Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search engine redirection virus.


  • This topic is locked This topic is locked
22 replies to this topic

#1 bjulie

bjulie

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 05 May 2012 - 01:04 PM

Hi, my computer is infected by a search engine redirection virus and my ISP also called me to say that large amount of spam have been sent from my computer. That happened while my anti-virus (Kaspersky) was not up-to-date and Malwarebytes report that: "195.88.209.15 (Type: outgoing, Port: 63838, Process: rundll32.exe)"

I've followed the guide and here's the DDS log:


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_31
Run by Julie at 13:19:48 on 2012-05-05
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.2942.1617 [GMT -4:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\rundll32.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\windows\System32\rundll32.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\TOSHIBA\TECO\TEco.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\rundll32.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uWindow Title = Présenté par TOSHIBA Leading Innovation >>>
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.toshiba.ca/fr/bienvenue
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.toshiba.ca/fr/bienvenue
mStart Page = hxxp://www.toshiba.ca/fr/bienvenue
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Gestionnaire Antidote.exe] c:\program files\druide\antidote\Gestionnaire Antidote.exe
uRun: [Google Update] "c:\users\julie\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WeatherEye] c:\users\julie\appdata\local\météomédia\météoéclair\WeatherEye.exe
mRun: [<NO NAME>]
mRun: [SVPWUTIL] c:\program files\toshiba\utilities\SVPWUTIL.exe SVPwUTIL
mRun: [HWSetup] "c:\program files\toshiba\utilities\HWSetup.exe" hwSetUP
mRun: [KeNotify] c:\program files\toshiba\utilities\KeNotify.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
mRun: [TosSENotify] c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
mRun: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
mRun: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
mRun: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\1.0"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\julie\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky internet security 2012\ievkbd.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky internet security 2012\klwtbbho.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{82C303E5-15EF-4636-9EA5-4824333D6973} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{82C303E5-15EF-4636-9EA5-4824333D6973}\46166796464767 : DhcpNameServer = 192.168.10.1
TCP: Interfaces\{82C303E5-15EF-4636-9EA5-4824333D6973}\A455354594E4540534 : DhcpNameServer = 216.144.115.251 216.144.115.252
TCP: Interfaces\{82C303E5-15EF-4636-9EA5-4824333D6973}\C45675962756C6563737 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{9825FD63-315D-447B-8026-8CA822814995} : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: klogon - c:\windows\system32\klogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\julie\appdata\roaming\mozilla\firefox\profiles\8hzjdy88.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - component: c:\program files\kaspersky lab\kaspersky internet security 2011\ffext\kavantibanner@kaspersky.ru\components\abhelperxpcom.dll
FF - component: c:\program files\kaspersky lab\kaspersky internet security 2011\ffext\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
FF - component: c:\program files\kaspersky lab\kaspersky internet security 2011\ffext\virtualkeyboard@kaspersky.ru\components\ffvkplugin.dll
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\julie\appdata\local\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\users\julie\appdata\roaming\facebook\npfbplugin_1_0_3.dll
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2011-3-4 11352]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2011-3-10 23856]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-16 176128]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-5-4 654408]
R2 RSELSVC;TOSHIBA Modem region select service;c:\program files\toshiba\rselect\RSelSvc.exe [2009-7-7 62832]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2009-12-23 5120]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-11-2 19984]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-5-4 22344]
R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-12-16 24064]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-12-16 167936]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-26 1011232]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-12-16 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960]
R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]
R3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
S2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky internet security 2012\avp.exe [2011-4-24 202296]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Service Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-1 136176]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 257696]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 gupdatem;Service Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-1 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-12-16 171520]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-3 52224]
S3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-20 1343400]
.
=============== Created Last 30 ================
.
2012-05-04 21:17:28 -------- d-----w- c:\users\julie\appdata\roaming\Malwarebytes
2012-05-04 21:16:52 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-04 21:16:52 -------- d-----w- c:\programdata\Malwarebytes
2012-05-04 21:16:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-04-29 19:46:22 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-29 19:46:22 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 18:55:43 4777280 ----a-w- C:\procexp.exe
2012-04-29 18:54:05 2473592 ----a-w- C:\Procmon.exe
2012-04-29 12:36:02 -------- d-----w- c:\users\julie\appdata\local\{B23B3B6C-C838-4B20-A3E1-7BDCA6D026F2}
2012-04-29 12:35:45 -------- d-----w- c:\users\julie\appdata\local\{3F412DA4-8D59-4CF6-BFAE-C0C3757E3398}
2012-04-26 11:14:16 -------- d-----w- c:\users\julie\appdata\local\{0A88F25C-67AC-4182-8504-1A12E836E171}
2012-04-26 11:14:02 -------- d-----w- c:\users\julie\appdata\local\{9DE53F2F-8147-4975-8647-50BE5F48260C}
2012-04-25 21:32:43 -------- d-----w- c:\users\julie\appdata\local\{A28DDD1C-B874-4EF9-B80E-62FD57A6C8E8}
2012-04-25 21:32:25 -------- d-----w- c:\users\julie\appdata\local\{6F040F82-9516-4ACF-B65D-D2172B06F111}
2012-04-23 11:58:11 -------- d-----w- c:\users\julie\appdata\local\{91273DE9-E9D8-4336-9703-11BB1DB47D28}
2012-04-23 11:57:34 -------- d-----w- c:\users\julie\appdata\local\{9B205AE0-CAC8-451D-92DA-F3824C5C9184}
2012-04-22 22:16:46 -------- d-----w- c:\users\julie\appdata\local\{4EB5778F-60CD-4AD2-9442-5645A4D27477}
2012-04-22 22:16:23 -------- d-----w- c:\users\julie\appdata\local\{77156185-E72D-4533-9246-9B52C3732547}
2012-04-21 22:47:02 -------- d-----w- c:\users\julie\appdata\local\{343A5D85-390C-470F-85AA-E21AD9E2986C}
2012-04-21 22:46:43 -------- d-----w- c:\users\julie\appdata\local\{047CB805-53A4-4719-A22C-416A8F724B4E}
2012-04-20 12:10:35 -------- d-----w- c:\users\julie\appdata\local\{C8322060-0090-4F09-94C4-7920F0FB25FF}
2012-04-20 12:10:16 -------- d-----w- c:\users\julie\appdata\local\{FA989777-56C7-4A79-A4F9-878D34A0EFE8}
2012-04-19 22:48:27 -------- d-----w- c:\users\julie\appdata\local\{7CFA799F-B083-4E2F-AA0C-18D2634535B2}
2012-04-19 22:48:11 -------- d-----w- c:\users\julie\appdata\local\{F14A617F-2785-44B4-95CF-D0407A1E811B}
2012-04-18 00:07:42 -------- d-----w- c:\users\julie\appdata\local\{9422EE31-8B82-49F7-9BDF-63E4D5E9B5C0}
2012-04-18 00:07:19 -------- d-----w- c:\users\julie\appdata\local\{5680990A-353F-4272-A422-D8C1DE9E6905}
2012-04-15 22:49:22 -------- d-----w- c:\users\julie\appdata\local\{8C93976E-B8EC-4B9D-A398-29A14EAF8696}
2012-04-15 22:49:09 -------- d-----w- c:\users\julie\appdata\local\{BA35A5A0-F482-4CA0-AA57-91ACFDD9A1B8}
2012-04-15 22:25:33 -------- d-----w- c:\users\julie\appdata\local\{74650EE1-9CA6-418A-A156-002C214D6512}
2012-04-15 22:25:09 -------- d-----w- c:\users\julie\appdata\local\{A67B89D8-6B80-4BEB-8566-47F35DAD0908}
2012-04-14 19:39:24 -------- d-----w- c:\program files\common files\Canon
2012-04-14 18:50:10 -------- d-----w- c:\users\julie\appdata\local\{90C02063-E965-4A27-92C5-47C011786E51}
2012-04-14 15:31:50 -------- d-----w- c:\users\julie\appdata\local\{8C19D541-F508-474D-8DDA-308D5F7B0A8A}
2012-04-14 15:31:28 -------- d-----w- c:\users\julie\appdata\local\{3A25F304-5126-45C3-AA38-24BD2345C40C}
2012-04-12 21:35:29 -------- d-----w- c:\users\julie\appdata\local\{436257CE-0682-4934-B79A-6087BFD743A6}
2012-04-12 21:35:05 -------- d-----w- c:\users\julie\appdata\local\{CBB2D3BA-E71D-4A00-ADD6-8DAECA0FFE88}
2012-04-12 01:16:03 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 01:16:03 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 01:16:03 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 01:16:03 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 01:15:45 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 01:15:44 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 22:04:08 -------- d-----w- c:\users\julie\appdata\local\{89A11C68-25BD-4EC3-AA4A-72A37254CA47}
2012-04-11 22:03:40 -------- d-----w- c:\users\julie\appdata\local\{42642482-62CB-4C1C-AE54-E1D8261828DD}
2012-04-10 12:24:42 -------- d-----w- c:\users\julie\appdata\local\{EB6A1B8A-D098-4BE1-8180-F7A3414BEFC7}
2012-04-10 12:24:30 -------- d-----w- c:\users\julie\appdata\local\{E21E2174-5B1C-49EA-B98D-221BB82EF9C4}
2012-04-09 13:53:10 -------- d-----w- c:\users\julie\appdata\local\{0E10F5CE-3178-4FF2-90BE-911CFA09D1C7}
2012-04-09 13:52:57 -------- d-----w- c:\users\julie\appdata\local\{DA195952-C21C-481F-B9B0-9A8BE037F822}
2012-04-08 17:51:09 -------- d-----w- c:\users\julie\appdata\local\{CEA34F0B-BCCE-4D9E-9417-02257F887FDA}
2012-04-06 13:39:44 -------- d-----w- c:\users\julie\appdata\local\{C2B92FD7-01E0-4EE2-BF65-1CCCCB2CE5F4}
2012-04-06 13:39:21 -------- d-----w- c:\users\julie\appdata\local\{C4B045FE-9F3B-4682-8F9A-B742F210B269}
2012-04-05 20:25:11 -------- d-----w- c:\users\julie\appdata\local\{AE9F2296-3986-47BC-A383-79EAB55E7435}
2012-04-05 20:24:58 -------- d-----w- c:\users\julie\appdata\local\{5398D990-5AC3-4800-88F3-F3B555E2A387}
2012-04-05 20:03:52 -------- d-----w- c:\users\julie\appdata\local\ECRSC
.
==================== Find3M ====================
.
2012-04-23 19:14:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-28 05:38:52 981504 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 03:52:27 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-17 05:34:22 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14:08 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13:22 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38:43 1077248 ----a-w- c:\windows\system32\DWrite.dll
.
============= FINISH: 13:20:20,08 ===============


and GMER:


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-05-05 13:56:21
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 FUJITSU_MJA2500BH_G2 rev.00400018
Running: 22xl74v5.exe; Driver: C:\Users\Julie\AppData\Local\Temp\kwloypod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8BF1628A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8BF30342]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8BF30678]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8BF309EE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8BF16D04]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8BF3002A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8BF17276]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8BF17164]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8BF304E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8BF16046]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8BF1738E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8BF168BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8BF16A2A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x8BF174A6]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8BF305B0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8BF1774E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x8BF16D46]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8BF18750]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8BF17840]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8BF17DAC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwNotifyChangeKey [0x8BF2E840]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8BF17308]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8BF171F0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8BF164C4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8BF17B90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8BF17420]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8BF163B8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8BF1755C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryObject [0x8BF2EA38]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8BF180D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8BF179E0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8BF307DC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8BF3072A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8BF30848]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8BF185F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8BF301B2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8BF16BA4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8BF175FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8BF18222]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8BF18316]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8BF18450]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8BF17670]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8BF16664]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8BF165BA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8BF17F8A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8BF16750]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKey + 13C1 82E59359 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82E92D52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10D7 82E99DAC 4 Bytes [8A, 62, F1, 8B]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82E99DD4 8 Bytes [42, 03, F3, 8B, 78, 06, F3, ...]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1143 82E99E18 4 Bytes [EE, 09, F3, 8B]
.text ntkrnlpa.exe!KeRemoveQueueEx + 116F 82E99E44 4 Bytes [04, 6D, F1, 8B]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1193 82E99E68 4 Bytes [2A, 00, F3, 8B]
.text ...
.text C:\windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x843A3000, 0x3C849, 0xE8000020]
.dsrt C:\windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x843E8000, 0x3DC, 0x48000040]
.text C:\windows\system32\DRIVERS\atikmdag.sys section is writeable [0x91E0B000, 0x2D5526, 0xE8000020]
? C:\Users\Julie\AppData\Local\Temp\mbr.sys Le fichier spécifié est introuvable. !

