Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Network problems?


  • Please log in to reply
27 replies to this topic

#1 bwrighttwo

bwrighttwo

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 06 May 2012 - 11:26 PM

First I would like to apologize for past topics being abandoned. I have had 4 pc's remotely taken over. I was unable to reply within the allotted time.
Could someone look at thes logs and tell me if they are normal. I have a Verizon Wifi I use to connect to the internet. There should be no other connections. I feel that some files from the virus are returning and I an wondering if it may be network problems. Thank you



Windows IP Configuration

Host Name . . . . . . . . . . . . : Buck-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-26-82-63-D2-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Fast Ethernet
Physical Address. . . . . . . . . : 70-5A-B6-60-1C-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0080FA9C-4231-4A13-B26B-6CDE7DFC02F1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{90682896-95D4-4C2B-B4F4-E87E9E1FB030}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

===========================================================================
Interface List
12...00 26 82 63 d2 10 ......Broadcom 802.11g Network Adapter
11...70 5a b6 60 1c d6 ......Broadcom NetLink ™ Fast Ethernet
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None


This is a unknown device that was in the dvd/cd drive.

System Information

Kit Installed: 8.9.0.1023
Kit Install History: 8.9.0.1023, Uninstall
Shell Version: 8.9.0.1023

OS Name: Microsoft Windows 7 Home Premium
OS Version: 6.1.7600 Build 7600
System Name: BUCK-PC
System Manufacturer: LENOVO
System Model: NITU1
Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz
BIOS Version/Date: LENOVO 18CN42WW(V2.51) , 01/18/2010

Language: ENU



Intel® Matrix Storage Manager

Intel Serial ATA Controller: Intel® ICH9M-E/M SATA AHCI Controller
Number of Serial ATA ports: 3

Driver Version: 8.9.0.1023
Serial ATA Plug-In Version: 8.9.0.1023
Language Resource Version of the Serial ATA Plug-In: 8.9.0.1023
ISDI Library Version: 8.9.0.1023

Hard Drive 0
Status: Normal
Device Port: 0
Device Port Location: Internal
Current Serial ATA Transfer Mode: Generation 2
Model: WDC WD2500BEVT-24A23T0
Serial Number: WD-WX31A20S3475
Firmware: 01.01A02
Native Command Queuing Support: Yes
Size: 232.8 GB

Unused Port 0
Device Port: 4
Device Port Location: External

CD/DVD Drive 0
Device Port: 1
Device Port Location: Internal
Current Serial ATA Transfer Mode: Generation 1
Model: SlimtypeDVD A DS8A4S
Serial Number: 002070134618
Firmware: JL61

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:11 AM

Posted 10 May 2012 - 07:12 PM

Hi,

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2

Please download Farbar Service Scanner to your Desktop and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Step 4

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

NOTE: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 10 May 2012 - 07:53 PM

I was not sure if you wanted all logs in the same post or not so i am posting one at a time. Thanks Results of screen317's Security Check version 0.99.32
Windows 7 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 32
````````````````````````````````
Process Check:
objlist.exe by Laurent

Kaspersky Lab Kaspersky PURE avp.exe
``````````End of Log````````````

#4 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 10 May 2012 - 07:55 PM

Sorry I forgot I had antivirus disabled. I will scan again.

#5 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 10 May 2012 - 08:00 PM

Results of screen317's Security Check version 0.99.32
Windows 7 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 32
````````````````````````````````
Process Check:
objlist.exe by Laurent

Kaspersky Lab Kaspersky PURE avp.exe
``````````End of Log````````````

Farbar Service Scanner Version: 08-05-2012
Ran by Buck (administrator) on 10-05-2012 at 20:58:30
Running from "C:\Users\Buck\Desktop"
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-05 18:45] - [2011-09-29 11:43] - 1285488 ____A (Microsoft Corporation) 56C198AC82EFA622DD93E9E43575F79C

C:\Windows\system32\dnsrslvr.dll
[2012-05-05 18:44] - [2011-03-03 01:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 19:53] - [2009-07-13 21:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 19:54] - [2009-07-13 21:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 19:23] - [2009-07-13 21:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 19:24] - [2009-07-13 21:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 20:15] - [2009-07-13 21:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 19:30] - [2009-07-13 21:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#6 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 10 May 2012 - 08:09 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by Buck (administrator) on 10-05-2012 at 21:02:26
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11g Network Adapter = Wireless Network Connection (Connected)
Broadcom NetLink ™ Fast Ethernet = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Buck-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
Physical Address. . . . . . . . . : 00-26-82-63-D2-10
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c068:95c7:72e3:8dd6%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, May 10, 2012 8:37:39 PM
Lease Expires . . . . . . . . . . : Friday, May 11, 2012 8:37:38 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218113666
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-36-06-F5-70-5A-B6-60-1C-D6
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Fast Ethernet
Physical Address. . . . . . . . . : 70-5A-B6-60-1C-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{90682896-95D4-4C2B-B4F4-E87E9E1FB030}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4e2:236b:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::4e2:236b:3f57:fefc%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.43.36
173.194.43.35
173.194.43.39
173.194.43.32
173.194.43.37
173.194.43.41
173.194.43.46
173.194.43.33
173.194.43.38
173.194.43.40
173.194.43.34


Pinging google.com [173.194.43.40] with 32 bytes of data:
Reply from 173.194.43.40: bytes=32 time=95ms TTL=53
Reply from 173.194.43.40: bytes=32 time=89ms TTL=53

Ping statistics for 173.194.43.40:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 89ms, Maximum = 95ms, Average = 92ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=185ms TTL=45
Reply from 98.139.183.24: bytes=32 time=108ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 108ms, Maximum = 185ms, Average = 146ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 82 63 d2 10 ......Broadcom 802.11g Network Adapter
11...70 5a b6 60 1c d6 ......Broadcom NetLink ™ Fast Ethernet
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:4e2:236b:3f57:fefc/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::4e2:236b:3f57:fefc/128
On-link
12 281 fe80::c068:95c7:72e3:8dd6/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/06/2012 10:18:34 PM) (Source: CardSpace 3.0.0.0) (User: SYSTEM)SYSTEM
Description: The Windows CardSpace service is too busy to process this request.
User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 10:18:34 PM) (Source: CardSpace 3.0.0.0) (User: SYSTEM)SYSTEM
Description: The Windows CardSpace service is too busy to process this request.
User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 10:18:34 PM) (Source: CardSpace 3.0.0.0) (User: SYSTEM)SYSTEM
Description: The Windows CardSpace service is too busy to process this request.
User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 10:18:33 PM) (Source: CardSpace 3.0.0.0) (User: SYSTEM)SYSTEM
Description: The Windows CardSpace service is too busy to process this request.
User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 04:08:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: mmc.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3f1
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49caf
Exception code: 0xc0000374
Fault offset: 0x000c33bb
Faulting process id: 0xba0
Faulting application start time: 0xmmc.exe0
Faulting application path: mmc.exe1
Faulting module path: mmc.exe2
Report Id: mmc.exe3

Error: (05/06/2012 01:04:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/06/2012 01:04:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/05/2012 11:54:12 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bb80e902-1451-45ee-9b43-ae42371bff26}


System errors:
=============
Error: (05/07/2012 10:59:46 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:57:19 PM on ?5/?7/?2012 was unexpected.

Error: (05/07/2012 10:57:48 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (05/07/2012 10:54:10 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (05/07/2012 10:51:19 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (05/06/2012 03:54:23 PM) (Source: DCOM) (User: )
Description: 1084CSObjectsSrv{D7B356D0-0DA4-11DB-8993-005056C00008}

Error: (05/06/2012 03:18:38 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/06/2012 03:17:13 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/06/2012 03:17:13 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/06/2012 03:17:13 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/06/2012 03:17:13 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (05/06/2012 10:18:34 PM) (Source: CardSpace 3.0.0.0)(User: SYSTEM)SYSTEM
Description: User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 10:18:34 PM) (Source: CardSpace 3.0.0.0)(User: SYSTEM)SYSTEM
Description: User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 10:18:34 PM) (Source: CardSpace 3.0.0.0)(User: SYSTEM)SYSTEM
Description: User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 10:18:33 PM) (Source: CardSpace 3.0.0.0)(User: SYSTEM)SYSTEM
Description: User has too many outstanding requests.



Additional Information:
at System.Environment.GetStackTrace(Exception e, Boolean needFileInfo)
at System.Environment.get_StackTrace()
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.BuildMessage(InfoCardBaseException ie)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.TraceAndLogException(Exception e)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.ThrowHelperError(Exception e)
at Microsoft.InfoCards.UIAgentMonitor.AddNewClient(UIAgentMonitorHandle handle)
at Microsoft.InfoCards.UIAgentMonitorHandle.CreateAgent(Int32 callerPid, WindowsIdentity callerIdentity, Int32 tsSessionId)
at Microsoft.InfoCards.RequestFactory.CreateClientRequestInstance(UIAgentMonitorHandle monitorHandle, String reqName, IntPtr rpcHandle, Stream inStream, Stream outStream)
at Microsoft.InfoCards.RequestFactory.ProcessNewRequest(Int32 parentRequestHandle, IntPtr rpcHandle, IntPtr inArgs, IntPtr& outArgs)

Error: (05/06/2012 04:08:08 PM) (Source: Application Error)(User: )
Description: mmc.exe6.1.7600.163854a5bc3f1ntdll.dll6.1.7600.169154ec49cafc0000374000c33bbba001cd2bc3691d9a54C:\Windows\system32\mmc.exeC:\Windows\SYSTEM32\ntdll.dll3241a35c-97b7-11e1-9135-705ab6601cd6

Error: (05/06/2012 01:04:19 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\Lenovo\energy management\start_utility.exe

Error: (05/06/2012 01:04:13 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Lenovo\energy management\DPInst.exe

Error: (05/05/2012 11:54:12 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bb80e902-1451-45ee-9b43-ae42371bff26}


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Energy Management (Version: 4.4.1.0)
ESET Online Scanner v3
Google Chrome (Version: 18.0.1025.168)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 32 (Version: 6.0.320)
Kaspersky PURE (Version: 9.1.0.124)
Lenovo EasyCamera (Version: 5.8.50.6)
System Requirements Lab for Intel (Version: 4.5.5.0)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (Version: 06/15/2009 6.2.0.9000)
Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500) (Version: 06/11/2009 6.2.0.9500)

========================= Devices: ================================

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Slimtype DVD A DS8A4S
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Suyin Optronics CORP.
Service: SNP2UVC

Name: Intel® ICH9M LPC Interface Controller - 2919
Description: Intel® ICH9M LPC Interface Controller - 2919
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Description: Intel® ICH9 Family PCI Express Root Port 4 - 2946
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: msahci
Description: msahci
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msahci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Winsock IFS Driver
Description: Winsock IFS Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ws2ifsl

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: Compbatt

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® ICH9M-E/M SATA AHCI Controller
Description: Intel® ICH9M-E/M SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: iaStor

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Description: Intel® ICH9 Family PCI Express Root Port 6 - 294A
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Reflector Display Driver used to gain access to graphics data
Description: Reflector Display Driver used to gain access to graphics data
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPREFMP

