Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

want to be sure no virus traces remain


  • Please log in to reply
6 replies to this topic

#1 dakthur

dakthur

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 07 April 2012 - 11:45 PM

Got what I believe was a rootkit of some sort a few days ago and none of the virus scans could find it. Slowly it started hiding registry files and running itself as system files then removed my administrative status and an unknown user s1521 with a whole bunch of numbers appeared in all my files with full priveleges. The virus was spread to my laptop also as they shared files with homegroup. It got so bad I restored both computers to factory status and they seem to be running ok but have been getting lots of blocked access thru the firewall on my desktop and in group security settings under administrative tools on the laptop there is a number similar to the unknown user with the s1521 number that has certain security privelages in the list. Want to be sure that the restores removed the virus on both computers before going to far as far as reinstalling a lot of things only to have to revert back. Just need to know what log programs to run and post. Thank you in advance.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:01 AM

Posted 08 April 2012 - 10:57 AM

Hello amd welcome. Lets tale a look.
Do you still have hiding files?


Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode

<<><<><><><><><><><><><><><><><><><><><><><>
Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 dakthur

dakthur
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 08 April 2012 - 05:17 PM

As far as I can see there are no hidden files but I ran the scans and will post my desktop ones first then the laptop ones.


desktops minitoolbox log

MiniToolBox by Farbar Version: 18-01-2012
Ran by vaughn (administrator) on 08-04-2012 at 17:37:05
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : vaughn-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : B8-AC-6F-AF-0F-A4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e034:c168:4f9b:518%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, April 08, 2012 2:21:27 AM
Lease Expires . . . . . . . . . . : Monday, April 09, 2012 2:32:32 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 246983791
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-7A-4D-07-B8-AC-6F-AF-0F-A4
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28d2:336b:9d91:a1a(Preferred)
Link-local IPv6 Address . . . . . : fe80::28d2:336b:9d91:a1a%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.196
74.125.226.194
74.125.226.197
74.125.226.200
74.125.226.206
74.125.226.193
74.125.226.195
74.125.226.198
74.125.226.201
74.125.226.199
74.125.226.192


Pinging google.com [74.125.226.197] with 32 bytes of data:
Reply from 74.125.226.197: bytes=32 time=234ms TTL=251
Reply from 74.125.226.197: bytes=32 time=20ms TTL=252

Ping statistics for 74.125.226.197:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 234ms, Average = 127ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=192ms TTL=250
Reply from 72.30.38.140: bytes=32 time=240ms TTL=250

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 192ms, Maximum = 240ms, Average = 216ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...b8 ac 6f af 0f a4 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.7 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.7 276
192.168.1.7 255.255.255.255 On-link 192.168.1.7 276
192.168.1.255 255.255.255.255 On-link 192.168.1.7 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.7 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.7 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:28d2:336b:9d91:a1a/128
On-link
11 276 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::28d2:336b:9d91:a1a/128
On-link
11 276 fe80::e034:c168:4f9b:518/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/08/2012 02:23:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 02:13:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2012 02:13:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2012 01:54:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2012 01:54:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2012 01:40:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2012 01:40:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/08/2012 01:04:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 00:59:08 AM) (Source: DMDefragService) (User: )
Description: DMDefragService:7244:9960 Error! LastErrorCode: 997Can't stop the service

Error: (04/07/2012 00:11:55 AM) (Source: DMDefragService) (User: )
Description: DMDefragService:7352:10248 Error! LastErrorCode: 997Can't stop the service


System errors:
=============
Error: (04/08/2012 02:49:09 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{0D4059F4-B252-49F6-BE2D-AD693801165D}.
The backup browser is stopping.

Error: (04/08/2012 02:24:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/08/2012 01:19:25 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{0D4059F4-B252-49F6-BE2D-AD693801165D}.
The backup browser is stopping.

Error: (04/08/2012 01:05:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/08/2012 01:01:54 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service did not shut down properly after receiving a preshutdown control.

Error: (04/07/2012 00:09:24 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/06/2012 06:11:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McShield service.

Error: (04/06/2012 05:07:54 PM) (Source: Service Control Manager) (User: )
Description: The McAfee VirusScan Announcer service terminated with the following error:
%%-2147467260

Error: (04/06/2012 05:06:49 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/06/2012 01:17:19 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{0D4059F4-B252-49F6-BE2D-AD693801165D}.
The backup browser is stopping.


Microsoft Office Sessions:
=========================
Error: (04/08/2012 02:23:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 02:13:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (04/08/2012 02:13:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (04/08/2012 01:54:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (04/08/2012 01:54:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (04/08/2012 01:40:55 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (04/08/2012 01:40:55 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (04/08/2012 01:04:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 00:59:08 AM) (Source: DMDefragService)(User: )
Description: DMDefragService:7244:9960 Error! LastErrorCode: 997Can't stop the service

Error: (04/07/2012 00:11:55 AM) (Source: DMDefragService)(User: )
Description: DMDefragService:7352:10248 Error! LastErrorCode: 997Can't stop the service


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
AGEIA PhysX v2.5.1
AMD APP SDK Runtime (Version: 10.0.898.1)
AMD Catalyst Install Manager (Version: 3.0.868.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0309.43.976)
AMD Fusion Media Explorer (Version: 1.0.2.0163)
AMD Fusion Utility for Desktops (Version: 1.1.1)
AMD Media Foundation Decoders (Version: 1.0.70309.0018)
AMD VISION Engine Control Center (Version: 2012.0309.43.976)
Back to the Future The Game (Version: 1.0)
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.118.0)
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Multiplayer
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.1110.1532.27809)
Catalyst Control Center Graphics Previews Common (Version: 2012.0309.43.976)
Catalyst Control Center InstallProxy (Version: 2010.1110.1532.27809)
Catalyst Control Center Localization All (Version: 2010.1110.1532.27809)
Catalyst Control Center Localization All (Version: 2012.0309.43.976)
ccc-core-static (Version: 2010.1110.1532.27809)
ccc-utility64 (Version: 2010.1110.1532.27809)
ccc-utility64 (Version: 2012.0309.43.976)
CCC Help Chinese Standard (Version: 2010.1110.1531.27809)
CCC Help Chinese Traditional (Version: 2010.1110.1531.27809)
CCC Help Czech (Version: 2010.1110.1531.27809)
CCC Help Czech (Version: 2012.0309.0042.976)
CCC Help Danish (Version: 2010.1110.1531.27809)
CCC Help Danish (Version: 2012.0309.0042.976)
CCC Help Dutch (Version: 2010.1110.1531.27809)
CCC Help English (Version: 2010.1110.1531.27809)
CCC Help English (Version: 2012.0309.0042.976)
CCC Help Finnish (Version: 2010.1110.1531.27809)
CCC Help Finnish (Version: 2012.0309.0042.976)
CCC Help French (Version: 2010.1110.1531.27809)
CCC Help French (Version: 2012.0309.0042.976)
CCC Help German (Version: 2010.1110.1531.27809)
CCC Help German (Version: 2012.0309.0042.976)
CCC Help Greek (Version: 2010.1110.1531.27809)
CCC Help Greek (Version: 2012.0309.0042.976)
CCC Help Hungarian (Version: 2010.1110.1531.27809)
CCC Help Hungarian (Version: 2012.0309.0042.976)
CCC Help Italian (Version: 2010.1110.1531.27809)
CCC Help Italian (Version: 2012.0309.0042.976)
CCC Help Japanese (Version: 2010.1110.1531.27809)
CCC Help Japanese (Version: 2012.0309.0042.976)
CCC Help Korean (Version: 2010.1110.1531.27809)
CCC Help Norwegian (Version: 2010.1110.1531.27809)
CCC Help Polish (Version: 2010.1110.1531.27809)
CCC Help Portuguese (Version: 2010.1110.1531.27809)
CCC Help Spanish (Version: 2010.1110.1531.27809)
CCC Help Spanish (Version: 2012.0309.0042.976)
CCC Help Swedish (Version: 2010.1110.1531.27809)
CCC Help Thai (Version: 2010.1110.1531.27809)
CCC Help Turkish (Version: 2010.1110.1531.27809)
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.4323.24051)
D3DX10 (Version: 15.4.2368.0902)
Dead Space™ 2 (Version: 1.0.941.0)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.4.162.0)
Dell PhotoStage (Version: 1.5.0.30)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.1.5907.29)
Dell VideoStage (Version: 1.1.1.1408)
Dungeon Defenders
ESN Sonar (Version: 0.70.4)
Fallout: New Vegas
GoToAssist Corporate (Version: 9.1.0.615)
Internet Explorer (Version: 8)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 3 (Version: 7.0.30)
JavaFX 2.0.3 (Version: 2.0.3)
Junk Mail filter update (Version: 15.4.3502.0922)
Mass Effect
McAfee SecurityCenter (Version: 11.0.654)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
Origin (Version: 8.5.0.4554)
PC Tools Performance Toolkit 2.0 (Version: 2.0)
PunkBuster Services (Version: 0.991)
RAIDXpert (Version: 2.4.1540.27)
Realtek High Definition Audio Driver (Version: 6.0.1.5983)
Secure Download Manager (Version: 3.0.3)
Skins (Version: 2010.1110.1532.27809)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Star Wars: The Old Republic (Version: 1.0.0.0)
Steam (Version: 1.0.0.0)
Still Life 2
SUPERAntiSpyware (Version: 5.0.1146)
THX TruStudio PC (Version: 1.0)
Tom Clancy's Splinter Cell: Double Agent
TrustedID (Version: 5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 19%
Total physical RAM: 6143.3 MB
Available physical RAM: 4925.49 MB
Total Pagefile: 12284.79 MB
Available Pagefile: 10199.26 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.99 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.76 GB) (Free:781.39 GB) NTFS

