 srv - ok
11:41:58.0638 0256 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:41:58.0644 0256 srv2 - ok
11:41:58.0694 0256 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:41:58.0698 0256 srvnet - ok
11:41:58.0731 0256 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:41:58.0739 0256 SSDPSRV - ok
11:41:58.0758 0256 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:41:58.0764 0256 SstpSvc - ok
11:41:58.0833 0256 STacSV (e455f5fe92edc3cad3f2963c5cca47e6) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
11:41:58.0839 0256 STacSV - ok
11:41:58.0897 0256 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:41:58.0899 0256 stexstor - ok
11:41:58.0948 0256 STHDA (4a9d087c9a97071b9d06db38567da906) C:\Windows\system32\DRIVERS\stwrt64.sys
11:41:58.0956 0256 STHDA - ok
11:41:59.0004 0256 stisvc - ok
11:41:59.0042 0256 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
11:41:59.0044 0256 storflt - ok
11:41:59.0074 0256 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
11:41:59.0080 0256 StorSvc - ok
11:41:59.0100 0256 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:41:59.0102 0256 storvsc - ok
11:41:59.0121 0256 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:41:59.0122 0256 swenum - ok
11:41:59.0162 0256 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:41:59.0171 0256 swprv - ok
11:41:59.0226 0256 SynTP (1f298c285d48ce42eb6b7f8d4f0d8120) C:\Windows\system32\DRIVERS\SynTP.sys
11:41:59.0232 0256 SynTP - ok
11:41:59.0257 0256 SysMain - ok
11:41:59.0277 0256 TabletInputService - ok
11:41:59.0291 0256 TapiSrv - ok
11:41:59.0319 0256 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:41:59.0324 0256 TBS - ok
11:41:59.0416 0256 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:41:59.0440 0256 Tcpip - ok
11:41:59.0473 0256 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:41:59.0483 0256 TCPIP6 - ok
11:41:59.0508 0256 tcpipreg - ok
11:41:59.0544 0256 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:41:59.0545 0256 TDPIPE - ok
11:41:59.0569 0256 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:41:59.0571 0256 TDTCP - ok
11:41:59.0628 0256 tdx - ok
11:41:59.0667 0256 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:41:59.0670 0256 TermDD - ok
11:41:59.0683 0256 TermService - ok
11:41:59.0719 0256 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:41:59.0725 0256 Themes - ok
11:41:59.0771 0256 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:41:59.0775 0256 THREADORDER - ok
11:41:59.0795 0256 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:41:59.0802 0256 TrkWks - ok
11:41:59.0830 0256 TrustedInstaller - ok
11:41:59.0852 0256 tssecsrv - ok
11:41:59.0875 0256 TsUsbFlt - ok
11:41:59.0896 0256 tunnel - ok
11:41:59.0936 0256 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:41:59.0938 0256 uagp35 - ok
11:41:59.0980 0256 uArcCapture (9eea84226ed2a028bc3fdfdde03fe95c) C:\Windows\system\uArcCapture.exe
11:41:59.0986 0256 uArcCapture - ok
11:42:00.0023 0256 udfs - ok
11:42:00.0082 0256 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:42:00.0089 0256 UI0Detect - ok
11:42:00.0140 0256 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:42:00.0143 0256 uliagpkx - ok
11:42:00.0182 0256 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:42:00.0184 0256 umbus - ok
11:42:00.0212 0256 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:42:00.0214 0256 UmPass - ok
11:42:00.0238 0256 UmRdpService - ok
11:42:00.0350 0256 UNS (44aa8d5d3b3b5610fef46ca8a9c52d8c) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:42:00.0372 0256 UNS - ok
11:42:00.0424 0256 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:42:00.0431 0256 upnphost - ok
11:42:00.0474 0256 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:42:00.0477 0256 usbccgp - ok
11:42:00.0507 0256 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:42:00.0509 0256 usbcir - ok
11:42:00.0541 0256 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
11:42:00.0542 0256 usbehci - ok
11:42:00.0576 0256 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:42:00.0581 0256 usbhub - ok
11:42:00.0615 0256 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
11:42:00.0616 0256 usbohci - ok
11:42:00.0651 0256 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:42:00.0653 0256 usbprint - ok
11:42:00.0677 0256 usbscan - ok
11:42:00.0701 0256 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
11:42:00.0704 0256 USBSTOR - ok
11:42:00.0722 0256 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
11:42:00.0723 0256 usbuhci - ok
11:42:00.0748 0256 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
11:42:00.0750 0256 usbvideo - ok
11:42:00.0808 0256 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:42:00.0815 0256 UxSms - ok
11:42:00.0864 0256 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:42:00.0868 0256 VaultSvc - ok
11:42:00.0905 0256 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:42:00.0907 0256 vdrvroot - ok
11:42:00.0931 0256 vds - ok
11:42:00.0967 0256 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:42:00.0969 0256 vga - ok
11:42:00.0983 0256 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:42:00.0985 0256 VgaSave - ok
11:42:01.0028 0256 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:42:01.0032 0256 vhdmp - ok
11:42:01.0062 0256 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:42:01.0064 0256 viaide - ok
11:42:01.0087 0256 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