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Description: Mobile Intel® 4 Series Chipset Processor to DRAM Controller - 2A40
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: NativeWiFi Filter
Description: NativeWiFi Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NativeWifiP

Name: UMBus Enumerator
Description: UMBus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WDC WD2500BEVT-24A23T0
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: IDE Channel
Description: IDE Channel
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atapi

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: kl1
Description: kl1
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: kl1

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: Intel® ICH9 Family Thermal Subsystem - 2932
Description: Intel® ICH9 Family Thermal Subsystem - 2932
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: Mobile Intel® 45 Express Chipset Family (Microsoft Corporation - WDDM 1.1)
Description: Mobile Intel® 45 Express Chipset Family (Microsoft Corporation - WDDM 1.1)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Kaspersky Lab Boot Guard Driver
Description: Kaspersky Lab Boot Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KLBG

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: catchme
Description: catchme
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: catchme

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Kaspersky Anti-Virus NDIS 6 Filter
Description: Kaspersky Anti-Virus NDIS 6 Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KLIM6

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Mobile Intel® 45 Express Chipset Family (Microsoft Corporation - WDDM 1.1)
Description: Mobile Intel® 45 Express Chipset Family (Microsoft Corporation - WDDM 1.1)
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Pentium® Dual-Core CPU T4400 @ 2.20GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: Broadcom NetLink ™ Fast Ethernet
Description: Broadcom NetLink ™ Fast Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: b57nd60x

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Description: Intel® ICH9 Family PCI Express Root Port 1 - 2940
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: cpudrv
Description: cpudrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cpudrv

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: InfoWatch Encrypt Sector Library driver
Description: InfoWatch Encrypt Sector Library driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSCrySec

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service:

Name: Broadcom 802.11g Network Adapter
Description: Broadcom 802.11g Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Description: Intel® ICH9 Family PCI Express Root Port 2 - 2942
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: InfoWatch Virtual Disk driver
Description: InfoWatch Virtual Disk driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSVirtualDiskDrv

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: High Definition Audio Device
Description: High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Virtual WiFi Filter Driver
Description: Virtual WiFi Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vwififlt

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Description: Intel® ICH9 Family PCI Express Root Port 3 - 2944
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:


========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3004.6 MB
Available physical RAM: 2139.2 MB
Total Pagefile: 6007.48 MB
Available Pagefile: 4968.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.2 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:187.69 GB) (Free:162.76 GB) NTFS
2 Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:26.72 GB) NTFS

========================= Users: ========================================

User accounts for \\BUCK-PC

Administrator Buck Guest

========================= Minidump Files ==================================

No minidump file found

**** End of log ****


Could you post a shortcut for mbam please. Thanks

#7 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 10 May 2012 - 08:11 PM

I am having to click everythong twice so let me know if i have missed anything.

#8 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:11 AM

Posted 11 May 2012 - 04:52 AM

Hi

You may not have MBAM installed on the computer:

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes'
    Anti-Malware
    and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#9 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 11 May 2012 - 09:17 AM

Just to let you know I am not on the same network as i started this topic with. I will be back on that network later after i get home.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.11.04

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Buck :: BUCK-PC [administrator]

Protection: Enabled

5/11/2012 10:13:01 AM
mbam-log-2012-05-11 (10-13-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 177276
Time elapsed: 3 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:11 AM

Posted 11 May 2012 - 05:04 PM

Hi

I feel that some files from the virus are returning

What makes you suspect this?

Please do the following next:

Step 1:

Run Windows / Microsoft Update to check for updates

For Windows XP:

  • Click the Start button, click All Programs, and then click Windows Update under "See Also".
  • Click Check for Updates
  • If there are any Important / High priority to install, please install them.
  • Do not install any of the Optional updates.
  • Restart your computer

For Windows Vista / 7:

  • Click the Start button, click Control Panel, and then click Windows Update.
  • Click Check for Updates
  • If there are any Important / High priority updates to install, please install them.
  • Do not install any of the Optional updates.
  • Restart your computer


Step 2:

Please delete the current version of Farbar's Service scanner.

Download Farbar Service Scanner to your Desktop and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Edited by dev00790, 11 May 2012 - 05:09 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 11 May 2012 - 05:31 PM

I have an update that will not install. "Service pack 1 for Win 7"
I am not sure if you have looked at my previous discussions but I was unable to finish due to the virus getting too bad. I keep getting messages from kaspersky about files that are legal but can be used by criminals to take over my system. I can try to explain in more detail if you wish but first I will run Farbar

#12 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 11 May 2012 - 05:34 PM

Farbar Service Scanner Version: 11-05-2012
Ran by Buck (administrator) on 11-05-2012 at 18:33:36
Running from "C:\Users\Buck\Downloads"
Microsoft Windows 7 Home Premium (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-11 14:02] - [2012-03-30 06:29] - 1287024 ____A (Microsoft Corporation) 55E9965552741F3850CB22CBBA9671ED

C:\Windows\system32\dnsrslvr.dll
[2012-05-05 18:44] - [2011-03-03 01:29] - 0132608 ____A (Microsoft Corporation) B15BE77A2BACF9C3177D27518AFE26A9

C:\Windows\system32\mpssvc.dll
[2009-07-13 19:53] - [2009-07-13 21:15] - 0565760 ____A (Microsoft Corporation) 5CD996CECF45CBC3E8D109C86B82D69E

C:\Windows\system32\bfe.dll
[2009-07-13 19:54] - [2009-07-13 21:14] - 0493568 ____A (Microsoft Corporation) 85AC71C045CEB054ED48A7841AAE0C11

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll
[2009-07-13 19:23] - [2009-07-13 21:16] - 0125952 ____A (Microsoft Corporation) 5FD90ABDBFAEE85986802622CBB03446

C:\Windows\system32\vssvc.exe
[2009-07-13 19:24] - [2009-07-13 21:14] - 1025536 ____A (Microsoft Corporation) 7EA2BCD94D9CFAF4C556F5CC94532A6C

C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2009-07-13 20:15] - [2009-07-13 21:16] - 1912832 ____A (Microsoft Corporation) A33408CC036F9C08142B11BE5E93F0A1

C:\Windows\system32\qmgr.dll
[2009-07-13 19:30] - [2009-07-13 21:16] - 0589312 ____A (Microsoft Corporation) 53F476476F55A27F580661BDE09C4EC4

C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:11 AM

Posted 11 May 2012 - 05:44 PM

Hi

Hmm something is preventing the service pack from being installed.

Lets check for malware via two scans first:

Step 1

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on yourr desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Step 2

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Step 3

How is the computer running now?

Edited by dev00790, 11 May 2012 - 05:45 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 11 May 2012 - 06:19 PM

Here is the Farbar. I am waiting on the eset.