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] ntdll.dll!NtQueryInformationProcess 77B06048 5 Bytes JMP 00445A3A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] GDI32.dll!ExtTextOutW 763E8192 5 Bytes JMP 0042F09E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] GDI32.dll!GetGlyphIndicesW 763EB78F 5 Bytes JMP 0042F52B
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] GDI32.dll!TextOutW 763EFDE4 5 Bytes JMP 0042EB6A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] GDI32.dll!ExtTextOutA 763F03F9 5 Bytes JMP 0042EFBA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] GDI32.dll!TextOutA 763F077D 5 Bytes JMP 0042EA9E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] GDI32.dll!GetGlyphIndicesA 7640BB6A 5 Bytes JMP 0042F45E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] USER32.dll!DrawTextExW 771E5894 5 Bytes JMP 0042EED3
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] USER32.dll!DrawTextW 771E5B6A 5 Bytes JMP 0042ED11
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] USER32.dll!SetClipboardData 771F2962 5 Bytes JMP 0042E987
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] USER32.dll!DialogBoxParamW 771F3B9B 5 Bytes JMP 0042DC86
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] USER32.dll!DrawTextA 771FAE29 5 Bytes JMP 0042EC36
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] USER32.dll!DrawTextExA 771FAE60 5 Bytes JMP 0042EDEC
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WININET.dll!InternetCrackUrlA 777DD07D 5 Bytes JMP 0042F7F1
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WININET.dll!InternetCrackUrlW 7781893C 5 Bytes JMP 0042F93A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!closesocket 77C13918 5 Bytes JMP 0042E8E0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!getaddrinfo 77C14296 5 Bytes JMP 0042D7D7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!WSASend 77C14406 5 Bytes JMP 0042E5A8
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!GetAddrInfoW 77C14889 5 Bytes JMP 0042D8B7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!recv 77C16B0E 5 Bytes JMP 0042E4FA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!send 77C16F01 5 Bytes JMP 0042E455
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!WSARecv 77C17089 5 Bytes JMP 0042E67C
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!WSAGetOverlappedResult 77C17489 5 Bytes JMP 0042E7C0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!WSAAsyncGetHostByName 77C2726A 5 Bytes JMP 0042DBA7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[1652] WS2_32.dll!gethostbyname 77C27673 5 Bytes JMP 0042D716
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtCreateFile + 6 77B055CE 4 Bytes [28, 00, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtCreateFile + B 77B055D3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 1 Byte [28]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 4 Bytes [28, 03, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtMapViewOfSection + B 77B05C33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenFile + 6 77B05CDE 4 Bytes [68, 00, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenFile + B 77B05CE3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenProcess + 6 77B05D8E 4 Bytes [A8, 01, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenProcess + B 77B05D93 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenProcessToken + 6 77B05D9E 4 Bytes CALL 76B082A4 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenProcessToken + B 77B05DA3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenProcessTokenEx + 6 77B05DAE 4 Bytes [A8, 02, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenProcessTokenEx + B 77B05DB3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenThread + 6 77B05E0E 4 Bytes [68, 01, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenThread + B 77B05E13 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenThreadToken + 6 77B05E1E 4 Bytes [68, 02, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenThreadToken + B 77B05E23 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenThreadTokenEx + 6 77B05E2E 4 Bytes CALL 76B08335 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtOpenThreadTokenEx + B 77B05E33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtQueryAttributesFile + 6 77B05F3E 4 Bytes [A8, 00, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtQueryAttributesFile + B 77B05F43 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtQueryFullAttributesFile + 6 77B05FEE 4 Bytes CALL 76B084F3 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtQueryFullAttributesFile + B 77B05FF3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtSetInformationFile + 6 77B0663E 4 Bytes [28, 01, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtSetInformationFile + B 77B06643 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtSetInformationThread + 6 77B0669E 4 Bytes [28, 02, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtSetInformationThread + B 77B066A3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 1 Byte [68]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 4 Bytes [68, 03, 25, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2032] ntdll.dll!NtUnmapViewOfSection + B 77B069C3 1 Byte [E2]
.text C:\Program Files\real\realplayer\Update\realsched.exe[2552] kernel32.dll!SetUnhandledExceptionFilter 762DF4FB 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] ntdll.dll!NtQueryInformationProcess 77B06048 5 Bytes JMP 014D5A3A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] GDI32.dll!ExtTextOutW 763E8192 5 Bytes JMP 014BF09E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] GDI32.dll!GetGlyphIndicesW 763EB78F 5 Bytes JMP 014BF52B
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] GDI32.dll!TextOutW 763EFDE4 5 Bytes JMP 014BEB6A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] GDI32.dll!ExtTextOutA 763F03F9 5 Bytes JMP 014BEFBA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] GDI32.dll!TextOutA 763F077D 5 Bytes JMP 014BEA9E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] GDI32.dll!GetGlyphIndicesA 7640BB6A 5 Bytes JMP 014BF45E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] USER32.dll!DrawTextExW 771E5894 5 Bytes JMP 014BEED3
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] USER32.dll!DrawTextW 771E5B6A 5 Bytes JMP 014BED11
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] USER32.dll!SetClipboardData 771F2962 5 Bytes JMP 014BE987
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] USER32.dll!DialogBoxParamW 771F3B9B 5 Bytes JMP 014BDC86
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] USER32.dll!DrawTextA 771FAE29 5 Bytes JMP 014BEC36
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] USER32.dll!DrawTextExA 771FAE60 5 Bytes JMP 014BEDEC
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WININET.dll!InternetCrackUrlA 777DD07D 5 Bytes JMP 014BF7F1
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WININET.dll!InternetCrackUrlW 7781893C 5 Bytes JMP 014BF93A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!closesocket 77C13918 5 Bytes JMP 014BE8E0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!getaddrinfo 77C14296 5 Bytes JMP 014BD7D7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!WSASend 77C14406 5 Bytes JMP 014BE5A8
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!GetAddrInfoW 77C14889 5 Bytes JMP 014BD8B7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!recv 77C16B0E 5 Bytes JMP 014BE4FA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!send 77C16F01 5 Bytes JMP 014BE455
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!WSARecv 77C17089 5 Bytes JMP 014BE67C
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!WSAGetOverlappedResult 77C17489 5 Bytes JMP 014BE7C0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!WSAAsyncGetHostByName 77C2726A 5 Bytes JMP 014BDBA7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2580] WS2_32.dll!gethostbyname 77C27673 5 Bytes JMP 014BD716
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtCreateFile + 6 77B055CE 4 Bytes [28, 00, 11, 00] {SUB [EAX], AL; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtCreateFile + B 77B055D3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 1 Byte [28]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 4 Bytes [28, 03, 11, 00] {SUB [EBX], AL; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtMapViewOfSection + B 77B05C33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenFile + 6 77B05CDE 4 Bytes [68, 00, 11, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenFile + B 77B05CE3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenProcess + 6 77B05D8E 4 Bytes [A8, 01, 11, 00] {TEST AL, 0x1; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenProcess + B 77B05D93 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenProcessToken + 6 77B05D9E 4 Bytes CALL 76B06EA4 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenProcessToken + B 77B05DA3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenProcessTokenEx + 6 77B05DAE 4 Bytes [A8, 02, 11, 00] {TEST AL, 0x2; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenProcessTokenEx + B 77B05DB3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenThread + 6 77B05E0E 4 Bytes [68, 01, 11, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenThread + B 77B05E13 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenThreadToken + 6 77B05E1E 4 Bytes [68, 02, 11, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenThreadToken + B 77B05E23 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenThreadTokenEx + 6 77B05E2E 4 Bytes CALL 76B06F35 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtOpenThreadTokenEx + B 77B05E33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtQueryAttributesFile + 6 77B05F3E 4 Bytes [A8, 00, 11, 00] {TEST AL, 0x0; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtQueryAttributesFile + B 77B05F43 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtQueryFullAttributesFile + 6 77B05FEE 4 Bytes CALL 76B070F3 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtQueryFullAttributesFile + B 77B05FF3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtSetInformationFile + 6 77B0663E 4 Bytes [28, 01, 11, 00] {SUB [ECX], AL; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtSetInformationFile + B 77B06643 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtSetInformationThread + 6 77B0669E 4 Bytes [28, 02, 11, 00] {SUB [EDX], AL; ADC [EAX], EAX}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtSetInformationThread + B 77B066A3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 1 Byte [68]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 4 Bytes [68, 03, 11, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[2796] ntdll.dll!NtUnmapViewOfSection + B 77B069C3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtCreateFile + 6 77B055CE 4 Bytes [28, 00, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtCreateFile + B 77B055D3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 1 Byte [28]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 4 Bytes [28, 03, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtMapViewOfSection + B 77B05C33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenFile + 6 77B05CDE 4 Bytes [68, 00, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenFile + B 77B05CE3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenProcess + 6 77B05D8E 4 Bytes [A8, 01, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenProcess + B 77B05D93 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenProcessToken + 6 77B05D9E 4 Bytes CALL 76B0A3A4 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenProcessToken + B 77B05DA3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenProcessTokenEx + 6 77B05DAE 4 Bytes [A8, 02, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenProcessTokenEx + B 77B05DB3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenThread + 6 77B05E0E 4 Bytes [68, 01, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenThread + B 77B05E13 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenThreadToken + 6 77B05E1E 4 Bytes [68, 02, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenThreadToken + B 77B05E23 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenThreadTokenEx + 6 77B05E2E 4 Bytes CALL 76B0A435 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtOpenThreadTokenEx + B 77B05E33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtQueryAttributesFile + 6 77B05F3E 4 Bytes [A8, 00, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtQueryAttributesFile + B 77B05F43 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtQueryFullAttributesFile + 6 77B05FEE 4 Bytes CALL 76B0A5F3 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtQueryFullAttributesFile + B 77B05FF3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtSetInformationFile + 6 77B0663E 4 Bytes [28, 01, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtSetInformationFile + B 77B06643 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtSetInformationThread + 6 77B0669E 4 Bytes [28, 02, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtSetInformationThread + B 77B066A3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 1 Byte [68]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 4 Bytes [68, 03, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3152] ntdll.dll!NtUnmapViewOfSection + B 77B069C3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtCreateFile + 6 77B055CE 4 Bytes [28, 00, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtCreateFile + B 77B055D3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 1 Byte [28]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 4 Bytes [28, 03, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtMapViewOfSection + B 77B05C33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenFile + 6 77B05CDE 4 Bytes [68, 00, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenFile + B 77B05CE3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenProcess + 6 77B05D8E 4 Bytes [A8, 01, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenProcess + B 77B05D93 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenProcessToken + 6 77B05D9E 4 Bytes CALL 76B0A3A4 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenProcessToken + B 77B05DA3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenProcessTokenEx + 6 77B05DAE 4 Bytes [A8, 02, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenProcessTokenEx + B 77B05DB3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenThread + 6 77B05E0E 4 Bytes [68, 01, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenThread + B 77B05E13 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenThreadToken + 6 77B05E1E 4 Bytes [68, 02, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenThreadToken + B 77B05E23 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenThreadTokenEx + 6 77B05E2E 4 Bytes CALL 76B0A435 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtOpenThreadTokenEx + B 77B05E33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtQueryAttributesFile + 6 77B05F3E 4 Bytes [A8, 00, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtQueryAttributesFile + B 77B05F43 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtQueryFullAttributesFile + 6 77B05FEE 4 Bytes CALL 76B0A5F3 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtQueryFullAttributesFile + B 77B05FF3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtSetInformationFile + 6 77B0663E 4 Bytes [28, 01, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtSetInformationFile + B 77B06643 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtSetInformationThread + 6 77B0669E 4 Bytes [28, 02, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtSetInformationThread + B 77B066A3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 1 Byte [68]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 4 Bytes [68, 03, 46, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[3696] ntdll.dll!NtUnmapViewOfSection + B 77B069C3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] ntdll.dll!NtQueryInformationProcess 77B06048 5 Bytes JMP 01235A3A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] GDI32.dll!ExtTextOutW 763E8192 5 Bytes JMP 0121F09E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] GDI32.dll!GetGlyphIndicesW 763EB78F 5 Bytes JMP 0121F52B
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] GDI32.dll!TextOutW 763EFDE4 5 Bytes JMP 0121EB6A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] GDI32.dll!ExtTextOutA 763F03F9 5 Bytes JMP 0121EFBA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] GDI32.dll!TextOutA 763F077D 5 Bytes JMP 0121EA9E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] GDI32.dll!GetGlyphIndicesA 7640BB6A 5 Bytes JMP 0121F45E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] USER32.dll!DrawTextExW 771E5894 5 Bytes JMP 0121EED3
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] USER32.dll!DrawTextW 771E5B6A 5 Bytes JMP 0121ED11
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] USER32.dll!SetClipboardData 771F2962 5 Bytes JMP 0121E987
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] USER32.dll!DialogBoxParamW 771F3B9B 5 Bytes JMP 0121DC86
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] USER32.dll!DrawTextA 771FAE29 5 Bytes JMP 0121EC36
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] USER32.dll!DrawTextExA 771FAE60 5 Bytes JMP 0121EDEC
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WININET.dll!InternetCrackUrlA 777DD07D 5 Bytes JMP 0121F7F1
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WININET.dll!InternetCrackUrlW 7781893C 5 Bytes JMP 0121F93A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!closesocket 77C13918 5 Bytes JMP 0121E8E0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!getaddrinfo 77C14296 5 Bytes JMP 0121D7D7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!WSASend 77C14406 5 Bytes JMP 0121E5A8
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!GetAddrInfoW 77C14889 5 Bytes JMP 0121D8B7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!recv 77C16B0E 5 Bytes JMP 0121E4FA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!send 77C16F01 5 Bytes JMP 0121E455
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!WSARecv 77C17089 5 Bytes JMP 0121E67C
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!WSAGetOverlappedResult 77C17489 5 Bytes JMP 0121E7C0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!WSAAsyncGetHostByName 77C2726A 5 Bytes JMP 0121DBA7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[4604] WS2_32.dll!gethostbyname 77C27673 5 Bytes JMP 0121D716
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] ntdll.dll!NtQueryInformationProcess 77B06048 5 Bytes JMP 011F5A3A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] GDI32.dll!ExtTextOutW 763E8192 5 Bytes JMP 011DF09E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] GDI32.dll!GetGlyphIndicesW 763EB78F 5 Bytes JMP 011DF52B
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] GDI32.dll!TextOutW 763EFDE4 5 Bytes JMP 011DEB6A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] GDI32.dll!ExtTextOutA 763F03F9 5 Bytes JMP 011DEFBA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] GDI32.dll!TextOutA 763F077D 5 Bytes JMP 011DEA9E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] GDI32.dll!GetGlyphIndicesA 7640BB6A 5 Bytes JMP 011DF45E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] USER32.dll!DrawTextExW 771E5894 5 Bytes JMP 011DEED3
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] USER32.dll!DrawTextW 771E5B6A 5 Bytes JMP 011DED11
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] USER32.dll!SetClipboardData 771F2962 5 Bytes JMP 011DE987
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] USER32.dll!DialogBoxParamW 771F3B9B 5 Bytes JMP 011DDC86
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] USER32.dll!DrawTextA 771FAE29 5 Bytes JMP 011DEC36
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] USER32.dll!DrawTextExA 771FAE60 5 Bytes JMP 011DEDEC
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WININET.dll!InternetCrackUrlA 777DD07D 5 Bytes JMP 011DF7F1
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WININET.dll!InternetCrackUrlW 7781893C 5 Bytes JMP 011DF93A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!closesocket 77C13918 5 Bytes JMP 011DE8E0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!getaddrinfo 77C14296 5 Bytes JMP 011DD7D7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!WSASend 77C14406 5 Bytes JMP 011DE5A8
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!GetAddrInfoW 77C14889 5 Bytes JMP 011DD8B7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!recv 77C16B0E 5 Bytes JMP 011DE4FA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!send 77C16F01 5 Bytes JMP 011DE455
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!WSARecv 77C17089 5 Bytes JMP 011DE67C
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!WSAGetOverlappedResult 77C17489 5 Bytes JMP 011DE7C0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!WSAAsyncGetHostByName 77C2726A 5 Bytes JMP 011DDBA7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5400] WS2_32.dll!gethostbyname 77C27673 5 Bytes JMP 011DD716
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtCreateFile + 6 77B055CE 4 Bytes [28, 00, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtCreateFile + B 77B055D3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 1 Byte [28]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 4 Bytes [28, 03, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtMapViewOfSection + B 77B05C33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenFile + 6 77B05CDE 4 Bytes [68, 00, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenFile + B 77B05CE3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenProcess + 6 77B05D8E 4 Bytes [A8, 01, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenProcess + B 77B05D93 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenProcessToken + 6 77B05D9E 4 Bytes CALL 76B06CA4 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenProcessToken + B 77B05DA3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenProcessTokenEx + 6 77B05DAE 4 Bytes [A8, 02, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenProcessTokenEx + B 77B05DB3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenThread + 6 77B05E0E 4 Bytes [68, 01, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenThread + B 77B05E13 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenThreadToken + 6 77B05E1E 4 Bytes [68, 02, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenThreadToken + B 77B05E23 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenThreadTokenEx + 6 77B05E2E 4 Bytes CALL 76B06D35 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtOpenThreadTokenEx + B 77B05E33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtQueryAttributesFile + 6 77B05F3E 4 Bytes [A8, 00, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtQueryAttributesFile + B 77B05F43 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtQueryFullAttributesFile + 6 77B05FEE 4 Bytes CALL 76B06EF3 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtQueryFullAttributesFile + B 77B05FF3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtQueryInformationProcess 77B06048 5 Bytes JMP 020B5A3A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtSetInformationFile + 6 77B0663E 4 Bytes [28, 01, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtSetInformationFile + B 77B06643 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtSetInformationThread + 6 77B0669E 4 Bytes [28, 02, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtSetInformationThread + B 77B066A3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 1 Byte [68]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 4 Bytes [68, 03, 0F, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] ntdll.dll!NtUnmapViewOfSection + B 77B069C3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] GDI32.dll!ExtTextOutW 763E8192 5 Bytes JMP 0209F09E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] GDI32.dll!GetGlyphIndicesW 763EB78F 5 Bytes JMP 0209F52B
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] GDI32.dll!TextOutW 763EFDE4 5 Bytes JMP 0209EB6A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] GDI32.dll!ExtTextOutA 763F03F9 5 Bytes JMP 0209EFBA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] GDI32.dll!TextOutA 763F077D 5 Bytes JMP 0209EA9E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] GDI32.dll!GetGlyphIndicesA 7640BB6A 5 Bytes JMP 0209F45E
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] USER32.dll!DrawTextExW 771E5894 5 Bytes JMP 0209EED3
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] USER32.dll!DrawTextW 771E5B6A 5 Bytes JMP 0209ED11
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] USER32.dll!SetClipboardData 771F2962 5 Bytes JMP 0209E987
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] USER32.dll!DialogBoxParamW 771F3B9B 5 Bytes JMP 0209DC86
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] USER32.dll!DrawTextA 771FAE29 5 Bytes JMP 0209EC36
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] USER32.dll!DrawTextExA 771FAE60 5 Bytes JMP 0209EDEC
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WININET.dll!InternetCrackUrlA 777DD07D 5 Bytes JMP 0209F7F1
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WININET.dll!InternetCrackUrlW 7781893C 5 Bytes JMP 0209F93A
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!closesocket 77C13918 5 Bytes JMP 0209E8E0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!getaddrinfo 77C14296 5 Bytes JMP 0209D7D7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!WSASend 77C14406 5 Bytes JMP 0209E5A8
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!GetAddrInfoW 77C14889 5 Bytes JMP 0209D8B7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!recv 77C16B0E 5 Bytes JMP 0209E4FA
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!send 77C16F01 5 Bytes JMP 0209E455
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!WSARecv 77C17089 5 Bytes JMP 0209E67C
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!WSAGetOverlappedResult 77C17489 5 Bytes JMP 0209E7C0
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!WSAAsyncGetHostByName 77C2726A 5 Bytes JMP 0209DBA7
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5556] WS2_32.dll!gethostbyname 77C27673 5 Bytes JMP 0209D716
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtCreateFile + 6 77B055CE 4 Bytes [28, 00, 3B, 00] {SUB [EAX], AL; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtCreateFile + B 77B055D3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 1 Byte [28]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtMapViewOfSection + 6 77B05C2E 4 Bytes [28, 03, 3B, 00] {SUB [EBX], AL; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtMapViewOfSection + B 77B05C33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenFile + 6 77B05CDE 4 Bytes [68, 00, 3B, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenFile + B 77B05CE3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcess + 6 77B05D8E 4 Bytes [A8, 01, 3B, 00] {TEST AL, 0x1; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcess + B 77B05D93 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessToken + 6 77B05D9E 4 Bytes CALL 76B098A4 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessToken + B 77B05DA3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessTokenEx + 6 77B05DAE 4 Bytes [A8, 02, 3B, 00] {TEST AL, 0x2; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenProcessTokenEx + B 77B05DB3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThread + 6 77B05E0E 4 Bytes [68, 01, 3B, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThread + B 77B05E13 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadToken + 6 77B05E1E 4 Bytes [68, 02, 3B, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadToken + B 77B05E23 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadTokenEx + 6 77B05E2E 4 Bytes CALL 76B09935 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtOpenThreadTokenEx + B 77B05E33 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryAttributesFile + 6 77B05F3E 4 Bytes [A8, 00, 3B, 00] {TEST AL, 0x0; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryAttributesFile + B 77B05F43 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryFullAttributesFile + 6 77B05FEE 4 Bytes CALL 76B09AF3 C:\windows\system32\SHELL32.dll (DLL commune du shell Windows/Microsoft Corporation)
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtQueryFullAttributesFile + B 77B05FF3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationFile + 6 77B0663E 4 Bytes [28, 01, 3B, 00] {SUB [ECX], AL; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationFile + B 77B06643 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationThread + 6 77B0669E 4 Bytes [28, 02, 3B, 00] {SUB [EDX], AL; CMP EAX, [EAX]}
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtSetInformationThread + B 77B066A3 1 Byte [E2]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 1 Byte [68]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtUnmapViewOfSection + 6 77B069BE 4 Bytes [68, 03, 3B, 00]
.text C:\Users\Julie\AppData\Local\Google\Chrome\Application\chrome.exe[5800] ntdll.dll!NtUnmapViewOfSection + B 77B069C3 1 Byte [E2]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000004c halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- EOF - GMER 1.0.15 ----

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 05 May 2012 - 02:37 PM

Hello and Welcome to Bleeping Computer!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 bjulie

bjulie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 05 May 2012 - 03:41 PM

Here's the Security Check output:



Results of screen317's Security Check version 0.99.32
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Kaspersky Internet Security 2012
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 22
Java™ 6 Update 31
Java version out of date!
Adobe Flash Player 11.2.202.235
Adobe Reader X (10.1.3)
Mozilla Firefox 10.0.2 Firefox out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent

Malwarebytes' Anti-Malware mbamservice.exe
Kaspersky Lab Kaspersky Internet Security 2012 klwtblfs.exe
``````````End of Log````````````

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 05 May 2012 - 03:49 PM

Thanks for the report - now I would like to see the Combofix report



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 bjulie

bjulie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 05 May 2012 - 04:20 PM

the computer is still infected, here's the ComboFix log:


ComboFix 12-05-05.06 - Julie 2012-05-05 16:56:12.1.2 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.2942.1444 [GMT -4:00]
Lancé depuis: c:\users\Julie\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Julie\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-04-05 au 2012-05-05 ))))))))))))))))))))))))))))))))))))
.
.
2012-05-04 21:17 . 2012-05-04 21:17 -------- d-----w- c:\users\Julie\AppData\Roaming\Malwarebytes
2012-05-04 21:16 . 2012-05-04 21:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-04 21:16 . 2012-05-04 21:16 -------- d-----w- c:\programdata\Malwarebytes
2012-05-04 21:16 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-29 19:46 . 2012-05-05 13:02 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-29 19:46 . 2012-05-05 13:02 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 18:55 . 2012-02-14 17:10 4777280 ----a-w- C:\procexp.exe
2012-04-29 18:54 . 2012-04-13 14:38 2473592 ----a-w- C:\Procmon.exe
2012-04-27 17:47 . 2012-04-27 17:47 -------- d-----w- c:\program files\Common Files\Skype
2012-04-23 19:27 . 2012-04-23 19:27 -------- d-----w- c:\program files\Common Files\Java
2012-04-14 19:39 . 2012-04-14 19:39 -------- d-----w- c:\program files\Common Files\Canon
2012-04-12 01:16 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 01:16 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 01:16 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 01:16 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 01:15 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 01:15 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-23 19:14 . 2010-08-29 19:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-24 13:38 . 2012-02-24 13:38 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-17 05:34 . 2012-03-14 10:40 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-14 10:40 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-14 10:40 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38 . 2012-03-14 10:40 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-05 15:08 . 2012-02-13 15:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-11-30 533944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-10 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 425984]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-14 34088]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-08-13 521528]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-07-29 163840]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-08-11 1324384]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-08-06 611672]
"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2009-08-06 466792]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2009-08-06 29528]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-22 74752]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-02-24 479232]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-09 52256]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-03-16 210216]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-10-27 273528]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-25 202296]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 136176]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [2009-11-04 17408]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 136176]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1343400]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 176128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 RSELSVC;TOSHIBA Modem region select service;c:\program files\TOSHIBA\RSelect\RSelSvc.exe [2009-07-07 62832]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 5120]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 185712]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19984]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1011232]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 111960]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-06 685424]
S3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
.
.
--- Autres Services/Pilotes en mémoire ---
.
*NewlyCreated* - WS2IFSL
.
Contenu du dossier 'Tâches planifiées'
.
2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 13:02]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 12:44]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 12:44]
.
2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-805611008-3350529123-155588212-1001Core.job
- c:\users\Julie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-29 13:58]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-805611008-3350529123-155588212-1001UA.job
- c:\users\Julie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-29 13:58]
.
2012-05-05 c:\windows\Tasks\iotswufln.job
- c:\windows\system32\wmpsrcwpo.dll [2012-01-24 16:40]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.toshiba.ca/fr/bienvenue
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\8hzjdy88.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-WeatherEye - c:\users\Julie\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
AddRemove-TOSHIBA Software Modem - c:\windows\agrsmdel
AddRemove-FileZilla Client - c:\users\Julie\Documents\FileZilla FTP Client\uninstall.exe
AddRemove-MétéoÉclair - c:\users\Julie\AppData\Local\MétéoMédia\MétéoÉclair\WeatherEye.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000020
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Heure de fin: 2012-05-05 17:16:38 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-05-05 21:16
.
Avant-CF: 421 307 551 744 octets libres
Après-CF: 421 892 169 728 octets libres
.
- - End Of File - - A53C72BD1D5AF2EB69F4FE5C96633EB3

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 05 May 2012 - 08:09 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 bjulie

bjulie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 06 May 2012 - 10:05 PM

Here's the report for aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-06 21:26:02
-----------------------------
21:26:02.296 OS Version: Windows 6.1.7601 Service Pack 1
21:26:02.296 Number of processors: 2 586 0x301
21:26:02.302 ComputerName: JULIE-PC UserName: Julie
21:26:04.453 Initialize success
21:38:03.712 AVAST engine defs: 12050601
21:38:36.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
21:38:36.831 Disk 0 Vendor: FUJITSU_MJA2500BH_G2 00400018 Size: 476940MB BusType: 11
21:38:36.846 Disk 0 MBR read successfully
21:38:36.846 Disk 0 MBR scan
21:38:36.862 Disk 0 Windows VISTA default MBR code
21:38:36.862 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:38:36.877 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 446293 MB offset 3074048
21:38:36.893 Disk 0 Partition - 00 0F Extended LBA 18288 MB offset 917082112
21:38:36.909 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10858 MB offset 954535936
21:38:36.955 Disk 0 Partition 4 00 17 Hidd HPFS/NTFS NTFS 18287 MB offset 917084160
21:38:36.971 Disk 0 scanning sectors +976773120
21:38:37.127 Disk 0 scanning C:\windows\system32\drivers
21:38:50.403 Service scanning
21:39:05.691 Service KL1 C:\windows\system32\DRIVERS\kl1.sys **LOCKED** 5
21:39:05.769 Service kl2 C:\windows\system32\DRIVERS\kl2.sys **LOCKED** 5
21:39:05.987 Service KLIM6 C:\windows\system32\DRIVERS\klim6.sys **LOCKED** 5
21:39:06.034 Service klmouflt C:\windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:39:29.918 Modules scanning
21:39:45.190 Disk 0 trace - called modules:
21:39:45.237 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys dxgkrnl.sys atikmdag.sys dxgmms1.sys watchdog.sys amdppm.sys rassstp.sys
21:39:45.237 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86cc9030]
21:39:45.252 3 CLASSPNP.SYS[8be6a59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x86ca8338]
21:39:46.563 AVAST engine scan C:\windows
21:39:50.837 AVAST engine scan C:\windows\system32
21:42:24.263 File: C:\windows\system32\wmpsrcwpo.dll **INFECTED** Win32:Diller-E [Trj]
21:43:59.111 AVAST engine scan C:\windows\system32\drivers
21:44:25.054 AVAST engine scan C:\Users\Julie
21:57:44.945 Disk 0 MBR has been saved successfully to "C:\Users\Julie\Desktop\MBR.dat"
21:57:44.961 The log file has been saved successfully to "C:\Users\Julie\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-06 21:26:02
-----------------------------
21:26:02.296 OS Version: Windows 6.1.7601 Service Pack 1
21:26:02.296 Number of processors: 2 586 0x301
21:26:02.302 ComputerName: JULIE-PC UserName: Julie
21:26:04.453 Initialize success
21:38:03.712 AVAST engine defs: 12050601
21:38:36.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
21:38:36.831 Disk 0 Vendor: FUJITSU_MJA2500BH_G2 00400018 Size: 476940MB BusType: 11
21:38:36.846 Disk 0 MBR read successfully
21:38:36.846 Disk 0 MBR scan
21:38:36.862 Disk 0 Windows VISTA default MBR code
21:38:36.862 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:38:36.877 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 446293 MB offset 3074048
21:38:36.893 Disk 0 Partition - 00 0F Extended LBA 18288 MB offset 917082112
21:38:36.909 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10858 MB offset 954535936
21:38:36.955 Disk 0 Partition 4 00 17 Hidd HPFS/NTFS NTFS 18287 MB offset 917084160
21:38:36.971 Disk 0 scanning sectors +976773120
21:38:37.127 Disk 0 scanning C:\windows\system32\drivers
21:38:50.403 Service scanning
21:39:05.691 Service KL1 C:\windows\system32\DRIVERS\kl1.sys **LOCKED** 5
21:39:05.769 Service kl2 C:\windows\system32\DRIVERS\kl2.sys **LOCKED** 5
21:39:05.987 Service KLIM6 C:\windows\system32\DRIVERS\klim6.sys **LOCKED** 5
21:39:06.034 Service klmouflt C:\windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:39:29.918 Modules scanning
21:39:45.190 Disk 0 trace - called modules:
21:39:45.237 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys dxgkrnl.sys atikmdag.sys dxgmms1.sys watchdog.sys amdppm.sys rassstp.sys
21:39:45.237 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86cc9030]
21:39:45.252 3 CLASSPNP.SYS[8be6a59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x86ca8338]
21:39:46.563 AVAST engine scan C:\windows
21:39:50.837 AVAST engine scan C:\windows\system32
21:42:24.263 File: C:\windows\system32\wmpsrcwpo.dll **INFECTED** Win32:Diller-E [Trj]
21:43:59.111 AVAST engine scan C:\windows\system32\drivers
21:44:25.054 AVAST engine scan C:\Users\Julie
21:57:44.945 Disk 0 MBR has been saved successfully to "C:\Users\Julie\Desktop\MBR.dat"
21:57:44.961 The log file has been saved successfully to "C:\Users\Julie\Desktop\aswMBR.txt"
21:58:19.058 AVAST engine scan C:\ProgramData
22:03:21.335 Scan finished successfully
22:17:55.774 Disk 0 MBR has been saved successfully to "C:\Users\Julie\Desktop\MBR.dat"
22:17:55.783 The log file has been saved successfully to "C:\Users\Julie\Desktop\aswMBR.txt"

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 06 May 2012 - 10:32 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::
File::
C:\windows\system32\wmpsrcwpo.dll

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 bjulie

bjulie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 07 May 2012 - 05:19 PM

Here's the TDSSKiller report:

17:51:50.0852 8048 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
17:51:51.0268 8048 ============================================================
17:51:51.0268 8048 Current date / time: 2012/05/07 17:51:51.0268
17:51:51.0268 8048 SystemInfo:
17:51:51.0268 8048
17:51:51.0268 8048 OS Version: 6.1.7601 ServicePack: 1.0
17:51:51.0268 8048 Product type: Workstation
17:51:51.0269 8048 ComputerName: JULIE-PC
17:51:51.0269 8048 UserName: Julie
17:51:51.0269 8048 Windows directory: C:\windows
17:51:51.0269 8048 System windows directory: C:\windows
17:51:51.0269 8048 Processor architecture: Intel x86
17:51:51.0269 8048 Number of processors: 2
17:51:51.0269 8048 Page size: 0x1000
17:51:51.0269 8048 Boot type: Normal boot
17:51:51.0269 8048 ============================================================
17:51:53.0191 8048 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:51:53.0194 8048 ============================================================
17:51:53.0194 8048 \Device\Harddisk0\DR0:
17:51:53.0194 8048 MBR partitions:
17:51:53.0194 8048 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x367AA800
17:51:53.0254 8048 ============================================================
17:51:53.0356 8048 C: <-> \Device\Harddisk0\DR0\Partition0
17:51:53.0356 8048 ============================================================
17:51:53.0356 8048 Initialize success
17:51:53.0356 8048 ============================================================
17:51:58.0118 6376 ============================================================
17:51:58.0118 6376 Scan started
17:51:58.0118 6376 Mode: Manual;
17:51:58.0118 6376 ============================================================
17:52:01.0107 6376 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
17:52:01.0109 6376 1394ohci - ok
17:52:01.0143 6376 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
17:52:01.0154 6376 ACPI - ok
17:52:01.0173 6376 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
17:52:01.0174 6376 AcpiPmi - ok
17:52:01.0291 6376 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:52:01.0294 6376 AdobeARMservice - ok
17:52:01.0361 6376 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:52:01.0364 6376 AdobeFlashPlayerUpdateSvc - ok
17:52:01.0422 6376 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
17:52:01.0427 6376 adp94xx - ok
17:52:01.0458 6376 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
17:52:01.0467 6376 adpahci - ok
17:52:01.0485 6376 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
17:52:01.0487 6376 adpu320 - ok
17:52:01.0513 6376 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
17:52:01.0515 6376 AeLookupSvc - ok
17:52:01.0573 6376 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
17:52:01.0583 6376 AFD - ok
17:52:01.0674 6376 AgereModemAudio (6416f9b6b220f0a890525c38235afad7) C:\Program Files\LSI SoftModem\agrsmsvc.exe
17:52:01.0675 6376 AgereModemAudio - ok
17:52:01.0821 6376 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
17:52:01.0937 6376 AgereSoftModem - ok
17:52:02.0051 6376 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
17:52:02.0052 6376 agp440 - ok
17:52:02.0107 6376 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
17:52:02.0108 6376 aic78xx - ok
17:52:02.0145 6376 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
17:52:02.0147 6376 ALG - ok
17:52:02.0192 6376 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
17:52:02.0193 6376 aliide - ok
17:52:02.0235 6376 AMD External Events Utility (0bc6704f6fb4c63cdcb85401e8263a1b) C:\windows\system32\atiesrxx.exe
17:52:02.0238 6376 AMD External Events Utility - ok
17:52:02.0249 6376 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
17:52:02.0251 6376 amdagp - ok
17:52:02.0267 6376 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
17:52:02.0269 6376 amdide - ok
17:52:02.0309 6376 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
17:52:02.0311 6376 AmdK8 - ok
17:52:02.0331 6376 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
17:52:02.0332 6376 AmdPPM - ok
17:52:02.0386 6376 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
17:52:02.0388 6376 amdsata - ok
17:52:02.0407 6376 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
17:52:02.0409 6376 amdsbs - ok
17:52:02.0427 6376 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
17:52:02.0428 6376 amdxata - ok
17:52:02.0472 6376 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
17:52:02.0473 6376 AppID - ok
17:52:02.0518 6376 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
17:52:02.0521 6376 AppIDSvc - ok
17:52:02.0573 6376 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
17:52:02.0575 6376 Appinfo - ok
17:52:02.0615 6376 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
17:52:02.0617 6376 arc - ok
17:52:02.0640 6376 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
17:52:02.0648 6376 arcsas - ok
17:52:02.0677 6376 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
17:52:02.0678 6376 AsyncMac - ok
17:52:02.0713 6376 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
17:52:02.0714 6376 atapi - ok
17:52:03.0096 6376 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
17:52:03.0206 6376 atikmdag - ok
17:52:03.0337 6376 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
17:52:03.0338 6376 AtiPcie - ok
17:52:03.0406 6376 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
17:52:03.0420 6376 AudioEndpointBuilder - ok
17:52:03.0427 6376 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
17:52:03.0432 6376 Audiosrv - ok
17:52:03.0529 6376 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
17:52:03.0532 6376 AVP - ok
17:52:03.0571 6376 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
17:52:03.0579 6376 AxInstSV - ok
17:52:03.0630 6376 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
17:52:03.0635 6376 b06bdrv - ok
17:52:03.0729 6376 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
17:52:03.0732 6376 b57nd60x - ok
17:52:03.0777 6376 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
17:52:03.0780 6376 BDESVC - ok
17:52:03.0788 6376 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
17:52:03.0790 6376 Beep - ok
17:52:03.0862 6376 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
17:52:03.0882 6376 BFE - ok
17:52:03.0947 6376 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
17:52:03.0954 6376 BITS - ok
17:52:03.0978 6376 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
17:52:03.0979 6376 blbdrive - ok
17:52:04.0023 6376 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
17:52:04.0025 6376 bowser - ok
17:52:04.0033 6376 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
17:52:04.0034 6376 BrFiltLo - ok
17:52:04.0048 6376 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
17:52:04.0049 6376 BrFiltUp - ok
17:52:04.0077 6376 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
17:52:04.0085 6376 BridgeMP - ok
17:52:04.0126 6376 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
17:52:04.0133 6376 Browser - ok
17:52:04.0173 6376 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
17:52:04.0176 6376 Brserid - ok
17:52:04.0191 6376 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
17:52:04.0192 6376 BrSerWdm - ok
17:52:04.0202 6376 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
17:52:04.0203 6376 BrUsbMdm - ok
17:52:04.0218 6376 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
17:52:04.0219 6376 BrUsbSer - ok
17:52:04.0234 6376 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
17:52:04.0235 6376 BTHMODEM - ok
17:52:04.0279 6376 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
17:52:04.0282 6376 bthserv - ok
17:52:04.0496 6376 catchme - ok
17:52:04.0530 6376 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
17:52:04.0532 6376 cdfs - ok
17:52:04.0583 6376 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
17:52:04.0589 6376 cdrom - ok
17:52:04.0638 6376 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
17:52:04.0640 6376 CertPropSvc - ok
17:52:04.0734 6376 cfWiMAXService (1f8a319d29394f9ce1b7ae020df2ebbf) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
17:52:04.0736 6376 cfWiMAXService - ok
17:52:04.0775 6376 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
17:52:04.0777 6376 circlass - ok
17:52:04.0828 6376 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
17:52:04.0833 6376 CLFS - ok
17:52:05.0017 6376 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:52:05.0019 6376 clr_optimization_v2.0.50727_32 - ok
17:52:05.0128 6376 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:52:05.0130 6376 clr_optimization_v4.0.30319_32 - ok
17:52:05.0175 6376 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
17:52:05.0177 6376 CmBatt - ok
17:52:05.0199 6376 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
17:52:05.0200 6376 cmdide - ok
17:52:05.0264 6376 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
17:52:05.0279 6376 CNG - ok
17:52:05.0313 6376 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
17:52:05.0314 6376 Compbatt - ok
17:52:05.0383 6376 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
17:52:05.0385 6376 CompositeBus - ok
17:52:05.0810 6376 COMSysApp - ok
17:52:05.0885 6376 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
17:52:05.0887 6376 ConfigFree Service - ok
17:52:05.0916 6376 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
17:52:05.0917 6376 crcdisk - ok
17:52:05.0971 6376 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
17:52:05.0987 6376 CryptSvc - ok
17:52:06.0054 6376 dc3d (33e7ab50f87f97abd9057205e27cb182) C:\windows\system32\DRIVERS\dc3d.sys
17:52:06.0055 6376 dc3d - ok
17:52:06.0090 6376 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
17:52:06.0096 6376 DcomLaunch - ok
17:52:06.0138 6376 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
17:52:06.0142 6376 defragsvc - ok
17:52:06.0190 6376 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
17:52:06.0198 6376 DfsC - ok
17:52:06.0254 6376 DgiVecp (7f19dba1a467b838ccb23124a2c55568) C:\windows\system32\Drivers\DgiVecp.sys
17:52:06.0255 6376 DgiVecp - ok
17:52:06.0318 6376 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
17:52:06.0330 6376 Dhcp - ok
17:52:06.0358 6376 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
17:52:06.0359 6376 discache - ok
17:52:06.0398 6376 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
17:52:06.0402 6376 Disk - ok
17:52:06.0470 6376 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
17:52:06.0474 6376 Dnscache - ok
17:52:06.0571 6376 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
17:52:06.0575 6376 dot3svc - ok
17:52:06.0674 6376 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
17:52:06.0677 6376 DPS - ok
17:52:06.0715 6376 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
17:52:06.0716 6376 drmkaud - ok
17:52:06.0817 6376 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
17:52:06.0852 6376 DXGKrnl - ok
17:52:06.0884 6376 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
17:52:06.0888 6376 EapHost - ok
17:52:07.0157 6376 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
17:52:07.0189 6376 ebdrv - ok
17:52:08.0032 6376 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
17:52:08.0035 6376 EFS - ok
17:52:08.0239 6376 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
17:52:08.0245 6376 ehRecvr - ok
17:52:08.0344 6376 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
17:52:08.0345 6376 ehSched - ok
17:52:08.0453 6376 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
17:52:08.0461 6376 elxstor - ok
17:52:08.0490 6376 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
17:52:08.0491 6376 ErrDev - ok
17:52:08.0564 6376 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
17:52:08.0568 6376 EventSystem - ok
17:52:08.0602 6376 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
17:52:08.0615 6376 exfat - ok
17:52:08.0639 6376 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
17:52:08.0650 6376 fastfat - ok
17:52:08.0834 6376 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
17:52:08.0843 6376 Fax - ok
17:52:08.0879 6376 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
17:52:08.0880 6376 fdc - ok
17:52:08.0932 6376 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
17:52:08.0934 6376 fdPHost - ok
17:52:08.0972 6376 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
17:52:08.0974 6376 FDResPub - ok
17:52:08.0989 6376 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
17:52:08.0991 6376 FileInfo - ok
17:52:08.0998 6376 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
17:52:08.0999 6376 Filetrace - ok
17:52:09.0030 6376 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
17:52:09.0031 6376 flpydisk - ok
17:52:09.0086 6376 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
17:52:09.0104 6376 FltMgr - ok
17:52:09.0858 6376 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
17:52:09.0867 6376 FontCache - ok
17:52:10.0010 6376 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:52:10.0013 6376 FontCache3.0.0.0 - ok
17:52:10.0059 6376 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
17:52:10.0061 6376 FsDepends - ok
17:52:10.0098 6376 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
17:52:10.0099 6376 Fs_Rec - ok
17:52:10.0148 6376 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
17:52:10.0162 6376 fvevol - ok
17:52:10.0260 6376 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
17:52:10.0261 6376 gagp30kx - ok
17:52:10.0337 6376 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:52:10.0339 6376 GEARAspiWDM - ok
17:52:10.0405 6376 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
17:52:10.0413 6376 gpsvc - ok
17:52:10.0592 6376 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:10.0593 6376 gupdate - ok
17:52:10.0603 6376 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:52:10.0605 6376 gupdatem - ok
17:52:10.0683 6376 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:52:10.0686 6376 gusvc - ok
17:52:10.0710 6376 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
17:52:10.0714 6376 hcw85cir - ok
17:52:10.0783 6376 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
17:52:10.0787 6376 HdAudAddService - ok
17:52:10.0810 6376 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
17:52:10.0817 6376 HDAudBus - ok
17:52:11.0012 6376 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
17:52:11.0013 6376 HidBatt - ok
17:52:11.0156 6376 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
17:52:11.0158 6376 HidBth - ok
17:52:11.0189 6376 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
17:52:11.0190 6376 HidIr - ok
17:52:11.0216 6376 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
17:52:11.0219 6376 hidserv - ok
17:52:11.0283 6376 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
17:52:11.0285 6376 HidUsb - ok
17:52:11.0374 6376 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
17:52:11.0383 6376 hkmsvc - ok
17:52:11.0405 6376 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
17:52:11.0408 6376 HomeGroupListener - ok
17:52:11.0449 6376 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
17:52:11.0464 6376 HomeGroupProvider - ok
17:52:11.0502 6376 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
17:52:11.0503 6376 HpSAMD - ok