11:42:01.0091 0256 vmbus - ok
11:42:01.0113 0256 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:42:01.0115 0256 VMBusHID - ok
11:42:01.0137 0256 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:42:01.0140 0256 volmgr - ok
11:42:01.0189 0256 volmgrx - ok
11:42:01.0223 0256 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:42:01.0229 0256 volsnap - ok
11:42:01.0282 0256 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:42:01.0285 0256 vsmraid - ok
11:42:01.0315 0256 VSS - ok
11:42:01.0332 0256 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:42:01.0334 0256 vwifibus - ok
11:42:01.0350 0256 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:42:01.0351 0256 vwififlt - ok
11:42:01.0381 0256 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:42:01.0382 0256 vwifimp - ok
11:42:01.0417 0256 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:42:01.0424 0256 W32Time - ok
11:42:01.0460 0256 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:42:01.0461 0256 WacomPen - ok
11:42:01.0473 0256 WANARP - ok
11:42:01.0485 0256 Wanarpv6 - ok
11:42:01.0509 0256 WatAdminSvc - ok
11:42:01.0529 0256 wbengine - ok
11:42:01.0556 0256 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:42:01.0562 0256 WbioSrvc - ok
11:42:01.0587 0256 wcncsvc - ok
11:42:01.0615 0256 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:42:01.0619 0256 WcsPlugInService - ok
11:42:01.0657 0256 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:42:01.0658 0256 Wd - ok
11:42:01.0696 0256 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:42:01.0706 0256 Wdf01000 - ok
11:42:01.0746 0256 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:42:01.0751 0256 WdiServiceHost - ok
11:42:01.0757 0256 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:42:01.0761 0256 WdiSystemHost - ok
11:42:01.0785 0256 WebClient - ok
11:42:01.0811 0256 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:42:01.0817 0256 Wecsvc - ok
11:42:01.0836 0256 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:42:01.0842 0256 wercplsupport - ok
11:42:01.0873 0256 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:42:01.0878 0256 WerSvc - ok
11:42:01.0901 0256 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:42:01.0903 0256 WfpLwf - ok
11:42:01.0929 0256 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:42:01.0930 0256 WIMMount - ok
11:42:01.0954 0256 WinDefend - ok
11:42:01.0966 0256 WinHttpAutoProxySvc - ok
11:42:02.0021 0256 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:42:02.0026 0256 Winmgmt - ok
11:42:02.0073 0256 WinRM - ok
11:42:02.0145 0256 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:42:02.0161 0256 Wlansvc - ok
11:42:02.0197 0256 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:42:02.0198 0256 WmiAcpi - ok
11:42:02.0235 0256 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:42:02.0238 0256 wmiApSrv - ok
11:42:02.0245 0256 WMPNetworkSvc - ok
11:42:02.0274 0256 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:42:02.0278 0256 WPCSvc - ok
11:42:02.0304 0256 WPDBusEnum - ok
11:42:02.0342 0256 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:42:02.0344 0256 ws2ifsl - ok
11:42:02.0379 0256 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
11:42:02.0387 0256 wscsvc - ok
11:42:02.0402 0256 WSearch - ok
11:42:02.0435 0256 wuauserv - ok
11:42:02.0456 0256 WudfPf - ok
11:42:02.0498 0256 WUDFRd - ok
11:42:02.0527 0256 wudfsvc - ok
11:42:02.0594 0256 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:42:02.0604 0256 WwanSvc - ok
11:42:02.0648 0256 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:42:02.0709 0256 \Device\Harddisk0\DR0 - ok
11:42:02.0713 0256 Boot (0x1200) (2bcc95a8bb45c98f9994690610e6bca3) \Device\Harddisk0\DR0\Partition0
11:42:02.0715 0256 \Device\Harddisk0\DR0\Partition0 - ok
11:42:02.0731 0256 Boot (0x1200) (717a7ff4e86479a100f54a6ffd6a0b70) \Device\Harddisk0\DR0\Partition1
11:42:02.0733 0256 \Device\Harddisk0\DR0\Partition1 - ok
11:42:02.0759 0256 Boot (0x1200) (c38b65258ebeba4d1183941a74c16c8d) \Device\Harddisk0\DR0\Partition2
11:42:02.0760 0256 \Device\Harddisk0\DR0\Partition2 - ok
11:42:02.0761 0256 ============================================================
11:42:02.0761 0256 Scan finished
11:42:02.0761 0256 ============================================================
11:42:02.0771 3336 Detected object count: 0
11:42:02.0771 3336 Actual detected object count: 0

#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,971 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:48 AM

Posted 11 April 2012 - 01:29 PM

I checked the MD5 or these files and found them to be Good.

How is the computer performing.
What are the issues?

#13 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 11 April 2012 - 03:53 PM

The computer seems to be working fine now. Is there anything else I should do? I think the zombie is dead.

#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,971 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:48 AM

Posted 12 April 2012 - 07:29 AM

Time for some housekeeping

Glad we could help.

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bold text into the Run box and click OK:

ComboFix /Uninstall
===

Delete the other tools we used.

Surf Safely, and Think Prevention!
===

#15 ChiroCalvinist

ChiroCalvinist
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 12 April 2012 - 08:38 AM

Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users