========================= Users: ========================================

User accounts for \\VAUGHN-PC

Administrator Guest vaughn


**** End of log ****



Desktops TDSSkiller log


17:45:12.0632 3060 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
17:45:14.0644 3060 ============================================================
17:45:14.0644 3060 Current date / time: 2012/04/08 17:45:14.0644
17:45:14.0644 3060 SystemInfo:
17:45:14.0644 3060
17:45:14.0644 3060 OS Version: 6.1.7601 ServicePack: 1.0
17:45:14.0644 3060 Product type: Workstation
17:45:14.0644 3060 ComputerName: VAUGHN-PC
17:45:14.0644 3060 UserName: vaughn
17:45:14.0644 3060 Windows directory: C:\Windows
17:45:14.0644 3060 System windows directory: C:\Windows
17:45:14.0644 3060 Running under WOW64
17:45:14.0644 3060 Processor architecture: Intel x64
17:45:14.0644 3060 Number of processors: 6
17:45:14.0644 3060 Page size: 0x1000
17:45:14.0644 3060 Boot type: Safe boot with network
17:45:14.0644 3060 ============================================================
17:45:14.0972 3060 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:45:15.0003 3060 \Device\Harddisk0\DR0:
17:45:15.0003 3060 MBR used
17:45:15.0003 3060 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x196D000
17:45:15.0003 3060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1981000, BlocksNum 0x72D85000
17:45:15.0034 3060 Initialize success
17:45:15.0034 3060 ============================================================
17:45:44.0643 2668 ============================================================
17:45:44.0643 2668 Scan started
17:45:44.0643 2668 Mode: Manual;
17:45:44.0643 2668 ============================================================
17:45:45.0142 2668 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:45:45.0142 2668 !SASCORE - ok
17:45:45.0251 2668 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:45:45.0267 2668 1394ohci - ok
17:45:45.0329 2668 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:45:45.0345 2668 ACPI - ok
17:45:45.0407 2668 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:45:45.0407 2668 AcpiPmi - ok
17:45:45.0485 2668 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:45:45.0485 2668 AdobeARMservice - ok
17:45:45.0563 2668 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:45:45.0563 2668 AdobeFlashPlayerUpdateSvc - ok
17:45:45.0657 2668 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:45:45.0673 2668 adp94xx - ok
17:45:45.0751 2668 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:45:45.0751 2668 adpahci - ok
17:45:45.0844 2668 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:45:45.0844 2668 adpu320 - ok
17:45:45.0907 2668 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:45:45.0907 2668 AeLookupSvc - ok
17:45:45.0985 2668 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:45:45.0985 2668 AFD - ok
17:45:46.0047 2668 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:45:46.0047 2668 agp440 - ok
17:45:46.0125 2668 ahcix64s (37fa0f874ba8ecd5851d44a7f1c9700e) C:\Windows\system32\drivers\ahcix64s.sys
17:45:46.0125 2668 ahcix64s - ok
17:45:46.0203 2668 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:45:46.0203 2668 ALG - ok
17:45:46.0281 2668 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:45:46.0281 2668 aliide - ok
17:45:46.0343 2668 AMD External Events Utility (2aed9a422ea1574c7d7ef9359a417718) C:\Windows\system32\atiesrxx.exe
17:45:46.0343 2668 AMD External Events Utility - ok
17:45:46.0406 2668 AMD FUEL Service - ok
17:45:46.0453 2668 AMDFusionSVC (b2b7d8f695b5d97a63eda789e9d237e1) c:\Program Files (x86)\AMD\AMD Fusion Utility for Desktops\FusionSVC.exe
17:45:46.0468 2668 AMDFusionSVC - ok
17:45:46.0546 2668 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:45:46.0546 2668 amdide - ok
17:45:46.0624 2668 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:45:46.0624 2668 amdiox64 - ok
17:45:46.0702 2668 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:45:46.0702 2668 AmdK8 - ok
17:45:46.0889 2668 amdkmdag (bfa5e854959d5546d8834ca61f4ad075) C:\Windows\system32\DRIVERS\atikmdag.sys
17:45:47.0014 2668 amdkmdag - ok
17:45:47.0092 2668 amdkmdap (92d664fffcd9e742fb25254f7f458d88) C:\Windows\system32\DRIVERS\atikmpag.sys
17:45:47.0108 2668 amdkmdap - ok
17:45:47.0170 2668 AmdLLD64 (c27e46c19d5a48ca02c11e3c9b58f4c1) C:\Windows\system32\DRIVERS\AmdLLD64.sys
17:45:47.0170 2668 AmdLLD64 - ok
17:45:47.0248 2668 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:45:47.0248 2668 AmdPPM - ok
17:45:47.0326 2668 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\drivers\amdsata.sys
17:45:47.0326 2668 amdsata - ok
17:45:47.0404 2668 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:45:47.0404 2668 amdsbs - ok
17:45:47.0482 2668 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\drivers\amdxata.sys
17:45:47.0482 2668 amdxata - ok
17:45:47.0529 2668 AMD_RAIDXpert (b01289cc07a2e21c4efca722d1efb243) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
17:45:47.0529 2668 AMD_RAIDXpert - ok
17:45:47.0591 2668 amd_sata (a1434f35b7b171cb697d74d33f7d029f) C:\Windows\system32\DRIVERS\amd_sata.sys
17:45:47.0591 2668 amd_sata - ok
17:45:47.0654 2668 amd_xata (e9b5a82fa268bb2d1b012030d5f4e096) C:\Windows\system32\DRIVERS\amd_xata.sys
17:45:47.0654 2668 amd_xata - ok
17:45:47.0716 2668 AODDriver4.1 (0e2ba6dc63e9cf3bf275856735a3e3be) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:45:47.0716 2668 AODDriver4.1 - ok
17:45:47.0794 2668 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:45:47.0794 2668 AppID - ok
17:45:47.0857 2668 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:45:47.0857 2668 AppIDSvc - ok
17:45:47.0950 2668 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:45:47.0950 2668 Appinfo - ok
17:45:48.0028 2668 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:45:48.0028 2668 AppMgmt - ok
17:45:48.0106 2668 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:45:48.0106 2668 arc - ok
17:45:48.0184 2668 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:45:48.0184 2668 arcsas - ok
17:45:48.0262 2668 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:45:48.0293 2668 aspnet_state - ok
17:45:48.0340 2668 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:45:48.0340 2668 AsyncMac - ok
17:45:48.0403 2668 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:45:48.0403 2668 atapi - ok
17:45:48.0496 2668 AtiHDAudioService (e02b26650acc2f4901342d4a66774ad7) C:\Windows\system32\drivers\AtihdW76.sys
17:45:48.0496 2668 AtiHDAudioService - ok
17:45:48.0574 2668 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:45:48.0574 2668 AudioEndpointBuilder - ok
17:45:48.0574 2668 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:45:48.0590 2668 AudioSrv - ok
17:45:48.0652 2668 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:45:48.0652 2668 AxInstSV - ok
17:45:48.0730 2668 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:45:48.0730 2668 b06bdrv - ok
17:45:48.0793 2668 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:45:48.0793 2668 b57nd60a - ok
17:45:49.0073 2668 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:45:49.0073 2668 BDESVC - ok
17:45:49.0136 2668 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:45:49.0136 2668 Beep - ok
17:45:49.0198 2668 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:45:49.0198 2668 BFE - ok
17:45:49.0229 2668 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:45:49.0245 2668 BITS - ok
17:45:49.0276 2668 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:45:49.0276 2668 blbdrive - ok
17:45:49.0292 2668 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:45:49.0292 2668 bowser - ok
17:45:49.0307 2668 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:45:49.0307 2668 BrFiltLo - ok
17:45:49.0307 2668 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:45:49.0323 2668 BrFiltUp - ok
17:45:49.0354 2668 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:45:49.0354 2668 Browser - ok
17:45:49.0370 2668 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:45:49.0385 2668 Brserid - ok
17:45:49.0385 2668 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:45:49.0385 2668 BrSerWdm - ok
17:45:49.0401 2668 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:45:49.0401 2668 BrUsbMdm - ok
17:45:49.0417 2668 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:45:49.0417 2668 BrUsbSer - ok
17:45:49.0432 2668 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:45:49.0432 2668 BTHMODEM - ok
17:45:49.0463 2668 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:45:49.0463 2668 bthserv - ok
17:45:49.0479 2668 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:45:49.0495 2668 cdfs - ok
17:45:49.0510 2668 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:45:49.0510 2668 cdrom - ok
17:45:49.0526 2668 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:45:49.0526 2668 CertPropSvc - ok
17:45:49.0557 2668 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
17:45:49.0557 2668 cfwids - ok
17:45:49.0588 2668 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:45:49.0588 2668 circlass - ok
17:45:49.0604 2668 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:45:49.0604 2668 CLFS - ok
17:45:49.0651 2668 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:49.0651 2668 clr_optimization_v2.0.50727_32 - ok
17:45:49.0682 2668 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:45:49.0697 2668 clr_optimization_v2.0.50727_64 - ok
17:45:49.0729 2668 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:49.0760 2668 clr_optimization_v4.0.30319_32 - ok
17:45:49.0807 2668 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:45:49.0838 2668 clr_optimization_v4.0.30319_64 - ok
17:45:49.0885 2668 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:45:49.0885 2668 CmBatt - ok
17:45:49.0900 2668 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:45:49.0900 2668 cmdide - ok
17:45:49.0947 2668 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:45:49.0947 2668 CNG - ok
17:45:49.0963 2668 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:45:49.0963 2668 Compbatt - ok
17:45:49.0978 2668 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:45:49.0978 2668 CompositeBus - ok
17:45:49.0994 2668 COMSysApp - ok
17:45:49.0994 2668 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:45:49.0994 2668 crcdisk - ok
17:45:50.0041 2668 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:45:50.0041 2668 CryptSvc - ok
17:45:50.0087 2668 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:45:50.0087 2668 CSC - ok
17:45:50.0119 2668 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:45:50.0119 2668 CscService - ok
17:45:50.0165 2668 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:45:50.0165 2668 DcomLaunch - ok
17:45:50.0197 2668 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:45:50.0212 2668 defragsvc - ok
17:45:50.0243 2668 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:45:50.0243 2668 DfsC - ok
17:45:50.0259 2668 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:45:50.0259 2668 Dhcp - ok
17:45:50.0275 2668 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:45:50.0275 2668 discache - ok
17:45:50.0290 2668 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:45:50.0290 2668 Disk - ok
17:45:50.0368 2668 DMDefragService (2caad3e488998887861c46b3027d0dc8) C:\Program Files (x86)\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
17:45:50.0384 2668 DMDefragService - ok
17:45:50.0415 2668 DMRepairService (e4bfebc56896951001f1297bf47d5341) C:\Program Files (x86)\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
17:45:50.0431 2668 DMRepairService - ok
17:45:50.0477 2668 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:45:50.0493 2668 Dnscache - ok
17:45:50.0509 2668 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:45:50.0509 2668 dot3svc - ok
17:45:50.0524 2668 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:45:50.0524 2668 DPS - ok
17:45:50.0571 2668 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:45:50.0571 2668 drmkaud - ok
17:45:50.0587 2668 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:45:50.0602 2668 DXGKrnl - ok
17:45:50.0618 2668 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:45:50.0618 2668 EapHost - ok
17:45:50.0665 2668 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:45:50.0696 2668 ebdrv - ok
17:45:50.0727 2668 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:45:50.0743 2668 EFS - ok
17:45:50.0774 2668 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:45:50.0774 2668 ehRecvr - ok
17:45:50.0789 2668 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:45:50.0789 2668 ehSched - ok
17:45:50.0836 2668 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:45:50.0836 2668 elxstor - ok
17:45:50.0852 2668 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:45:50.0852 2668 ErrDev - ok
17:45:50.0867 2668 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:45:50.0883 2668 EventSystem - ok
17:45:50.0899 2668 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:45:50.0899 2668 exfat - ok
17:45:50.0914 2668 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:45:50.0914 2668 fastfat - ok
17:45:50.0930 2668 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:45:50.0930 2668 Fax - ok
17:45:50.0961 2668 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:45:50.0961 2668 fdc - ok
17:45:50.0977 2668 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:45:50.0977 2668 fdPHost - ok
17:45:50.0992 2668 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:45:50.0992 2668 FDResPub - ok
17:45:51.0008 2668 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:45:51.0008 2668 FileInfo - ok
17:45:51.0023 2668 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:45:51.0023 2668 Filetrace - ok
17:45:51.0086 2668 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:45:51.0101 2668 FLEXnet Licensing Service - ok
17:45:51.0179 2668 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:45:51.0179 2668 flpydisk - ok
17:45:51.0211 2668 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:45:51.0211 2668 FltMgr - ok
17:45:51.0242 2668 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:45:51.0257 2668 FontCache - ok
17:45:51.0320 2668 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:45:51.0320 2668 FontCache3.0.0.0 - ok
17:45:51.0335 2668 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:45:51.0335 2668 FsDepends - ok
17:45:51.0335 2668 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:45:51.0335 2668 Fs_Rec - ok
17:45:51.0367 2668 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:45:51.0382 2668 fvevol - ok
17:45:51.0382 2668 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:45:51.0398 2668 gagp30kx - ok
17:45:51.0460 2668 GoToAssist (8f6ae606eb0cc884ee12c41948424422) C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
17:45:51.0476 2668 GoToAssist - ok
17:45:51.0554 2668 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:45:51.0554 2668 gpsvc - ok
17:45:51.0601 2668 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:45:51.0601 2668 hcw85cir - ok
17:45:51.0616 2668 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:45:51.0616 2668 HDAudBus - ok
17:45:51.0632 2668 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:45:51.0632 2668 HidBatt - ok
17:45:51.0647 2668 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:45:51.0647 2668 HidBth - ok
17:45:51.0663 2668 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:45:51.0663 2668 HidIr - ok
17:45:51.0694 2668 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:45:51.0694 2668 hidserv - ok
17:45:51.0725 2668 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:45:51.0725 2668 HidUsb - ok
17:45:51.0741 2668 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:45:51.0741 2668 hkmsvc - ok
17:45:51.0757 2668 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:45:51.0757 2668 HomeGroupListener - ok
17:45:51.0772 2668 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:45:51.0788 2668 HomeGroupProvider - ok
17:45:51.0803 2668 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:45:51.0803 2668 HpSAMD - ok
17:45:51.0819 2668 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:45:51.0835 2668 HTTP - ok
17:45:51.0850 2668 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:45:51.0850 2668 hwpolicy - ok
17:45:51.0881 2668 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:45:51.0881 2668 i8042prt - ok
17:45:51.0913 2668 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:45:51.0913 2668 iaStorV - ok
17:45:51.0975 2668 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:45:51.0975 2668 idsvc - ok
17:45:52.0022 2668 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:45:52.0022 2668 iirsp - ok
17:45:52.0037 2668 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:45:52.0053 2668 IKEEXT - ok
17:45:52.0100 2668 IntcAzAudAddService (52d9171838bb92319f23656f502916e9) C:\Windows\system32\drivers\RTKVHD64.sys
17:45:52.0115 2668 IntcAzAudAddService - ok
17:45:52.0147 2668 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:45:52.0147 2668 intelide - ok
17:45:52.0147 2668 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
17:45:52.0147 2668 intelppm - ok
17:45:52.0162 2668 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:45:52.0162 2668 IPBusEnum - ok
17:45:52.0193 2668 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:45:52.0193 2668 IpFilterDriver - ok
17:45:52.0209 2668 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:45:52.0209 2668 iphlpsvc - ok
17:45:52.0225 2668 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:45:52.0225 2668 IPMIDRV - ok
17:45:52.0240 2668 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:45:52.0240 2668 IPNAT - ok
17:45:52.0240 2668 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:45:52.0256 2668 IRENUM - ok
17:45:52.0256 2668 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:45:52.0256 2668 isapnp - ok
17:45:52.0287 2668 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:45:52.0287 2668 iScsiPrt - ok
17:45:52.0318 2668 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys
17:45:52.0318 2668 k57nd60a - ok
17:45:52.0334 2668 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:45:52.0334 2668 kbdclass - ok
17:45:52.0365 2668 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:45:52.0365 2668 kbdhid - ok
17:45:52.0381 2668 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:45:52.0381 2668 KeyIso - ok
17:45:52.0396 2668 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:45:52.0396 2668 KSecDD - ok
17:45:52.0412 2668 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:45:52.0412 2668 KSecPkg - ok
17:45:52.0427 2668 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:45:52.0427 2668 ksthunk - ok
17:45:52.0459 2668 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:45:52.0459 2668 KtmRm - ok
17:45:52.0490 2668 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:45:52.0490 2668 LanmanServer - ok
17:45:52.0521 2668 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:45:52.0521 2668 LanmanWorkstation - ok
17:45:52.0552 2668 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:45:52.0552 2668 lltdio - ok
17:45:52.0583 2668 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:45:52.0583 2668 lltdsvc - ok
17:45:52.0615 2668 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:45:52.0615 2668 lmhosts - ok
17:45:52.0646 2668 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:45:52.0646 2668 LSI_FC - ok
17:45:52.0646 2668 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:45:52.0646 2668 LSI_SAS - ok
17:45:52.0661 2668 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:45:52.0661 2668 LSI_SAS2 - ok
17:45:52.0677 2668 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:45:52.0677 2668 LSI_SCSI - ok
17:45:52.0677 2668 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:45:52.0677 2668 luafv - ok
17:45:52.0724 2668 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:45:52.0724 2668 McAfee SiteAdvisor Service - ok
17:45:52.0755 2668 McAWFwk (b6bd99c3e23507a732c474caa620c0d7) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:45:52.0755 2668 McAWFwk - ok
17:45:52.0771 2668 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:45:52.0771 2668 McMPFSvc - ok
17:45:52.0771 2668 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:45:52.0771 2668 mcmscsvc - ok
17:45:52.0771 2668 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:45:52.0771 2668 McNaiAnn - ok
17:45:52.0786 2668 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:45:52.0786 2668 McNASvc - ok
17:45:52.0817 2668 McODS (b3914a7c97a81acb1e9befe07e4c387f) C:\Program Files\mcafee\VirusScan\mcods.exe
17:45:52.0833 2668 McODS - ok
17:45:52.0833 2668 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:45:52.0833 2668 McOobeSv - ok
17:45:52.0833 2668 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:45:52.0833 2668 McProxy - ok
17:45:52.0864 2668 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:45:52.0864 2668 McShield - ok
17:45:52.0927 2668 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:45:52.0927 2668 Mcx2Svc - ok
17:45:52.0958 2668 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:45:52.0958 2668 megasas - ok
17:45:52.0989 2668 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:45:52.0989 2668 MegaSR - ok
17:45:53.0005 2668 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
17:45:53.0005 2668 mfeapfk - ok
17:45:53.0020 2668 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
17:45:53.0036 2668 mfeavfk - ok
17:45:53.0051 2668 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:45:53.0051 2668 mfefire - ok
17:45:53.0067 2668 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
17:45:53.0083 2668 mfefirek - ok
17:45:53.0083 2668 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
17:45:53.0098 2668 mfehidk - ok
17:45:53.0129 2668 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
17:45:53.0129 2668 mfenlfk - ok
17:45:53.0145 2668 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
17:45:53.0145 2668 mferkdet - ok
17:45:53.0161 2668 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
17:45:53.0161 2668 mfevtp - ok
17:45:53.0176 2668 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
17:45:53.0176 2668 mfewfpk - ok
17:45:53.0239 2668 Microsoft SharePoint Workspace Audit Service - ok
17:45:53.0270 2668 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:45:53.0270 2668 MMCSS - ok
17:45:53.0301 2668 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:45:53.0301 2668 Modem - ok
17:45:53.0332 2668 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:45:53.0332 2668 monitor - ok
17:45:53.0348 2668 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:45:53.0348 2668 mouclass - ok
17:45:53.0379 2668 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:45:53.0379 2668 mouhid - ok
17:45:53.0395 2668 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:45:53.0395 2668 mountmgr - ok
17:45:53.0410 2668 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:45:53.0410 2668 mpio - ok
17:45:53.0426 2668 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:45:53.0426 2668 mpsdrv - ok
17:45:53.0457 2668 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:45:53.0473 2668 MpsSvc - ok
17:45:53.0488 2668 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:45:53.0488 2668 MRxDAV - ok
17:45:53.0519 2668 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:45:53.0519 2668 mrxsmb - ok
17:45:53.0519 2668 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:45:53.0519 2668 mrxsmb10 - ok
17:45:53.0535 2668 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:45:53.0535 2668 mrxsmb20 - ok
17:45:53.0551 2668 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:45:53.0551 2668 msahci - ok
17:45:53.0551 2668 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:45:53.0551 2668 msdsm - ok
17:45:53.0582 2668 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:45:53.0582 2668 MSDTC - ok
17:45:53.0597 2668 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:45:53.0597 2668 Msfs - ok
17:45:53.0629 2668 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:45:53.0629 2668 mshidkmdf - ok
17:45:53.0629 2668 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:45:53.0644 2668 msisadrv - ok