17:52:11.0574 6376 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
17:52:11.0598 6376 HTTP - ok
17:52:11.0637 6376 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
17:52:11.0639 6376 hwpolicy - ok
17:52:11.0672 6376 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
17:52:11.0681 6376 i8042prt - ok
17:52:11.0754 6376 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
17:52:11.0758 6376 iaStorV - ok
17:52:11.0910 6376 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:52:11.0912 6376 IDriverT - ok
17:52:12.0108 6376 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:52:12.0116 6376 idsvc - ok
17:52:12.0279 6376 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
17:52:12.0281 6376 iirsp - ok
17:52:12.0367 6376 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
17:52:12.0396 6376 IKEEXT - ok
17:52:12.0593 6376 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
17:52:12.0683 6376 IntcAzAudAddService - ok
17:52:12.0830 6376 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
17:52:12.0831 6376 intelide - ok
17:52:12.0857 6376 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
17:52:12.0858 6376 intelppm - ok
17:52:12.0899 6376 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
17:52:12.0902 6376 IPBusEnum - ok
17:52:12.0917 6376 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:52:12.0919 6376 IpFilterDriver - ok
17:52:12.0986 6376 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
17:52:12.0996 6376 iphlpsvc - ok
17:52:13.0064 6376 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
17:52:13.0065 6376 IPMIDRV - ok
17:52:13.0100 6376 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
17:52:13.0102 6376 IPNAT - ok
17:52:13.0121 6376 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
17:52:13.0122 6376 IRENUM - ok
17:52:13.0160 6376 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
17:52:13.0162 6376 isapnp - ok
17:52:13.0191 6376 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
17:52:13.0194 6376 iScsiPrt - ok
17:52:13.0247 6376 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
17:52:13.0249 6376 kbdclass - ok
17:52:13.0298 6376 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
17:52:13.0299 6376 kbdhid - ok
17:52:13.0326 6376 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:52:13.0329 6376 KeyIso - ok
17:52:13.0403 6376 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\windows\system32\DRIVERS\kl1.sys
17:52:13.0410 6376 KL1 - ok
17:52:13.0436 6376 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\windows\system32\DRIVERS\kl2.sys
17:52:13.0438 6376 kl2 - ok
17:52:13.0555 6376 KLIF (af04d0ce7939324e9a605b159295706c) C:\windows\system32\DRIVERS\klif.sys
17:52:13.0577 6376 KLIF - ok
17:52:13.0637 6376 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\windows\system32\DRIVERS\klim6.sys
17:52:13.0639 6376 KLIM6 - ok
17:52:13.0655 6376 klmouflt (3de1771c135328420315e21dde229bba) C:\windows\system32\DRIVERS\klmouflt.sys
17:52:13.0657 6376 klmouflt - ok
17:52:13.0700 6376 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
17:52:13.0701 6376 KSecDD - ok
17:52:13.0725 6376 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
17:52:13.0727 6376 KSecPkg - ok
17:52:13.0771 6376 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
17:52:13.0777 6376 KtmRm - ok
17:52:13.0833 6376 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
17:52:13.0846 6376 LanmanServer - ok
17:52:13.0909 6376 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
17:52:13.0916 6376 LanmanWorkstation - ok
17:52:13.0992 6376 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
17:52:14.0002 6376 lltdio - ok
17:52:14.0223 6376 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
17:52:14.0227 6376 lltdsvc - ok
17:52:14.0241 6376 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
17:52:14.0244 6376 lmhosts - ok
17:52:14.0293 6376 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
17:52:14.0295 6376 LPCFilter - ok
17:52:14.0318 6376 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
17:52:14.0320 6376 LSI_FC - ok
17:52:14.0352 6376 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
17:52:14.0353 6376 LSI_SAS - ok
17:52:14.0372 6376 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
17:52:14.0374 6376 LSI_SAS2 - ok
17:52:14.0385 6376 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
17:52:14.0386 6376 LSI_SCSI - ok
17:52:14.0416 6376 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
17:52:14.0423 6376 luafv - ok
17:52:14.0487 6376 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
17:52:14.0489 6376 MBAMProtector - ok
17:52:14.0572 6376 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:52:14.0579 6376 MBAMService - ok
17:52:14.0627 6376 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
17:52:14.0630 6376 Mcx2Svc - ok
17:52:14.0747 6376 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:52:14.0750 6376 MDM - ok
17:52:14.0773 6376 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
17:52:14.0775 6376 megasas - ok
17:52:14.0806 6376 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
17:52:14.0809 6376 MegaSR - ok
17:52:14.0835 6376 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
17:52:14.0844 6376 MMCSS - ok
17:52:14.0861 6376 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
17:52:14.0862 6376 Modem - ok
17:52:14.0888 6376 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
17:52:14.0890 6376 monitor - ok
17:52:14.0930 6376 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
17:52:14.0932 6376 mouclass - ok
17:52:14.0980 6376 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
17:52:14.0982 6376 mouhid - ok
17:52:15.0030 6376 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
17:52:15.0037 6376 mountmgr - ok
17:52:15.0077 6376 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
17:52:15.0079 6376 mpio - ok
17:52:15.0107 6376 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
17:52:15.0109 6376 mpsdrv - ok
17:52:15.0182 6376 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
17:52:15.0202 6376 MpsSvc - ok
17:52:15.0232 6376 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
17:52:15.0234 6376 MRxDAV - ok
17:52:15.0274 6376 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
17:52:15.0277 6376 mrxsmb - ok
17:52:15.0334 6376 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:52:15.0347 6376 mrxsmb10 - ok
17:52:15.0388 6376 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:52:15.0395 6376 mrxsmb20 - ok
17:52:15.0426 6376 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
17:52:15.0427 6376 msahci - ok
17:52:15.0445 6376 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
17:52:15.0446 6376 msdsm - ok
17:52:15.0479 6376 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
17:52:15.0483 6376 MSDTC - ok
17:52:15.0511 6376 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
17:52:15.0515 6376 Msfs - ok
17:52:15.0523 6376 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
17:52:15.0524 6376 mshidkmdf - ok
17:52:15.0565 6376 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
17:52:15.0567 6376 msisadrv - ok
17:52:15.0596 6376 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
17:52:15.0599 6376 MSiSCSI - ok
17:52:15.0603 6376 msiserver - ok
17:52:15.0638 6376 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
17:52:15.0639 6376 MSKSSRV - ok
17:52:15.0648 6376 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
17:52:15.0649 6376 MSPCLOCK - ok
17:52:15.0669 6376 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
17:52:15.0670 6376 MSPQM - ok
17:52:15.0692 6376 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
17:52:15.0707 6376 MsRPC - ok
17:52:15.0736 6376 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
17:52:15.0737 6376 mssmbios - ok
17:52:15.0766 6376 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
17:52:15.0767 6376 MSTEE - ok
17:52:15.0779 6376 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
17:52:15.0780 6376 MTConfig - ok
17:52:15.0793 6376 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
17:52:15.0794 6376 Mup - ok
17:52:15.0876 6376 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
17:52:15.0885 6376 napagent - ok
17:52:16.0305 6376 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
17:52:16.0324 6376 NativeWifiP - ok
17:52:16.0401 6376 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
17:52:16.0417 6376 NDIS - ok
17:52:16.0450 6376 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
17:52:16.0452 6376 NdisCap - ok
17:52:16.0475 6376 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
17:52:16.0476 6376 NdisTapi - ok
17:52:16.0532 6376 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
17:52:16.0534 6376 Ndisuio - ok
17:52:16.0573 6376 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
17:52:16.0581 6376 NdisWan - ok
17:52:16.0588 6376 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
17:52:16.0590 6376 NDProxy - ok
17:52:16.0623 6376 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
17:52:16.0625 6376 NetBIOS - ok
17:52:16.0674 6376 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
17:52:16.0689 6376 NetBT - ok
17:52:16.0716 6376 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:52:16.0718 6376 Netlogon - ok
17:52:16.0772 6376 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
17:52:16.0792 6376 Netman - ok
17:52:16.0839 6376 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
17:52:16.0849 6376 netprofm - ok
17:52:16.0920 6376 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:52:16.0923 6376 NetTcpPortSharing - ok
17:52:16.0961 6376 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
17:52:16.0962 6376 nfrd960 - ok
17:52:17.0008 6376 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
17:52:17.0019 6376 NlaSvc - ok
17:52:17.0037 6376 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
17:52:17.0039 6376 Npfs - ok
17:52:17.0056 6376 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
17:52:17.0059 6376 nsi - ok
17:52:17.0082 6376 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
17:52:17.0084 6376 nsiproxy - ok
17:52:17.0194 6376 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
17:52:17.0231 6376 Ntfs - ok
17:52:17.0285 6376 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\windows\system32\DRIVERS\NuidFltr.sys
17:52:17.0286 6376 NuidFltr - ok
17:52:17.0302 6376 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
17:52:17.0304 6376 Null - ok
17:52:17.0343 6376 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
17:52:17.0345 6376 nvraid - ok
17:52:17.0364 6376 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
17:52:17.0366 6376 nvstor - ok
17:52:17.0389 6376 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
17:52:17.0394 6376 nv_agp - ok
17:52:17.0435 6376 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
17:52:17.0437 6376 ohci1394 - ok
17:52:17.0473 6376 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
17:52:17.0479 6376 p2pimsvc - ok
17:52:17.0511 6376 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
17:52:17.0517 6376 p2psvc - ok
17:52:17.0833 6376 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
17:52:17.0835 6376 Parport - ok
17:52:17.0870 6376 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
17:52:17.0871 6376 partmgr - ok
17:52:17.0881 6376 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
17:52:17.0882 6376 Parvdm - ok
17:52:17.0935 6376 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
17:52:17.0939 6376 PcaSvc - ok
17:52:17.0980 6376 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
17:52:17.0982 6376 pci - ok
17:52:17.0998 6376 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
17:52:17.0999 6376 pciide - ok
17:52:18.0341 6376 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
17:52:18.0343 6376 pcmcia - ok
17:52:18.0360 6376 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
17:52:18.0361 6376 pcw - ok
17:52:18.0458 6376 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
17:52:18.0484 6376 PEAUTH - ok
17:52:18.0521 6376 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
17:52:18.0523 6376 PGEffect - ok
17:52:18.0645 6376 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
17:52:18.0710 6376 pla - ok
17:52:19.0428 6376 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
17:52:19.0439 6376 PlugPlay - ok
17:52:19.0458 6376 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
17:52:19.0462 6376 PNRPAutoReg - ok
17:52:19.0499 6376 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
17:52:19.0514 6376 PNRPsvc - ok
17:52:19.0733 6376 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
17:52:19.0737 6376 PolicyAgent - ok
17:52:19.0753 6376 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
17:52:19.0758 6376 Power - ok
17:52:19.0815 6376 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
17:52:19.0818 6376 PptpMiniport - ok
17:52:19.0831 6376 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
17:52:19.0832 6376 Processor - ok
17:52:19.0897 6376 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
17:52:19.0912 6376 ProfSvc - ok
17:52:19.0953 6376 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:52:19.0955 6376 ProtectedStorage - ok
17:52:20.0002 6376 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
17:52:20.0008 6376 Psched - ok
17:52:20.0151 6376 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
17:52:20.0163 6376 ql2300 - ok
17:52:20.0260 6376 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
17:52:20.0262 6376 ql40xx - ok
17:52:20.0300 6376 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
17:52:20.0305 6376 QWAVE - ok
17:52:20.0322 6376 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
17:52:20.0324 6376 QWAVEdrv - ok
17:52:20.0340 6376 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
17:52:20.0341 6376 RasAcd - ok
17:52:20.0367 6376 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
17:52:20.0369 6376 RasAgileVpn - ok
17:52:20.0388 6376 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
17:52:20.0393 6376 RasAuto - ok
17:52:20.0420 6376 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
17:52:20.0428 6376 Rasl2tp - ok
17:52:20.0489 6376 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
17:52:20.0494 6376 RasMan - ok
17:52:20.0519 6376 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
17:52:20.0528 6376 RasPppoe - ok
17:52:20.0566 6376 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
17:52:20.0576 6376 RasSstp - ok
17:52:20.0621 6376 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
17:52:20.0633 6376 rdbss - ok
17:52:20.0650 6376 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
17:52:20.0651 6376 rdpbus - ok
17:52:20.0690 6376 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
17:52:20.0691 6376 RDPCDD - ok
17:52:20.0729 6376 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
17:52:20.0730 6376 RDPENCDD - ok
17:52:20.0745 6376 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
17:52:20.0746 6376 RDPREFMP - ok
17:52:20.0793 6376 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
17:52:20.0806 6376 RDPWD - ok
17:52:20.0883 6376 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
17:52:20.0885 6376 rdyboost - ok
17:52:20.0922 6376 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
17:52:20.0925 6376 RemoteAccess - ok
17:52:20.0957 6376 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
17:52:20.0961 6376 RemoteRegistry - ok
17:52:21.0568 6376 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:52:21.0568 6376 RichVideo - ok
17:52:21.0654 6376 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
17:52:21.0654 6376 RpcEptMapper - ok
17:52:21.0685 6376 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
17:52:21.0685 6376 RpcLocator - ok
17:52:21.0746 6376 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
17:52:21.0746 6376 RpcSs - ok
17:52:21.0796 6376 RSELSVC - ok
17:52:21.0826 6376 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
17:52:21.0826 6376 rspndr - ok
17:52:21.0886 6376 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
17:52:21.0896 6376 RSUSBSTOR - ok
17:52:21.0966 6376 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
17:52:21.0976 6376 RTL8167 - ok
17:52:22.0206 6376 rtl8192se (8327c64e9a4d052339c16499d08f7d6c) C:\windows\system32\DRIVERS\rtl8192se.sys
17:52:22.0276 6376 rtl8192se - ok
17:52:22.0276 6376 RtsUIR - ok
17:52:22.0360 6376 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:52:22.0363 6376 SamSs - ok
17:52:22.0531 6376 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
17:52:22.0533 6376 sbp2port - ok
17:52:22.0609 6376 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
17:52:22.0614 6376 SCardSvr - ok
17:52:22.0658 6376 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
17:52:22.0659 6376 scfilter - ok
17:52:22.0756 6376 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
17:52:22.0765 6376 Schedule - ok
17:52:22.0797 6376 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
17:52:22.0799 6376 SCPolicySvc - ok
17:52:22.0828 6376 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
17:52:22.0833 6376 SDRSVC - ok
17:52:22.0861 6376 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
17:52:22.0863 6376 secdrv - ok
17:52:22.0893 6376 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
17:52:22.0897 6376 seclogon - ok
17:52:22.0930 6376 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
17:52:22.0940 6376 SENS - ok
17:52:22.0946 6376 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
17:52:22.0950 6376 SensrSvc - ok
17:52:22.0966 6376 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
17:52:22.0967 6376 Serenum - ok
17:52:22.0997 6376 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
17:52:22.0999 6376 Serial - ok
17:52:23.0034 6376 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
17:52:23.0035 6376 sermouse - ok
17:52:23.0309 6376 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
17:52:23.0309 6376 SessionEnv - ok
17:52:23.0329 6376 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
17:52:23.0329 6376 sffdisk - ok
17:52:23.0349 6376 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
17:52:23.0349 6376 sffp_mmc - ok
17:52:23.0349 6376 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
17:52:23.0349 6376 sffp_sd - ok
17:52:23.0389 6376 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
17:52:23.0389 6376 sfloppy - ok
17:52:23.0429 6376 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
17:52:23.0429 6376 SharedAccess - ok
17:52:23.0519 6376 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
17:52:23.0539 6376 ShellHWDetection - ok
17:52:23.0799 6376 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
17:52:23.0799 6376 sisagp - ok
17:52:23.0869 6376 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
17:52:23.0869 6376 SiSRaid2 - ok
17:52:23.0899 6376 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
17:52:23.0909 6376 SiSRaid4 - ok
17:52:24.0019 6376 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
17:52:24.0039 6376 SkypeUpdate - ok
17:52:24.0059 6376 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
17:52:24.0059 6376 Smb - ok
17:52:24.0129 6376 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
17:52:24.0139 6376 SNMPTRAP - ok
17:52:24.0189 6376 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
17:52:24.0189 6376 spldr - ok
17:52:24.0259 6376 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
17:52:24.0259 6376 Spooler - ok
17:52:25.0169 6376 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
17:52:25.0209 6376 sppsvc - ok
17:52:25.0349 6376 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
17:52:25.0359 6376 sppuinotify - ok
17:52:25.0629 6376 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
17:52:25.0699 6376 srv - ok
17:52:25.0833 6376 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
17:52:25.0843 6376 srv2 - ok
17:52:25.0859 6376 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
17:52:25.0879 6376 srvnet - ok
17:52:25.0919 6376 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
17:52:25.0919 6376 SSDPSRV - ok
17:52:25.0999 6376 SSPORT (ef3458337d7341a05169cefc73709264) C:\windows\system32\Drivers\SSPORT.sys
17:52:25.0999 6376 SSPORT - ok
17:52:26.0019 6376 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
17:52:26.0029 6376 SstpSvc - ok
17:52:26.0049 6376 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
17:52:26.0049 6376 stexstor - ok
17:52:26.0081 6376 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
17:52:26.0081 6376 StillCam - ok
17:52:26.0151 6376 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
17:52:26.0161 6376 StiSvc - ok
17:52:26.0201 6376 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
17:52:26.0201 6376 swenum - ok
17:52:26.0261 6376 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
17:52:26.0261 6376 swprv - ok
17:52:26.0431 6376 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
17:52:26.0441 6376 SynTP - ok
17:52:26.0621 6376 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
17:52:26.0661 6376 SysMain - ok
17:52:26.0711 6376 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
17:52:26.0711 6376 TabletInputService - ok
17:52:26.0861 6376 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
17:52:26.0871 6376 TapiSrv - ok
17:52:27.0101 6376 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
17:52:27.0101 6376 TBS - ok
17:52:27.0841 6376 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
17:52:27.0891 6376 Tcpip - ok
17:52:27.0911 6376 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
17:52:27.0921 6376 TCPIP6 - ok
17:52:27.0981 6376 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
17:52:27.0981 6376 tcpipreg - ok
17:52:28.0051 6376 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
17:52:28.0051 6376 tdcmdpst - ok
17:52:28.0091 6376 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
17:52:28.0091 6376 TDPIPE - ok
17:52:28.0141 6376 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
17:52:28.0141 6376 TDTCP - ok
17:52:28.0201 6376 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
17:52:28.0201 6376 tdx - ok
17:52:28.0241 6376 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
17:52:28.0241 6376 TermDD - ok
17:52:28.0531 6376 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
17:52:28.0561 6376 TermService - ok
17:52:28.0591 6376 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
17:52:28.0591 6376 Themes - ok
17:52:28.0641 6376 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
17:52:28.0661 6376 THREADORDER - ok
17:52:29.0111 6376 TMachInfo (32577b987ae5401038451bb392cb8d89) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:52:29.0111 6376 TMachInfo - ok
17:52:29.0241 6376 TODDSrv (fe65d33b7d4ff07dd1d29526a48df810) C:\windows\system32\TODDSrv.exe
17:52:29.0251 6376 TODDSrv - ok
17:52:29.0631 6376 TosCoSrv (451b09ba1a0d019ba0b5a27229559d55) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
17:52:29.0661 6376 TosCoSrv - ok
17:52:29.0751 6376 TOSHIBA eco Utility Service (0b5fa26e0c8a8e07a6df3df4e5711da8) C:\Program Files\TOSHIBA\TECO\TecoService.exe
17:52:29.0751 6376 TOSHIBA eco Utility Service - ok
17:52:29.0951 6376 TOSHIBA HDD SSD Alert Service (94ecabe1ba3559214fe6c3ce6c9677eb) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:52:29.0951 6376 TOSHIBA HDD SSD Alert Service - ok
17:52:30.0421 6376 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
17:52:30.0431 6376 tos_sps32 - ok
17:52:30.0621 6376 TPCHSrv (31d2881b0647f2b09b118b9b50c02888) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
17:52:30.0621 6376 TPCHSrv - ok
17:52:30.0661 6376 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
17:52:30.0671 6376 TrkWks - ok
17:52:30.0771 6376 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
17:52:30.0771 6376 TrustedInstaller - ok
17:52:30.0861 6376 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
17:52:30.0861 6376 tssecsrv - ok
17:52:30.0951 6376 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
17:52:30.0951 6376 TsUsbFlt - ok
17:52:31.0071 6376 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
17:52:31.0091 6376 tunnel - ok
17:52:31.0191 6376 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:52:31.0191 6376 TVALZ - ok
17:52:31.0271 6376 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
17:52:31.0301 6376 TVALZFL - ok
17:52:31.0331 6376 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
17:52:31.0331 6376 uagp35 - ok
17:52:31.0421 6376 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
17:52:31.0431 6376 udfs - ok
17:52:31.0481 6376 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
17:52:31.0481 6376 UI0Detect - ok
17:52:31.0531 6376 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
17:52:31.0541 6376 uliagpkx - ok
17:52:31.0601 6376 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
17:52:31.0611 6376 umbus - ok
17:52:31.0641 6376 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
17:52:31.0641 6376 UmPass - ok
17:52:31.0751 6376 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
17:52:31.0751 6376 upnphost - ok
17:52:31.0821 6376 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
17:52:31.0831 6376 usbccgp - ok
17:52:31.0831 6376 USBCCID - ok
17:52:31.0941 6376 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
17:52:31.0951 6376 usbcir - ok
17:52:31.0991 6376 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
17:52:31.0991 6376 usbehci - ok
17:52:32.0051 6376 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
17:52:32.0091 6376 usbhub - ok
17:52:32.0151 6376 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
17:52:32.0161 6376 usbohci - ok
17:52:32.0211 6376 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
17:52:32.0211 6376 usbprint - ok
17:52:32.0281 6376 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
17:52:32.0281 6376 USBSTOR - ok
17:52:32.0301 6376 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
17:52:32.0301 6376 usbuhci - ok
17:52:32.0421 6376 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
17:52:32.0441 6376 usbvideo - ok
17:52:32.0461 6376 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
17:52:32.0471 6376 UxSms - ok
17:52:32.0501 6376 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:52:32.0511 6376 VaultSvc - ok
17:52:32.0581 6376 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
17:52:32.0591 6376 vdrvroot - ok
17:52:32.0651 6376 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
17:52:32.0651 6376 vds - ok
17:52:32.0711 6376 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
17:52:32.0711 6376 vga - ok
17:52:32.0721 6376 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
17:52:32.0731 6376 VgaSave - ok
17:52:32.0771 6376 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
17:52:32.0771 6376 vhdmp - ok
17:52:32.0791 6376 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
17:52:32.0791 6376 viaagp - ok
17:52:32.0821 6376 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