18:52:00.0371 4084 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
18:52:01.0322 4084 ============================================================
18:52:01.0322 4084 Current date / time: 2012/05/11 18:52:01.0322
18:52:01.0322 4084 SystemInfo:
18:52:01.0322 4084
18:52:01.0322 4084 OS Version: 6.1.7600 ServicePack: 0.0
18:52:01.0322 4084 Product type: Workstation
18:52:01.0322 4084 ComputerName: BUCK-PC
18:52:01.0322 4084 UserName: Buck
18:52:01.0322 4084 Windows directory: C:\Windows
18:52:01.0322 4084 System windows directory: C:\Windows
18:52:01.0322 4084 Processor architecture: Intel x86
18:52:01.0322 4084 Number of processors: 2
18:52:01.0322 4084 Page size: 0x1000
18:52:01.0322 4084 Boot type: Normal boot
18:52:01.0322 4084 ============================================================
18:52:02.0102 4084 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:52:02.0102 4084 ============================================================
18:52:02.0102 4084 \Device\Harddisk0\DR0:
18:52:02.0102 4084 MBR partitions:
18:52:02.0102 4084 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
18:52:02.0102 4084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x177602C0
18:52:02.0133 4084 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x177C52C0, BlocksNum 0x3C7E000
18:52:02.0133 4084 ============================================================
18:52:02.0227 4084 C: <-> \Device\Harddisk0\DR0\Partition1
18:52:02.0274 4084 D: <-> \Device\Harddisk0\DR0\Partition2
18:52:02.0274 4084 ============================================================
18:52:02.0274 4084 Initialize success
18:52:02.0274 4084 ============================================================
18:52:03.0927 2116 ============================================================
18:52:03.0927 2116 Scan started
18:52:03.0927 2116 Mode: Manual;
18:52:03.0927 2116 ============================================================
18:52:06.0221 2116 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
18:52:06.0221 2116 1394ohci - ok
18:52:06.0267 2116 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
18:52:06.0267 2116 ACPI - ok
18:52:06.0330 2116 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
18:52:06.0330 2116 AcpiPmi - ok
18:52:07.0687 2116 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:52:07.0687 2116 AdobeFlashPlayerUpdateSvc - ok
18:52:07.0874 2116 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:52:07.0874 2116 adp94xx - ok
18:52:07.0968 2116 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:52:07.0968 2116 adpahci - ok
18:52:08.0046 2116 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:52:08.0046 2116 adpu320 - ok
18:52:08.0093 2116 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:52:08.0108 2116 AeLookupSvc - ok
18:52:08.0171 2116 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
18:52:08.0186 2116 AFD - ok
18:52:08.0233 2116 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
18:52:08.0233 2116 agp440 - ok
18:52:08.0295 2116 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:52:08.0311 2116 aic78xx - ok
18:52:08.0373 2116 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:52:08.0389 2116 ALG - ok
18:52:08.0451 2116 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
18:52:08.0451 2116 aliide - ok
18:52:08.0467 2116 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
18:52:08.0467 2116 amdagp - ok
18:52:08.0483 2116 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
18:52:08.0483 2116 amdide - ok
18:52:08.0514 2116 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:52:08.0514 2116 AmdK8 - ok
18:52:08.0529 2116 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:52:08.0529 2116 AmdPPM - ok
18:52:08.0592 2116 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
18:52:08.0592 2116 amdsata - ok
18:52:08.0623 2116 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:52:08.0623 2116 amdsbs - ok
18:52:08.0654 2116 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
18:52:08.0654 2116 amdxata - ok
18:52:08.0763 2116 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
18:52:08.0763 2116 AppID - ok
18:52:08.0997 2116 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:52:09.0044 2116 AppIDSvc - ok
18:52:09.0185 2116 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
18:52:09.0185 2116 Appinfo - ok
18:52:09.0278 2116 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:52:09.0278 2116 arc - ok
18:52:09.0294 2116 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:52:09.0294 2116 arcsas - ok
18:52:09.0325 2116 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:52:09.0325 2116 AsyncMac - ok
18:52:09.0465 2116 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
18:52:09.0481 2116 atapi - ok
18:52:09.0668 2116 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
18:52:09.0684 2116 AudioEndpointBuilder - ok
18:52:09.0684 2116 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
18:52:09.0699 2116 Audiosrv - ok
18:52:11.0072 2116 AVP (a2b790f9a751f24f17967f9a5574186d) C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
18:52:11.0088 2116 AVP - ok
18:52:11.0166 2116 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
18:52:11.0166 2116 AxInstSV - ok
18:52:11.0275 2116 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:52:11.0275 2116 b06bdrv - ok
18:52:11.0415 2116 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:52:11.0415 2116 b57nd60x - ok
18:52:12.0039 2116 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:52:12.0117 2116 BCM43XX - ok
18:52:12.0258 2116 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:52:12.0273 2116 BDESVC - ok
18:52:12.0351 2116 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:52:12.0351 2116 Beep - ok
18:52:12.0570 2116 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
18:52:12.0585 2116 BFE - ok
18:52:12.0648 2116 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
18:52:12.0663 2116 BITS - ok
18:52:12.0710 2116 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:52:12.0726 2116 blbdrive - ok
18:52:12.0773 2116 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
18:52:12.0773 2116 bowser - ok
18:52:12.0788 2116 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:52:12.0788 2116 BrFiltLo - ok
18:52:12.0804 2116 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:52:12.0804 2116 BrFiltUp - ok
18:52:12.0851 2116 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
18:52:12.0851 2116 BridgeMP - ok
18:52:12.0882 2116 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
18:52:12.0897 2116 Browser - ok
18:52:12.0929 2116 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:52:12.0944 2116 Brserid - ok
18:52:12.0944 2116 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:52:12.0960 2116 BrSerWdm - ok
18:52:12.0960 2116 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:52:12.0960 2116 BrUsbMdm - ok
18:52:12.0991 2116 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:52:12.0991 2116 BrUsbSer - ok
18:52:13.0007 2116 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:52:13.0007 2116 BTHMODEM - ok
18:52:13.0069 2116 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:52:13.0131 2116 bthserv - ok
18:52:13.0631 2116 catchme - ok
18:52:13.0693 2116 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:52:13.0693 2116 cdfs - ok
18:52:13.0724 2116 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
18:52:13.0740 2116 cdrom - ok
18:52:13.0787 2116 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
18:52:13.0802 2116 CertPropSvc - ok
18:52:13.0833 2116 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:52:13.0833 2116 circlass - ok
18:52:14.0052 2116 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:52:14.0052 2116 CLFS - ok
18:52:14.0395 2116 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:14.0395 2116 clr_optimization_v2.0.50727_32 - ok
18:52:14.0426 2116 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:52:14.0426 2116 CmBatt - ok
18:52:14.0442 2116 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
18:52:14.0442 2116 cmdide - ok
18:52:14.0504 2116 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
18:52:14.0504 2116 CNG - ok
18:52:14.0582 2116 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:52:14.0582 2116 Compbatt - ok
18:52:14.0613 2116 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:52:14.0629 2116 CompositeBus - ok
18:52:14.0629 2116 COMSysApp - ok
18:52:14.0894 2116 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
18:52:14.0910 2116 cpudrv - ok
18:52:15.0050 2116 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:52:15.0050 2116 crcdisk - ok
18:52:15.0175 2116 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
18:52:15.0175 2116 CryptSvc - ok
18:52:15.0815 2116 CSCrySec (5cbf20674be8364febb6a13451a42f0a) C:\Windows\system32\DRIVERS\CSCrySec.sys
18:52:15.0815 2116 CSCrySec - ok
18:52:16.0439 2116 CSObjectsSrv (6e5b42219f1fe4a3d087d9d501e343d5) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
18:52:16.0454 2116 CSObjectsSrv - ok
18:52:16.0813 2116 CSVirtualDiskDrv (2c3f213eddd231099fb779a45d7680e0) C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
18:52:16.0813 2116 CSVirtualDiskDrv - ok
18:52:16.0875 2116 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
18:52:16.0891 2116 DcomLaunch - ok
18:52:16.0938 2116 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:52:16.0969 2116 defragsvc - ok
18:52:17.0172 2116 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
18:52:17.0187 2116 DfsC - ok
18:52:17.0265 2116 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
18:52:17.0281 2116 Dhcp - ok
18:52:17.0359 2116 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:52:17.0359 2116 discache - ok
18:52:17.0421 2116 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:52:17.0437 2116 Disk - ok
18:52:17.0640 2116 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
18:52:17.0640 2116 Dnscache - ok
18:52:17.0687 2116 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
18:52:17.0718 2116 dot3svc - ok
18:52:17.0765 2116 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
18:52:17.0765 2116 DPS - ok
18:52:17.0843 2116 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:52:17.0843 2116 drmkaud - ok
18:52:17.0921 2116 DXGKrnl (c94b6c3cc628179cb9b9061c19888b99) C:\Windows\System32\drivers\dxgkrnl.sys
18:52:17.0936 2116 DXGKrnl - ok
18:52:17.0983 2116 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:52:17.0999 2116 EapHost - ok
18:52:18.0420 2116 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:52:18.0451 2116 ebdrv - ok
18:52:19.0839 2116 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
18:52:19.0839 2116 EFS - ok
18:52:20.0526 2116 ehRecvr (3a74a6e33685662b125a3269b1f2114f) C:\Windows\ehome\ehRecvr.exe
18:52:20.0573 2116 ehRecvr - ok
18:52:20.0635 2116 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:52:20.0635 2116 ehSched - ok
18:52:20.0994 2116 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:52:20.0994 2116 elxstor - ok
18:52:21.0025 2116 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
18:52:21.0025 2116 ErrDev - ok
18:52:21.0259 2116 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:52:21.0275 2116 EventSystem - ok
18:52:21.0337 2116 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:52:21.0353 2116 exfat - ok
18:52:21.0384 2116 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:52:21.0399 2116 fastfat - ok
18:52:21.0587 2116 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
18:52:21.0602 2116 Fax - ok
18:52:21.0649 2116 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:52:21.0665 2116 fdc - ok
18:52:21.0711 2116 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:52:21.0727 2116 fdPHost - ok
18:52:21.0758 2116 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:52:21.0774 2116 FDResPub - ok
18:52:21.0805 2116 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:52:21.0805 2116 FileInfo - ok
18:52:21.0836 2116 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:52:21.0852 2116 Filetrace - ok
18:52:21.0867 2116 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:52:21.0867 2116 flpydisk - ok
18:52:21.0930 2116 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:52:21.0930 2116 FltMgr - ok
18:52:26.0376 2116 FontCache (151258fc2ec8c48bdf8a53350ae0a676) C:\Windows\system32\FntCache.dll
18:52:26.0391 2116 FontCache - ok
18:52:26.0547 2116 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:52:26.0563 2116 FontCache3.0.0.0 - ok
18:52:26.0594 2116 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:52:26.0610 2116 FsDepends - ok
18:52:26.0735 2116 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
18:52:26.0750 2116 Fs_Rec - ok
18:52:26.0813 2116 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
18:52:26.0813 2116 fvevol - ok
18:52:26.0906 2116 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:52:26.0922 2116 gagp30kx - ok
18:52:26.0984 2116 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
18:52:27.0000 2116 gpsvc - ok