17:45:53.0660 2668 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:45:53.0660 2668 MSiSCSI - ok
17:45:53.0660 2668 msiserver - ok
17:45:53.0707 2668 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:45:53.0707 2668 MSK80Service - ok
17:45:53.0722 2668 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:45:53.0722 2668 MSKSSRV - ok
17:45:53.0738 2668 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:45:53.0738 2668 MSPCLOCK - ok
17:45:53.0738 2668 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:45:53.0738 2668 MSPQM - ok
17:45:53.0769 2668 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:45:53.0769 2668 MsRPC - ok
17:45:53.0785 2668 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:45:53.0785 2668 mssmbios - ok
17:45:53.0785 2668 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:45:53.0785 2668 MSTEE - ok
17:45:53.0800 2668 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:45:53.0800 2668 MTConfig - ok
17:45:53.0816 2668 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:45:53.0816 2668 Mup - ok
17:45:53.0831 2668 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:45:53.0847 2668 napagent - ok
17:45:53.0878 2668 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:45:53.0878 2668 NativeWifiP - ok
17:45:53.0909 2668 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
17:45:53.0925 2668 NDIS - ok
17:45:53.0925 2668 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:45:53.0941 2668 NdisCap - ok
17:45:53.0941 2668 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:45:53.0941 2668 NdisTapi - ok
17:45:53.0956 2668 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:45:53.0972 2668 Ndisuio - ok
17:45:53.0987 2668 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:45:53.0987 2668 NdisWan - ok
17:45:53.0987 2668 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:45:53.0987 2668 NDProxy - ok
17:45:54.0003 2668 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:45:54.0003 2668 NetBIOS - ok
17:45:54.0003 2668 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:45:54.0003 2668 NetBT - ok
17:45:54.0050 2668 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:45:54.0050 2668 Netlogon - ok
17:45:54.0081 2668 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:45:54.0081 2668 Netman - ok
17:45:54.0128 2668 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:54.0143 2668 NetMsmqActivator - ok
17:45:54.0143 2668 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:54.0159 2668 NetPipeActivator - ok
17:45:54.0175 2668 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:45:54.0175 2668 netprofm - ok
17:45:54.0190 2668 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:54.0190 2668 NetTcpActivator - ok
17:45:54.0190 2668 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:45:54.0190 2668 NetTcpPortSharing - ok
17:45:54.0221 2668 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:45:54.0221 2668 nfrd960 - ok
17:45:54.0237 2668 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:45:54.0237 2668 NlaSvc - ok
17:45:54.0346 2668 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:45:54.0362 2668 NOBU - ok
17:45:54.0393 2668 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:45:54.0393 2668 Npfs - ok
17:45:54.0424 2668 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:45:54.0424 2668 nsi - ok
17:45:54.0424 2668 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:45:54.0424 2668 nsiproxy - ok
17:45:54.0471 2668 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:45:54.0487 2668 Ntfs - ok
17:45:54.0502 2668 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:45:54.0502 2668 Null - ok
17:45:54.0549 2668 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:45:54.0549 2668 nvraid - ok
17:45:54.0549 2668 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:45:54.0549 2668 nvstor - ok
17:45:54.0580 2668 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:45:54.0580 2668 nv_agp - ok
17:45:54.0596 2668 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:45:54.0596 2668 ohci1394 - ok
17:45:54.0658 2668 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:54.0674 2668 ose - ok
17:45:54.0767 2668 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:54.0830 2668 osppsvc - ok
17:45:54.0892 2668 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:45:54.0892 2668 p2pimsvc - ok
17:45:54.0908 2668 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:45:54.0908 2668 p2psvc - ok
17:45:54.0939 2668 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:45:54.0939 2668 Parport - ok
17:45:54.0955 2668 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:45:54.0955 2668 partmgr - ok
17:45:54.0970 2668 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:45:54.0970 2668 PcaSvc - ok
17:45:55.0126 2668 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
17:45:55.0126 2668 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
17:45:55.0157 2668 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:45:55.0157 2668 pci - ok
17:45:55.0173 2668 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:45:55.0173 2668 pciide - ok
17:45:55.0204 2668 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:45:55.0204 2668 pcmcia - ok
17:45:55.0235 2668 PCTDMDefrag (f807b82d4a743270c881f635055b1f7f) C:\Windows\system32\drivers\PCTDMDefrag.sys
17:45:55.0235 2668 PCTDMDefrag - ok
17:45:55.0267 2668 PCTDSMon (ac61dd47194df8241527b4291e5bb536) C:\Windows\system32\drivers\PCTDSMon.sys
17:45:55.0267 2668 PCTDSMon - ok
17:45:55.0345 2668 PCToolsSSDMonitorSvc (97571ef24b653ddc0538c59bcd989ae1) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
17:45:55.0345 2668 PCToolsSSDMonitorSvc - ok
17:45:55.0376 2668 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:45:55.0376 2668 pcw - ok
17:45:55.0391 2668 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:45:55.0391 2668 PEAUTH - ok
17:45:55.0454 2668 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:45:55.0469 2668 PeerDistSvc - ok
17:45:55.0516 2668 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:45:55.0532 2668 PerfHost - ok
17:45:55.0579 2668 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:45:55.0579 2668 pla - ok
17:45:55.0641 2668 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:45:55.0641 2668 PlugPlay - ok
17:45:55.0672 2668 PnkBstrA - ok
17:45:55.0688 2668 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:45:55.0688 2668 PNRPAutoReg - ok
17:45:55.0703 2668 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:45:55.0703 2668 PNRPsvc - ok
17:45:55.0735 2668 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:45:55.0735 2668 PolicyAgent - ok
17:45:55.0766 2668 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:45:55.0766 2668 Power - ok
17:45:55.0797 2668 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:45:55.0813 2668 PptpMiniport - ok
17:45:55.0813 2668 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:45:55.0813 2668 Processor - ok
17:45:55.0828 2668 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:45:55.0844 2668 ProfSvc - ok
17:45:55.0859 2668 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:45:55.0859 2668 ProtectedStorage - ok
17:45:55.0891 2668 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:45:55.0891 2668 Psched - ok
17:45:55.0922 2668 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:45:55.0922 2668 ql2300 - ok
17:45:55.0937 2668 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:45:55.0937 2668 ql40xx - ok
17:45:55.0953 2668 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:45:55.0953 2668 QWAVE - ok
17:45:55.0984 2668 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:45:55.0984 2668 QWAVEdrv - ok
17:45:55.0984 2668 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:45:55.0984 2668 RasAcd - ok
17:45:56.0000 2668 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:45:56.0015 2668 RasAgileVpn - ok
17:45:56.0031 2668 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:45:56.0031 2668 RasAuto - ok
17:45:56.0062 2668 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:45:56.0062 2668 Rasl2tp - ok
17:45:56.0078 2668 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:45:56.0078 2668 RasMan - ok
17:45:56.0093 2668 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:45:56.0093 2668 RasPppoe - ok
17:45:56.0109 2668 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:45:56.0109 2668 RasSstp - ok
17:45:56.0125 2668 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:45:56.0125 2668 rdbss - ok
17:45:56.0125 2668 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:45:56.0125 2668 rdpbus - ok
17:45:56.0140 2668 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:45:56.0140 2668 RDPCDD - ok
17:45:56.0171 2668 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:45:56.0171 2668 RDPDR - ok
17:45:56.0187 2668 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:45:56.0187 2668 RDPENCDD - ok
17:45:56.0187 2668 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:45:56.0187 2668 RDPREFMP - ok
17:45:56.0249 2668 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
17:45:56.0249 2668 RdpVideoMiniport - ok
17:45:56.0281 2668 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:45:56.0281 2668 RDPWD - ok
17:45:56.0296 2668 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:45:56.0296 2668 rdyboost - ok
17:45:56.0327 2668 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:45:56.0327 2668 RemoteAccess - ok
17:45:56.0359 2668 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:45:56.0359 2668 RemoteRegistry - ok
17:45:56.0374 2668 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:45:56.0374 2668 RpcEptMapper - ok
17:45:56.0405 2668 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:45:56.0405 2668 RpcLocator - ok
17:45:56.0421 2668 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:45:56.0421 2668 RpcSs - ok
17:45:56.0452 2668 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:45:56.0452 2668 rspndr - ok
17:45:56.0468 2668 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:45:56.0468 2668 SamSs - ok
17:45:56.0515 2668 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:45:56.0515 2668 SASDIFSV - ok
17:45:56.0577 2668 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:45:56.0577 2668 SASKUTIL - ok
17:45:56.0593 2668 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:45:56.0593 2668 sbp2port - ok
17:45:56.0608 2668 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:45:56.0608 2668 SCardSvr - ok
17:45:56.0624 2668 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:45:56.0624 2668 scfilter - ok
17:45:56.0655 2668 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:45:56.0655 2668 Schedule - ok
17:45:56.0686 2668 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:45:56.0686 2668 SCPolicySvc - ok
17:45:56.0702 2668 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:45:56.0702 2668 SDRSVC - ok
17:45:56.0717 2668 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:45:56.0717 2668 secdrv - ok
17:45:56.0733 2668 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:45:56.0733 2668 seclogon - ok
17:45:56.0764 2668 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:45:56.0764 2668 SENS - ok
17:45:56.0780 2668 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:45:56.0780 2668 SensrSvc - ok
17:45:56.0811 2668 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:45:56.0811 2668 Serenum - ok
17:45:56.0827 2668 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:45:56.0827 2668 Serial - ok
17:45:56.0842 2668 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:45:56.0842 2668 sermouse - ok
17:45:56.0858 2668 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:45:56.0858 2668 SessionEnv - ok
17:45:56.0873 2668 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:45:56.0873 2668 sffdisk - ok
17:45:56.0889 2668 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:45:56.0889 2668 sffp_mmc - ok
17:45:56.0889 2668 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:45:56.0889 2668 sffp_sd - ok
17:45:56.0905 2668 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:45:56.0905 2668 sfloppy - ok
17:45:56.0967 2668 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:45:56.0998 2668 SftService - ok
17:45:57.0014 2668 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:45:57.0014 2668 SharedAccess - ok
17:45:57.0045 2668 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:45:57.0061 2668 ShellHWDetection - ok
17:45:57.0076 2668 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:45:57.0076 2668 SiSRaid2 - ok
17:45:57.0092 2668 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:45:57.0092 2668 SiSRaid4 - ok
17:45:57.0107 2668 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:45:57.0107 2668 Smb - ok
17:45:57.0139 2668 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:45:57.0139 2668 SNMPTRAP - ok
17:45:57.0154 2668 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:45:57.0154 2668 spldr - ok
17:45:57.0170 2668 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:45:57.0185 2668 Spooler - ok
17:45:57.0232 2668 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:45:57.0279 2668 sppsvc - ok
17:45:57.0295 2668 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:45:57.0310 2668 sppuinotify - ok
17:45:57.0357 2668 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:45:57.0357 2668 srv - ok
17:45:57.0388 2668 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:45:57.0388 2668 srv2 - ok
17:45:57.0404 2668 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:45:57.0404 2668 srvnet - ok
17:45:57.0419 2668 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:45:57.0419 2668 SSDPSRV - ok
17:45:57.0435 2668 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:45:57.0435 2668 SstpSvc - ok
17:45:57.0482 2668 Steam Client Service - ok
17:45:57.0529 2668 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:45:57.0529 2668 stexstor - ok
17:45:57.0560 2668 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:45:57.0560 2668 stisvc - ok
17:45:57.0575 2668 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:45:57.0575 2668 swenum - ok
17:45:57.0607 2668 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:45:57.0607 2668 swprv - ok
17:45:57.0622 2668 Synth3dVsc - ok
17:45:57.0653 2668 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:45:57.0669 2668 SysMain - ok
17:45:57.0685 2668 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:45:57.0685 2668 TabletInputService - ok
17:45:57.0700 2668 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:45:57.0700 2668 TapiSrv - ok
17:45:57.0716 2668 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:45:57.0716 2668 TBS - ok
17:45:57.0778 2668 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:45:57.0794 2668 Tcpip - ok
17:45:57.0841 2668 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:45:57.0841 2668 TCPIP6 - ok
17:45:57.0872 2668 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:45:57.0872 2668 tcpipreg - ok
17:45:57.0887 2668 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:45:57.0887 2668 TDPIPE - ok
17:45:57.0919 2668 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:45:57.0919 2668 TDTCP - ok
17:45:57.0919 2668 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:45:57.0934 2668 tdx - ok
17:45:57.0934 2668 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:45:57.0934 2668 TermDD - ok
17:45:57.0981 2668 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:45:57.0981 2668 TermService - ok
17:45:57.0997 2668 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:45:57.0997 2668 Themes - ok
17:45:58.0028 2668 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:45:58.0028 2668 THREADORDER - ok
17:45:58.0043 2668 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:45:58.0043 2668 TrkWks - ok
17:45:58.0090 2668 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:45:58.0090 2668 TrustedInstaller - ok
17:45:58.0106 2668 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:45:58.0106 2668 tssecsrv - ok
17:45:58.0121 2668 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:45:58.0121 2668 TsUsbFlt - ok
17:45:58.0137 2668 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:45:58.0137 2668 TsUsbGD - ok
17:45:58.0137 2668 tsusbhub - ok
17:45:58.0168 2668 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:45:58.0168 2668 tunnel - ok
17:45:58.0184 2668 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:45:58.0184 2668 uagp35 - ok
17:45:58.0199 2668 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:45:58.0199 2668 udfs - ok
17:45:58.0231 2668 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:45:58.0231 2668 UI0Detect - ok
17:45:58.0246 2668 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:45:58.0246 2668 uliagpkx - ok
17:45:58.0262 2668 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:45:58.0262 2668 umbus - ok
17:45:58.0277 2668 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:45:58.0277 2668 UmPass - ok
17:45:58.0309 2668 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:45:58.0309 2668 UmRdpService - ok
17:45:58.0340 2668 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:45:58.0340 2668 upnphost - ok
17:45:58.0371 2668 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
17:45:58.0371 2668 usbccgp - ok
17:45:58.0387 2668 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:45:58.0387 2668 usbcir - ok
17:45:58.0387 2668 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:45:58.0387 2668 usbehci - ok
17:45:58.0418 2668 usbfilter (33a58c5630200e17b51c8d73dd64181b) C:\Windows\system32\DRIVERS\usbfilter.sys
17:45:58.0418 2668 usbfilter - ok
17:45:58.0433 2668 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:45:58.0449 2668 usbhub - ok
17:45:58.0449 2668 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:45:58.0449 2668 usbohci - ok
17:45:58.0465 2668 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:45:58.0465 2668 usbprint - ok
17:45:58.0465 2668 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
17:45:58.0465 2668 USBSTOR - ok
17:45:58.0480 2668 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:45:58.0480 2668 usbuhci - ok
17:45:58.0496 2668 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:45:58.0496 2668 UxSms - ok
17:45:58.0543 2668 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:45:58.0543 2668 VaultSvc - ok
17:45:58.0543 2668 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:45:58.0543 2668 vdrvroot - ok
17:45:58.0574 2668 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:45:58.0574 2668 vds - ok
17:45:58.0589 2668 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:45:58.0589 2668 vga - ok
17:45:58.0589 2668 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:45:58.0589 2668 VgaSave - ok
17:45:58.0605 2668 VGPU - ok
17:45:58.0621 2668 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:45:58.0636 2668 vhdmp - ok
17:45:58.0636 2668 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:45:58.0636 2668 viaide - ok
17:45:58.0667 2668 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:45:58.0667 2668 volmgr - ok
17:45:58.0667 2668 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:45:58.0683 2668 volmgrx - ok
17:45:58.0683 2668 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:45:58.0683 2668 volsnap - ok
17:45:58.0699 2668 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:45:58.0699 2668 vsmraid - ok
17:45:58.0745 2668 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:45:58.0761 2668 VSS - ok
17:45:58.0777 2668 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:45:58.0777 2668 vwifibus - ok
17:45:58.0792 2668 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:45:58.0808 2668 W32Time - ok
17:45:58.0808 2668 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:45:58.0808 2668 WacomPen - ok
17:45:58.0839 2668 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:45:58.0839 2668 WANARP - ok
17:45:58.0855 2668 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:45:58.0855 2668 Wanarpv6 - ok
17:45:58.0901 2668 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:45:58.0917 2668 WatAdminSvc - ok
17:45:58.0948 2668 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:45:58.0964 2668 wbengine - ok
17:45:58.0979 2668 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:45:58.0979 2668 WbioSrvc - ok
17:45:58.0979 2668 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:45:58.0995 2668 wcncsvc - ok
17:45:58.0995 2668 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:45:58.0995 2668 WcsPlugInService - ok
17:45:59.0011 2668 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:45:59.0011 2668 Wd - ok
17:45:59.0026 2668 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:45:59.0026 2668 Wdf01000 - ok
17:45:59.0042 2668 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:45:59.0057 2668 WdiServiceHost - ok
17:45:59.0057 2668 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:45:59.0057 2668 WdiSystemHost - ok
17:45:59.0073 2668 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:45:59.0073 2668 WebClient - ok
17:45:59.0089 2668 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:45:59.0104 2668 Wecsvc - ok
17:45:59.0120 2668 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:45:59.0120 2668 wercplsupport - ok
17:45:59.0135 2668 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:45:59.0135 2668 WerSvc - ok
17:45:59.0167 2668 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:59.0167 2668 WfpLwf - ok
17:45:59.0198 2668 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
17:45:59.0213 2668 WimFltr - ok
17:45:59.0213 2668 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:45:59.0229 2668 WIMMount - ok
17:45:59.0245 2668 WinDefend - ok
17:45:59.0260 2668 WinHttpAutoProxySvc - ok
17:45:59.0276 2668 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:45:59.0276 2668 Winmgmt - ok
17:45:59.0323 2668 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:45:59.0338 2668 WinRM - ok
17:45:59.0385 2668 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:45:59.0401 2668 Wlansvc - ok
17:45:59.0447 2668 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:45:59.0447 2668 wlcrasvc - ok
17:45:59.0510 2668 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:45:59.0541 2668 wlidsvc - ok
17:45:59.0588 2668 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:45:59.0588 2668 WmiAcpi - ok
17:45:59.0635 2668 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:45:59.0635 2668 wmiApSrv - ok
17:45:59.0666 2668 WMPNetworkSvc - ok
17:45:59.0697 2668 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:45:59.0697 2668 WPCSvc - ok
17:45:59.0713 2668 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:45:59.0713 2668 WPDBusEnum - ok
17:45:59.0728 2668 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:45:59.0728 2668 ws2ifsl - ok
17:45:59.0744 2668 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:45:59.0744 2668 wscsvc - ok
17:45:59.0744 2668 WSearch - ok
17:45:59.0791 2668 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:45:59.0822 2668 wuauserv - ok
17:45:59.0853 2668 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:45:59.0853 2668 WudfPf - ok
17:45:59.0869 2668 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:59.0869 2668 WUDFRd - ok
17:45:59.0884 2668 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:45:59.0884 2668 wudfsvc - ok
17:45:59.0900 2668 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:45:59.0915 2668 WwanSvc - ok
17:45:59.0931 2668 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:45:59.0978 2668 \Device\Harddisk0\DR0 - ok
17:45:59.0978 2668 Boot (0x1200) (16ccf280bff26b645fa7127d7d714ff1) \Device\Harddisk0\DR0\Partition0
17:45:59.0978 2668 \Device\Harddisk0\DR0\Partition0 - ok
17:45:59.0993 2668 Boot (0x1200) (00cdf1dcf4cafe607e2d8181c3761a17) \Device\Harddisk0\DR0\Partition1
17:45:59.0993 2668 \Device\Harddisk0\DR0\Partition1 - ok
17:45:59.0993 2668 ============================================================
17:45:59.0993 2668 Scan finished
17:45:59.0993 2668 ============================================================
17:45:59.0993 2744 Detected object count: 0
17:45:59.0993 2744 Actual detected object count: 0
17:46:44.0032 3052 Deinitialize success