17:52:32.0821 6376 ViaC7 - ok
17:52:32.0881 6376 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
17:52:32.0881 6376 viaide - ok
17:52:33.0851 6376 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
17:52:33.0851 6376 volmgr - ok
17:52:34.0651 6376 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
17:52:34.0661 6376 volmgrx - ok
17:52:34.0791 6376 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
17:52:34.0791 6376 volsnap - ok
17:52:34.0861 6376 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
17:52:34.0861 6376 vsmraid - ok
17:52:35.0891 6376 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
17:52:35.0911 6376 VSS - ok
17:52:35.0931 6376 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
17:52:35.0931 6376 vwifibus - ok
17:52:35.0961 6376 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
17:52:35.0961 6376 vwififlt - ok
17:52:36.0001 6376 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
17:52:36.0011 6376 W32Time - ok
17:52:36.0041 6376 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
17:52:36.0041 6376 WacomPen - ok
17:52:36.0091 6376 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:52:36.0091 6376 WANARP - ok
17:52:36.0091 6376 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:52:36.0091 6376 Wanarpv6 - ok
17:52:36.0221 6376 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
17:52:36.0231 6376 WatAdminSvc - ok
17:52:36.0321 6376 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
17:52:36.0331 6376 wbengine - ok
17:52:36.0361 6376 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
17:52:36.0371 6376 WbioSrvc - ok
17:52:36.0541 6376 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
17:52:36.0611 6376 wcncsvc - ok
17:52:36.0811 6376 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
17:52:36.0811 6376 WcsPlugInService - ok
17:52:36.0891 6376 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
17:52:36.0891 6376 Wd - ok
17:52:37.0658 6376 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
17:52:37.0698 6376 Wdf01000 - ok
17:52:37.0728 6376 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
17:52:37.0728 6376 WdiServiceHost - ok
17:52:37.0738 6376 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
17:52:37.0738 6376 WdiSystemHost - ok
17:52:38.0369 6376 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
17:52:38.0375 6376 WebClient - ok
17:52:38.0659 6376 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
17:52:38.0664 6376 Wecsvc - ok
17:52:38.0704 6376 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
17:52:38.0718 6376 wercplsupport - ok
17:52:38.0737 6376 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
17:52:38.0744 6376 WerSvc - ok
17:52:38.0771 6376 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
17:52:38.0772 6376 WfpLwf - ok
17:52:38.0784 6376 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
17:52:38.0785 6376 WIMMount - ok
17:52:39.0475 6376 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
17:52:39.0481 6376 WinDefend - ok
17:52:39.0487 6376 WinHttpAutoProxySvc - ok
17:52:39.0753 6376 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
17:52:39.0755 6376 Winmgmt - ok
17:52:40.0285 6376 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
17:52:40.0331 6376 WinRM - ok
17:52:40.0437 6376 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
17:52:40.0438 6376 WinUsb - ok
17:52:40.0842 6376 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
17:52:40.0852 6376 Wlansvc - ok
17:52:40.0886 6376 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
17:52:40.0887 6376 WmiAcpi - ok
17:52:41.0096 6376 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
17:52:41.0098 6376 wmiApSrv - ok
17:52:41.0788 6376 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:52:41.0798 6376 WMPNetworkSvc - ok
17:52:41.0838 6376 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
17:52:41.0838 6376 WPCSvc - ok
17:52:41.0938 6376 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
17:52:41.0948 6376 WPDBusEnum - ok
17:52:42.0018 6376 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
17:52:42.0018 6376 ws2ifsl - ok
17:52:42.0068 6376 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
17:52:42.0078 6376 wscsvc - ok
17:52:42.0168 6376 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
17:52:42.0168 6376 WSDPrintDevice - ok
17:52:42.0178 6376 WSearch - ok
17:52:42.0372 6376 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll
17:52:42.0392 6376 wuauserv - ok
17:52:42.0512 6376 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
17:52:42.0522 6376 WudfPf - ok
17:52:42.0562 6376 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
17:52:42.0562 6376 WUDFRd - ok
17:52:42.0652 6376 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
17:52:42.0652 6376 wudfsvc - ok
17:52:42.0842 6376 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
17:52:42.0842 6376 WwanSvc - ok
17:52:42.0892 6376 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
17:52:42.0952 6376 \Device\Harddisk0\DR0 - ok
17:52:42.0972 6376 Boot (0x1200) (85ef41098e2d10d57f37a15b624525c0) \Device\Harddisk0\DR0\Partition0
17:52:42.0972 6376 \Device\Harddisk0\DR0\Partition0 - ok
17:52:42.0972 6376 ============================================================
17:52:42.0972 6376 Scan finished
17:52:42.0972 6376 ============================================================
17:52:42.0982 6392 Detected object count: 0
17:52:42.0982 6392 Actual detected object count: 0
17:53:31.0484 7076 ============================================================
17:53:31.0484 7076 Scan started
17:53:31.0484 7076 Mode: Manual;
17:53:31.0484 7076 ============================================================
17:53:33.0584 7076 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
17:53:33.0588 7076 1394ohci - ok
17:53:33.0649 7076 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
17:53:33.0654 7076 ACPI - ok
17:53:33.0860 7076 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
17:53:33.0863 7076 AcpiPmi - ok
17:53:34.0172 7076 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:53:34.0174 7076 AdobeARMservice - ok
17:53:34.0502 7076 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:53:34.0508 7076 AdobeFlashPlayerUpdateSvc - ok
17:53:34.0562 7076 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
17:53:34.0567 7076 adp94xx - ok
17:53:34.0592 7076 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
17:53:34.0595 7076 adpahci - ok
17:53:34.0621 7076 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
17:53:34.0624 7076 adpu320 - ok
17:53:34.0660 7076 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
17:53:34.0661 7076 AeLookupSvc - ok
17:53:34.0712 7076 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
17:53:34.0716 7076 AFD - ok
17:53:34.0777 7076 AgereModemAudio (6416f9b6b220f0a890525c38235afad7) C:\Program Files\LSI SoftModem\agrsmsvc.exe
17:53:34.0779 7076 AgereModemAudio - ok
17:53:34.0883 7076 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
17:53:34.0892 7076 AgereSoftModem - ok
17:53:34.0944 7076 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
17:53:34.0946 7076 agp440 - ok
17:53:34.0964 7076 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
17:53:34.0965 7076 aic78xx - ok
17:53:34.0992 7076 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
17:53:34.0994 7076 ALG - ok
17:53:35.0006 7076 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
17:53:35.0007 7076 aliide - ok
17:53:35.0308 7076 AMD External Events Utility (0bc6704f6fb4c63cdcb85401e8263a1b) C:\windows\system32\atiesrxx.exe
17:53:35.0312 7076 AMD External Events Utility - ok
17:53:35.0353 7076 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
17:53:35.0355 7076 amdagp - ok
17:53:35.0381 7076 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
17:53:35.0382 7076 amdide - ok
17:53:35.0412 7076 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
17:53:35.0413 7076 AmdK8 - ok
17:53:35.0433 7076 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
17:53:35.0434 7076 AmdPPM - ok
17:53:35.0548 7076 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
17:53:35.0548 7076 amdsata - ok
17:53:35.0782 7076 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
17:53:35.0782 7076 amdsbs - ok
17:53:35.0829 7076 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
17:53:35.0829 7076 amdxata - ok
17:53:35.0892 7076 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
17:53:35.0892 7076 AppID - ok
17:53:35.0938 7076 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
17:53:35.0938 7076 AppIDSvc - ok
17:53:36.0001 7076 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
17:53:36.0001 7076 Appinfo - ok
17:53:36.0126 7076 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
17:53:36.0126 7076 arc - ok
17:53:36.0188 7076 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
17:53:36.0188 7076 arcsas - ok
17:53:36.0297 7076 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
17:53:36.0297 7076 AsyncMac - ok
17:53:36.0360 7076 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
17:53:36.0360 7076 atapi - ok
17:53:36.0999 7076 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
17:53:37.0052 7076 atikmdag - ok
17:53:37.0195 7076 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
17:53:37.0197 7076 AtiPcie - ok
17:53:37.0273 7076 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
17:53:37.0282 7076 AudioEndpointBuilder - ok
17:53:37.0296 7076 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
17:53:37.0305 7076 Audiosrv - ok
17:53:37.0759 7076 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
17:53:37.0764 7076 AVP - ok
17:53:37.0809 7076 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
17:53:37.0813 7076 AxInstSV - ok
17:53:37.0858 7076 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
17:53:37.0862 7076 b06bdrv - ok
17:53:37.0936 7076 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
17:53:37.0941 7076 b57nd60x - ok
17:53:38.0014 7076 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
17:53:38.0018 7076 BDESVC - ok
17:53:38.0191 7076 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
17:53:38.0192 7076 Beep - ok
17:53:38.0267 7076 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
17:53:38.0276 7076 BFE - ok
17:53:38.0351 7076 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
17:53:38.0359 7076 BITS - ok
17:53:38.0403 7076 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
17:53:38.0404 7076 blbdrive - ok
17:53:38.0448 7076 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
17:53:38.0449 7076 bowser - ok
17:53:38.0470 7076 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
17:53:38.0471 7076 BrFiltLo - ok
17:53:38.0484 7076 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
17:53:38.0486 7076 BrFiltUp - ok
17:53:38.0496 7076 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
17:53:38.0496 7076 BridgeMP - ok
17:53:38.0527 7076 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
17:53:38.0527 7076 Browser - ok
17:53:39.0073 7076 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
17:53:39.0073 7076 Brserid - ok
17:53:39.0135 7076 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
17:53:39.0135 7076 BrSerWdm - ok
17:53:39.0151 7076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
17:53:39.0151 7076 BrUsbMdm - ok
17:53:39.0166 7076 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
17:53:39.0166 7076 BrUsbSer - ok
17:53:39.0182 7076 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
17:53:39.0182 7076 BTHMODEM - ok
17:53:39.0213 7076 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
17:53:39.0213 7076 bthserv - ok
17:53:39.0338 7076 catchme - ok
17:53:39.0447 7076 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
17:53:39.0465 7076 cdfs - ok
17:53:39.0532 7076 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
17:53:39.0535 7076 cdrom - ok
17:53:39.0575 7076 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
17:53:39.0576 7076 CertPropSvc - ok
17:53:39.0660 7076 cfWiMAXService (1f8a319d29394f9ce1b7ae020df2ebbf) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
17:53:39.0662 7076 cfWiMAXService - ok
17:53:39.0690 7076 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
17:53:39.0691 7076 circlass - ok
17:53:39.0738 7076 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
17:53:39.0744 7076 CLFS - ok
17:53:39.0814 7076 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:53:39.0818 7076 clr_optimization_v2.0.50727_32 - ok
17:53:39.0885 7076 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:53:39.0887 7076 clr_optimization_v4.0.30319_32 - ok
17:53:39.0914 7076 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
17:53:39.0915 7076 CmBatt - ok
17:53:39.0946 7076 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
17:53:39.0947 7076 cmdide - ok
17:53:40.0016 7076 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
17:53:40.0024 7076 CNG - ok
17:53:40.0194 7076 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
17:53:40.0196 7076 Compbatt - ok
17:53:40.0230 7076 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
17:53:40.0232 7076 CompositeBus - ok
17:53:40.0241 7076 COMSysApp - ok
17:53:40.0345 7076 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
17:53:40.0347 7076 ConfigFree Service - ok
17:53:40.0384 7076 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
17:53:40.0387 7076 crcdisk - ok
17:53:40.0465 7076 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
17:53:40.0470 7076 CryptSvc - ok
17:53:40.0512 7076 dc3d (33e7ab50f87f97abd9057205e27cb182) C:\windows\system32\DRIVERS\dc3d.sys
17:53:40.0512 7076 dc3d - ok
17:53:40.0574 7076 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
17:53:40.0590 7076 DcomLaunch - ok
17:53:40.0668 7076 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
17:53:40.0668 7076 defragsvc - ok
17:53:40.0715 7076 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
17:53:40.0730 7076 DfsC - ok
17:53:40.0777 7076 DgiVecp (7f19dba1a467b838ccb23124a2c55568) C:\windows\system32\Drivers\DgiVecp.sys
17:53:40.0777 7076 DgiVecp - ok
17:53:40.0840 7076 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
17:53:40.0840 7076 Dhcp - ok
17:53:41.0011 7076 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
17:53:41.0011 7076 discache - ok
17:53:41.0167 7076 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
17:53:41.0167 7076 Disk - ok
17:53:41.0230 7076 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
17:53:41.0230 7076 Dnscache - ok
17:53:41.0292 7076 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
17:53:41.0292 7076 dot3svc - ok
17:53:41.0339 7076 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
17:53:41.0339 7076 DPS - ok
17:53:41.0370 7076 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
17:53:41.0386 7076 drmkaud - ok
17:53:41.0448 7076 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
17:53:41.0469 7076 DXGKrnl - ok
17:53:41.0505 7076 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
17:53:41.0507 7076 EapHost - ok
17:53:41.0753 7076 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
17:53:41.0776 7076 ebdrv - ok
17:53:41.0917 7076 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
17:53:41.0922 7076 EFS - ok
17:53:42.0033 7076 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
17:53:42.0042 7076 ehRecvr - ok
17:53:42.0116 7076 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
17:53:42.0118 7076 ehSched - ok
17:53:42.0206 7076 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
17:53:42.0211 7076 elxstor - ok
17:53:42.0237 7076 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
17:53:42.0239 7076 ErrDev - ok
17:53:42.0291 7076 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
17:53:42.0295 7076 EventSystem - ok
17:53:42.0331 7076 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
17:53:42.0333 7076 exfat - ok
17:53:42.0370 7076 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
17:53:42.0372 7076 fastfat - ok
17:53:42.0439 7076 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
17:53:42.0439 7076 Fax - ok
17:53:42.0454 7076 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
17:53:42.0470 7076 fdc - ok
17:53:42.0485 7076 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
17:53:42.0485 7076 fdPHost - ok
17:53:42.0508 7076 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
17:53:42.0510 7076 FDResPub - ok
17:53:42.0523 7076 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
17:53:42.0524 7076 FileInfo - ok
17:53:42.0540 7076 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
17:53:42.0541 7076 Filetrace - ok
17:53:42.0556 7076 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
17:53:42.0557 7076 flpydisk - ok
17:53:42.0589 7076 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
17:53:42.0592 7076 FltMgr - ok
17:53:42.0687 7076 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
17:53:42.0701 7076 FontCache - ok
17:53:42.0763 7076 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:53:42.0766 7076 FontCache3.0.0.0 - ok
17:53:42.0795 7076 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
17:53:42.0796 7076 FsDepends - ok
17:53:42.0833 7076 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
17:53:42.0834 7076 Fs_Rec - ok
17:53:42.0873 7076 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
17:53:42.0876 7076 fvevol - ok
17:53:42.0911 7076 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
17:53:42.0912 7076 gagp30kx - ok
17:53:42.0951 7076 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:53:42.0952 7076 GEARAspiWDM - ok
17:53:43.0041 7076 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
17:53:43.0052 7076 gpsvc - ok
17:53:43.0195 7076 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:53:43.0199 7076 gupdate - ok
17:53:43.0207 7076 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:53:43.0209 7076 gupdatem - ok
17:53:43.0411 7076 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:53:43.0415 7076 gusvc - ok
17:53:43.0435 7076 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
17:53:43.0437 7076 hcw85cir - ok
17:53:43.0472 7076 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
17:53:43.0488 7076 HdAudAddService - ok
17:53:43.0503 7076 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
17:53:43.0503 7076 HDAudBus - ok
17:53:43.0519 7076 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
17:53:43.0519 7076 HidBatt - ok
17:53:43.0534 7076 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
17:53:43.0534 7076 HidBth - ok
17:53:43.0566 7076 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
17:53:43.0566 7076 HidIr - ok
17:53:43.0581 7076 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
17:53:43.0597 7076 hidserv - ok
17:53:43.0612 7076 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
17:53:43.0612 7076 HidUsb - ok
17:53:43.0644 7076 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
17:53:43.0644 7076 hkmsvc - ok
17:53:43.0675 7076 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
17:53:43.0675 7076 HomeGroupListener - ok
17:53:43.0722 7076 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
17:53:43.0722 7076 HomeGroupProvider - ok
17:53:43.0768 7076 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
17:53:43.0768 7076 HpSAMD - ok
17:53:43.0846 7076 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
17:53:43.0846 7076 HTTP - ok
17:53:43.0862 7076 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
17:53:43.0862 7076 hwpolicy - ok
17:53:43.0893 7076 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
17:53:43.0909 7076 i8042prt - ok
17:53:43.0940 7076 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
17:53:43.0940 7076 iaStorV - ok
17:53:44.0174 7076 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:53:44.0190 7076 IDriverT - ok
17:53:44.0377 7076 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:53:44.0392 7076 idsvc - ok
17:53:44.0671 7076 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
17:53:44.0673 7076 iirsp - ok
17:53:44.0759 7076 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
17:53:44.0773 7076 IKEEXT - ok
17:53:45.0002 7076 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
17:53:45.0033 7076 IntcAzAudAddService - ok
17:53:45.0179 7076 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
17:53:45.0181 7076 intelide - ok
17:53:45.0204 7076 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
17:53:45.0207 7076 intelppm - ok
17:53:45.0235 7076 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
17:53:45.0240 7076 IPBusEnum - ok
17:53:45.0264 7076 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:53:45.0266 7076 IpFilterDriver - ok
17:53:45.0336 7076 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
17:53:45.0348 7076 iphlpsvc - ok
17:53:45.0390 7076 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
17:53:45.0392 7076 IPMIDRV - ok
17:53:45.0417 7076 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
17:53:45.0418 7076 IPNAT - ok
17:53:45.0434 7076 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
17:53:45.0435 7076 IRENUM - ok
17:53:45.0451 7076 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
17:53:45.0452 7076 isapnp - ok
17:53:45.0482 7076 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
17:53:45.0484 7076 iScsiPrt - ok
17:53:45.0492 7076 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
17:53:45.0492 7076 kbdclass - ok
17:53:45.0539 7076 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
17:53:45.0539 7076 kbdhid - ok
17:53:45.0570 7076 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:53:45.0586 7076 KeyIso - ok
17:53:45.0617 7076 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\windows\system32\DRIVERS\kl1.sys
17:53:45.0617 7076 KL1 - ok
17:53:45.0648 7076 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\windows\system32\DRIVERS\kl2.sys
17:53:45.0648 7076 kl2 - ok
17:53:45.0711 7076 KLIF (af04d0ce7939324e9a605b159295706c) C:\windows\system32\DRIVERS\klif.sys
17:53:45.0726 7076 KLIF - ok
17:53:45.0742 7076 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\windows\system32\DRIVERS\klim6.sys
17:53:45.0742 7076 KLIM6 - ok
17:53:45.0758 7076 klmouflt (3de1771c135328420315e21dde229bba) C:\windows\system32\DRIVERS\klmouflt.sys
17:53:45.0758 7076 klmouflt - ok
17:53:45.0789 7076 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
17:53:45.0789 7076 KSecDD - ok
17:53:45.0836 7076 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
17:53:45.0836 7076 KSecPkg - ok
17:53:45.0882 7076 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
17:53:45.0898 7076 KtmRm - ok
17:53:45.0945 7076 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
17:53:45.0945 7076 LanmanServer - ok
17:53:45.0992 7076 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
17:53:45.0992 7076 LanmanWorkstation - ok
17:53:46.0054 7076 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
17:53:46.0070 7076 lltdio - ok
17:53:46.0101 7076 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
17:53:46.0116 7076 lltdsvc - ok
17:53:46.0148 7076 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
17:53:46.0148 7076 lmhosts - ok
17:53:46.0179 7076 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
17:53:46.0179 7076 LPCFilter - ok
17:53:46.0210 7076 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
17:53:46.0210 7076 LSI_FC - ok
17:53:46.0257 7076 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
17:53:46.0257 7076 LSI_SAS - ok
17:53:46.0288 7076 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
17:53:46.0288 7076 LSI_SAS2 - ok
17:53:46.0304 7076 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
17:53:46.0304 7076 LSI_SCSI - ok
17:53:46.0335 7076 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
17:53:46.0335 7076 luafv - ok
17:53:46.0366 7076 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
17:53:46.0366 7076 MBAMProtector - ok
17:53:46.0460 7076 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:53:46.0460 7076 MBAMService - ok
17:53:46.0506 7076 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
17:53:46.0506 7076 Mcx2Svc - ok
17:53:46.0616 7076 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:53:46.0616 7076 MDM - ok
17:53:46.0647 7076 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
17:53:46.0647 7076 megasas - ok
17:53:46.0678 7076 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
17:53:46.0678 7076 MegaSR - ok
17:53:46.0709 7076 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
17:53:46.0709 7076 MMCSS - ok
17:53:46.0740 7076 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
17:53:46.0740 7076 Modem - ok
17:53:46.0756 7076 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
17:53:46.0756 7076 monitor - ok
17:53:46.0787 7076 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
17:53:46.0787 7076 mouclass - ok
17:53:46.0834 7076 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
17:53:46.0834 7076 mouhid - ok
17:53:46.0865 7076 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
17:53:46.0865 7076 mountmgr - ok
17:53:46.0896 7076 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
17:53:46.0896 7076 mpio - ok
17:53:46.0912 7076 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
17:53:46.0912 7076 mpsdrv - ok
17:53:46.0990 7076 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
17:53:46.0990 7076 MpsSvc - ok
17:53:47.0068 7076 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
17:53:47.0068 7076 MRxDAV - ok
17:53:47.0115 7076 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
17:53:47.0115 7076 mrxsmb - ok
17:53:47.0177 7076 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:53:47.0177 7076 mrxsmb10 - ok
17:53:47.0193 7076 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:53:47.0193 7076 mrxsmb20 - ok
17:53:47.0224 7076 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
17:53:47.0224 7076 msahci - ok
17:53:47.0271 7076 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
17:53:47.0271 7076 msdsm - ok
17:53:47.0333 7076 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
17:53:47.0349 7076 MSDTC - ok
17:53:47.0396 7076 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
17:53:47.0396 7076 Msfs - ok
17:53:47.0411 7076 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
17:53:47.0427 7076 mshidkmdf - ok
17:53:47.0489 7076 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
17:53:47.0489 7076 msisadrv - ok
17:53:47.0520 7076 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
17:53:47.0536 7076 MSiSCSI - ok
17:53:47.0541 7076 msiserver - ok
17:53:47.0574 7076 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
17:53:47.0575 7076 MSKSSRV - ok
17:53:47.0598 7076 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
17:53:47.0599 7076 MSPCLOCK - ok
17:53:47.0616 7076 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
17:53:47.0617 7076 MSPQM - ok
17:53:47.0639 7076 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