18:52:27.0015 2116 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:52:27.0015 2116 hcw85cir - ok
18:52:27.0093 2116 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
18:52:27.0093 2116 HdAudAddService - ok
18:52:27.0140 2116 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:52:27.0140 2116 HDAudBus - ok
18:52:27.0156 2116 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:52:27.0156 2116 HidBatt - ok
18:52:27.0171 2116 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:52:27.0171 2116 HidBth - ok
18:52:27.0218 2116 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:52:27.0218 2116 HidIr - ok
18:52:27.0265 2116 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
18:52:27.0265 2116 hidserv - ok
18:52:27.0359 2116 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
18:52:27.0359 2116 HidUsb - ok
18:52:27.0390 2116 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
18:52:27.0405 2116 hkmsvc - ok
18:52:27.0437 2116 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
18:52:27.0468 2116 HomeGroupListener - ok
18:52:28.0591 2116 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
18:52:28.0591 2116 HomeGroupProvider - ok
18:52:28.0685 2116 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
18:52:28.0700 2116 HpSAMD - ok
18:52:28.0731 2116 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
18:52:28.0763 2116 HTTP - ok
18:52:28.0763 2116 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
18:52:28.0778 2116 hwpolicy - ok
18:52:28.0919 2116 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
18:52:28.0934 2116 i8042prt - ok
18:52:31.0305 2116 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:52:31.0305 2116 IAANTMON - ok
18:52:31.0446 2116 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
18:52:31.0446 2116 iaStor - ok
18:52:32.0039 2116 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
18:52:32.0039 2116 iaStorV - ok
18:52:32.0912 2116 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:52:32.0943 2116 idsvc - ok
18:52:36.0703 2116 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:52:36.0843 2116 igfx - ok
18:52:40.0369 2116 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:52:40.0385 2116 iirsp - ok
18:52:40.0509 2116 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
18:52:40.0525 2116 IKEEXT - ok
18:52:40.0619 2116 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
18:52:40.0634 2116 intelide - ok
18:52:40.0650 2116 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:52:40.0665 2116 intelppm - ok
18:52:40.0712 2116 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:52:40.0728 2116 IPBusEnum - ok
18:52:40.0743 2116 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:52:40.0743 2116 IpFilterDriver - ok
18:52:40.0853 2116 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
18:52:40.0868 2116 iphlpsvc - ok
18:52:41.0211 2116 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:52:41.0227 2116 IPMIDRV - ok
18:52:41.0243 2116 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:52:41.0243 2116 IPNAT - ok
18:52:41.0289 2116 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:52:41.0289 2116 IRENUM - ok
18:52:41.0305 2116 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
18:52:41.0305 2116 isapnp - ok
18:52:41.0555 2116 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
18:52:41.0570 2116 iScsiPrt - ok
18:52:41.0586 2116 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:52:41.0601 2116 kbdclass - ok
18:52:41.0633 2116 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
18:52:41.0648 2116 kbdhid - ok
18:52:41.0804 2116 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:52:41.0804 2116 KeyIso - ok
18:52:42.0693 2116 kl1 (ce3958f58547454884e97bda78cd7040) C:\Windows\system32\DRIVERS\kl1.sys
18:52:42.0709 2116 kl1 - ok
18:52:43.0005 2116 KLBG (53eedab3f0511321ac3ae8bc968b158c) C:\Windows\system32\DRIVERS\klbg.sys
18:52:43.0005 2116 KLBG - ok
18:52:43.0957 2116 KLIF (723f185c945c0a6d2e21c2bb26a46fe7) C:\Windows\system32\DRIVERS\klif.sys
18:52:43.0973 2116 KLIF - ok
18:52:44.0113 2116 KLIM6 (892cc162dc88ab084c86485879526c59) C:\Windows\system32\DRIVERS\klim6.sys
18:52:44.0129 2116 KLIM6 - ok
18:52:44.0175 2116 klmouflt (aa63a815876a76987b5dbce6af7478e9) C:\Windows\system32\DRIVERS\klmouflt.sys
18:52:44.0175 2116 klmouflt - ok
18:52:44.0222 2116 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
18:52:44.0222 2116 KSecDD - ok
18:52:44.0253 2116 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
18:52:44.0253 2116 KSecPkg - ok
18:52:44.0331 2116 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:52:44.0363 2116 KtmRm - ok
18:52:45.0829 2116 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll
18:52:45.0845 2116 LanmanServer - ok
18:52:46.0469 2116 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
18:52:46.0469 2116 LanmanWorkstation - ok
18:52:46.0593 2116 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:52:46.0593 2116 lltdio - ok
18:52:47.0888 2116 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:52:47.0919 2116 lltdsvc - ok
18:52:48.0122 2116 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:52:48.0138 2116 lmhosts - ok
18:52:48.0216 2116 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:52:48.0231 2116 LSI_FC - ok
18:52:48.0247 2116 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:52:48.0247 2116 LSI_SAS - ok
18:52:48.0263 2116 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:52:48.0278 2116 LSI_SAS2 - ok
18:52:48.0278 2116 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:52:48.0294 2116 LSI_SCSI - ok
18:52:48.0325 2116 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:52:48.0325 2116 luafv - ok
18:52:48.0387 2116 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
18:52:48.0387 2116 MBAMProtector - ok
18:52:48.0543 2116 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:52:48.0559 2116 MBAMService - ok
18:52:48.0606 2116 MBAMSwissArmy - ok
18:52:48.0668 2116 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
18:52:48.0684 2116 Mcx2Svc - ok
18:52:48.0731 2116 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:52:48.0746 2116 megasas - ok
18:52:48.0777 2116 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:52:48.0793 2116 MegaSR - ok
18:52:48.0840 2116 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:52:48.0840 2116 MMCSS - ok
18:52:48.0855 2116 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:52:48.0855 2116 Modem - ok
18:52:49.0074 2116 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:52:49.0074 2116 monitor - ok
18:52:49.0167 2116 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:52:49.0183 2116 mouclass - ok
18:52:49.0214 2116 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:52:49.0214 2116 mouhid - ok
18:52:49.0230 2116 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
18:52:49.0245 2116 mountmgr - ok
18:52:49.0261 2116 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
18:52:49.0277 2116 mpio - ok
18:52:49.0713 2116 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:52:49.0713 2116 mpsdrv - ok
18:52:51.0695 2116 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
18:52:51.0710 2116 MpsSvc - ok
18:52:51.0757 2116 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
18:52:51.0757 2116 MRxDAV - ok
18:52:51.0804 2116 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:52:51.0804 2116 mrxsmb - ok
18:52:53.0223 2116 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:52:53.0255 2116 mrxsmb10 - ok
18:52:53.0286 2116 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:52:53.0286 2116 mrxsmb20 - ok
18:52:53.0598 2116 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
18:52:53.0613 2116 msahci - ok
18:52:53.0910 2116 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
18:52:53.0925 2116 msdsm - ok
18:52:54.0877 2116 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:52:54.0924 2116 MSDTC - ok
18:52:55.0017 2116 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:52:55.0033 2116 Msfs - ok
18:52:55.0049 2116 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:52:55.0064 2116 mshidkmdf - ok
18:52:55.0064 2116 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
18:52:55.0080 2116 msisadrv - ok
18:52:56.0265 2116 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:52:56.0297 2116 MSiSCSI - ok
18:52:56.0312 2116 msiserver - ok
18:52:56.0437 2116 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:52:56.0453 2116 MSKSSRV - ok
18:52:56.0515 2116 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:52:56.0531 2116 MSPCLOCK - ok
18:52:56.0624 2116 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:52:56.0640 2116 MSPQM - ok
18:52:56.0671 2116 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:52:56.0687 2116 MsRPC - ok
18:52:56.0733 2116 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
18:52:56.0733 2116 mssmbios - ok
18:52:56.0780 2116 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:52:56.0780 2116 MSTEE - ok
18:52:56.0796 2116 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:52:56.0796 2116 MTConfig - ok
18:52:56.0811 2116 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:52:56.0827 2116 Mup - ok
18:52:57.0108 2116 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
18:52:57.0123 2116 napagent - ok
18:52:57.0201 2116 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:52:57.0217 2116 NativeWifiP - ok
18:52:57.0966 2116 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
18:52:57.0981 2116 NDIS - ok
18:52:58.0013 2116 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:52:58.0028 2116 NdisCap - ok
18:52:58.0075 2116 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:52:58.0091 2116 NdisTapi - ok
18:52:58.0106 2116 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
18:52:58.0122 2116 Ndisuio - ok
18:52:58.0137 2116 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
18:52:58.0137 2116 NdisWan - ok
18:52:58.0153 2116 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
18:52:58.0169 2116 NDProxy - ok
18:52:58.0231 2116 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:52:58.0231 2116 NetBIOS - ok
18:52:58.0278 2116 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
18:52:58.0309 2116 NetBT - ok
18:52:58.0356 2116 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:52:58.0356 2116 Netlogon - ok
18:52:58.0434 2116 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:52:58.0449 2116 Netman - ok
18:52:58.0512 2116 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:52:58.0512 2116 netprofm - ok
18:52:58.0699 2116 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:52:58.0699 2116 NetTcpPortSharing - ok
18:52:58.0777 2116 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:52:58.0777 2116 nfrd960 - ok
18:52:59.0775 2116 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
18:52:59.0791 2116 NlaSvc - ok
18:52:59.0822 2116 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:52:59.0822 2116 Npfs - ok
18:52:59.0931 2116 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:52:59.0947 2116 nsi - ok
18:52:59.0978 2116 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:52:59.0978 2116 nsiproxy - ok
18:53:00.0134 2116 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
18:53:00.0197 2116 Ntfs - ok
18:53:00.0243 2116 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:53:00.0259 2116 Null - ok
18:53:00.0821 2116 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
18:53:00.0821 2116 nvraid - ok
18:53:01.0335 2116 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
18:53:01.0335 2116 nvstor - ok
18:53:01.0741 2116 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
18:53:01.0757 2116 nv_agp - ok
18:53:01.0772 2116 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
18:53:01.0788 2116 ohci1394 - ok
18:53:01.0835 2116 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:53:01.0850 2116 p2pimsvc - ok
18:53:01.0897 2116 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:53:01.0913 2116 p2psvc - ok
18:53:01.0991 2116 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:53:01.0991 2116 Parport - ok
18:53:02.0084 2116 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys
18:53:02.0084 2116 partmgr - ok
18:53:02.0131 2116 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:53:02.0147 2116 Parvdm - ok
18:53:02.0178 2116 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:53:02.0178 2116 PcaSvc - ok
18:53:02.0193 2116 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
18:53:02.0209 2116 pci - ok
18:53:02.0209 2116 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
18:53:02.0225 2116 pciide - ok
18:53:02.0240 2116 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:53:02.0240 2116 pcmcia - ok
18:53:02.0240 2116 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:53:02.0256 2116 pcw - ok
18:53:02.0318 2116 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:53:02.0349 2116 PEAUTH - ok
18:53:02.0505 2116 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
18:53:02.0521 2116 pla - ok
18:53:02.0802 2116 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
18:53:02.0802 2116 PlugPlay - ok