Desktops MBAM log

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
vaughn :: VAUGHN-PC [administrator]

4/8/2012 5:58:09 PM
mbam-log-2012-04-08 (17-58-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 194223
Time elapsed: 5 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#4 dakthur

dakthur
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 08 April 2012 - 05:25 PM

And here are the laptop logs

Laptop minitoolbox log


MiniToolBox by Farbar Version: 18-01-2012
Ran by vaughn1 (administrator) on 08-04-2012 at 16:10:09
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : vaughn1-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 74-E5-0B-A7-D7-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 74-E5-0B-A7-D7-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 74-E5-0B-A7-D7-4E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::94f5:e4d5:528b:901f%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, April 08, 2012 12:24:22 AM
Lease Expires . . . . . . . . . . : Monday, April 09, 2012 12:44:40 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242541835
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-A9-FA-C3-D4-BE-D9-13-AC-62
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : D4-BE-D9-13-AC-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2479:248:9d91:a1a(Preferred)
Link-local IPv6 Address . . . . . : fe80::2479:248:9d91:a1a%18(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{31352641-4FC9-4130-B1A7-E760EB7D24FE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B0504F23-6881-42F6-B6C8-DA15574598A4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{58DFA4C7-7960-4860-B316-563E38E76206}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.226.196
74.125.226.201
74.125.226.200
74.125.226.198
74.125.226.193
74.125.226.197
74.125.226.199
74.125.226.206
74.125.226.194
74.125.226.195
74.125.226.192