17:53:47.0641 7076 MsRPC - ok
17:53:47.0671 7076 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
17:53:47.0673 7076 mssmbios - ok
17:53:47.0678 7076 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
17:53:47.0680 7076 MSTEE - ok
17:53:47.0693 7076 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
17:53:47.0694 7076 MTConfig - ok
17:53:47.0717 7076 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
17:53:47.0718 7076 Mup - ok
17:53:47.0777 7076 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
17:53:47.0783 7076 napagent - ok
17:53:47.0825 7076 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
17:53:47.0828 7076 NativeWifiP - ok
17:53:47.0880 7076 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
17:53:47.0887 7076 NDIS - ok
17:53:47.0908 7076 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
17:53:47.0910 7076 NdisCap - ok
17:53:47.0933 7076 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
17:53:47.0934 7076 NdisTapi - ok
17:53:47.0978 7076 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
17:53:47.0980 7076 Ndisuio - ok
17:53:48.0029 7076 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
17:53:48.0033 7076 NdisWan - ok
17:53:48.0077 7076 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
17:53:48.0080 7076 NDProxy - ok
17:53:48.0115 7076 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
17:53:48.0118 7076 NetBIOS - ok
17:53:48.0166 7076 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
17:53:48.0168 7076 NetBT - ok
17:53:48.0218 7076 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:53:48.0221 7076 Netlogon - ok
17:53:48.0261 7076 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
17:53:48.0265 7076 Netman - ok
17:53:48.0299 7076 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
17:53:48.0305 7076 netprofm - ok
17:53:48.0391 7076 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:53:48.0394 7076 NetTcpPortSharing - ok
17:53:48.0418 7076 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
17:53:48.0420 7076 nfrd960 - ok
17:53:48.0475 7076 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
17:53:48.0479 7076 NlaSvc - ok
17:53:48.0494 7076 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
17:53:48.0496 7076 Npfs - ok
17:53:48.0512 7076 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
17:53:48.0512 7076 nsi - ok
17:53:48.0528 7076 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
17:53:48.0528 7076 nsiproxy - ok
17:53:48.0652 7076 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
17:53:48.0668 7076 Ntfs - ok
17:53:48.0699 7076 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\windows\system32\DRIVERS\NuidFltr.sys
17:53:48.0699 7076 NuidFltr - ok
17:53:48.0730 7076 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
17:53:48.0730 7076 Null - ok
17:53:48.0777 7076 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
17:53:48.0777 7076 nvraid - ok
17:53:48.0808 7076 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
17:53:48.0808 7076 nvstor - ok
17:53:48.0824 7076 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
17:53:48.0840 7076 nv_agp - ok

it wouldn't fit inside a single post so here's the second part:

17:53:48.0855 7076 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
17:53:48.0855 7076 ohci1394 - ok
17:53:48.0902 7076 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
17:53:48.0918 7076 p2pimsvc - ok
17:53:48.0964 7076 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
17:53:48.0964 7076 p2psvc - ok
17:53:49.0011 7076 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
17:53:49.0011 7076 Parport - ok
17:53:49.0074 7076 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
17:53:49.0074 7076 partmgr - ok
17:53:49.0105 7076 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
17:53:49.0105 7076 Parvdm - ok
17:53:49.0136 7076 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
17:53:49.0136 7076 PcaSvc - ok
17:53:49.0183 7076 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
17:53:49.0183 7076 pci - ok
17:53:49.0198 7076 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
17:53:49.0198 7076 pciide - ok
17:53:49.0230 7076 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
17:53:49.0230 7076 pcmcia - ok
17:53:49.0245 7076 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
17:53:49.0245 7076 pcw - ok
17:53:49.0386 7076 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
17:53:49.0417 7076 PEAUTH - ok
17:53:49.0479 7076 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
17:53:49.0480 7076 PGEffect - ok
17:53:49.0612 7076 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
17:53:49.0639 7076 pla - ok
17:53:49.0779 7076 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
17:53:49.0785 7076 PlugPlay - ok
17:53:49.0806 7076 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
17:53:49.0809 7076 PNRPAutoReg - ok
17:53:49.0840 7076 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
17:53:49.0845 7076 PNRPsvc - ok
17:53:49.0962 7076 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
17:53:49.0969 7076 PolicyAgent - ok
17:53:50.0014 7076 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
17:53:50.0020 7076 Power - ok
17:53:50.0108 7076 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
17:53:50.0111 7076 PptpMiniport - ok
17:53:50.0133 7076 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
17:53:50.0135 7076 Processor - ok
17:53:50.0200 7076 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
17:53:50.0204 7076 ProfSvc - ok
17:53:50.0242 7076 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:53:50.0246 7076 ProtectedStorage - ok
17:53:50.0282 7076 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
17:53:50.0284 7076 Psched - ok
17:53:50.0426 7076 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
17:53:50.0441 7076 ql2300 - ok
17:53:50.0552 7076 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
17:53:50.0553 7076 ql40xx - ok
17:53:50.0590 7076 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
17:53:50.0595 7076 QWAVE - ok
17:53:50.0669 7076 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
17:53:50.0670 7076 QWAVEdrv - ok
17:53:50.0709 7076 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
17:53:50.0710 7076 RasAcd - ok
17:53:50.0737 7076 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
17:53:50.0738 7076 RasAgileVpn - ok
17:53:50.0758 7076 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
17:53:50.0762 7076 RasAuto - ok
17:53:50.0796 7076 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
17:53:50.0796 7076 Rasl2tp - ok
17:53:50.0846 7076 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
17:53:50.0851 7076 RasMan - ok
17:53:50.0915 7076 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
17:53:50.0919 7076 RasPppoe - ok
17:53:50.0946 7076 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
17:53:50.0948 7076 RasSstp - ok
17:53:50.0978 7076 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
17:53:50.0981 7076 rdbss - ok
17:53:51.0026 7076 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
17:53:51.0027 7076 rdpbus - ok
17:53:51.0069 7076 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
17:53:51.0071 7076 RDPCDD - ok
17:53:51.0086 7076 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
17:53:51.0087 7076 RDPENCDD - ok
17:53:51.0135 7076 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
17:53:51.0137 7076 RDPREFMP - ok
17:53:51.0183 7076 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
17:53:51.0185 7076 RDPWD - ok
17:53:51.0226 7076 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
17:53:51.0229 7076 rdyboost - ok
17:53:51.0267 7076 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
17:53:51.0270 7076 RemoteAccess - ok
17:53:51.0302 7076 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
17:53:51.0306 7076 RemoteRegistry - ok
17:53:51.0431 7076 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:53:51.0436 7076 RichVideo - ok
17:53:51.0479 7076 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
17:53:51.0483 7076 RpcEptMapper - ok
17:53:51.0515 7076 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
17:53:51.0518 7076 RpcLocator - ok
17:53:51.0582 7076 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
17:53:51.0589 7076 RpcSs - ok
17:53:51.0625 7076 RSELSVC - ok
17:53:51.0654 7076 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
17:53:51.0656 7076 rspndr - ok
17:53:51.0698 7076 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
17:53:51.0702 7076 RSUSBSTOR - ok
17:53:51.0738 7076 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
17:53:51.0740 7076 RTL8167 - ok
17:53:51.0814 7076 rtl8192se (8327c64e9a4d052339c16499d08f7d6c) C:\windows\system32\DRIVERS\rtl8192se.sys
17:53:51.0814 7076 rtl8192se - ok
17:53:51.0830 7076 RtsUIR - ok
17:53:51.0861 7076 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:53:51.0861 7076 SamSs - ok
17:53:51.0892 7076 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
17:53:51.0908 7076 sbp2port - ok
17:53:51.0939 7076 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
17:53:51.0939 7076 SCardSvr - ok
17:53:51.0986 7076 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
17:53:51.0986 7076 scfilter - ok
17:53:52.0111 7076 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
17:53:52.0126 7076 Schedule - ok
17:53:52.0173 7076 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
17:53:52.0173 7076 SCPolicySvc - ok
17:53:52.0204 7076 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
17:53:52.0204 7076 SDRSVC - ok
17:53:52.0236 7076 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
17:53:52.0236 7076 secdrv - ok
17:53:52.0267 7076 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
17:53:52.0267 7076 seclogon - ok
17:53:52.0282 7076 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
17:53:52.0282 7076 SENS - ok
17:53:52.0298 7076 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
17:53:52.0298 7076 SensrSvc - ok
17:53:52.0298 7076 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
17:53:52.0298 7076 Serenum - ok
17:53:52.0329 7076 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
17:53:52.0329 7076 Serial - ok
17:53:52.0360 7076 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
17:53:52.0360 7076 sermouse - ok
17:53:52.0423 7076 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
17:53:52.0423 7076 SessionEnv - ok
17:53:52.0454 7076 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
17:53:52.0454 7076 sffdisk - ok
17:53:52.0470 7076 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
17:53:52.0470 7076 sffp_mmc - ok
17:53:52.0485 7076 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
17:53:52.0485 7076 sffp_sd - ok
17:53:52.0524 7076 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
17:53:52.0525 7076 sfloppy - ok
17:53:52.0566 7076 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
17:53:52.0570 7076 SharedAccess - ok
17:53:52.0635 7076 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
17:53:52.0646 7076 ShellHWDetection - ok
17:53:52.0680 7076 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
17:53:52.0681 7076 sisagp - ok
17:53:52.0720 7076 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
17:53:52.0721 7076 SiSRaid2 - ok
17:53:52.0735 7076 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
17:53:52.0737 7076 SiSRaid4 - ok
17:53:52.0795 7076 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
17:53:52.0799 7076 SkypeUpdate - ok
17:53:52.0827 7076 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
17:53:52.0829 7076 Smb - ok
17:53:53.0116 7076 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
17:53:53.0122 7076 SNMPTRAP - ok
17:53:53.0175 7076 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
17:53:53.0177 7076 spldr - ok
17:53:53.0245 7076 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
17:53:53.0251 7076 Spooler - ok
17:53:53.0514 7076 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
17:53:53.0540 7076 sppsvc - ok
17:53:53.0649 7076 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
17:53:53.0649 7076 sppuinotify - ok
17:53:53.0712 7076 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
17:53:53.0727 7076 srv - ok
17:53:53.0758 7076 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
17:53:53.0758 7076 srv2 - ok
17:53:53.0790 7076 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
17:53:53.0790 7076 srvnet - ok
17:53:53.0821 7076 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
17:53:53.0821 7076 SSDPSRV - ok
17:53:53.0852 7076 SSPORT (ef3458337d7341a05169cefc73709264) C:\windows\system32\Drivers\SSPORT.sys
17:53:53.0852 7076 SSPORT - ok
17:53:53.0883 7076 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
17:53:53.0883 7076 SstpSvc - ok
17:53:53.0899 7076 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
17:53:53.0899 7076 stexstor - ok
17:53:53.0930 7076 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
17:53:53.0930 7076 StillCam - ok
17:53:53.0977 7076 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
17:53:53.0992 7076 StiSvc - ok
17:53:54.0024 7076 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
17:53:54.0024 7076 swenum - ok
17:53:54.0086 7076 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
17:53:54.0102 7076 swprv - ok
17:53:54.0148 7076 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
17:53:54.0148 7076 SynTP - ok
17:53:54.0258 7076 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
17:53:54.0273 7076 SysMain - ok
17:53:54.0320 7076 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
17:53:54.0320 7076 TabletInputService - ok
17:53:54.0553 7076 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
17:53:54.0563 7076 TapiSrv - ok
17:53:54.0889 7076 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
17:53:54.0897 7076 TBS - ok
17:53:55.0063 7076 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
17:53:55.0079 7076 Tcpip - ok
17:53:55.0105 7076 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
17:53:55.0115 7076 TCPIP6 - ok
17:53:55.0160 7076 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
17:53:55.0162 7076 tcpipreg - ok
17:53:55.0200 7076 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
17:53:55.0201 7076 tdcmdpst - ok
17:53:55.0248 7076 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
17:53:55.0249 7076 TDPIPE - ok
17:53:55.0276 7076 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
17:53:55.0277 7076 TDTCP - ok
17:53:55.0318 7076 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
17:53:55.0320 7076 tdx - ok
17:53:55.0381 7076 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
17:53:55.0382 7076 TermDD - ok
17:53:55.0459 7076 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
17:53:55.0466 7076 TermService - ok
17:53:55.0516 7076 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
17:53:55.0520 7076 Themes - ok
17:53:55.0596 7076 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
17:53:55.0602 7076 THREADORDER - ok
17:53:55.0662 7076 TMachInfo (32577b987ae5401038451bb392cb8d89) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:53:55.0678 7076 TMachInfo - ok
17:53:55.0709 7076 TODDSrv (fe65d33b7d4ff07dd1d29526a48df810) C:\windows\system32\TODDSrv.exe
17:53:55.0709 7076 TODDSrv - ok
17:53:55.0787 7076 TosCoSrv (451b09ba1a0d019ba0b5a27229559d55) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
17:53:55.0787 7076 TosCoSrv - ok
17:53:55.0865 7076 TOSHIBA eco Utility Service (0b5fa26e0c8a8e07a6df3df4e5711da8) C:\Program Files\TOSHIBA\TECO\TecoService.exe
17:53:55.0880 7076 TOSHIBA eco Utility Service - ok
17:53:55.0943 7076 TOSHIBA HDD SSD Alert Service (94ecabe1ba3559214fe6c3ce6c9677eb) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:53:55.0943 7076 TOSHIBA HDD SSD Alert Service - ok
17:53:56.0036 7076 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
17:53:56.0036 7076 tos_sps32 - ok
17:53:56.0146 7076 TPCHSrv (31d2881b0647f2b09b118b9b50c02888) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
17:53:56.0161 7076 TPCHSrv - ok
17:53:56.0208 7076 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
17:53:56.0208 7076 TrkWks - ok
17:53:56.0281 7076 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
17:53:56.0285 7076 TrustedInstaller - ok
17:53:56.0338 7076 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
17:53:56.0340 7076 tssecsrv - ok
17:53:56.0386 7076 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
17:53:56.0388 7076 TsUsbFlt - ok
17:53:56.0433 7076 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
17:53:56.0435 7076 tunnel - ok
17:53:56.0457 7076 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:53:56.0459 7076 TVALZ - ok
17:53:56.0486 7076 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
17:53:56.0487 7076 TVALZFL - ok
17:53:56.0510 7076 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
17:53:56.0512 7076 uagp35 - ok
17:53:56.0551 7076 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
17:53:56.0554 7076 udfs - ok
17:53:56.0602 7076 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
17:53:56.0607 7076 UI0Detect - ok
17:53:56.0651 7076 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
17:53:56.0652 7076 uliagpkx - ok
17:53:56.0666 7076 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
17:53:56.0667 7076 umbus - ok
17:53:56.0689 7076 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
17:53:56.0690 7076 UmPass - ok
17:53:56.0734 7076 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
17:53:56.0740 7076 upnphost - ok
17:53:56.0894 7076 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
17:53:56.0895 7076 usbccgp - ok
17:53:56.0909 7076 USBCCID - ok
17:53:56.0939 7076 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
17:53:56.0941 7076 usbcir - ok
17:53:56.0959 7076 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
17:53:56.0961 7076 usbehci - ok
17:53:56.0993 7076 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
17:53:56.0996 7076 usbhub - ok
17:53:57.0064 7076 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
17:53:57.0066 7076 usbohci - ok
17:53:57.0085 7076 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
17:53:57.0087 7076 usbprint - ok
17:53:57.0125 7076 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
17:53:57.0128 7076 USBSTOR - ok
17:53:57.0164 7076 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
17:53:57.0165 7076 usbuhci - ok
17:53:57.0186 7076 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
17:53:57.0188 7076 usbvideo - ok
17:53:57.0215 7076 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
17:53:57.0219 7076 UxSms - ok
17:53:57.0254 7076 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:53:57.0256 7076 VaultSvc - ok
17:53:57.0289 7076 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
17:53:57.0291 7076 vdrvroot - ok
17:53:57.0354 7076 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
17:53:57.0376 7076 vds - ok
17:53:57.0513 7076 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
17:53:57.0528 7076 vga - ok
17:53:57.0575 7076 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
17:53:57.0575 7076 VgaSave - ok
17:53:57.0622 7076 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
17:53:57.0622 7076 vhdmp - ok
17:53:57.0638 7076 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
17:53:57.0638 7076 viaagp - ok
17:53:57.0669 7076 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
17:53:57.0684 7076 ViaC7 - ok
17:53:57.0684 7076 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
17:53:57.0700 7076 viaide - ok
17:53:57.0700 7076 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
17:53:57.0700 7076 volmgr - ok
17:53:57.0762 7076 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
17:53:57.0762 7076 volmgrx - ok
17:53:57.0887 7076 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
17:53:57.0887 7076 volsnap - ok
17:53:57.0934 7076 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
17:53:57.0950 7076 vsmraid - ok
17:53:58.0059 7076 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
17:53:58.0090 7076 VSS - ok
17:53:58.0137 7076 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
17:53:58.0137 7076 vwifibus - ok
17:53:58.0152 7076 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
17:53:58.0152 7076 vwififlt - ok
17:53:58.0199 7076 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
17:53:58.0199 7076 W32Time - ok
17:53:58.0262 7076 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
17:53:58.0262 7076 WacomPen - ok
17:53:58.0308 7076 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:53:58.0308 7076 WANARP - ok
17:53:58.0324 7076 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:53:58.0324 7076 Wanarpv6 - ok
17:53:58.0480 7076 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
17:53:58.0496 7076 WatAdminSvc - ok
17:53:58.0627 7076 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
17:53:58.0639 7076 wbengine - ok
17:53:58.0695 7076 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
17:53:58.0704 7076 WbioSrvc - ok
17:53:58.0788 7076 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
17:53:58.0800 7076 wcncsvc - ok
17:53:58.0826 7076 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
17:53:58.0835 7076 WcsPlugInService - ok
17:53:58.0893 7076 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
17:53:58.0894 7076 Wd - ok
17:53:58.0935 7076 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
17:53:58.0939 7076 Wdf01000 - ok
17:53:58.0973 7076 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
17:53:58.0978 7076 WdiServiceHost - ok
17:53:58.0986 7076 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
17:53:58.0990 7076 WdiSystemHost - ok
17:53:59.0201 7076 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
17:53:59.0211 7076 WebClient - ok
17:53:59.0288 7076 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
17:53:59.0298 7076 Wecsvc - ok
17:53:59.0353 7076 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
17:53:59.0357 7076 wercplsupport - ok
17:53:59.0402 7076 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
17:53:59.0406 7076 WerSvc - ok
17:53:59.0425 7076 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
17:53:59.0428 7076 WfpLwf - ok
17:53:59.0450 7076 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
17:53:59.0452 7076 WIMMount - ok
17:53:59.0561 7076 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
17:53:59.0561 7076 WinDefend - ok
17:53:59.0592 7076 WinHttpAutoProxySvc - ok
17:53:59.0733 7076 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
17:53:59.0733 7076 Winmgmt - ok
17:53:59.0889 7076 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
17:53:59.0904 7076 WinRM - ok
17:53:59.0982 7076 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
17:53:59.0982 7076 WinUsb - ok
17:54:00.0076 7076 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
17:54:00.0092 7076 Wlansvc - ok
17:54:00.0123 7076 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
17:54:00.0123 7076 WmiAcpi - ok
17:54:00.0170 7076 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
17:54:00.0170 7076 wmiApSrv - ok
17:54:00.0326 7076 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:54:00.0341 7076 WMPNetworkSvc - ok
17:54:00.0388 7076 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
17:54:00.0388 7076 WPCSvc - ok
17:54:00.0435 7076 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
17:54:00.0435 7076 WPDBusEnum - ok
17:54:00.0482 7076 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
17:54:00.0482 7076 ws2ifsl - ok
17:54:00.0513 7076 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
17:54:00.0528 7076 wscsvc - ok
17:54:00.0593 7076 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
17:54:00.0595 7076 WSDPrintDevice - ok
17:54:00.0610 7076 WSearch - ok
17:54:00.0807 7076 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll
17:54:00.0833 7076 wuauserv - ok
17:54:01.0106 7076 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
17:54:01.0109 7076 WudfPf - ok
17:54:01.0135 7076 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
17:54:01.0137 7076 WUDFRd - ok
17:54:01.0171 7076 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
17:54:01.0177 7076 wudfsvc - ok
17:54:01.0207 7076 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
17:54:01.0213 7076 WwanSvc - ok
17:54:01.0259 7076 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
17:54:01.0386 7076 \Device\Harddisk0\DR0 - ok
17:54:01.0405 7076 Boot (0x1200) (85ef41098e2d10d57f37a15b624525c0) \Device\Harddisk0\DR0\Partition0
17:54:01.0407 7076 \Device\Harddisk0\DR0\Partition0 - ok
17:54:01.0408 7076 ============================================================
17:54:01.0408 7076 Scan finished
17:54:01.0408 7076 ============================================================
17:54:01.0427 7624 Detected object count: 0
17:54:01.0427 7624 Actual detected object count: 0
17:54:20.0631 3460 ============================================================
17:54:20.0631 3460 Scan started
17:54:20.0631 3460 Mode: Manual; SigCheck; TDLFS;
17:54:20.0631 3460 ============================================================
17:54:21.0317 3460 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
17:54:21.0489 3460 1394ohci - ok
17:54:21.0536 3460 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
17:54:21.0567 3460 ACPI - ok
17:54:21.0582 3460 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
17:54:21.0614 3460 AcpiPmi - ok
17:54:21.0723 3460 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:54:21.0754 3460 AdobeARMservice - ok
17:54:21.0785 3460 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:54:21.0816 3460 AdobeFlashPlayerUpdateSvc - ok
17:54:21.0863 3460 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
17:54:21.0894 3460 adp94xx - ok
17:54:21.0926 3460 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
17:54:21.0941 3460 adpahci - ok
17:54:21.0957 3460 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
17:54:21.0972 3460 adpu320 - ok
17:54:22.0004 3460 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll
17:54:22.0082 3460 AeLookupSvc - ok
17:54:22.0144 3460 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
17:54:22.0206 3460 AFD - ok
17:54:22.0253 3460 AgereModemAudio (6416f9b6b220f0a890525c38235afad7) C:\Program Files\LSI SoftModem\agrsmsvc.exe
17:54:22.0300 3460 AgereModemAudio - ok
17:54:22.0394 3460 AgereSoftModem (07758c2196a62f207f77556311e7459a) C:\windows\system32\DRIVERS\AGRSM.sys
17:54:22.0440 3460 AgereSoftModem - ok
17:54:22.0472 3460 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
17:54:22.0503 3460 agp440 - ok
17:54:22.0518 3460 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
17:54:22.0534 3460 aic78xx - ok
17:54:22.0565 3460 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe
17:54:22.0628 3460 ALG - ok
17:54:22.0659 3460 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
17:54:22.0674 3460 aliide - ok