18:53:02.0849 2116 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:53:02.0864 2116 PNRPAutoReg - ok
18:53:02.0895 2116 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:53:02.0895 2116 PNRPsvc - ok
18:53:02.0958 2116 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
18:53:02.0973 2116 PolicyAgent - ok
18:53:03.0036 2116 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
18:53:03.0051 2116 Power - ok
18:53:03.0223 2116 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:53:03.0239 2116 PptpMiniport - ok
18:53:03.0254 2116 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:53:03.0254 2116 Processor - ok
18:53:03.0332 2116 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
18:53:03.0348 2116 ProfSvc - ok
18:53:03.0379 2116 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:03.0379 2116 ProtectedStorage - ok
18:53:03.0426 2116 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:53:03.0441 2116 Psched - ok
18:53:03.0551 2116 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:53:03.0566 2116 ql2300 - ok
18:53:03.0925 2116 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:53:03.0925 2116 ql40xx - ok
18:53:03.0987 2116 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:53:04.0003 2116 QWAVE - ok
18:53:04.0003 2116 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:53:04.0019 2116 QWAVEdrv - ok
18:53:04.0019 2116 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:53:04.0034 2116 RasAcd - ok
18:53:04.0097 2116 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:53:04.0097 2116 RasAgileVpn - ok
18:53:04.0128 2116 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:53:04.0143 2116 RasAuto - ok
18:53:04.0159 2116 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:53:04.0159 2116 Rasl2tp - ok
18:53:04.0206 2116 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
18:53:04.0221 2116 RasMan - ok
18:53:04.0221 2116 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:53:04.0237 2116 RasPppoe - ok
18:53:04.0315 2116 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:53:04.0315 2116 RasSstp - ok
18:53:04.0346 2116 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
18:53:04.0362 2116 rdbss - ok
18:53:04.0393 2116 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:53:04.0393 2116 rdpbus - ok
18:53:04.0409 2116 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:53:04.0409 2116 RDPCDD - ok
18:53:04.0471 2116 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:53:04.0471 2116 RDPENCDD - ok
18:53:04.0502 2116 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:53:04.0502 2116 RDPREFMP - ok
18:53:04.0549 2116 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
18:53:04.0565 2116 RDPWD - ok
18:53:04.0627 2116 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
18:53:04.0643 2116 rdyboost - ok
18:53:04.0721 2116 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:53:04.0721 2116 RemoteAccess - ok
18:53:04.0783 2116 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:53:04.0799 2116 RemoteRegistry - ok
18:53:04.0845 2116 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:53:04.0861 2116 RpcEptMapper - ok
18:53:04.0892 2116 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:53:04.0908 2116 RpcLocator - ok
18:53:04.0939 2116 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
18:53:04.0955 2116 RpcSs - ok
18:53:05.0033 2116 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:53:05.0033 2116 rspndr - ok
18:53:05.0079 2116 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:05.0079 2116 SamSs - ok
18:53:05.0111 2116 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
18:53:05.0111 2116 sbp2port - ok
18:53:05.0157 2116 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:53:05.0173 2116 SCardSvr - ok
18:53:05.0173 2116 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
18:53:05.0189 2116 scfilter - ok
18:53:05.0282 2116 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
18:53:05.0298 2116 Schedule - ok
18:53:05.0345 2116 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
18:53:05.0345 2116 SCPolicySvc - ok
18:53:05.0391 2116 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
18:53:05.0407 2116 SDRSVC - ok
18:53:05.0454 2116 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:53:05.0469 2116 secdrv - ok
18:53:05.0485 2116 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:53:05.0485 2116 seclogon - ok
18:53:05.0516 2116 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
18:53:05.0532 2116 SENS - ok
18:53:05.0547 2116 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:53:05.0563 2116 SensrSvc - ok
18:53:05.0563 2116 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:53:05.0579 2116 Serenum - ok
18:53:05.0610 2116 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:53:05.0610 2116 Serial - ok
18:53:05.0625 2116 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:53:05.0625 2116 sermouse - ok
18:53:05.0657 2116 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
18:53:05.0672 2116 SessionEnv - ok
18:53:05.0719 2116 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
18:53:05.0719 2116 sffdisk - ok
18:53:05.0750 2116 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:53:05.0750 2116 sffp_mmc - ok
18:53:05.0750 2116 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:53:05.0766 2116 sffp_sd - ok
18:53:05.0766 2116 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:53:05.0782 2116 sfloppy - ok
18:53:05.0844 2116 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:53:05.0860 2116 SharedAccess - ok
18:53:05.0906 2116 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
18:53:05.0922 2116 ShellHWDetection - ok
18:53:05.0953 2116 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
18:53:05.0969 2116 sisagp - ok
18:53:05.0984 2116 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:53:05.0984 2116 SiSRaid2 - ok
18:53:06.0000 2116 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:53:06.0016 2116 SiSRaid4 - ok
18:53:06.0031 2116 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:53:06.0047 2116 Smb - ok
18:53:06.0094 2116 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:53:06.0109 2116 SNMPTRAP - ok
18:53:06.0312 2116 SNP2UVC (473f35e2a378b854731e67c377a3bea7) C:\Windows\system32\DRIVERS\snp2uvc.sys
18:53:06.0406 2116 SNP2UVC - ok
18:53:06.0749 2116 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:53:06.0749 2116 spldr - ok
18:53:06.0811 2116 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
18:53:06.0811 2116 Spooler - ok
18:53:07.0076 2116 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
18:53:07.0108 2116 sppsvc - ok
18:53:07.0342 2116 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
18:53:07.0357 2116 sppuinotify - ok
18:53:07.0529 2116 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
18:53:07.0544 2116 srv - ok
18:53:07.0607 2116 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
18:53:07.0622 2116 srv2 - ok
18:53:07.0669 2116 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
18:53:07.0685 2116 srvnet - ok
18:53:07.0716 2116 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:53:07.0732 2116 SSDPSRV - ok
18:53:07.0778 2116 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:53:07.0778 2116 SstpSvc - ok
18:53:07.0810 2116 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:53:07.0810 2116 stexstor - ok
18:53:07.0888 2116 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
18:53:07.0903 2116 StiSvc - ok
18:53:07.0919 2116 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
18:53:07.0919 2116 swenum - ok
18:53:07.0966 2116 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:53:07.0981 2116 swprv - ok
18:53:08.0075 2116 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
18:53:08.0106 2116 SysMain - ok
18:53:08.0122 2116 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
18:53:08.0122 2116 TabletInputService - ok
18:53:08.0153 2116 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
18:53:08.0168 2116 TapiSrv - ok
18:53:08.0184 2116 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:53:08.0200 2116 TBS - ok
18:53:08.0434 2116 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys
18:53:08.0449 2116 Tcpip - ok
18:53:08.0870 2116 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys
18:53:08.0886 2116 TCPIP6 - ok
18:53:09.0292 2116 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
18:53:09.0307 2116 tcpipreg - ok
18:53:09.0338 2116 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
18:53:09.0338 2116 TDPIPE - ok
18:53:09.0385 2116 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
18:53:09.0401 2116 TDTCP - ok
18:53:09.0401 2116 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
18:53:09.0416 2116 tdx - ok
18:53:09.0432 2116 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
18:53:09.0432 2116 TermDD - ok
18:53:09.0494 2116 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
18:53:09.0526 2116 TermService - ok
18:53:09.0541 2116 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:53:09.0557 2116 Themes - ok
18:53:09.0572 2116 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:53:09.0588 2116 THREADORDER - ok
18:53:09.0635 2116 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:53:09.0666 2116 TrkWks - ok
18:53:09.0713 2116 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
18:53:09.0728 2116 TrustedInstaller - ok
18:53:09.0760 2116 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:53:09.0760 2116 tssecsrv - ok
18:53:09.0822 2116 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
18:53:09.0838 2116 tunnel - ok
18:53:09.0853 2116 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:53:09.0869 2116 uagp35 - ok
18:53:09.0900 2116 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
18:53:09.0900 2116 udfs - ok
18:53:09.0947 2116 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:53:09.0947 2116 UI0Detect - ok
18:53:09.0994 2116 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
18:53:10.0009 2116 uliagpkx - ok
18:53:10.0009 2116 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
18:53:10.0025 2116 umbus - ok
18:53:10.0040 2116 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:53:10.0056 2116 UmPass - ok
18:53:10.0087 2116 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:53:10.0103 2116 upnphost - ok
18:53:10.0228 2116 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
18:53:10.0243 2116 usbccgp - ok
18:53:10.0290 2116 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
18:53:10.0290 2116 usbcir - ok
18:53:10.0321 2116 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
18:53:10.0321 2116 usbehci - ok
18:53:10.0384 2116 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
18:53:10.0399 2116 usbhub - ok
18:53:10.0415 2116 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
18:53:10.0415 2116 usbohci - ok
18:53:10.0430 2116 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:53:10.0430 2116 usbprint - ok
18:53:10.0462 2116 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:53:10.0462 2116 USBSTOR - ok
18:53:10.0477 2116 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
18:53:10.0477 2116 usbuhci - ok
18:53:10.0508 2116 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
18:53:10.0508 2116 usbvideo - ok
18:53:10.0540 2116 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:53:10.0540 2116 UxSms - ok
18:53:10.0571 2116 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:10.0571 2116 VaultSvc - ok
18:53:10.0618 2116 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
18:53:10.0618 2116 vdrvroot - ok
18:53:10.0680 2116 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
18:53:10.0680 2116 vds - ok
18:53:10.0711 2116 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:53:10.0711 2116 vga - ok
18:53:10.0727 2116 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:53:10.0727 2116 VgaSave - ok
18:53:10.0742 2116 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
18:53:10.0758 2116 vhdmp - ok
18:53:10.0774 2116 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
18:53:10.0774 2116 viaagp - ok
18:53:10.0789 2116 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:53:10.0789 2116 ViaC7 - ok
18:53:10.0789 2116 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
18:53:10.0805 2116 viaide - ok
18:53:10.0820 2116 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
18:53:10.0836 2116 volmgr - ok
18:53:10.0852 2116 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:53:10.0867 2116 volmgrx - ok
18:53:10.0898 2116 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
18:53:10.0914 2116 volsnap - ok
18:53:10.0945 2116 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:53:10.0945 2116 vsmraid - ok
18:53:11.0039 2116 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
18:53:11.0086 2116 VSS - ok
18:53:11.0101 2116 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
18:53:11.0117 2116 vwifibus - ok
18:53:11.0132 2116 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
18:53:11.0132 2116 vwififlt - ok