Pinging google.com [74.125.226.224] with 32 bytes of data:
Reply from 74.125.226.224: bytes=32 time=348ms TTL=252
Reply from 74.125.226.224: bytes=32 time=21ms TTL=251

Ping statistics for 74.125.226.224:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 348ms, Average = 184ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=225ms TTL=250
Reply from 72.30.38.140: bytes=32 time=109ms TTL=250

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 109ms, Maximum = 225ms, Average = 167ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...74 e5 0b a7 d7 4f ......Microsoft Virtual WiFi Miniport Adapter #2
14...74 e5 0b a7 d7 4f ......Microsoft Virtual WiFi Miniport Adapter
13...74 e5 0b a7 d7 4e ......Intel® WiFi Link 1000 BGN
11...d4 be d9 13 ac 62 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.8 281
192.168.1.8 255.255.255.255 On-link 192.168.1.8 281
192.168.1.255 255.255.255.255 On-link 192.168.1.8 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.8 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.8 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
18 58 ::/0 On-link
1 306 ::1/128 On-link
18 58 2001::/32 On-link
18 306 2001:0:4137:9e76:2479:248:9d91:a1a/128
On-link
13 281 fe80::/64 On-link
18 306 fe80::/64 On-link
18 306 fe80::2479:248:9d91:a1a/128
On-link
13 281 fe80::94f5:e4d5:528b:901f/128
On-link
1 306 ff00::/8 On-link
18 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/08/2012 01:53:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: Flash32_11_2_202_228.ocx, version: 11.2.202.228, time stamp: 0x4f6278e1
Exception code: 0xc0000005
Fault offset: 0x00420459
Faulting process id: 0x2044
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/08/2012 00:24:16 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 00:22:19 AM) (Source: Application Error) (User: )
Description: Faulting application name: McSvHost.exe, version: 1.5.109.0, time stamp: 0x4b97baf1
Faulting module name: naiann.dll, version: 14.5.123.0, time stamp: 0x4cb4b596
Exception code: 0xc0000005
Fault offset: 0x0000000000042904
Faulting process id: 0x7a0
Faulting application start time: 0xMcSvHost.exe0
Faulting application path: McSvHost.exe1
Faulting module path: McSvHost.exe2
Report Id: McSvHost.exe3

Error: (04/07/2012 09:32:40 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x000222b2
Faulting process id: 0x58c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/06/2012 11:36:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: Flash32_11_2_202_228.ocx, version: 11.2.202.228, time stamp: 0x4f6278e1
Exception code: 0xc0000005
Fault offset: 0x001635f8
Faulting process id: 0x1d74
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/05/2012 06:52:57 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16421, time stamp: 0x4d76255d
Faulting module name: Flash32_11_2_202_228.ocx, version: 11.2.202.228, time stamp: 0x4f6278e1
Exception code: 0xc0000005
Fault offset: 0x001635f8
Faulting process id: 0x450
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (04/03/2012 08:25:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2012 08:02:05 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: c78

Start Time: 01cd11f605489aab

Termination Time: 11

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (04/03/2012 06:39:56 PM) (Source: DMDefragService) (User: )
Description: DMDefragService:2396:6612 Error! LastErrorCode: 997Can't stop the service

Error: (04/03/2012 06:28:38 PM) (Source: DMDefragService) (User: )
Description: DMDefragService:4732:4520 Error! LastErrorCode: 997Can't stop the service


System errors:
=============
Error: (04/08/2012 01:49:04 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{E45E6B63-2677-4EAB-8426-DF52A6E7CE38}.
The backup browser is stopping.

Error: (04/08/2012 01:33:30 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer AMANDA-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E45E6B63-2677-4EAB-8426-DF52A6E7CE38}.
The master browser is stopping or an election is being forced.

Error: (04/08/2012 08:15:34 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (04/08/2012 00:52:35 AM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{E45E6B63-2677-4EAB-8426-DF52A6E7CE38}.
The backup browser is stopping.

Error: (04/08/2012 00:24:49 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/08/2012 00:24:44 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (04/08/2012 00:22:41 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/08/2012 00:22:41 AM) (Source: Service Control Manager) (User: )
Description: The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/08/2012 00:22:41 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/08/2012 00:22:41 AM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (04/08/2012 01:53:31 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dFlash32_11_2_202_228.ocx11.2.202.2284f6278e1c000000500420459204401cd1543e425c780C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_228.ocx2ae77e60-813f-11e1-bb66-d4bed913ac62

Error: (04/08/2012 00:24:16 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 00:22:19 AM) (Source: Application Error)(User: )
Description: McSvHost.exe1.5.109.04b97baf1naiann.dll14.5.123.04cb4b596c000000500000000000429047a001cd11f97e002707C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exec:\PROGRA~1\mcafee\VIRUSS~1\naiann.dll6d6de779-8132-11e1-8092-d4bed913ac62

Error: (04/07/2012 09:32:40 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dntdll.dll6.1.7601.177254ec49b8fc0000005000222b258c01cd14c201313b23C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\ntdll.dll256be4dd-80b6-11e1-8092-d4bed913ac62

Error: (04/06/2012 11:36:08 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dFlash32_11_2_202_228.ocx11.2.202.2284f6278e1c0000005001635f81d7401cd146c2c48cd35C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_228.ocxcf635ef4-8062-11e1-8092-d4bed913ac62

Error: (04/05/2012 06:52:57 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.164214d76255dFlash32_11_2_202_228.ocx11.2.202.2284f6278e1c0000005001635f845001cd13605331f9feC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_11_2_202_228.ocx158d52fd-7f72-11e1-8092-d4bed913ac62

Error: (04/03/2012 08:25:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2012 08:02:05 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421c7801cd11f605489aab11C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (04/03/2012 06:39:56 PM) (Source: DMDefragService)(User: )
Description: DMDefragService:2396:6612 Error! LastErrorCode: 997Can't stop the service

Error: (04/03/2012 06:28:38 PM) (Source: DMDefragService)(User: )
Description: DMDefragService:4732:4520 Error! LastErrorCode: 997Can't stop the service


=========================== Installed Programs ============================

AccelerometerP11 (Version: 2.00.11.22)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.228)
Adobe Reader X (10.1.2) MUI (Version: 10.1.2)
Advanced Audio FX Engine (Version: 1.12.05)
AlienAutopsy (Version: 3.1.5907.23)
AlienRespawn - Support Software (Version: 9.4.61)
AlienRespawn (Version: 9.4.61)
Alienware M11x Manual (Version: 1.0.1.0)
Alienware On-Screen Display (Version: 0.31.2.5C)
Back to the Future The Game (Version: 1.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Command Center (Version: 2.6.14.0)
Dungeon Defenders
EMSC (Version: 0.0.0.22C)
Hidden Expedition &reg; - Devil's Triangle
House, M.D.
Integrated Webcam Live! Central (Version: 2.00.44)
Intel PROSet Wireless
Intel® Processor Graphics (Version: 8.15.10.2361)
Intel® PROSet/Wireless WiFi Software (Version: 14.00.1000)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 3 (Version: 7.0.30)
JavaFX 2.0.3 (Version: 2.0.3)
McAfee AntiVirus Plus (Version: 11.0.654)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Mathematics (64-bit) (Version: 4.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA Optimus 1.7.11 (Version: 1.7.11)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
PC Tools Performance Toolkit 2.0 (Version: 2.0)
Pickers
Puzzle Quest
Puzzle Quest 2
QualxServ Service Agreement (Version: 2.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6301)
Righteous Kill 2: Revenge of the Poet Killer
Sam & Max 304: Beyond the Alley of the Dolls
Sam & Max 305: The City that Dares not Sleep
Secure Download Manager (Version: 3.0.3)
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
Still Life 2
Synaptics Pointing Device Driver (Version: 15.2.8.0)
The Hidden Object Show Combo Pack
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Ys: The Oath in Felghana

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 4043.86 MB
Available physical RAM: 2440.13 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5584.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3976.62 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:678.4 GB) (Free:607.98 GB) NTFS