17:54:22.0706 3460 AMD External Events Utility (0bc6704f6fb4c63cdcb85401e8263a1b) C:\windows\system32\atiesrxx.exe
17:54:22.0752 3460 AMD External Events Utility - ok
17:54:22.0784 3460 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
17:54:22.0799 3460 amdagp - ok
17:54:22.0846 3460 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
17:54:22.0862 3460 amdide - ok
17:54:22.0877 3460 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
17:54:22.0908 3460 AmdK8 - ok
17:54:22.0908 3460 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
17:54:22.0940 3460 AmdPPM - ok
17:54:22.0955 3460 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
17:54:22.0971 3460 amdsata - ok
17:54:23.0002 3460 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
17:54:23.0018 3460 amdsbs - ok
17:54:23.0052 3460 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
17:54:23.0072 3460 amdxata - ok
17:54:23.0120 3460 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
17:54:23.0180 3460 AppID - ok
17:54:23.0222 3460 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll
17:54:23.0298 3460 AppIDSvc - ok
17:54:23.0333 3460 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll
17:54:23.0377 3460 Appinfo - ok
17:54:23.0411 3460 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
17:54:23.0430 3460 arc - ok
17:54:23.0444 3460 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
17:54:23.0462 3460 arcsas - ok
17:54:23.0481 3460 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
17:54:23.0528 3460 AsyncMac - ok
17:54:23.0562 3460 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
17:54:23.0578 3460 atapi - ok
17:54:23.0937 3460 atikmdag (c97be8350fbcb1960b22fad2e6c2b514) C:\windows\system32\DRIVERS\atikmdag.sys
17:54:24.0067 3460 atikmdag - ok
17:54:24.0207 3460 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\windows\system32\DRIVERS\AtiPcie.sys
17:54:24.0270 3460 AtiPcie - ok
17:54:24.0349 3460 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
17:54:24.0407 3460 AudioEndpointBuilder - ok
17:54:24.0417 3460 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll
17:54:24.0461 3460 Audiosrv - ok
17:54:24.0542 3460 AVP (2718dc27571bd1e37813f5759d2dc118) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
17:54:24.0576 3460 AVP - ok
17:54:24.0608 3460 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll
17:54:24.0682 3460 AxInstSV - ok
17:54:24.0744 3460 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
17:54:24.0830 3460 b06bdrv - ok
17:54:24.0855 3460 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
17:54:24.0876 3460 b57nd60x - ok
17:54:24.0914 3460 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll
17:54:24.0950 3460 BDESVC - ok
17:54:24.0969 3460 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
17:54:25.0027 3460 Beep - ok
17:54:25.0116 3460 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll
17:54:25.0169 3460 BFE - ok
17:54:25.0400 3460 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\system32\qmgr.dll
17:54:25.0475 3460 BITS - ok
17:54:25.0504 3460 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
17:54:25.0535 3460 blbdrive - ok
17:54:25.0571 3460 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
17:54:25.0598 3460 bowser - ok
17:54:25.0615 3460 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
17:54:25.0661 3460 BrFiltLo - ok
17:54:25.0685 3460 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
17:54:25.0738 3460 BrFiltUp - ok
17:54:25.0760 3460 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\windows\system32\DRIVERS\bridge.sys
17:54:25.0805 3460 BridgeMP - ok
17:54:25.0841 3460 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll
17:54:25.0925 3460 Browser - ok
17:54:25.0970 3460 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
17:54:26.0054 3460 Brserid - ok
17:54:26.0084 3460 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
17:54:26.0120 3460 BrSerWdm - ok
17:54:26.0139 3460 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
17:54:26.0186 3460 BrUsbMdm - ok
17:54:26.0210 3460 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
17:54:26.0266 3460 BrUsbSer - ok
17:54:26.0280 3460 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
17:54:26.0312 3460 BTHMODEM - ok
17:54:26.0343 3460 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll
17:54:26.0405 3460 bthserv - ok
17:54:26.0530 3460 catchme - ok
17:54:26.0577 3460 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
17:54:26.0639 3460 cdfs - ok
17:54:26.0670 3460 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
17:54:26.0702 3460 cdrom - ok
17:54:26.0733 3460 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
17:54:26.0795 3460 CertPropSvc - ok
17:54:26.0936 3460 cfWiMAXService (1f8a319d29394f9ce1b7ae020df2ebbf) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
17:54:26.0951 3460 cfWiMAXService - ok
17:54:26.0967 3460 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
17:54:27.0014 3460 circlass - ok
17:54:27.0045 3460 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
17:54:27.0076 3460 CLFS - ok
17:54:27.0138 3460 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:54:27.0154 3460 clr_optimization_v2.0.50727_32 - ok
17:54:27.0232 3460 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:54:27.0248 3460 clr_optimization_v4.0.30319_32 - ok
17:54:27.0294 3460 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
17:54:27.0372 3460 CmBatt - ok
17:54:27.0450 3460 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
17:54:27.0466 3460 cmdide - ok
17:54:27.0606 3460 CNG (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys
17:54:27.0653 3460 CNG - ok
17:54:27.0825 3460 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
17:54:27.0856 3460 Compbatt - ok
17:54:27.0918 3460 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
17:54:27.0950 3460 CompositeBus - ok
17:54:27.0965 3460 COMSysApp - ok
17:54:28.0121 3460 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
17:54:28.0137 3460 ConfigFree Service - ok
17:54:28.0199 3460 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
17:54:28.0215 3460 crcdisk - ok
17:54:28.0293 3460 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\windows\system32\cryptsvc.dll
17:54:28.0355 3460 CryptSvc - ok
17:54:28.0402 3460 dc3d (33e7ab50f87f97abd9057205e27cb182) C:\windows\system32\DRIVERS\dc3d.sys
17:54:28.0433 3460 dc3d - ok
17:54:28.0574 3460 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
17:54:28.0636 3460 DcomLaunch - ok
17:54:28.0713 3460 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll
17:54:28.0813 3460 defragsvc - ok
17:54:28.0851 3460 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
17:54:28.0935 3460 DfsC - ok
17:54:28.0991 3460 DgiVecp (7f19dba1a467b838ccb23124a2c55568) C:\windows\system32\Drivers\DgiVecp.sys
17:54:29.0006 3460 DgiVecp ( UnsignedFile.Multi.Generic ) - warning
17:54:29.0006 3460 DgiVecp - detected UnsignedFile.Multi.Generic (1)
17:54:29.0044 3460 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll
17:54:29.0127 3460 Dhcp - ok
17:54:29.0218 3460 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
17:54:29.0269 3460 discache - ok
17:54:29.0290 3460 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
17:54:29.0307 3460 Disk - ok
17:54:29.0371 3460 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll
17:54:29.0400 3460 Dnscache - ok
17:54:29.0446 3460 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll
17:54:29.0526 3460 dot3svc - ok
17:54:29.0640 3460 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll
17:54:29.0684 3460 DPS - ok
17:54:29.0716 3460 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
17:54:29.0825 3460 drmkaud - ok
17:54:30.0168 3460 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
17:54:30.0184 3460 DXGKrnl - ok
17:54:30.0262 3460 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll
17:54:30.0355 3460 EapHost - ok
17:54:30.0823 3460 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
17:54:30.0932 3460 ebdrv - ok
17:54:31.0073 3460 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe
17:54:31.0104 3460 EFS - ok
17:54:31.0291 3460 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe
17:54:31.0354 3460 ehRecvr - ok
17:54:31.0385 3460 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe
17:54:31.0400 3460 ehSched - ok
17:54:31.0478 3460 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
17:54:31.0510 3460 elxstor - ok
17:54:31.0541 3460 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
17:54:31.0572 3460 ErrDev - ok
17:54:31.0634 3460 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll
17:54:31.0681 3460 EventSystem - ok
17:54:31.0712 3460 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
17:54:31.0775 3460 exfat - ok
17:54:31.0806 3460 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
17:54:31.0853 3460 fastfat - ok
17:54:31.0915 3460 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe
17:54:31.0962 3460 Fax - ok
17:54:31.0993 3460 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
17:54:32.0009 3460 fdc - ok
17:54:32.0024 3460 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll
17:54:32.0087 3460 fdPHost - ok
17:54:32.0118 3460 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll
17:54:32.0165 3460 FDResPub - ok
17:54:32.0180 3460 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
17:54:32.0196 3460 FileInfo - ok
17:54:32.0227 3460 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
17:54:32.0274 3460 Filetrace - ok
17:54:32.0290 3460 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
17:54:32.0321 3460 flpydisk - ok
17:54:32.0352 3460 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
17:54:32.0368 3460 FltMgr - ok
17:54:32.0477 3460 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll
17:54:32.0524 3460 FontCache - ok
17:54:32.0586 3460 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:54:32.0617 3460 FontCache3.0.0.0 - ok
17:54:32.0633 3460 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
17:54:32.0648 3460 FsDepends - ok
17:54:32.0680 3460 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys
17:54:32.0695 3460 Fs_Rec - ok
17:54:32.0742 3460 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
17:54:32.0773 3460 fvevol - ok
17:54:32.0804 3460 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
17:54:32.0820 3460 gagp30kx - ok
17:54:32.0867 3460 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
17:54:32.0882 3460 GEARAspiWDM - ok
17:54:32.0960 3460 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll
17:54:33.0007 3460 gpsvc - ok
17:54:33.0116 3460 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:54:33.0148 3460 gupdate - ok
17:54:33.0163 3460 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
17:54:33.0179 3460 gupdatem - ok
17:54:33.0194 3460 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:54:33.0210 3460 gusvc - ok
17:54:33.0241 3460 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
17:54:33.0257 3460 hcw85cir - ok
17:54:33.0319 3460 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
17:54:33.0350 3460 HdAudAddService - ok
17:54:33.0366 3460 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
17:54:33.0397 3460 HDAudBus - ok
17:54:33.0428 3460 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
17:54:33.0460 3460 HidBatt - ok
17:54:33.0538 3460 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
17:54:33.0569 3460 HidBth - ok
17:54:33.0584 3460 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
17:54:33.0616 3460 HidIr - ok
17:54:33.0647 3460 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\System32\hidserv.dll
17:54:33.0678 3460 hidserv - ok
17:54:33.0709 3460 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
17:54:33.0740 3460 HidUsb - ok
17:54:33.0787 3460 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll
17:54:33.0818 3460 hkmsvc - ok
17:54:33.0850 3460 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll
17:54:33.0896 3460 HomeGroupListener - ok
17:54:33.0943 3460 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll
17:54:33.0974 3460 HomeGroupProvider - ok
17:54:34.0006 3460 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
17:54:34.0021 3460 HpSAMD - ok
17:54:34.0099 3460 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
17:54:34.0162 3460 HTTP - ok
17:54:34.0177 3460 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
17:54:34.0208 3460 hwpolicy - ok
17:54:34.0240 3460 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
17:54:34.0271 3460 i8042prt - ok
17:54:34.0318 3460 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
17:54:34.0364 3460 iaStorV - ok
17:54:34.0474 3460 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:54:34.0505 3460 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:54:34.0505 3460 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:54:34.0630 3460 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:54:34.0661 3460 idsvc - ok
17:54:34.0770 3460 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
17:54:34.0786 3460 iirsp - ok
17:54:34.0864 3460 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll
17:54:34.0926 3460 IKEEXT - ok
17:54:35.0139 3460 IntcAzAudAddService (e4a2e810cb2607c9c159c0dfb0bd4c88) C:\windows\system32\drivers\RTKVHDA.sys
17:54:35.0254 3460 IntcAzAudAddService - ok
17:54:35.0369 3460 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
17:54:35.0402 3460 intelide - ok
17:54:35.0429 3460 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
17:54:35.0454 3460 intelppm - ok
17:54:35.0481 3460 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll
17:54:35.0531 3460 IPBusEnum - ok
17:54:35.0555 3460 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:54:35.0611 3460 IpFilterDriver - ok
17:54:35.0881 3460 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll
17:54:35.0977 3460 iphlpsvc - ok
17:54:36.0234 3460 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
17:54:36.0265 3460 IPMIDRV - ok
17:54:36.0343 3460 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
17:54:36.0421 3460 IPNAT - ok
17:54:36.0515 3460 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
17:54:36.0530 3460 IRENUM - ok
17:54:36.0608 3460 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
17:54:36.0624 3460 isapnp - ok
17:54:36.0655 3460 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
17:54:36.0684 3460 iScsiPrt - ok
17:54:36.0707 3460 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
17:54:36.0723 3460 kbdclass - ok
17:54:36.0736 3460 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
17:54:36.0765 3460 kbdhid - ok
17:54:36.0798 3460 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:54:36.0819 3460 KeyIso - ok
17:54:36.0864 3460 KL1 (186b54479d98e48aee0e9ada4b3c4d31) C:\windows\system32\DRIVERS\kl1.sys
17:54:36.0898 3460 KL1 - ok
17:54:36.0919 3460 kl2 (bf485bfba13c0ab116701fd9c55324d0) C:\windows\system32\DRIVERS\kl2.sys
17:54:36.0933 3460 kl2 - ok
17:54:36.0998 3460 KLIF (af04d0ce7939324e9a605b159295706c) C:\windows\system32\DRIVERS\klif.sys
17:54:37.0026 3460 KLIF - ok
17:54:37.0053 3460 KLIM6 (6295a19003f935ecc6ccbe9e2376427b) C:\windows\system32\DRIVERS\klim6.sys
17:54:37.0077 3460 KLIM6 - ok
17:54:37.0103 3460 klmouflt (3de1771c135328420315e21dde229bba) C:\windows\system32\DRIVERS\klmouflt.sys
17:54:37.0119 3460 klmouflt - ok
17:54:37.0272 3460 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys
17:54:37.0304 3460 KSecDD - ok
17:54:37.0625 3460 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys
17:54:37.0659 3460 KSecPkg - ok
17:54:37.0815 3460 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll
17:54:37.0893 3460 KtmRm - ok
17:54:37.0986 3460 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\System32\srvsvc.dll
17:54:38.0095 3460 LanmanServer - ok
17:54:38.0189 3460 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll
17:54:38.0236 3460 LanmanWorkstation - ok
17:54:38.0345 3460 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
17:54:38.0407 3460 lltdio - ok
17:54:38.0454 3460 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll
17:54:38.0517 3460 lltdsvc - ok
17:54:38.0532 3460 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll
17:54:38.0641 3460 lmhosts - ok
17:54:38.0751 3460 LPCFilter (6e3d3816749e107883eec5734ce44493) C:\windows\system32\DRIVERS\LPCFilter.sys
17:54:38.0766 3460 LPCFilter - ok
17:54:38.0813 3460 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
17:54:38.0844 3460 LSI_FC - ok
17:54:38.0875 3460 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
17:54:38.0907 3460 LSI_SAS - ok
17:54:38.0907 3460 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
17:54:38.0938 3460 LSI_SAS2 - ok
17:54:38.0938 3460 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
17:54:38.0953 3460 LSI_SCSI - ok
17:54:39.0016 3460 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
17:54:39.0063 3460 luafv - ok
17:54:39.0078 3460 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\windows\system32\drivers\mbam.sys
17:54:39.0109 3460 MBAMProtector - ok
17:54:39.0203 3460 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:54:39.0219 3460 MBAMService - ok
17:54:39.0265 3460 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll
17:54:39.0297 3460 Mcx2Svc - ok
17:54:39.0406 3460 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:54:39.0421 3460 MDM - ok
17:54:39.0453 3460 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
17:54:39.0484 3460 megasas - ok
17:54:39.0515 3460 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
17:54:39.0531 3460 MegaSR - ok
17:54:39.0577 3460 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
17:54:39.0687 3460 MMCSS - ok
17:54:39.0788 3460 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
17:54:39.0841 3460 Modem - ok
17:54:39.0894 3460 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
17:54:39.0926 3460 monitor - ok
17:54:39.0963 3460 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
17:54:39.0980 3460 mouclass - ok
17:54:39.0996 3460 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
17:54:40.0022 3460 mouhid - ok
17:54:40.0060 3460 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
17:54:40.0079 3460 mountmgr - ok
17:54:40.0115 3460 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
17:54:40.0133 3460 mpio - ok
17:54:40.0156 3460 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
17:54:40.0203 3460 mpsdrv - ok
17:54:40.0279 3460 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll
17:54:40.0344 3460 MpsSvc - ok
17:54:40.0383 3460 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
17:54:40.0435 3460 MRxDAV - ok
17:54:40.0468 3460 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
17:54:40.0502 3460 mrxsmb - ok
17:54:40.0552 3460 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:54:40.0604 3460 mrxsmb10 - ok
17:54:40.0628 3460 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:54:40.0668 3460 mrxsmb20 - ok
17:54:40.0697 3460 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
17:54:40.0713 3460 msahci - ok
17:54:40.0727 3460 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
17:54:40.0743 3460 msdsm - ok
17:54:40.0789 3460 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe
17:54:40.0821 3460 MSDTC - ok
17:54:40.0867 3460 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
17:54:40.0899 3460 Msfs - ok
17:54:40.0945 3460 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
17:54:41.0008 3460 mshidkmdf - ok
17:54:41.0101 3460 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
17:54:41.0117 3460 msisadrv - ok
17:54:41.0148 3460 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll
17:54:41.0221 3460 MSiSCSI - ok
17:54:41.0230 3460 msiserver - ok
17:54:41.0266 3460 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
17:54:41.0322 3460 MSKSSRV - ok
17:54:41.0331 3460 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
17:54:41.0372 3460 MSPCLOCK - ok
17:54:41.0386 3460 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
17:54:41.0431 3460 MSPQM - ok
17:54:41.0464 3460 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
17:54:41.0482 3460 MsRPC - ok
17:54:41.0520 3460 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
17:54:41.0538 3460 mssmbios - ok
17:54:41.0561 3460 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
17:54:41.0597 3460 MSTEE - ok
17:54:41.0619 3460 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
17:54:41.0660 3460 MTConfig - ok
17:54:41.0675 3460 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
17:54:41.0692 3460 Mup - ok
17:54:41.0746 3460 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll
17:54:41.0823 3460 napagent - ok
17:54:41.0875 3460 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
17:54:41.0920 3460 NativeWifiP - ok
17:54:41.0972 3460 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
17:54:42.0001 3460 NDIS - ok
17:54:42.0012 3460 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
17:54:42.0061 3460 NdisCap - ok
17:54:42.0081 3460 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
17:54:42.0137 3460 NdisTapi - ok
17:54:42.0183 3460 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
17:54:42.0233 3460 Ndisuio - ok
17:54:42.0264 3460 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
17:54:42.0357 3460 NdisWan - ok
17:54:42.0357 3460 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
17:54:42.0420 3460 NDProxy - ok
17:54:42.0451 3460 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
17:54:42.0498 3460 NetBIOS - ok
17:54:42.0560 3460 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
17:54:42.0638 3460 NetBT - ok
17:54:42.0685 3460 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:54:42.0701 3460 Netlogon - ok
17:54:42.0760 3460 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll
17:54:42.0816 3460 Netman - ok
17:54:42.0857 3460 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll
17:54:42.0922 3460 netprofm - ok
17:54:42.0992 3460 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:54:43.0012 3460 NetTcpPortSharing - ok
17:54:43.0044 3460 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
17:54:43.0060 3460 nfrd960 - ok
17:54:43.0145 3460 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll
17:54:43.0246 3460 NlaSvc - ok
17:54:43.0321 3460 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
17:54:43.0370 3460 Npfs - ok
17:54:43.0394 3460 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll
17:54:43.0432 3460 nsi - ok
17:54:43.0455 3460 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
17:54:43.0490 3460 nsiproxy - ok
17:54:43.0614 3460 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
17:54:43.0652 3460 Ntfs - ok
17:54:43.0679 3460 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\windows\system32\DRIVERS\NuidFltr.sys
17:54:43.0693 3460 NuidFltr - ok
17:54:43.0708 3460 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
17:54:43.0753 3460 Null - ok
17:54:43.0784 3460 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
17:54:43.0800 3460 nvraid - ok
17:54:43.0831 3460 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
17:54:43.0846 3460 nvstor - ok
17:54:43.0862 3460 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
17:54:43.0878 3460 nv_agp - ok
17:54:43.0893 3460 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
17:54:43.0924 3460 ohci1394 - ok
17:54:43.0956 3460 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
17:54:44.0002 3460 p2pimsvc - ok
17:54:44.0034 3460 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll
17:54:44.0065 3460 p2psvc - ok
17:54:44.0096 3460 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
17:54:44.0143 3460 Parport - ok
17:54:44.0174 3460 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
17:54:44.0205 3460 partmgr - ok
17:54:44.0252 3460 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
17:54:44.0268 3460 Parvdm - ok
17:54:44.0314 3460 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll
17:54:44.0346 3460 PcaSvc - ok
17:54:44.0392 3460 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
17:54:44.0424 3460 pci - ok
17:54:44.0439 3460 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
17:54:44.0455 3460 pciide - ok
17:54:44.0486 3460 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
17:54:44.0502 3460 pcmcia - ok
17:54:44.0517 3460 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
17:54:44.0533 3460 pcw - ok
17:54:44.0595 3460 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
17:54:44.0675 3460 PEAUTH - ok
17:54:44.0726 3460 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
17:54:44.0758 3460 PGEffect - ok
17:54:44.0877 3460 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll
17:54:44.0955 3460 pla - ok
17:54:45.0079 3460 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll
17:54:45.0119 3460 PlugPlay - ok
17:54:45.0152 3460 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll
17:54:45.0195 3460 PNRPAutoReg - ok
17:54:45.0232 3460 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll
17:54:45.0259 3460 PNRPsvc - ok
17:54:45.0317 3460 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll
17:54:45.0365 3460 PolicyAgent - ok
17:54:45.0405 3460 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll
17:54:45.0451 3460 Power - ok
17:54:45.0510 3460 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
17:54:45.0563 3460 PptpMiniport - ok
17:54:45.0580 3460 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
17:54:45.0603 3460 Processor - ok
17:54:45.0647 3460 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\windows\system32\profsvc.dll
17:54:45.0674 3460 ProfSvc - ok
17:54:45.0721 3460 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:54:45.0736 3460 ProtectedStorage - ok
17:54:45.0767 3460 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
17:54:45.0824 3460 Psched - ok
17:54:45.0912 3460 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
17:54:45.0969 3460 ql2300 - ok
17:54:46.0118 3460 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
17:54:46.0152 3460 ql40xx - ok
17:54:46.0207 3460 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll
17:54:46.0255 3460 QWAVE - ok
17:54:46.0273 3460 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
17:54:46.0294 3460 QWAVEdrv - ok
17:54:46.0312 3460 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
17:54:46.0347 3460 RasAcd - ok
17:54:46.0373 3460 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
17:54:46.0425 3460 RasAgileVpn - ok
17:54:46.0461 3460 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll
17:54:46.0512 3460 RasAuto - ok
17:54:46.0536 3460 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
17:54:46.0596 3460 Rasl2tp - ok
17:54:46.0650 3460 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll
17:54:46.0702 3460 RasMan - ok
17:54:46.0727 3460 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
17:54:46.0766 3460 RasPppoe - ok
17:54:46.0788 3460 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
17:54:46.0835 3460 RasSstp - ok