18:53:11.0179 2116 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:53:11.0195 2116 W32Time - ok
18:53:11.0195 2116 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:53:11.0210 2116 WacomPen - ok
18:53:11.0226 2116 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
18:53:11.0242 2116 WANARP - ok
18:53:11.0242 2116 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
18:53:11.0242 2116 Wanarpv6 - ok
18:53:11.0398 2116 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
18:53:11.0460 2116 WatAdminSvc - ok
18:53:11.0803 2116 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
18:53:11.0834 2116 wbengine - ok
18:53:11.0866 2116 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:53:11.0866 2116 WbioSrvc - ok
18:53:11.0928 2116 wcncsvc (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
18:53:11.0944 2116 wcncsvc - ok
18:53:11.0959 2116 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:53:11.0975 2116 WcsPlugInService - ok
18:53:12.0115 2116 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:53:12.0115 2116 Wd - ok
18:53:12.0162 2116 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:53:12.0162 2116 Wdf01000 - ok
18:53:12.0240 2116 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:53:12.0240 2116 WdiServiceHost - ok
18:53:12.0256 2116 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:53:12.0256 2116 WdiSystemHost - ok
18:53:12.0318 2116 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
18:53:12.0334 2116 WebClient - ok
18:53:12.0365 2116 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:53:12.0380 2116 Wecsvc - ok
18:53:12.0412 2116 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:53:12.0427 2116 wercplsupport - ok
18:53:12.0474 2116 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:53:12.0490 2116 WerSvc - ok
18:53:12.0536 2116 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:53:12.0536 2116 WfpLwf - ok
18:53:12.0568 2116 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:53:12.0568 2116 WIMMount - ok
18:53:12.0724 2116 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:53:12.0724 2116 WinDefend - ok
18:53:12.0739 2116 WinHttpAutoProxySvc - ok
18:53:12.0864 2116 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:53:12.0880 2116 Winmgmt - ok
18:53:12.0989 2116 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
18:53:13.0020 2116 WinRM - ok
18:53:13.0145 2116 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:53:13.0176 2116 Wlansvc - ok
18:53:13.0316 2116 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:53:13.0332 2116 WmiAcpi - ok
18:53:13.0441 2116 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:53:13.0457 2116 wmiApSrv - ok
18:53:13.0644 2116 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:53:13.0660 2116 WMPNetworkSvc - ok
18:53:13.0878 2116 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:53:13.0894 2116 WPCSvc - ok
18:53:13.0909 2116 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
18:53:13.0925 2116 WPDBusEnum - ok
18:53:14.0081 2116 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:53:14.0081 2116 ws2ifsl - ok
18:53:14.0112 2116 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
18:53:14.0128 2116 wscsvc - ok
18:53:14.0128 2116 WSearch - ok
18:53:14.0315 2116 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
18:53:14.0346 2116 wuauserv - ok
18:53:14.0689 2116 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
18:53:14.0705 2116 WudfPf - ok
18:53:14.0736 2116 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
18:53:14.0736 2116 wudfsvc - ok
18:53:14.0783 2116 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:53:14.0798 2116 WwanSvc - ok
18:53:14.0845 2116 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:53:14.0845 2116 \Device\Harddisk0\DR0 - ok
18:53:14.0861 2116 Boot (0x1200) (c4c0103556c6e529454da759989fd527) \Device\Harddisk0\DR0\Partition0
18:53:14.0861 2116 \Device\Harddisk0\DR0\Partition0 - ok
18:53:14.0876 2116 Boot (0x1200) (ab61808dd8cd521656f43bdb76365fd9) \Device\Harddisk0\DR0\Partition1
18:53:14.0876 2116 \Device\Harddisk0\DR0\Partition1 - ok
18:53:14.0908 2116 Boot (0x1200) (433427dc3520bdf30d1419dbc861d52b) \Device\Harddisk0\DR0\Partition2
18:53:14.0908 2116 \Device\Harddisk0\DR0\Partition2 - ok
18:53:14.0908 2116 ============================================================
18:53:14.0908 2116 Scan finished
18:53:14.0908 2116 ============================================================
18:53:14.0923 0868 Detected object count: 0
18:53:14.0923 0868 Actual detected object count: 0
18:53:30.0367 2920 ============================================================
18:53:30.0367 2920 Scan started
18:53:30.0367 2920 Mode: Manual;
18:53:30.0367 2920 ============================================================
18:53:30.0586 2920 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
18:53:30.0586 2920 1394ohci - ok
18:53:30.0617 2920 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
18:53:30.0632 2920 ACPI - ok
18:53:30.0632 2920 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
18:53:30.0648 2920 AcpiPmi - ok
18:53:30.0695 2920 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:53:30.0710 2920 AdobeFlashPlayerUpdateSvc - ok
18:53:30.0773 2920 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:53:30.0788 2920 adp94xx - ok
18:53:30.0820 2920 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:53:30.0835 2920 adpahci - ok
18:53:30.0851 2920 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:53:30.0851 2920 adpu320 - ok
18:53:30.0913 2920 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:53:30.0913 2920 AeLookupSvc - ok
18:53:30.0976 2920 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
18:53:30.0991 2920 AFD - ok
18:53:31.0007 2920 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
18:53:31.0022 2920 agp440 - ok
18:53:31.0054 2920 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:53:31.0054 2920 aic78xx - ok
18:53:31.0116 2920 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:53:31.0116 2920 ALG - ok
18:53:31.0132 2920 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
18:53:31.0132 2920 aliide - ok
18:53:31.0147 2920 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
18:53:31.0147 2920 amdagp - ok
18:53:31.0163 2920 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
18:53:31.0163 2920 amdide - ok
18:53:31.0178 2920 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:53:31.0178 2920 AmdK8 - ok
18:53:31.0178 2920 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:53:31.0194 2920 AmdPPM - ok
18:53:31.0241 2920 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
18:53:31.0241 2920 amdsata - ok
18:53:31.0256 2920 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:53:31.0256 2920 amdsbs - ok
18:53:31.0288 2920 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
18:53:31.0288 2920 amdxata - ok
18:53:31.0303 2920 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
18:53:31.0303 2920 AppID - ok
18:53:31.0366 2920 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:53:31.0366 2920 AppIDSvc - ok
18:53:31.0412 2920 Appinfo (7dead9e3f65dcb2794f2711003bbf650) C:\Windows\System32\appinfo.dll
18:53:31.0412 2920 Appinfo - ok
18:53:31.0459 2920 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:53:31.0459 2920 arc - ok
18:53:31.0475 2920 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:53:31.0490 2920 arcsas - ok
18:53:31.0490 2920 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:53:31.0506 2920 AsyncMac - ok
18:53:31.0506 2920 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
18:53:31.0522 2920 atapi - ok
18:53:31.0568 2920 AudioEndpointBuilder (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
18:53:31.0584 2920 AudioEndpointBuilder - ok
18:53:31.0584 2920 Audiosrv (510c873bfa135aa829f4180352772734) C:\Windows\System32\Audiosrv.dll
18:53:31.0584 2920 Audiosrv - ok
18:53:31.0834 2920 AVP (a2b790f9a751f24f17967f9a5574186d) C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
18:53:31.0849 2920 AVP - ok
18:53:31.0880 2920 AxInstSV (dd6a431b43e34b91a767d1ce33728175) C:\Windows\System32\AxInstSV.dll
18:53:31.0880 2920 AxInstSV - ok
18:53:31.0927 2920 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:53:31.0943 2920 b06bdrv - ok
18:53:31.0974 2920 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:53:31.0974 2920 b57nd60x - ok
18:53:32.0114 2920 BCM43XX (eb7c2dadf52f50f69f198c14c3556dc1) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:53:32.0130 2920 BCM43XX - ok
18:53:32.0177 2920 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:53:32.0177 2920 BDESVC - ok
18:53:32.0224 2920 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:53:32.0239 2920 Beep - ok
18:53:32.0270 2920 BFE (85ac71c045ceb054ed48a7841aae0c11) C:\Windows\System32\bfe.dll
18:53:32.0286 2920 BFE - ok
18:53:32.0380 2920 BITS (53f476476f55a27f580661bde09c4ec4) C:\Windows\system32\qmgr.dll
18:53:32.0395 2920 BITS - ok
18:53:32.0411 2920 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:53:32.0411 2920 blbdrive - ok
18:53:32.0458 2920 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
18:53:32.0458 2920 bowser - ok
18:53:32.0473 2920 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:53:32.0473 2920 BrFiltLo - ok
18:53:32.0489 2920 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:53:32.0489 2920 BrFiltUp - ok
18:53:32.0504 2920 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
18:53:32.0520 2920 BridgeMP - ok
18:53:32.0551 2920 Browser (598e1280e7ff3744f4b8329366cc5635) C:\Windows\System32\browser.dll
18:53:32.0567 2920 Browser - ok
18:53:32.0582 2920 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:53:32.0582 2920 Brserid - ok
18:53:32.0598 2920 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:53:32.0598 2920 BrSerWdm - ok
18:53:32.0614 2920 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:53:32.0614 2920 BrUsbMdm - ok
18:53:32.0614 2920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:53:32.0629 2920 BrUsbSer - ok
18:53:32.0629 2920 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:53:32.0645 2920 BTHMODEM - ok
18:53:32.0645 2920 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:53:32.0660 2920 bthserv - ok
18:53:32.0785 2920 catchme - ok
18:53:32.0848 2920 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:53:32.0848 2920 cdfs - ok
18:53:32.0863 2920 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
18:53:32.0879 2920 cdrom - ok
18:53:32.0910 2920 CertPropSvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
18:53:32.0910 2920 CertPropSvc - ok
18:53:32.0926 2920 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:53:32.0926 2920 circlass - ok
18:53:32.0972 2920 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:53:32.0972 2920 CLFS - ok
18:53:33.0144 2920 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:53:33.0144 2920 clr_optimization_v2.0.50727_32 - ok
18:53:33.0175 2920 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:53:33.0191 2920 CmBatt - ok
18:53:33.0191 2920 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
18:53:33.0206 2920 cmdide - ok
18:53:33.0253 2920 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys
18:53:33.0269 2920 CNG - ok
18:53:33.0269 2920 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:53:33.0284 2920 Compbatt - ok
18:53:33.0284 2920 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:53:33.0300 2920 CompositeBus - ok
18:53:33.0300 2920 COMSysApp - ok
18:53:33.0425 2920 cpudrv (d01f685f8b4598d144b0cce9ff95d8d5) C:\Program Files\SystemRequirementsLab\cpudrv.sys
18:53:33.0425 2920 cpudrv - ok
18:53:33.0440 2920 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:53:33.0440 2920 crcdisk - ok
18:53:33.0487 2920 CryptSvc (9c231178ce4fb385f4b54b0a9080b8a4) C:\Windows\system32\cryptsvc.dll
18:53:33.0503 2920 CryptSvc - ok
18:53:33.0534 2920 CSCrySec (5cbf20674be8364febb6a13451a42f0a) C:\Windows\system32\DRIVERS\CSCrySec.sys
18:53:33.0534 2920 CSCrySec - ok
18:53:33.0659 2920 CSObjectsSrv (6e5b42219f1fe4a3d087d9d501e343d5) C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
18:53:33.0674 2920 CSObjectsSrv - ok
18:53:33.0737 2920 CSVirtualDiskDrv (2c3f213eddd231099fb779a45d7680e0) C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
18:53:33.0737 2920 CSVirtualDiskDrv - ok
18:53:33.0799 2920 DcomLaunch (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
18:53:33.0815 2920 DcomLaunch - ok
18:53:33.0846 2920 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:53:33.0862 2920 defragsvc - ok
18:53:33.0893 2920 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
18:53:33.0893 2920 DfsC - ok
18:53:33.0940 2920 Dhcp (c56495fbd770712367cad35e5de72da6) C:\Windows\system32\dhcpcore.dll
18:53:33.0940 2920 Dhcp - ok
18:53:33.0986 2920 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:53:33.0986 2920 discache - ok
18:53:34.0018 2920 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:53:34.0018 2920 Disk - ok
18:53:34.0064 2920 Dnscache (b15be77a2bacf9c3177d27518afe26a9) C:\Windows\System32\dnsrslvr.dll
18:53:34.0080 2920 Dnscache - ok