========================= Users: ========================================

User accounts for \\VAUGHN1-PC

Administrator Guest UpdatusUser
vaughn1


**** End of log ****


Laptops TDSSkiller log


16:26:42.0040 2452 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
16:26:42.0914 2452 ============================================================
16:26:42.0914 2452 Current date / time: 2012/04/08 16:26:42.0914
16:26:42.0914 2452 SystemInfo:
16:26:42.0914 2452
16:26:42.0914 2452 OS Version: 6.1.7601 ServicePack: 1.0
16:26:42.0914 2452 Product type: Workstation
16:26:42.0914 2452 ComputerName: VAUGHN1-PC
16:26:42.0914 2452 UserName: vaughn1
16:26:42.0914 2452 Windows directory: C:\Windows
16:26:42.0914 2452 System windows directory: C:\Windows
16:26:42.0914 2452 Running under WOW64
16:26:42.0914 2452 Processor architecture: Intel x64
16:26:42.0914 2452 Number of processors: 4
16:26:42.0914 2452 Page size: 0x1000
16:26:42.0914 2452 Boot type: Safe boot with network
16:26:42.0914 2452 ============================================================
16:26:43.0507 2452 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:26:43.0538 2452 \Device\Harddisk0\DR0:
16:26:43.0538 2452 MBR used
16:26:43.0538 2452 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x2865000
16:26:43.0538 2452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2879000, BlocksNum 0x54CCC800
16:26:43.0585 2452 Initialize success
16:26:43.0585 2452 ============================================================
16:26:47.0953 2880 ============================================================
16:26:47.0953 2880 Scan started
16:26:47.0953 2880 Mode: Manual;
16:26:47.0953 2880 ============================================================
16:26:49.0528 2880 0054601333859201mcinstcleanup - ok
16:26:49.0778 2880 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
16:26:49.0778 2880 1394ohci - ok
16:26:50.0090 2880 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
16:26:50.0090 2880 Acceler - ok
16:26:50.0355 2880 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:26:50.0371 2880 ACPI - ok
16:26:50.0667 2880 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:26:50.0667 2880 AcpiPmi - ok
16:26:50.0761 2880 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:26:50.0761 2880 AdobeARMservice - ok
16:26:51.0010 2880 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:26:51.0010 2880 AdobeFlashPlayerUpdateSvc - ok
16:26:51.0307 2880 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:26:51.0322 2880 adp94xx - ok
16:26:51.0619 2880 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:26:51.0619 2880 adpahci - ok
16:26:51.0899 2880 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:26:51.0915 2880 adpu320 - ok
16:26:52.0118 2880 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:26:52.0118 2880 AeLookupSvc - ok
16:26:52.0180 2880 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:26:52.0180 2880 AERTFilters - ok
16:26:52.0477 2880 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:26:52.0477 2880 AFD - ok
16:26:52.0757 2880 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:26:52.0757 2880 agp440 - ok
16:26:52.0960 2880 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:26:52.0960 2880 ALG - ok
16:26:53.0085 2880 AlienFusionService (73fd38c98996fa971bad46376610fa67) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
16:26:53.0101 2880 AlienFusionService - ok
16:26:53.0366 2880 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:26:53.0366 2880 aliide - ok
16:26:53.0631 2880 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:26:53.0631 2880 amdide - ok
16:26:53.0912 2880 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:26:53.0912 2880 AmdK8 - ok
16:26:54.0177 2880 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:26:54.0177 2880 AmdPPM - ok
16:26:54.0442 2880 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:26:54.0458 2880 amdsata - ok
16:26:54.0739 2880 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:26:54.0739 2880 amdsbs - ok
16:26:55.0004 2880 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:26:55.0004 2880 amdxata - ok
16:26:55.0285 2880 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:26:55.0285 2880 AppID - ok
16:26:55.0487 2880 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:26:55.0487 2880 AppIDSvc - ok
16:26:55.0706 2880 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:26:55.0706 2880 Appinfo - ok
16:26:55.0940 2880 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
16:26:55.0940 2880 AppMgmt - ok
16:26:56.0205 2880 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:26:56.0205 2880 arc - ok
16:26:56.0486 2880 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:26:56.0486 2880 arcsas - ok
16:26:56.0720 2880 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:26:56.0751 2880 aspnet_state - ok
16:26:57.0016 2880 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:26:57.0016 2880 AsyncMac - ok
16:26:57.0281 2880 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:26:57.0281 2880 atapi - ok
16:26:57.0531 2880 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:26:57.0531 2880 AudioEndpointBuilder - ok
16:26:57.0547 2880 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:26:57.0547 2880 AudioSrv - ok
16:26:57.0765 2880 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:26:57.0781 2880 AxInstSV - ok
16:26:58.0061 2880 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:26:58.0061 2880 b06bdrv - ok
16:26:58.0358 2880 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:26:58.0358 2880 b57nd60a - ok
16:26:58.0576 2880 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:26:58.0576 2880 BDESVC - ok
16:26:58.0873 2880 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:26:58.0873 2880 Beep - ok
16:26:59.0107 2880 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:26:59.0122 2880 BFE - ok
16:26:59.0325 2880 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:26:59.0341 2880 BITS - ok
16:26:59.0621 2880 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:26:59.0621 2880 blbdrive - ok
16:26:59.0902 2880 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:26:59.0902 2880 bowser - ok
16:27:00.0199 2880 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:27:00.0199 2880 BrFiltLo - ok
16:27:00.0464 2880 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:27:00.0464 2880 BrFiltUp - ok
16:27:00.0667 2880 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:27:00.0667 2880 Browser - ok
16:27:00.0932 2880 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:27:00.0932 2880 Brserid - ok
16:27:01.0197 2880 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:27:01.0197 2880 BrSerWdm - ok
16:27:01.0478 2880 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:27:01.0478 2880 BrUsbMdm - ok
16:27:01.0743 2880 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:27:01.0743 2880 BrUsbSer - ok
16:27:02.0039 2880 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:27:02.0039 2880 BTHMODEM - ok
16:27:02.0242 2880 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:27:02.0242 2880 bthserv - ok
16:27:02.0523 2880 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:27:02.0523 2880 cdfs - ok
16:27:02.0819 2880 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:27:02.0819 2880 cdrom - ok
16:27:03.0022 2880 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:27:03.0022 2880 CertPropSvc - ok
16:27:03.0303 2880 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
16:27:03.0303 2880 cfwids - ok
16:27:03.0584 2880 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:27:03.0584 2880 circlass - ok
16:27:03.0787 2880 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:27:03.0787 2880 CLFS - ok
16:27:03.0927 2880 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:27:03.0927 2880 clr_optimization_v2.0.50727_32 - ok
16:27:04.0005 2880 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:27:04.0005 2880 clr_optimization_v2.0.50727_64 - ok
16:27:04.0130 2880 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:27:04.0192 2880 clr_optimization_v4.0.30319_32 - ok
16:27:04.0395 2880 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:27:04.0457 2880 clr_optimization_v4.0.30319_64 - ok
16:27:04.0738 2880 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:27:04.0738 2880 CmBatt - ok
16:27:05.0003 2880 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:27:05.0003 2880 cmdide - ok
16:27:05.0300 2880 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:27:05.0300 2880 CNG - ok
16:27:05.0659 2880 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:27:05.0659 2880 Compbatt - ok
16:27:06.0095 2880 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:27:06.0095 2880 CompositeBus - ok
16:27:06.0314 2880 COMSysApp - ok
16:27:06.0673 2880 cphs (df3e8c2c443d3618260dff5705ce2df5) C:\Windows\SysWow64\IntelCpHeciSvc.exe
16:27:06.0673 2880 cphs - ok
16:27:06.0985 2880 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:27:07.0000 2880 crcdisk - ok
16:27:07.0219 2880 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:27:07.0219 2880 CryptSvc - ok
16:27:07.0702 2880 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
16:27:07.0702 2880 CSC - ok
16:27:08.0201 2880 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
16:27:08.0201 2880 CscService - ok
16:27:08.0498 2880 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:27:08.0498 2880 CtClsFlt - ok
16:27:08.0716 2880 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:27:08.0716 2880 DcomLaunch - ok
16:27:08.0935 2880 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:27:08.0950 2880 defragsvc - ok
16:27:09.0215 2880 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:27:09.0215 2880 DfsC - ok
16:27:09.0434 2880 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:27:09.0449 2880 Dhcp - ok
16:27:09.0917 2880 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:27:09.0917 2880 discache - ok
16:27:10.0682 2880 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:27:10.0682 2880 Disk - ok
16:27:11.0041 2880 DMDefragService (2caad3e488998887861c46b3027d0dc8) C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe
16:27:11.0150 2880 DMDefragService - ok
16:27:11.0431 2880 DMRepairService (e4bfebc56896951001f1297bf47d5341) C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe
16:27:11.0446 2880 DMRepairService - ok
16:27:11.0805 2880 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
16:27:11.0805 2880 dmvsc - ok
16:27:12.0008 2880 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:27:12.0008 2880 Dnscache - ok
16:27:12.0211 2880 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:27:12.0226 2880 dot3svc - ok
16:27:12.0429 2880 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:27:12.0445 2880 DPS - ok
16:27:12.0757 2880 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:27:12.0757 2880 drmkaud - ok
16:27:13.0053 2880 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:27:13.0069 2880 DXGKrnl - ok
16:27:13.0271 2880 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:27:13.0271 2880 EapHost - ok
16:27:13.0599 2880 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:27:13.0661 2880 ebdrv - ok
16:27:13.0864 2880 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:27:13.0864 2880 EFS - ok
16:27:13.0989 2880 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:27:13.0989 2880 ehRecvr - ok
16:27:14.0005 2880 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:27:14.0005 2880 ehSched - ok
16:27:14.0254 2880 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:27:14.0270 2880 elxstor - ok
16:27:14.0551 2880 EMSC (e47d9d7e6e53892fc97282482f4ae307) C:\Windows\system32\DRIVERS\EMSC.SYS
16:27:14.0551 2880 EMSC - ok
16:27:14.0816 2880 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:27:14.0816 2880 ErrDev - ok
16:27:15.0034 2880 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:27:15.0034 2880 EventSystem - ok
16:27:15.0128 2880 EvtEng (8b6c9924b0d333dbf76086b8258a0891) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:27:15.0159 2880 EvtEng - ok
16:27:15.0424 2880 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:27:15.0440 2880 exfat - ok
16:27:15.0705 2880 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:27:15.0721 2880 fastfat - ok
16:27:15.0939 2880 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:27:15.0939 2880 Fax - ok
16:27:16.0235 2880 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:27:16.0235 2880 fdc - ok
16:27:16.0423 2880 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:27:16.0438 2880 fdPHost - ok
16:27:16.0625 2880 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:27:16.0641 2880 FDResPub - ok
16:27:16.0906 2880 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:27:16.0906 2880 FileInfo - ok
16:27:17.0171 2880 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:27:17.0171 2880 Filetrace - ok
16:27:17.0452 2880 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:27:17.0452 2880 flpydisk - ok
16:27:17.0811 2880 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:27:17.0811 2880 FltMgr - ok
16:27:18.0029 2880 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:27:18.0061 2880 FontCache - ok
16:27:18.0170 2880 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:27:18.0170 2880 FontCache3.0.0.0 - ok
16:27:18.0419 2880 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:27:18.0419 2880 FsDepends - ok
16:27:18.0700 2880 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:27:18.0700 2880 Fs_Rec - ok
16:27:18.0981 2880 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:27:18.0997 2880 fvevol - ok
16:27:19.0277 2880 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:27:19.0277 2880 gagp30kx - ok
16:27:19.0496 2880 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:27:19.0511 2880 gpsvc - ok
16:27:19.0792 2880 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:27:19.0792 2880 hcw85cir - ok
16:27:20.0073 2880 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:27:20.0089 2880 HdAudAddService - ok
16:27:20.0385 2880 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:27:20.0385 2880 HDAudBus - ok
16:27:20.0666 2880 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:27:20.0666 2880 HidBatt - ok
16:27:20.0947 2880 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:27:20.0947 2880 HidBth - ok
16:27:21.0212 2880 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:27:21.0212 2880 HidIr - ok
16:27:21.0415 2880 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:27:21.0415 2880 hidserv - ok
16:27:21.0695 2880 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:27:21.0695 2880 HidUsb - ok
16:27:21.0883 2880 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:27:21.0883 2880 hkmsvc - ok
16:27:22.0085 2880 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:27:22.0085 2880 HomeGroupListener - ok
16:27:22.0288 2880 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:27:22.0288 2880 HomeGroupProvider - ok
16:27:22.0569 2880 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:27:22.0569 2880 HpSAMD - ok
16:27:22.0850 2880 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:27:22.0850 2880 HTTP - ok
16:27:23.0131 2880 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:27:23.0131 2880 hwpolicy - ok
16:27:23.0427 2880 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:27:23.0427 2880 i8042prt - ok
16:27:23.0708 2880 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
16:27:23.0708 2880 iaStor - ok
16:27:23.0801 2880 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:27:23.0801 2880 IAStorDataMgrSvc - ok
16:27:24.0082 2880 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:27:24.0098 2880 iaStorV - ok
16:27:24.0191 2880 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:27:24.0207 2880 IDriverT - ok
16:27:24.0332 2880 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:27:24.0347 2880 idsvc - ok
16:27:24.0831 2880 igfx (276ee9cdab16c50e1df0e4cefa882f5f) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:27:25.0065 2880 igfx - ok
16:27:25.0361 2880 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:27:25.0377 2880 iirsp - ok
16:27:25.0564 2880 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:27:25.0580 2880 IKEEXT - ok
16:27:25.0861 2880 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
16:27:25.0876 2880 Impcd - ok
16:27:26.0173 2880 IntcAzAudAddService (72a253efca059d8cf303371255624890) C:\Windows\system32\drivers\RTKVHD64.sys
16:27:26.0219 2880 IntcAzAudAddService - ok
16:27:26.0516 2880 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:27:26.0516 2880 IntcDAud - ok
16:27:26.0797 2880 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:27:26.0797 2880 intelide - ok
16:27:27.0077 2880 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:27:27.0077 2880 intelppm - ok
16:27:27.0280 2880 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:27:27.0280 2880 IPBusEnum - ok
16:27:27.0561 2880 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:27:27.0561 2880 IpFilterDriver - ok
16:27:27.0764 2880 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:27:27.0779 2880 iphlpsvc - ok
16:27:28.0060 2880 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:27:28.0060 2880 IPMIDRV - ok