17:54:46.0866 3460 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
17:54:46.0960 3460 rdbss - ok
17:54:47.0007 3460 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
17:54:47.0022 3460 rdpbus - ok
17:54:47.0069 3460 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
17:54:47.0116 3460 RDPCDD - ok
17:54:47.0223 3460 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
17:54:47.0268 3460 RDPENCDD - ok
17:54:47.0306 3460 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
17:54:47.0369 3460 RDPREFMP - ok
17:54:47.0478 3460 RDPWD (244c83332f44589ae98fc347f11b2693) C:\windows\system32\drivers\RDPWD.sys
17:54:47.0557 3460 RDPWD - ok
17:54:47.0610 3460 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
17:54:47.0629 3460 rdyboost - ok
17:54:47.0694 3460 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll
17:54:47.0771 3460 RemoteAccess - ok
17:54:47.0818 3460 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll
17:54:47.0869 3460 RemoteRegistry - ok
17:54:48.0055 3460 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:54:48.0089 3460 RichVideo - ok
17:54:48.0129 3460 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll
17:54:48.0200 3460 RpcEptMapper - ok
17:54:48.0274 3460 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe
17:54:48.0305 3460 RpcLocator - ok
17:54:48.0398 3460 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll
17:54:48.0461 3460 RpcSs - ok
17:54:48.0617 3460 RSELSVC - ok
17:54:48.0710 3460 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
17:54:48.0773 3460 rspndr - ok
17:54:48.0840 3460 RSUSBSTOR (ef8b2afc3c0751c5e5a59983c8893260) C:\windows\system32\Drivers\RtsUStor.sys
17:54:48.0909 3460 RSUSBSTOR - ok
17:54:48.0966 3460 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\windows\system32\DRIVERS\Rt86win7.sys
17:54:49.0007 3460 RTL8167 - ok
17:54:49.0108 3460 rtl8192se (8327c64e9a4d052339c16499d08f7d6c) C:\windows\system32\DRIVERS\rtl8192se.sys
17:54:49.0154 3460 rtl8192se - ok
17:54:49.0159 3460 RtsUIR - ok
17:54:49.0279 3460 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:54:49.0314 3460 SamSs - ok
17:54:49.0434 3460 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
17:54:49.0465 3460 sbp2port - ok
17:54:49.0508 3460 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll
17:54:49.0557 3460 SCardSvr - ok
17:54:49.0620 3460 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
17:54:49.0674 3460 scfilter - ok
17:54:49.0765 3460 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll
17:54:49.0831 3460 Schedule - ok
17:54:49.0893 3460 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll
17:54:49.0931 3460 SCPolicySvc - ok
17:54:50.0032 3460 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll
17:54:50.0134 3460 SDRSVC - ok
17:54:50.0178 3460 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
17:54:50.0224 3460 secdrv - ok
17:54:50.0266 3460 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll
17:54:50.0316 3460 seclogon - ok
17:54:50.0359 3460 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\system32\sens.dll
17:54:50.0420 3460 SENS - ok
17:54:50.0501 3460 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll
17:54:50.0575 3460 SensrSvc - ok
17:54:50.0628 3460 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
17:54:50.0670 3460 Serenum - ok
17:54:50.0715 3460 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
17:54:50.0738 3460 Serial - ok
17:54:50.0796 3460 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
17:54:50.0821 3460 sermouse - ok
17:54:50.0899 3460 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll
17:54:50.0946 3460 SessionEnv - ok
17:54:50.0977 3460 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
17:54:50.0992 3460 sffdisk - ok
17:54:51.0008 3460 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
17:54:51.0039 3460 sffp_mmc - ok
17:54:51.0055 3460 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
17:54:51.0086 3460 sffp_sd - ok
17:54:51.0258 3460 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
17:54:51.0351 3460 sfloppy - ok
17:54:51.0585 3460 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll
17:54:51.0663 3460 SharedAccess - ok
17:54:51.0726 3460 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll
17:54:51.0788 3460 ShellHWDetection - ok
17:54:51.0907 3460 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
17:54:51.0932 3460 sisagp - ok
17:54:51.0958 3460 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
17:54:51.0974 3460 SiSRaid2 - ok
17:54:51.0996 3460 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
17:54:52.0013 3460 SiSRaid4 - ok
17:54:52.0078 3460 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
17:54:52.0106 3460 SkypeUpdate - ok
17:54:52.0126 3460 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
17:54:52.0185 3460 Smb - ok
17:54:52.0220 3460 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe
17:54:52.0241 3460 SNMPTRAP - ok
17:54:52.0302 3460 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
17:54:52.0333 3460 spldr - ok
17:54:52.0388 3460 Spooler (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe
17:54:52.0445 3460 Spooler - ok
17:54:52.0685 3460 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe
17:54:52.0779 3460 sppsvc - ok
17:54:52.0886 3460 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll
17:54:52.0948 3460 sppuinotify - ok
17:54:53.0011 3460 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
17:54:53.0057 3460 srv - ok
17:54:53.0182 3460 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
17:54:53.0198 3460 srv2 - ok
17:54:53.0229 3460 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
17:54:53.0260 3460 srvnet - ok
17:54:53.0319 3460 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll
17:54:53.0407 3460 SSDPSRV - ok
17:54:53.0531 3460 SSPORT (ef3458337d7341a05169cefc73709264) C:\windows\system32\Drivers\SSPORT.sys
17:54:53.0544 3460 SSPORT ( UnsignedFile.Multi.Generic ) - warning
17:54:53.0544 3460 SSPORT - detected UnsignedFile.Multi.Generic (1)
17:54:53.0613 3460 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll
17:54:53.0690 3460 SstpSvc - ok
17:54:53.0788 3460 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
17:54:53.0807 3460 stexstor - ok
17:54:53.0869 3460 StillCam (edb05bd63148796f23ea78506404a538) C:\windows\system32\DRIVERS\serscan.sys
17:54:53.0901 3460 StillCam - ok
17:54:54.0004 3460 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll
17:54:54.0084 3460 StiSvc - ok
17:54:54.0133 3460 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
17:54:54.0155 3460 swenum - ok
17:54:54.0226 3460 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll
17:54:54.0295 3460 swprv - ok
17:54:54.0341 3460 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys
17:54:54.0388 3460 SynTP - ok
17:54:54.0520 3460 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll
17:54:54.0565 3460 SysMain - ok
17:54:54.0660 3460 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll
17:54:54.0686 3460 TabletInputService - ok
17:54:54.0797 3460 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll
17:54:54.0849 3460 TapiSrv - ok
17:54:54.0948 3460 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll
17:54:55.0026 3460 TBS - ok
17:54:55.0175 3460 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\drivers\tcpip.sys
17:54:55.0218 3460 Tcpip - ok
17:54:55.0243 3460 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\windows\system32\DRIVERS\tcpip.sys
17:54:55.0293 3460 TCPIP6 - ok
17:54:55.0353 3460 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
17:54:55.0386 3460 tcpipreg - ok
17:54:55.0416 3460 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
17:54:55.0429 3460 tdcmdpst - ok
17:54:55.0463 3460 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
17:54:55.0500 3460 TDPIPE - ok
17:54:55.0535 3460 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys
17:54:55.0566 3460 TDTCP - ok
17:54:55.0599 3460 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
17:54:55.0633 3460 tdx - ok
17:54:55.0674 3460 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
17:54:55.0705 3460 TermDD - ok
17:54:55.0766 3460 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll
17:54:55.0848 3460 TermService - ok
17:54:55.0876 3460 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll
17:54:55.0899 3460 Themes - ok
17:54:55.0921 3460 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll
17:54:55.0959 3460 THREADORDER - ok
17:54:56.0015 3460 TMachInfo (32577b987ae5401038451bb392cb8d89) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:54:56.0041 3460 TMachInfo - ok
17:54:56.0078 3460 TODDSrv (fe65d33b7d4ff07dd1d29526a48df810) C:\windows\system32\TODDSrv.exe
17:54:56.0094 3460 TODDSrv - ok
17:54:56.0160 3460 TosCoSrv (451b09ba1a0d019ba0b5a27229559d55) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
17:54:56.0198 3460 TosCoSrv - ok
17:54:56.0247 3460 TOSHIBA eco Utility Service (0b5fa26e0c8a8e07a6df3df4e5711da8) C:\Program Files\TOSHIBA\TECO\TecoService.exe
17:54:56.0272 3460 TOSHIBA eco Utility Service - ok
17:54:56.0319 3460 TOSHIBA HDD SSD Alert Service (94ecabe1ba3559214fe6c3ce6c9677eb) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:54:56.0333 3460 TOSHIBA HDD SSD Alert Service - ok
17:54:56.0385 3460 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\windows\system32\DRIVERS\tos_sps32.sys
17:54:56.0410 3460 tos_sps32 - ok
17:54:56.0500 3460 TPCHSrv (31d2881b0647f2b09b118b9b50c02888) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
17:54:56.0532 3460 TPCHSrv - ok
17:54:56.0563 3460 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll
17:54:56.0615 3460 TrkWks - ok
17:54:56.0672 3460 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe
17:54:56.0730 3460 TrustedInstaller - ok
17:54:56.0764 3460 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
17:54:56.0803 3460 tssecsrv - ok
17:54:56.0831 3460 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
17:54:56.0862 3460 TsUsbFlt - ok
17:54:56.0893 3460 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
17:54:56.0956 3460 tunnel - ok
17:54:56.0987 3460 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:54:57.0003 3460 TVALZ - ok
17:54:57.0034 3460 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\windows\system32\DRIVERS\TVALZFL.sys
17:54:57.0034 3460 TVALZFL - ok
17:54:57.0065 3460 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
17:54:57.0081 3460 uagp35 - ok
17:54:57.0127 3460 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
17:54:57.0205 3460 udfs - ok
17:54:57.0237 3460 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe
17:54:57.0283 3460 UI0Detect - ok
17:54:57.0315 3460 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
17:54:57.0330 3460 uliagpkx - ok
17:54:57.0346 3460 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
17:54:57.0377 3460 umbus - ok
17:54:57.0393 3460 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
17:54:57.0424 3460 UmPass - ok
17:54:57.0471 3460 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll
17:54:57.0533 3460 upnphost - ok
17:54:57.0564 3460 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
17:54:57.0595 3460 usbccgp - ok
17:54:57.0611 3460 USBCCID - ok
17:54:57.0627 3460 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
17:54:57.0642 3460 usbcir - ok
17:54:57.0658 3460 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys
17:54:57.0673 3460 usbehci - ok
17:54:57.0705 3460 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
17:54:57.0736 3460 usbhub - ok
17:54:57.0767 3460 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\DRIVERS\usbohci.sys
17:54:57.0783 3460 usbohci - ok
17:54:57.0814 3460 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
17:54:57.0866 3460 usbprint - ok
17:54:57.0908 3460 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
17:54:57.0939 3460 USBSTOR - ok
17:54:57.0970 3460 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
17:54:58.0000 3460 usbuhci - ok
17:54:58.0035 3460 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
17:54:58.0086 3460 usbvideo - ok
17:54:58.0109 3460 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll
17:54:58.0157 3460 UxSms - ok
17:54:58.0192 3460 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe
17:54:58.0224 3460 VaultSvc - ok
17:54:58.0261 3460 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
17:54:58.0276 3460 vdrvroot - ok
17:54:58.0350 3460 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe
17:54:58.0409 3460 vds - ok
17:54:58.0445 3460 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
17:54:58.0487 3460 vga - ok
17:54:58.0502 3460 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
17:54:58.0537 3460 VgaSave - ok
17:54:58.0580 3460 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
17:54:58.0598 3460 vhdmp - ok
17:54:58.0621 3460 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
17:54:58.0638 3460 viaagp - ok
17:54:58.0666 3460 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
17:54:58.0692 3460 ViaC7 - ok
17:54:58.0727 3460 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
17:54:58.0741 3460 viaide - ok
17:54:58.0757 3460 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
17:54:58.0773 3460 volmgr - ok
17:54:58.0809 3460 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
17:54:58.0830 3460 volmgrx - ok
17:54:58.0859 3460 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
17:54:58.0875 3460 volsnap - ok
17:54:58.0906 3460 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
17:54:58.0922 3460 vsmraid - ok
17:54:59.0015 3460 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe
17:54:59.0078 3460 VSS - ok
17:54:59.0093 3460 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
17:54:59.0124 3460 vwifibus - ok
17:54:59.0140 3460 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
17:54:59.0171 3460 vwififlt - ok
17:54:59.0234 3460 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll
17:54:59.0280 3460 W32Time - ok
17:54:59.0327 3460 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
17:54:59.0343 3460 WacomPen - ok
17:54:59.0390 3460 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:54:59.0452 3460 WANARP - ok
17:54:59.0452 3460 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
17:54:59.0499 3460 Wanarpv6 - ok
17:54:59.0592 3460 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe
17:54:59.0655 3460 WatAdminSvc - ok
17:54:59.0764 3460 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe
17:54:59.0811 3460 wbengine - ok
17:54:59.0842 3460 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll
17:54:59.0910 3460 WbioSrvc - ok
17:54:59.0970 3460 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll
17:55:00.0025 3460 wcncsvc - ok
17:55:00.0039 3460 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll
17:55:00.0072 3460 WcsPlugInService - ok
17:55:00.0132 3460 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
17:55:00.0162 3460 Wd - ok
17:55:00.0209 3460 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
17:55:00.0232 3460 Wdf01000 - ok
17:55:00.0245 3460 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
17:55:00.0289 3460 WdiServiceHost - ok
17:55:00.0295 3460 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll
17:55:00.0327 3460 WdiSystemHost - ok
17:55:00.0424 3460 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll
17:55:00.0479 3460 WebClient - ok
17:55:00.0512 3460 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll
17:55:00.0553 3460 Wecsvc - ok
17:55:00.0568 3460 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll
17:55:00.0606 3460 wercplsupport - ok
17:55:00.0618 3460 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll
17:55:00.0658 3460 WerSvc - ok
17:55:00.0675 3460 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
17:55:00.0714 3460 WfpLwf - ok
17:55:00.0732 3460 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
17:55:00.0749 3460 WIMMount - ok
17:55:00.0837 3460 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
17:55:00.0876 3460 WinDefend - ok
17:55:00.0892 3460 WinHttpAutoProxySvc - ok
17:55:01.0157 3460 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll
17:55:01.0220 3460 Winmgmt - ok
17:55:01.0313 3460 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll
17:55:01.0376 3460 WinRM - ok
17:55:01.0454 3460 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
17:55:01.0485 3460 WinUsb - ok
17:55:01.0797 3460 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll
17:55:01.0859 3460 Wlansvc - ok
17:55:01.0912 3460 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
17:55:01.0930 3460 WmiAcpi - ok
17:55:01.0974 3460 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe
17:55:02.0014 3460 wmiApSrv - ok
17:55:02.0159 3460 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
17:55:02.0195 3460 WMPNetworkSvc - ok
17:55:02.0220 3460 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll
17:55:02.0249 3460 WPCSvc - ok
17:55:02.0285 3460 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll
17:55:02.0307 3460 WPDBusEnum - ok
17:55:02.0366 3460 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
17:55:02.0437 3460 ws2ifsl - ok
17:55:02.0468 3460 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\system32\wscsvc.dll
17:55:02.0512 3460 wscsvc - ok
17:55:02.0542 3460 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\windows\system32\DRIVERS\WSDPrint.sys
17:55:02.0581 3460 WSDPrintDevice - ok
17:55:02.0589 3460 WSearch - ok
17:55:02.0778 3460 wuauserv (3026418a50c5b4761befa632cedb7406) C:\windows\system32\wuaueng.dll
17:55:02.0869 3460 wuauserv - ok
17:55:02.0987 3460 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
17:55:03.0018 3460 WudfPf - ok
17:55:03.0034 3460 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
17:55:03.0096 3460 WUDFRd - ok
17:55:03.0143 3460 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll
17:55:03.0206 3460 wudfsvc - ok
17:55:03.0268 3460 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll
17:55:03.0346 3460 WwanSvc - ok
17:55:03.0440 3460 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
17:55:03.0580 3460 \Device\Harddisk0\DR0 - ok
17:55:03.0611 3460 Boot (0x1200) (85ef41098e2d10d57f37a15b624525c0) \Device\Harddisk0\DR0\Partition0
17:55:03.0611 3460 \Device\Harddisk0\DR0\Partition0 - ok
17:55:03.0611 3460 ============================================================
17:55:03.0611 3460 Scan finished
17:55:03.0611 3460 ============================================================
17:55:03.0658 6156 Detected object count: 3
17:55:03.0658 6156 Actual detected object count: 3
17:55:36.0539 6156 DgiVecp ( UnsignedFile.Multi.Generic ) - skipped by user
17:55:36.0539 6156 DgiVecp ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:55:36.0555 6156 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:55:36.0555 6156 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:55:36.0555 6156 SSPORT ( UnsignedFile.Multi.Generic ) - skipped by user
17:55:36.0555 6156 SSPORT ( UnsignedFile.Multi.Generic ) - User select action: Skip

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 08 May 2012 - 09:26 AM

You sent me the tdsskiller report I asked you to run combofix with a script


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 bjulie

bjulie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 09 May 2012 - 06:16 PM

The problem seems to be gone, thanks!

Here's the ComboFix report:

ComboFix 12-05-05.06 - Julie 2012-05-09 18:10:55.2.2 - x86
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.2942.1605 [GMT -4:00]
Lancé depuis: c:\users\Julie\Downloads\ComboFix.exe
Commutateurs utilisés :: c:\users\Julie\Desktop\CFScript.txt
AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
FILE ::
"c:\windows\system32\wmpsrcwpo.dll"
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-04-09 au 2012-05-09 ))))))))))))))))))))))))))))))))))))
.
.
2012-05-09 22:22 . 2012-05-09 22:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-04 21:17 . 2012-05-04 21:17 -------- d-----w- c:\users\Julie\AppData\Roaming\Malwarebytes
2012-05-04 21:16 . 2012-05-04 21:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-04 21:16 . 2012-05-04 21:16 -------- d-----w- c:\programdata\Malwarebytes
2012-05-04 21:16 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-29 19:46 . 2012-05-05 13:02 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-29 19:46 . 2012-05-05 13:02 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 18:55 . 2012-02-14 17:10 4777280 ----a-w- C:\procexp.exe
2012-04-29 18:54 . 2012-04-13 14:38 2473592 ----a-w- C:\Procmon.exe
2012-04-27 17:47 . 2012-04-27 17:47 -------- d-----w- c:\program files\Common Files\Skype
2012-04-23 19:27 . 2012-04-23 19:27 -------- d-----w- c:\program files\Common Files\Java
2012-04-14 19:39 . 2012-04-14 19:39 -------- d-----w- c:\program files\Common Files\Canon
2012-04-12 01:16 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-12 01:16 . 2012-03-01 05:37 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-04-12 01:16 . 2012-03-01 05:33 159232 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-12 01:16 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-12 01:15 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-12 01:15 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-23 19:14 . 2010-08-29 19:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-24 13:38 . 2012-02-24 13:38 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-17 05:34 . 2012-03-14 10:40 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-02-17 04:14 . 2012-03-14 10:40 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-02-17 04:13 . 2012-03-14 10:40 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-02-10 05:38 . 2012-03-14 10:40 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-05 15:08 . 2012-02-13 15:57 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gestionnaire Antidote.exe"="c:\program files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-11-30 533944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-07-10 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 425984]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-14 34088]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 476512]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-08-13 521528]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-29 7625248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-07-29 163840]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-08-11 1324384]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-08-06 611672]
"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2009-08-06 466792]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2009-08-06 29528]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-22 74752]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-02-24 479232]
"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-09 52256]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-03-16 210216]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-10 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-10 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-10-27 273528]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-25 202296]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 136176]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 gupdatem;Service Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 136176]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 171520]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1343400]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 176128]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 RSELSVC;TOSHIBA Modem region select service;c:\program files\TOSHIBA\RSelect\RSelSvc.exe [2009-07-07 62832]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 5120]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 185712]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
S3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [2009-11-04 17408]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19984]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 22344]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-23 167936]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-26 1011232]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 111960]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-06 685424]
S3 WSDPrintDevice;Prise en charge de l’impression WSD via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 13:02]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 12:44]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-12-01 12:44]
.
2012-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-805611008-3350529123-155588212-1001Core.job
- c:\users\Julie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-29 13:58]
.
2012-05-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-805611008-3350529123-155588212-1001UA.job
- c:\users\Julie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-29 13:58]
.
2012-05-09 c:\windows\Tasks\iotswufln.job
- c:\windows\system32\wmpsrcwpo.dll [2012-01-24 16:40]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.ca/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.toshiba.ca/fr/bienvenue
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Ajouter à l'Anti-bannière - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\8hzjdy88.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000020
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-05-09 18:25:00
ComboFix-quarantined-files.txt 2012-05-09 22:24
ComboFix2.txt 2012-05-05 21:16
.
Avant-CF: 421 448 880 128 octets libres
Après-CF: 421 455 851 520 octets libres
.
- - End Of File - - ED889AC8EE4568E07A70A13D0ABF1E96

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 09 May 2012 - 08:32 PM

Blitzblank.

Download BlitzBlank and save it to your desktop. Open Blitzblank.exe

  • Click OK at the warning (and take note of it, this is a VERY powerful tool!).
  • Click the Script tab and copy/paste the following text there:
DeleteFile:
"c:\windows\system32\wmpsrcwpo.dll"
  • Click Execute Now. Your computer will need to reboot in order to replace the files.
  • When done, post me the report created by Blitzblank. you can find it at the root of the drive Normaly C:\

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 11 May 2012 - 11:19 PM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 bjulie

bjulie
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:46 AM

Posted 13 May 2012 - 11:38 AM

Sorry I've been really busy these past week, here's the BlitzBlank report:



BlitzBlank 1.0.0.32

File/Registry Modification Engine native application
MoveFileOnReboot: sourceFile = "\??\c:\windows\system32\wmpsrcwpo.dll", destinationFile = "(null)", replaceWithDummy = 0

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:46 AM

Posted 13 May 2012 - 12:05 PM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users