18:53:34.0127 2920 dot3svc (4408c85c21eea48eb0ce486baeef0502) C:\Windows\System32\dot3svc.dll
18:53:34.0127 2920 dot3svc - ok
18:53:34.0158 2920 DPS (7fa81c6e11caa594adb52084da73a1e5) C:\Windows\system32\dps.dll
18:53:34.0158 2920 DPS - ok
18:53:34.0189 2920 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:53:34.0189 2920 drmkaud - ok
18:53:34.0283 2920 DXGKrnl (c94b6c3cc628179cb9b9061c19888b99) C:\Windows\System32\drivers\dxgkrnl.sys
18:53:34.0283 2920 DXGKrnl - ok
18:53:34.0330 2920 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:53:34.0330 2920 EapHost - ok
18:53:34.0564 2920 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:53:34.0595 2920 ebdrv - ok
18:53:34.0829 2920 EFS (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\System32\lsass.exe
18:53:34.0829 2920 EFS - ok
18:53:34.0969 2920 ehRecvr (3a74a6e33685662b125a3269b1f2114f) C:\Windows\ehome\ehRecvr.exe
18:53:34.0969 2920 ehRecvr - ok
18:53:35.0016 2920 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:53:35.0016 2920 ehSched - ok
18:53:35.0188 2920 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:53:35.0188 2920 elxstor - ok
18:53:35.0188 2920 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
18:53:35.0188 2920 ErrDev - ok
18:53:35.0266 2920 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:53:35.0266 2920 EventSystem - ok
18:53:35.0297 2920 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:53:35.0297 2920 exfat - ok
18:53:35.0312 2920 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:53:35.0312 2920 fastfat - ok
18:53:35.0375 2920 Fax (f7ea23cc5e6bf2181f3f399d54f6efc1) C:\Windows\system32\fxssvc.exe
18:53:35.0375 2920 Fax - ok
18:53:35.0422 2920 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:53:35.0422 2920 fdc - ok
18:53:35.0437 2920 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:53:35.0437 2920 fdPHost - ok
18:53:35.0453 2920 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:53:35.0453 2920 FDResPub - ok
18:53:35.0453 2920 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:53:35.0453 2920 FileInfo - ok
18:53:35.0468 2920 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:53:35.0468 2920 Filetrace - ok
18:53:35.0468 2920 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:53:35.0468 2920 flpydisk - ok
18:53:35.0484 2920 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:53:35.0484 2920 FltMgr - ok
18:53:35.0578 2920 FontCache (151258fc2ec8c48bdf8a53350ae0a676) C:\Windows\system32\FntCache.dll
18:53:35.0578 2920 FontCache - ok
18:53:35.0702 2920 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:53:35.0702 2920 FontCache3.0.0.0 - ok
18:53:35.0734 2920 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:53:35.0734 2920 FsDepends - ok
18:53:35.0765 2920 Fs_Rec (500a9814fd9446a8126858a5a7f7d273) C:\Windows\system32\drivers\Fs_Rec.sys
18:53:35.0780 2920 Fs_Rec - ok
18:53:35.0812 2920 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
18:53:35.0827 2920 fvevol - ok
18:53:35.0858 2920 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:53:35.0858 2920 gagp30kx - ok
18:53:35.0921 2920 gpsvc (8ba3c04702bf8f927ab36ae8313ca4ee) C:\Windows\System32\gpsvc.dll
18:53:35.0936 2920 gpsvc - ok
18:53:35.0952 2920 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:53:35.0952 2920 hcw85cir - ok
18:53:36.0014 2920 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
18:53:36.0014 2920 HdAudAddService - ok
18:53:36.0030 2920 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:53:36.0030 2920 HDAudBus - ok
18:53:36.0046 2920 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:53:36.0046 2920 HidBatt - ok
18:53:36.0061 2920 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:53:36.0061 2920 HidBth - ok
18:53:36.0092 2920 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:53:36.0092 2920 HidIr - ok
18:53:36.0124 2920 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
18:53:36.0124 2920 hidserv - ok
18:53:36.0139 2920 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
18:53:36.0139 2920 HidUsb - ok
18:53:36.0139 2920 hkmsvc (741c2a45ca8407e374aaba3e330b7872) C:\Windows\system32\kmsvc.dll
18:53:36.0155 2920 hkmsvc - ok
18:53:36.0186 2920 HomeGroupListener (a768ca158bb06782a2835b907f4873c3) C:\Windows\system32\ListSvc.dll
18:53:36.0186 2920 HomeGroupListener - ok
18:53:36.0233 2920 HomeGroupProvider (fb08dec5ef43d0c66d83b8e9694e7549) C:\Windows\system32\provsvc.dll
18:53:36.0233 2920 HomeGroupProvider - ok
18:53:36.0280 2920 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
18:53:36.0280 2920 HpSAMD - ok
18:53:36.0326 2920 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
18:53:36.0326 2920 HTTP - ok
18:53:36.0342 2920 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
18:53:36.0342 2920 hwpolicy - ok
18:53:36.0358 2920 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
18:53:36.0358 2920 i8042prt - ok
18:53:36.0576 2920 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:53:36.0576 2920 IAANTMON - ok
18:53:36.0654 2920 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
18:53:36.0654 2920 iaStor - ok
18:53:36.0716 2920 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
18:53:36.0732 2920 iaStorV - ok
18:53:36.0935 2920 idsvc (5af815eb5bc9802e5a064e2ba62bfc0c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:53:36.0935 2920 idsvc - ok
18:53:37.0543 2920 igfx (ad626f6964f4d364d226c39e06872dd3) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:53:37.0574 2920 igfx - ok
18:53:37.0964 2920 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:53:37.0964 2920 iirsp - ok
18:53:38.0042 2920 IKEEXT (fac0ee6562b121b1399d6e855583f7a5) C:\Windows\System32\ikeext.dll
18:53:38.0042 2920 IKEEXT - ok
18:53:38.0058 2920 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
18:53:38.0058 2920 intelide - ok
18:53:38.0074 2920 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:53:38.0074 2920 intelppm - ok
18:53:38.0105 2920 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:53:38.0105 2920 IPBusEnum - ok
18:53:38.0120 2920 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:53:38.0120 2920 IpFilterDriver - ok
18:53:38.0167 2920 iphlpsvc (477397b432a256a50ee7e4339eb9ea14) C:\Windows\System32\iphlpsvc.dll
18:53:38.0167 2920 iphlpsvc - ok
18:53:38.0183 2920 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:53:38.0183 2920 IPMIDRV - ok
18:53:38.0198 2920 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:53:38.0198 2920 IPNAT - ok
18:53:38.0214 2920 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:53:38.0214 2920 IRENUM - ok
18:53:38.0230 2920 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
18:53:38.0230 2920 isapnp - ok
18:53:38.0261 2920 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
18:53:38.0276 2920 iScsiPrt - ok
18:53:38.0276 2920 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:53:38.0276 2920 kbdclass - ok
18:53:38.0292 2920 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
18:53:38.0292 2920 kbdhid - ok
18:53:38.0323 2920 KeyIso (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:38.0339 2920 KeyIso - ok
18:53:38.0401 2920 kl1 (ce3958f58547454884e97bda78cd7040) C:\Windows\system32\DRIVERS\kl1.sys
18:53:38.0401 2920 kl1 - ok
18:53:38.0432 2920 KLBG (53eedab3f0511321ac3ae8bc968b158c) C:\Windows\system32\DRIVERS\klbg.sys
18:53:38.0432 2920 KLBG - ok
18:53:38.0479 2920 KLIF (723f185c945c0a6d2e21c2bb26a46fe7) C:\Windows\system32\DRIVERS\klif.sys
18:53:38.0495 2920 KLIF - ok
18:53:38.0573 2920 KLIM6 (892cc162dc88ab084c86485879526c59) C:\Windows\system32\DRIVERS\klim6.sys
18:53:38.0573 2920 KLIM6 - ok
18:53:38.0620 2920 klmouflt (aa63a815876a76987b5dbce6af7478e9) C:\Windows\system32\DRIVERS\klmouflt.sys
18:53:38.0620 2920 klmouflt - ok
18:53:38.0666 2920 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys
18:53:38.0666 2920 KSecDD - ok
18:53:38.0682 2920 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys
18:53:38.0682 2920 KSecPkg - ok
18:53:38.0744 2920 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:53:38.0760 2920 KtmRm - ok
18:53:38.0838 2920 LanmanServer (8f6bf790d3168224c16f2af68a84438c) C:\Windows\System32\srvsvc.dll
18:53:38.0838 2920 LanmanServer - ok
18:53:38.0885 2920 LanmanWorkstation (b9891f885dcf1f0513a51cb58493cb1f) C:\Windows\System32\wkssvc.dll
18:53:38.0885 2920 LanmanWorkstation - ok
18:53:38.0916 2920 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:53:38.0916 2920 lltdio - ok
18:53:38.0947 2920 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:53:38.0963 2920 lltdsvc - ok
18:53:38.0994 2920 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:53:38.0994 2920 lmhosts - ok
18:53:39.0025 2920 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:53:39.0025 2920 LSI_FC - ok
18:53:39.0025 2920 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:53:39.0041 2920 LSI_SAS - ok
18:53:39.0041 2920 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:53:39.0041 2920 LSI_SAS2 - ok
18:53:39.0056 2920 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:53:39.0056 2920 LSI_SCSI - ok
18:53:39.0072 2920 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:53:39.0072 2920 luafv - ok
18:53:39.0103 2920 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
18:53:39.0103 2920 MBAMProtector - ok
18:53:39.0259 2920 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:53:39.0275 2920 MBAMService - ok
18:53:39.0275 2920 MBAMSwissArmy - ok
18:53:39.0322 2920 Mcx2Svc (e2b0887816ed336685954e3d8fdaa51d) C:\Windows\system32\Mcx2Svc.dll
18:53:39.0322 2920 Mcx2Svc - ok
18:53:39.0337 2920 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:53:39.0337 2920 megasas - ok
18:53:39.0368 2920 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:53:39.0368 2920 MegaSR - ok
18:53:39.0400 2920 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:53:39.0400 2920 MMCSS - ok
18:53:39.0415 2920 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:53:39.0415 2920 Modem - ok
18:53:39.0446 2920 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:53:39.0446 2920 monitor - ok
18:53:39.0462 2920 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:53:39.0462 2920 mouclass - ok
18:53:39.0478 2920 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:53:39.0478 2920 mouhid - ok
18:53:39.0493 2920 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
18:53:39.0493 2920 mountmgr - ok
18:53:39.0509 2920 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
18:53:39.0509 2920 mpio - ok
18:53:39.0556 2920 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:53:39.0556 2920 mpsdrv - ok
18:53:39.0618 2920 MpsSvc (5cd996cecf45cbc3e8d109c86b82d69e) C:\Windows\system32\mpssvc.dll
18:53:39.0634 2920 MpsSvc - ok
18:53:39.0649 2920 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
18:53:39.0649 2920 MRxDAV - ok
18:53:39.0696 2920 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:53:39.0712 2920 mrxsmb - ok
18:53:39.0743 2920 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:53:39.0743 2920 mrxsmb10 - ok
18:53:39.0774 2920 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:53:39.0774 2920 mrxsmb20 - ok
18:53:39.0821 2920 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
18:53:39.0821 2920 msahci - ok
18:53:39.0836 2920 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
18:53:39.0852 2920 msdsm - ok
18:53:39.0899 2920 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:53:39.0899 2920 MSDTC - ok
18:53:39.0914 2920 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:53:39.0914 2920 Msfs - ok
18:53:39.0914 2920 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:53:39.0930 2920 mshidkmdf - ok
18:53:39.0930 2920 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
18:53:39.0930 2920 msisadrv - ok
18:53:39.0977 2920 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:53:39.0977 2920 MSiSCSI - ok
18:53:39.0977 2920 msiserver - ok
18:53:39.0992 2920 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:53:39.0992 2920 MSKSSRV - ok
18:53:39.0992 2920 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:53:39.0992 2920 MSPCLOCK - ok
18:53:40.0008 2920 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:53:40.0008 2920 MSPQM - ok
18:53:40.0024 2920 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:53:40.0024 2920 MsRPC - ok
18:53:40.0039 2920 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
18:53:40.0039 2920 mssmbios - ok
18:53:40.0039 2920 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:53:40.0039 2920 MSTEE - ok
18:53:40.0070 2920 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:53:40.0070 2920 MTConfig - ok
18:53:40.0086 2920 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:53:40.0086 2920 Mup - ok
18:53:40.0117 2920 napagent (80284f1985c70c86f0b5f86da2dfe1df) C:\Windows\system32\qagentRT.dll
18:53:40.0117 2920 napagent - ok
18:53:40.0148 2920 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:53:40.0164 2920 NativeWifiP - ok
18:53:40.0211 2920 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
18:53:40.0211 2920 NDIS - ok