16:27:28.0341 2880 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:27:28.0341 2880 IPNAT - ok
16:27:28.0622 2880 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:27:28.0622 2880 IRENUM - ok
16:27:28.0887 2880 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:27:28.0887 2880 isapnp - ok
16:27:29.0152 2880 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:27:29.0168 2880 iScsiPrt - ok
16:27:29.0464 2880 JMCR (df4265062db60a2a72e8e04c358bd3d1) C:\Windows\system32\DRIVERS\jmcr.sys
16:27:29.0480 2880 JMCR - ok
16:27:29.0776 2880 johci (579f26399d4158588af9b1212fc4cba0) C:\Windows\system32\drivers\johci.sys
16:27:29.0776 2880 johci - ok
16:27:30.0073 2880 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:27:30.0073 2880 kbdclass - ok
16:27:30.0353 2880 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:27:30.0353 2880 kbdhid - ok
16:27:30.0541 2880 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:30.0541 2880 KeyIso - ok
16:27:30.0837 2880 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:27:30.0837 2880 KSecDD - ok
16:27:31.0118 2880 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:27:31.0118 2880 KSecPkg - ok
16:27:31.0399 2880 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:27:31.0399 2880 ksthunk - ok
16:27:31.0601 2880 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:27:31.0601 2880 KtmRm - ok
16:27:31.0882 2880 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
16:27:31.0882 2880 L1C - ok
16:27:32.0085 2880 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:27:32.0085 2880 LanmanServer - ok
16:27:32.0303 2880 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:27:32.0303 2880 LanmanWorkstation - ok
16:27:32.0584 2880 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:27:32.0584 2880 lltdio - ok
16:27:32.0771 2880 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:27:32.0787 2880 lltdsvc - ok
16:27:32.0974 2880 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:27:32.0974 2880 lmhosts - ok
16:27:33.0271 2880 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:27:33.0271 2880 LSI_FC - ok
16:27:33.0551 2880 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:27:33.0551 2880 LSI_SAS - ok
16:27:33.0879 2880 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:27:33.0879 2880 LSI_SAS2 - ok
16:27:34.0207 2880 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:27:34.0222 2880 LSI_SCSI - ok
16:27:34.0550 2880 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:27:34.0550 2880 luafv - ok
16:27:34.0675 2880 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:34.0675 2880 McAfee SiteAdvisor Service - ok
16:27:34.0753 2880 McAWFwk (b6bd99c3e23507a732c474caa620c0d7) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
16:27:34.0753 2880 McAWFwk - ok
16:27:34.0768 2880 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:34.0768 2880 McMPFSvc - ok
16:27:34.0768 2880 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:34.0768 2880 mcmscsvc - ok
16:27:34.0784 2880 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:34.0784 2880 McNaiAnn - ok
16:27:34.0784 2880 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:34.0784 2880 McNASvc - ok
16:27:34.0971 2880 McODS (b3914a7c97a81acb1e9befe07e4c387f) C:\Program Files\McAfee\VirusScan\mcods.exe
16:27:34.0987 2880 McODS - ok
16:27:35.0018 2880 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:35.0018 2880 McOobeSv - ok
16:27:35.0033 2880 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
16:27:35.0033 2880 McProxy - ok
16:27:35.0111 2880 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:27:35.0111 2880 McShield - ok
16:27:35.0345 2880 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:27:35.0361 2880 Mcx2Svc - ok
16:27:35.0673 2880 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:27:35.0673 2880 megasas - ok
16:27:36.0001 2880 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:27:36.0001 2880 MegaSR - ok
16:27:36.0344 2880 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
16:27:36.0344 2880 MEIx64 - ok
16:27:36.0671 2880 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
16:27:36.0671 2880 mfeapfk - ok
16:27:37.0015 2880 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
16:27:37.0015 2880 mfeavfk - ok
16:27:37.0139 2880 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
16:27:37.0139 2880 mfefire - ok
16:27:37.0467 2880 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
16:27:37.0483 2880 mfefirek - ok
16:27:37.0857 2880 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
16:27:37.0857 2880 mfehidk - ok
16:27:38.0200 2880 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:27:38.0200 2880 mfenlfk - ok
16:27:38.0543 2880 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
16:27:38.0543 2880 mferkdet - ok
16:27:38.0793 2880 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
16:27:38.0793 2880 mfevtp - ok
16:27:39.0152 2880 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
16:27:39.0152 2880 mfewfpk - ok
16:27:39.0370 2880 Microsoft SharePoint Workspace Audit Service - ok
16:27:39.0620 2880 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:27:39.0620 2880 MMCSS - ok
16:27:39.0932 2880 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:27:39.0932 2880 Modem - ok
16:27:40.0259 2880 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:27:40.0259 2880 monitor - ok
16:27:40.0587 2880 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:27:40.0587 2880 mouclass - ok
16:27:40.0915 2880 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
16:27:40.0915 2880 mouhid - ok
16:27:41.0227 2880 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:27:41.0242 2880 mountmgr - ok
16:27:41.0586 2880 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:27:41.0586 2880 mpio - ok
16:27:41.0898 2880 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:27:41.0898 2880 mpsdrv - ok
16:27:42.0147 2880 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:27:42.0163 2880 MpsSvc - ok
16:27:42.0475 2880 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:27:42.0490 2880 MRxDAV - ok
16:27:42.0818 2880 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:27:42.0818 2880 mrxsmb - ok
16:27:43.0146 2880 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:27:43.0146 2880 mrxsmb10 - ok
16:27:43.0458 2880 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:27:43.0473 2880 mrxsmb20 - ok
16:27:43.0785 2880 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:27:43.0785 2880 msahci - ok
16:27:44.0097 2880 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:27:44.0113 2880 msdsm - ok
16:27:44.0362 2880 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:27:44.0362 2880 MSDTC - ok
16:27:44.0690 2880 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:27:44.0690 2880 Msfs - ok
16:27:45.0002 2880 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:27:45.0018 2880 mshidkmdf - ok
16:27:45.0330 2880 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:27:45.0330 2880 msisadrv - ok
16:27:45.0579 2880 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:27:45.0579 2880 MSiSCSI - ok
16:27:45.0798 2880 msiserver - ok
16:27:46.0125 2880 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:27:46.0125 2880 MSKSSRV - ok
16:27:46.0453 2880 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:27:46.0453 2880 MSPCLOCK - ok
16:27:46.0765 2880 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:27:46.0765 2880 MSPQM - ok
16:27:47.0092 2880 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:27:47.0092 2880 MsRPC - ok
16:27:47.0420 2880 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:27:47.0420 2880 mssmbios - ok
16:27:47.0779 2880 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:27:47.0779 2880 MSTEE - ok
16:27:48.0091 2880 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:27:48.0091 2880 MTConfig - ok
16:27:48.0403 2880 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:27:48.0403 2880 Mup - ok
16:27:48.0496 2880 MyWiFiDHCPDNS (6ed8935257672f4cd04a88a0f3de093d) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:27:48.0496 2880 MyWiFiDHCPDNS - ok
16:27:48.0762 2880 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:27:48.0762 2880 napagent - ok
16:27:49.0464 2880 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:27:49.0464 2880 NativeWifiP - ok
16:27:50.0337 2880 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
16:27:50.0446 2880 NDIS - ok
16:27:51.0117 2880 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:27:51.0133 2880 NdisCap - ok
16:27:51.0772 2880 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:27:51.0788 2880 NdisTapi - ok
16:27:52.0506 2880 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:27:52.0521 2880 Ndisuio - ok
16:27:53.0208 2880 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:27:53.0208 2880 NdisWan - ok
16:27:53.0800 2880 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:27:53.0800 2880 NDProxy - ok
16:27:54.0190 2880 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:27:54.0206 2880 NetBIOS - ok
16:27:54.0783 2880 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:27:54.0799 2880 NetBT - ok
16:27:55.0236 2880 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:27:55.0236 2880 Netlogon - ok
16:27:55.0735 2880 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:27:55.0735 2880 Netman - ok
16:27:56.0109 2880 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:56.0218 2880 NetMsmqActivator - ok
16:27:56.0265 2880 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:56.0265 2880 NetPipeActivator - ok
16:27:56.0811 2880 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:27:56.0827 2880 netprofm - ok
16:27:57.0326 2880 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:57.0326 2880 NetTcpActivator - ok
16:27:57.0342 2880 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:27:57.0357 2880 NetTcpPortSharing - ok
16:27:57.0872 2880 netvsc (73ce12b8bdd747b0063cb0a7ef44cea7) C:\Windows\system32\DRIVERS\netvsc60.sys
16:27:57.0872 2880 netvsc - ok
16:27:58.0340 2880 NETwNs64 (5d262402b0634c998f8cbcead7dd8676) C:\Windows\system32\DRIVERS\NETwNs64.sys
16:27:58.0496 2880 NETwNs64 - ok
16:27:58.0824 2880 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:27:58.0839 2880 nfrd960 - ok
16:27:59.0089 2880 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:27:59.0104 2880 NlaSvc - ok
16:27:59.0416 2880 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:27:59.0432 2880 Npfs - ok
16:27:59.0666 2880 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:27:59.0666 2880 nsi - ok
16:27:59.0978 2880 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:27:59.0994 2880 nsiproxy - ok
16:28:00.0321 2880 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:28:00.0368 2880 Ntfs - ok
16:28:00.0680 2880 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:28:00.0696 2880 Null - ok
16:28:01.0008 2880 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:28:01.0023 2880 nusb3hub - ok
16:28:01.0351 2880 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:28:01.0366 2880 nusb3xhc - ok
16:28:01.0710 2880 nvkflt (555ddbaf3d306154c553acbd6780fd1e) C:\Windows\system32\DRIVERS\nvkflt.sys
16:28:01.0725 2880 nvkflt - ok
16:28:02.0271 2880 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:28:02.0490 2880 nvlddmkm - ok
16:28:02.0864 2880 nvpciflt (3629b8c7257c6231a3cfb44359c68b1d) C:\Windows\system32\DRIVERS\nvpciflt.sys
16:28:02.0864 2880 nvpciflt - ok
16:28:03.0192 2880 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:28:03.0192 2880 nvraid - ok
16:28:03.0535 2880 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:28:03.0535 2880 nvstor - ok
16:28:03.0800 2880 NVSvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
16:28:03.0816 2880 NVSvc - ok
16:28:03.0909 2880 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
16:28:03.0940 2880 nvUpdatusService - ok
16:28:04.0268 2880 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:28:04.0268 2880 nv_agp - ok
16:28:04.0580 2880 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:28:04.0580 2880 ohci1394 - ok
16:28:04.0658 2880 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:28:04.0674 2880 ose - ok
16:28:04.0814 2880 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:28:04.0908 2880 osppsvc - ok
16:28:05.0157 2880 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:28:05.0173 2880 p2pimsvc - ok
16:28:05.0407 2880 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:28:05.0422 2880 p2psvc - ok
16:28:05.0734 2880 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:28:05.0734 2880 Parport - ok
16:28:06.0046 2880 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:28:06.0062 2880 partmgr - ok
16:28:06.0296 2880 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:28:06.0312 2880 PcaSvc - ok
16:28:06.0624 2880 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:28:06.0624 2880 pci - ok
16:28:06.0998 2880 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:28:06.0998 2880 pciide - ok
16:28:07.0310 2880 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:28:07.0326 2880 pcmcia - ok
16:28:07.0653 2880 PCTDMDefrag (f807b82d4a743270c881f635055b1f7f) C:\Windows\system32\drivers\PCTDMDefrag.sys
16:28:07.0653 2880 PCTDMDefrag - ok
16:28:07.0981 2880 PCTDSMon (ac61dd47194df8241527b4291e5bb536) C:\Windows\system32\drivers\PCTDSMon.sys
16:28:07.0996 2880 PCTDSMon - ok
16:28:08.0074 2880 PCToolsSSDMonitorSvc (97571ef24b653ddc0538c59bcd989ae1) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
16:28:08.0090 2880 PCToolsSSDMonitorSvc - ok
16:28:08.0402 2880 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:28:08.0418 2880 pcw - ok
16:28:08.0730 2880 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:28:08.0745 2880 PEAUTH - ok
16:28:09.0026 2880 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
16:28:09.0057 2880 PeerDistSvc - ok
16:28:09.0307 2880 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:28:09.0338 2880 PerfHost - ok
16:28:09.0619 2880 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:28:09.0650 2880 pla - ok
16:28:09.0900 2880 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:28:09.0915 2880 PlugPlay - ok
16:28:10.0149 2880 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:28:10.0149 2880 PNRPAutoReg - ok
16:28:10.0414 2880 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:28:10.0414 2880 PNRPsvc - ok
16:28:10.0648 2880 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:28:10.0664 2880 PolicyAgent - ok
16:28:10.0914 2880 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll
16:28:10.0914 2880 Power - ok
16:28:11.0241 2880 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:28:11.0241 2880 PptpMiniport - ok
16:28:11.0584 2880 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:28:11.0584 2880 Processor - ok
16:28:11.0834 2880 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
16:28:11.0850 2880 ProfSvc - ok
16:28:12.0084 2880 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:12.0084 2880 ProtectedStorage - ok
16:28:12.0411 2880 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:28:12.0411 2880 Psched - ok
16:28:12.0754 2880 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:28:12.0786 2880 ql2300 - ok
16:28:13.0113 2880 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:28:13.0113 2880 ql40xx - ok
16:28:13.0347 2880 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:28:13.0363 2880 QWAVE - ok
16:28:13.0675 2880 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:28:13.0675 2880 QWAVEdrv - ok
16:28:14.0002 2880 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:28:14.0002 2880 RasAcd - ok
16:28:14.0330 2880 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:28:14.0330 2880 RasAgileVpn - ok
16:28:14.0564 2880 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:28:14.0564 2880 RasAuto - ok
16:28:14.0892 2880 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:28:14.0892 2880 Rasl2tp - ok
16:28:15.0126 2880 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:28:15.0141 2880 RasMan - ok
16:28:15.0453 2880 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:28:15.0453 2880 RasPppoe - ok
16:28:15.0781 2880 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:28:15.0781 2880 RasSstp - ok
16:28:16.0124 2880 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:28:16.0124 2880 rdbss - ok
16:28:16.0452 2880 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:28:16.0452 2880 rdpbus - ok
16:28:16.0779 2880 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:28:16.0779 2880 RDPCDD - ok
16:28:17.0122 2880 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
16:28:17.0122 2880 RDPDR - ok
16:28:17.0466 2880 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:28:17.0466 2880 RDPENCDD - ok
16:28:17.0902 2880 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:28:17.0902 2880 RDPREFMP - ok
16:28:18.0199 2880 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
16:28:18.0199 2880 RdpVideoMiniport - ok
16:28:18.0480 2880 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
16:28:18.0480 2880 RDPWD - ok
16:28:18.0776 2880 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:28:18.0776 2880 rdyboost - ok
16:28:18.0838 2880 RegSrvc (189c5a8d2098e0aa14fd157a954b34fc) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:28:18.0838 2880 RegSrvc - ok
16:28:19.0026 2880 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:28:19.0026 2880 RemoteAccess - ok
16:28:19.0228 2880 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:28:19.0228 2880 RemoteRegistry - ok
16:28:19.0447 2880 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:28:19.0447 2880 RpcEptMapper - ok
16:28:19.0665 2880 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:28:19.0681 2880 RpcLocator - ok
16:28:19.0884 2880 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:28:19.0899 2880 RpcSs - ok
16:28:20.0180 2880 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:28:20.0196 2880 rspndr - ok
16:28:20.0476 2880 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
16:28:20.0476 2880 s3cap - ok
16:28:20.0679 2880 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:20.0679 2880 SamSs - ok
16:28:20.0960 2880 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:28:20.0960 2880 sbp2port - ok
16:28:21.0163 2880 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:28:21.0163 2880 SCardSvr - ok
16:28:21.0444 2880 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:28:21.0444 2880 scfilter - ok
16:28:21.0662 2880 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:28:21.0693 2880 Schedule - ok
16:28:21.0912 2880 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:28:21.0912 2880 SCPolicySvc - ok
16:28:22.0099 2880 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:28:22.0114 2880 SDRSVC - ok
16:28:22.0411 2880 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:28:22.0411 2880 secdrv - ok
16:28:22.0614 2880 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:28:22.0614 2880 seclogon - ok
16:28:22.0816 2880 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:28:22.0816 2880 SENS - ok
16:28:23.0019 2880 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:28:23.0019 2880 SensrSvc - ok
16:28:23.0316 2880 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:28:23.0316 2880 Serenum - ok
16:28:23.0752 2880 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:28:23.0752 2880 Serial - ok
16:28:24.0033 2880 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:28:24.0033 2880 sermouse - ok
16:28:24.0252 2880 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:28:24.0252 2880 SessionEnv - ok
16:28:24.0532 2880 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:28:24.0548 2880 sffdisk - ok
16:28:24.0829 2880 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:28:24.0844 2880 sffp_mmc - ok
16:28:25.0125 2880 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:28:25.0125 2880 sffp_sd - ok
16:28:25.0422 2880 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:28:25.0422 2880 sfloppy - ok
16:28:25.0656 2880 SftService (29ddea72c5bdf61d62f4d438dc0e497c) C:\Program Files (x86)\AlienRespawn\sftservice.EXE
16:28:25.0687 2880 SftService - ok
16:28:25.0890 2880 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:28:25.0890 2880 SharedAccess - ok
16:28:26.0092 2880 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:28:26.0092 2880 ShellHWDetection - ok
16:28:26.0389 2880 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:28:26.0389 2880 SiSRaid2 - ok
16:28:26.0685 2880 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:28:26.0685 2880 SiSRaid4 - ok
16:28:26.0982 2880 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:28:26.0982 2880 Smb - ok
16:28:27.0184 2880 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:28:27.0200 2880 SNMPTRAP - ok
16:28:27.0481 2880 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:28:27.0481 2880 spldr - ok
16:28:27.0699 2880 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:28:27.0699 2880 Spooler - ok
16:28:27.0964 2880 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:28:28.0027 2880 sppsvc - ok
16:28:28.0230 2880 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:28:28.0230 2880 sppuinotify - ok
16:28:28.0526 2880 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:28:28.0542 2880 srv - ok
16:28:28.0838 2880 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:28:28.0838 2880 srv2 - ok
16:28:29.0134 2880 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:28:29.0134 2880 srvnet - ok
16:28:29.0353 2880 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:28:29.0353 2880 SSDPSRV - ok
16:28:29.0571 2880 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:28:29.0571 2880 SstpSvc - ok
16:28:29.0868 2880 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
16:28:29.0868 2880 stdcfltn - ok
16:28:29.0930 2880 Steam Client Service - ok
16:28:29.0992 2880 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:28:30.0008 2880 Stereo Service - ok
16:28:30.0289 2880 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:28:30.0289 2880 stexstor - ok
16:28:30.0523 2880 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:28:30.0523 2880 stisvc - ok
16:28:30.0819 2880 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
16:28:30.0819 2880 storvsc - ok
16:28:31.0116 2880 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:28:31.0116 2880 swenum - ok
16:28:31.0318 2880 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:28:31.0334 2880 swprv - ok
16:28:31.0646 2880 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\Synth3dVsc.sys
16:28:31.0646 2880 Synth3dVsc - ok
16:28:31.0942 2880 SynthVid (4cdd7df58730d23ba9cb5829a6e2ecea) C:\Windows\system32\DRIVERS\VMBusVideoM.sys
16:28:31.0942 2880 SynthVid - ok
16:28:32.0254 2880 SynTP (ddbe73ea697ab792a049d2126b951e29) C:\Windows\system32\DRIVERS\SynTP.sys
16:28:32.0270 2880 SynTP - ok
16:28:32.0504 2880 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:28:32.0535 2880 SysMain - ok
16:28:32.0738 2880 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:28:32.0738 2880 TabletInputService - ok
16:28:32.0956 2880 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:28:32.0956 2880 TapiSrv - ok
16:28:33.0159 2880 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:28:33.0159 2880 TBS - ok
16:28:33.0487 2880 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:28:33.0643 2880 Tcpip - ok
16:28:33.0970 2880 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:28:33.0986 2880 TCPIP6 - ok
16:28:34.0267 2880 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:28:34.0267 2880 tcpipreg - ok
16:28:34.0563 2880 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:28:34.0563 2880 TDPIPE - ok
16:28:34.0828 2880 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:28:34.0828 2880 TDTCP - ok
16:28:35.0140 2880 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:28:35.0140 2880 tdx - ok
16:28:35.0437 2880 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
16:28:35.0437 2880 TermDD - ok
16:28:35.0718 2880 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
16:28:35.0718 2880 terminpt - ok
16:28:35.0936 2880 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:28:35.0952 2880 TermService - ok
16:28:36.0154 2880 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:28:36.0154 2880 Themes - ok
16:28:36.0357 2880 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:28:36.0357 2880 THREADORDER - ok
16:28:36.0560 2880 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:28:36.0576 2880 TrkWks - ok
16:28:36.0654 2880 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:28:36.0654 2880 TrustedInstaller - ok
16:28:36.0903 2880 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:28:36.0903 2880 tssecsrv - ok
16:28:37.0200 2880 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:28:37.0215 2880 TsUsbFlt - ok
16:28:37.0496 2880 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:28:37.0512 2880 TsUsbGD - ok
16:28:37.0792 2880 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
16:28:37.0792 2880 tsusbhub - ok
16:28:38.0104 2880 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:28:38.0104 2880 tunnel - ok
16:28:38.0385 2880 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:28:38.0385 2880 uagp35 - ok
16:28:38.0682 2880 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:28:38.0697 2880 udfs - ok
16:28:38.0900 2880 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:28:38.0900 2880 UI0Detect - ok
16:28:39.0196 2880 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:28:39.0196 2880 uliagpkx - ok
16:28:39.0493 2880 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:28:39.0493 2880 umbus - ok
16:28:39.0774 2880 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:28:39.0774 2880 UmPass - ok
16:28:39.0992 2880 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
16:28:39.0992 2880 UmRdpService - ok
16:28:40.0210 2880 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:28:40.0210 2880 upnphost - ok
16:28:40.0491 2880 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
16:28:40.0507 2880 usbccgp - ok
16:28:40.0803 2880 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:28:40.0803 2880 usbcir - ok
16:28:41.0084 2880 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:28:41.0084 2880 usbehci - ok
16:28:41.0380 2880 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:28:41.0396 2880 usbhub - ok
16:28:41.0677 2880 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:28:41.0677 2880 usbohci - ok
16:28:41.0958 2880 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
16:28:41.0958 2880 usbprint - ok
16:28:42.0254 2880 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:28:42.0254 2880 USBSTOR - ok
16:28:42.0535 2880 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:28:42.0535 2880 usbuhci - ok
16:28:42.0831 2880 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
16:28:42.0831 2880 usbvideo - ok
16:28:43.0034 2880 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:28:43.0034 2880 UxSms - ok
16:28:43.0237 2880 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:28:43.0237 2880 VaultSvc - ok
16:28:43.0533 2880 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:28:43.0533 2880 vdrvroot - ok
16:28:43.0736 2880 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:28:43.0752 2880 vds - ok
16:28:44.0032 2880 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:28:44.0032 2880 vga - ok
16:28:44.0313 2880 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:28:44.0329 2880 VgaSave - ok
16:28:44.0594 2880 VGPU - ok
16:28:44.0890 2880 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:28:44.0890 2880 vhdmp - ok
16:28:45.0187 2880 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:28:45.0187 2880 viaide - ok
16:28:45.0483 2880 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
16:28:45.0483 2880 VMBusHID - ok
16:28:45.0780 2880 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:28:45.0780 2880 volmgr - ok
16:28:46.0076 2880 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:28:46.0076 2880 volmgrx - ok
16:28:46.0372 2880 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:28:46.0372 2880 volsnap - ok
16:28:46.0669 2880 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:28:46.0669 2880 vsmraid - ok
16:28:46.0903 2880 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:28:46.0934 2880 VSS - ok
16:28:47.0230 2880 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:28:47.0230 2880 vwifibus - ok
16:28:47.0527 2880 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:28:47.0527 2880 vwififlt - ok
16:28:47.0823 2880 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:28:47.0823 2880 vwifimp - ok
16:28:48.0026 2880 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:28:48.0042 2880 W32Time - ok
16:28:48.0322 2880 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:28:48.0322 2880 WacomPen - ok
16:28:48.0603 2880 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:28:48.0603 2880 WANARP - ok
16:28:48.0603 2880 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:28:48.0619 2880 Wanarpv6 - ok
16:28:48.0853 2880 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:28:48.0884 2880 WatAdminSvc - ok
16:28:49.0118 2880 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:28:49.0149 2880 wbengine - ok
16:28:49.0352 2880 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:28:49.0352 2880 WbioSrvc - ok
16:28:49.0555 2880 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:28:49.0570 2880 wcncsvc - ok
16:28:49.0773 2880 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:28:49.0773 2880 WcsPlugInService - ok
16:28:50.0054 2880 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:28:50.0054 2880 Wd - ok
16:28:50.0350 2880 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:28:50.0366 2880 Wdf01000 - ok
16:28:50.0569 2880 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:28:50.0569 2880 WdiServiceHost - ok
16:28:50.0569 2880 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:28:50.0584 2880 WdiSystemHost - ok
16:28:50.0865 2880 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
16:28:50.0865 2880 wdkmd - ok
16:28:51.0068 2880 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:28:51.0068 2880 WebClient - ok
16:28:51.0286 2880 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:28:51.0286 2880 Wecsvc - ok
16:28:51.0489 2880 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:28:51.0489 2880 wercplsupport - ok
16:28:51.0708 2880 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:28:51.0708 2880 WerSvc - ok
16:28:51.0988 2880 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:28:51.0988 2880 WfpLwf - ok
16:28:52.0269 2880 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:28:52.0285 2880 WimFltr - ok
16:28:52.0566 2880 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:28:52.0566 2880 WIMMount - ok
16:28:52.0597 2880 WinDefend - ok
16:28:52.0612 2880 WinHttpAutoProxySvc - ok
16:28:52.0878 2880 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:28:52.0878 2880 Winmgmt - ok
16:28:53.0112 2880 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:28:53.0143 2880 WinRM - ok
16:28:53.0377 2880 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:28:53.0392 2880 Wlansvc - ok
16:28:53.0689 2880 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:28:53.0689 2880 WmiAcpi - ok
16:28:53.0954 2880 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:28:53.0954 2880 wmiApSrv - ok
16:28:53.0985 2880 WMPNetworkSvc - ok
16:28:54.0204 2880 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:28:54.0204 2880 WPCSvc - ok
16:28:54.0391 2880 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:28:54.0391 2880 WPDBusEnum - ok
16:28:54.0687 2880 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:28:54.0687 2880 ws2ifsl - ok
16:28:54.0874 2880 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:28:54.0890 2880 wscsvc - ok
16:28:55.0062 2880 WSearch - ok
16:28:55.0296 2880 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
16:28:55.0342 2880 wuauserv - ok
16:28:55.0623 2880 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:28:55.0623 2880 WudfPf - ok
16:28:55.0935 2880 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:28:55.0935 2880 WUDFRd - ok
16:28:56.0138 2880 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:28:56.0138 2880 wudfsvc - ok
16:28:56.0341 2880 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:28:56.0356 2880 WwanSvc - ok
16:28:56.0653 2880 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
16:28:56.0653 2880 xusb21 - ok
16:28:56.0700 2880 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:28:56.0746 2880 \Device\Harddisk0\DR0 - ok
16:28:56.0762 2880 Boot (0x1200) (a869652858298c318176809c4b1d2a18) \Device\Harddisk0\DR0\Partition0
16:28:56.0762 2880 \Device\Harddisk0\DR0\Partition0 - ok
16:28:56.0778 2880 Boot (0x1200) (50202556b012404a01d20482e679f3cc) \Device\Harddisk0\DR0\Partition1
16:28:56.0778 2880 \Device\Harddisk0\DR0\Partition1 - ok
16:28:56.0778 2880 ============================================================
16:28:56.0778 2880 Scan finished
16:28:56.0778 2880 ============================================================
16:28:56.0793 2992 Detected object count: 0
16:28:56.0793 2992 Actual detected object count: 0
16:32:20.0920 1272 Deinitialize success


Laptops MBAM log


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.08.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
vaughn1 :: VAUGHN1-PC [administrator]

4/8/2012 4:40:31 PM
mbam-log-2012-04-08 (16-40-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219658
Time elapsed: 6 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Thank you again for the help in advance:)

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:01 AM

Posted 08 April 2012 - 08:14 PM

Both look clean up to date and tidy with the exception of both Hosts files being dis-located.

Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 dakthur

dakthur
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:01 AM

Posted 08 April 2012 - 09:17 PM

Do I delete the renamed hosts.old file or just leave everything as is after applying the fix?

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,934 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:01 AM

Posted 08 April 2012 - 09:22 PM

Leave it.. All looks goood now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users