18:53:40.0226 2920 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:53:40.0226 2920 NdisCap - ok
18:53:40.0258 2920 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:53:40.0258 2920 NdisTapi - ok
18:53:40.0258 2920 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
18:53:40.0273 2920 Ndisuio - ok
18:53:40.0273 2920 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
18:53:40.0273 2920 NdisWan - ok
18:53:40.0289 2920 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
18:53:40.0289 2920 NDProxy - ok
18:53:40.0289 2920 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:53:40.0304 2920 NetBIOS - ok
18:53:40.0320 2920 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
18:53:40.0320 2920 NetBT - ok
18:53:40.0351 2920 Netlogon (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:40.0351 2920 Netlogon - ok
18:53:40.0398 2920 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:53:40.0398 2920 Netman - ok
18:53:40.0460 2920 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:53:40.0476 2920 netprofm - ok
18:53:40.0632 2920 NetTcpPortSharing (fe2aa5a684b0dd9b1fae57b7817c198b) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:53:40.0632 2920 NetTcpPortSharing - ok
18:53:40.0679 2920 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:53:40.0679 2920 nfrd960 - ok
18:53:40.0710 2920 NlaSvc (2226496e34bd40734946a054b1cd657f) C:\Windows\System32\nlasvc.dll
18:53:40.0726 2920 NlaSvc - ok
18:53:40.0741 2920 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:53:40.0741 2920 Npfs - ok
18:53:40.0757 2920 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:53:40.0757 2920 nsi - ok
18:53:40.0772 2920 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:53:40.0772 2920 nsiproxy - ok
18:53:40.0913 2920 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
18:53:40.0913 2920 Ntfs - ok
18:53:40.0944 2920 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:53:40.0944 2920 Null - ok
18:53:40.0991 2920 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
18:53:41.0006 2920 nvraid - ok
18:53:41.0038 2920 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
18:53:41.0038 2920 nvstor - ok
18:53:41.0053 2920 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
18:53:41.0053 2920 nv_agp - ok
18:53:41.0069 2920 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
18:53:41.0069 2920 ohci1394 - ok
18:53:41.0116 2920 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:53:41.0116 2920 p2pimsvc - ok
18:53:41.0162 2920 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:53:41.0162 2920 p2psvc - ok
18:53:41.0178 2920 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:53:41.0178 2920 Parport - ok
18:53:41.0209 2920 partmgr (66d3415c159741ade7038a277efff99f) C:\Windows\system32\drivers\partmgr.sys
18:53:41.0225 2920 partmgr - ok
18:53:41.0225 2920 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:53:41.0225 2920 Parvdm - ok
18:53:41.0256 2920 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:53:41.0256 2920 PcaSvc - ok
18:53:41.0272 2920 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
18:53:41.0287 2920 pci - ok
18:53:41.0287 2920 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
18:53:41.0287 2920 pciide - ok
18:53:41.0318 2920 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:53:41.0334 2920 pcmcia - ok
18:53:41.0334 2920 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:53:41.0334 2920 pcw - ok
18:53:41.0381 2920 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:53:41.0396 2920 PEAUTH - ok
18:53:41.0521 2920 pla (9c1bff7910c89a1d12e57343475840cb) C:\Windows\system32\pla.dll
18:53:41.0552 2920 pla - ok
18:53:41.0833 2920 PlugPlay (71def5ec79774c798342d0ea16e41780) C:\Windows\system32\umpnpmgr.dll
18:53:41.0833 2920 PlugPlay - ok
18:53:41.0864 2920 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:53:41.0880 2920 PNRPAutoReg - ok
18:53:41.0896 2920 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:53:41.0911 2920 PNRPsvc - ok
18:53:41.0974 2920 PolicyAgent (48e1b75c6dc0232fd92baae4bd344721) C:\Windows\System32\ipsecsvc.dll
18:53:41.0974 2920 PolicyAgent - ok
18:53:42.0020 2920 Power (dbff83f709a91049621c1d35dd45c92c) C:\Windows\system32\umpo.dll
18:53:42.0020 2920 Power - ok
18:53:42.0145 2920 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:53:42.0145 2920 PptpMiniport - ok
18:53:42.0176 2920 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:53:42.0176 2920 Processor - ok
18:53:42.0208 2920 ProfSvc (630cf26f0227498b7d5a92b12548960f) C:\Windows\system32\profsvc.dll
18:53:42.0223 2920 ProfSvc - ok
18:53:42.0254 2920 ProtectedStorage (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:42.0254 2920 ProtectedStorage - ok
18:53:42.0286 2920 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:53:42.0286 2920 Psched - ok
18:53:42.0442 2920 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:53:42.0457 2920 ql2300 - ok
18:53:42.0816 2920 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:53:42.0816 2920 ql40xx - ok
18:53:42.0863 2920 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:53:42.0863 2920 QWAVE - ok
18:53:42.0878 2920 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:53:42.0878 2920 QWAVEdrv - ok
18:53:42.0878 2920 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:53:42.0894 2920 RasAcd - ok
18:53:42.0925 2920 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:53:42.0925 2920 RasAgileVpn - ok
18:53:42.0956 2920 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:53:42.0956 2920 RasAuto - ok
18:53:42.0972 2920 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:53:42.0972 2920 Rasl2tp - ok
18:53:43.0003 2920 RasMan (0ce66ec736b7fc526d78f7624c7d2a94) C:\Windows\System32\rasmans.dll
18:53:43.0019 2920 RasMan - ok
18:53:43.0034 2920 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:53:43.0034 2920 RasPppoe - ok
18:53:43.0066 2920 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:53:43.0066 2920 RasSstp - ok
18:53:43.0097 2920 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
18:53:43.0097 2920 rdbss - ok
18:53:43.0112 2920 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:53:43.0112 2920 rdpbus - ok
18:53:43.0128 2920 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:53:43.0128 2920 RDPCDD - ok
18:53:43.0159 2920 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:53:43.0159 2920 RDPENCDD - ok
18:53:43.0175 2920 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:53:43.0175 2920 RDPREFMP - ok
18:53:43.0222 2920 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys
18:53:43.0222 2920 RDPWD - ok
18:53:43.0253 2920 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
18:53:43.0253 2920 rdyboost - ok
18:53:43.0300 2920 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:53:43.0315 2920 RemoteAccess - ok
18:53:43.0362 2920 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:53:43.0362 2920 RemoteRegistry - ok
18:53:43.0378 2920 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:53:43.0393 2920 RpcEptMapper - ok
18:53:43.0409 2920 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:53:43.0409 2920 RpcLocator - ok
18:53:43.0456 2920 RpcSs (b82cd39e336973359d7c9bf911e8e84f) C:\Windows\system32\rpcss.dll
18:53:43.0471 2920 RpcSs - ok
18:53:43.0502 2920 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:53:43.0518 2920 rspndr - ok
18:53:43.0549 2920 SamSs (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:43.0549 2920 SamSs - ok
18:53:43.0565 2920 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
18:53:43.0565 2920 sbp2port - ok
18:53:43.0612 2920 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:53:43.0612 2920 SCardSvr - ok
18:53:43.0627 2920 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
18:53:43.0627 2920 scfilter - ok
18:53:43.0705 2920 Schedule (df1e5c82e4d09cf8105cc644980c4803) C:\Windows\system32\schedsvc.dll
18:53:43.0721 2920 Schedule - ok
18:53:43.0768 2920 SCPolicySvc (628a9e30ec5e18dd5de6be4dbdc12198) C:\Windows\System32\certprop.dll
18:53:43.0768 2920 SCPolicySvc - ok
18:53:43.0814 2920 SDRSVC (5fd90abdbfaee85986802622cbb03446) C:\Windows\System32\SDRSVC.dll
18:53:43.0814 2920 SDRSVC - ok
18:53:43.0846 2920 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:53:43.0846 2920 secdrv - ok
18:53:43.0877 2920 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:53:43.0877 2920 seclogon - ok
18:53:43.0892 2920 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
18:53:43.0892 2920 SENS - ok
18:53:43.0924 2920 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:53:43.0939 2920 SensrSvc - ok
18:53:43.0939 2920 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:53:43.0955 2920 Serenum - ok
18:53:43.0955 2920 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:53:43.0970 2920 Serial - ok
18:53:43.0970 2920 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:53:43.0970 2920 sermouse - ok
18:53:44.0002 2920 SessionEnv (8f55ce568c543d5adf45c409d16718fc) C:\Windows\system32\sessenv.dll
18:53:44.0002 2920 SessionEnv - ok
18:53:44.0048 2920 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
18:53:44.0048 2920 sffdisk - ok
18:53:44.0048 2920 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:53:44.0048 2920 sffp_mmc - ok
18:53:44.0064 2920 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:53:44.0064 2920 sffp_sd - ok
18:53:44.0064 2920 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:53:44.0064 2920 sfloppy - ok
18:53:44.0126 2920 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:53:44.0126 2920 SharedAccess - ok
18:53:44.0189 2920 ShellHWDetection (cd2e48fa5b29ee2b3b5858056d246ef2) C:\Windows\System32\shsvcs.dll
18:53:44.0204 2920 ShellHWDetection - ok
18:53:44.0204 2920 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
18:53:44.0204 2920 sisagp - ok
18:53:44.0220 2920 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:53:44.0220 2920 SiSRaid2 - ok
18:53:44.0236 2920 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:53:44.0236 2920 SiSRaid4 - ok
18:53:44.0251 2920 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:53:44.0251 2920 Smb - ok
18:53:44.0298 2920 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:53:44.0314 2920 SNMPTRAP - ok
18:53:44.0454 2920 SNP2UVC (473f35e2a378b854731e67c377a3bea7) C:\Windows\system32\DRIVERS\snp2uvc.sys
18:53:44.0485 2920 SNP2UVC - ok
18:53:44.0813 2920 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:53:44.0813 2920 spldr - ok
18:53:44.0891 2920 Spooler (d1bb750eb51694de183e08b9c33be5b2) C:\Windows\System32\spoolsv.exe
18:53:44.0891 2920 Spooler - ok
18:53:45.0125 2920 sppsvc (4c287f9069fedbd791178876ee9de536) C:\Windows\system32\sppsvc.exe
18:53:45.0156 2920 sppsvc - ok
18:53:45.0390 2920 sppuinotify (d8e3e19eebdab49dd4a8d3062ead4ec7) C:\Windows\system32\sppuinotify.dll
18:53:45.0406 2920 sppuinotify - ok
18:53:45.0546 2920 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
18:53:45.0546 2920 srv - ok
18:53:45.0608 2920 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
18:53:45.0608 2920 srv2 - ok
18:53:45.0671 2920 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
18:53:45.0671 2920 srvnet - ok
18:53:45.0718 2920 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:53:45.0733 2920 SSDPSRV - ok
18:53:45.0764 2920 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:53:45.0780 2920 SstpSvc - ok
18:53:45.0811 2920 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:53:45.0811 2920 stexstor - ok
18:53:45.0858 2920 StiSvc (a22825e7bb7018e8af3e229a5af17221) C:\Windows\System32\wiaservc.dll
18:53:45.0858 2920 StiSvc - ok
18:53:45.0858 2920 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
18:53:45.0858 2920 swenum - ok
18:53:45.0905 2920 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:53:45.0920 2920 swprv - ok
18:53:46.0014 2920 SysMain (04105c8da62353589c29bdaeb8d88bd8) C:\Windows\system32\sysmain.dll
18:53:46.0030 2920 SysMain - ok
18:53:46.0061 2920 TabletInputService (fcfb6c552fbc0da299799cbd50ad9fd4) C:\Windows\System32\TabSvc.dll
18:53:46.0061 2920 TabletInputService - ok
18:53:46.0092 2920 TapiSrv (2f46b0c70a4adc8c90cf825da3b4feaf) C:\Windows\System32\tapisrv.dll
18:53:46.0108 2920 TapiSrv - ok
18:53:46.0123 2920 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:53:46.0123 2920 TBS - ok
18:53:46.0326 2920 Tcpip (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\drivers\tcpip.sys
18:53:46.0342 2920 Tcpip - ok
18:53:46.0747 2920 TCPIP6 (55e9965552741f3850cb22cbba9671ed) C:\Windows\system32\DRIVERS\tcpip.sys
18:53:46.0763 2920 TCPIP6 - ok
18:53:47.0106 2920 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
18:53:47.0106 2920 tcpipreg - ok
18:53:47.0106 2920 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
18:53:47.0122 2920 TDPIPE - ok
18:53:47.0153 2920 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys
18:53:47.0153 2920 TDTCP - ok
18:53:47.0168 2920 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
18:53:47.0168 2920 tdx - ok
18:53:47.0184 2920 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
18:53:47.0184 2920 TermDD - ok
18:53:47.0231 2920 TermService (a01e50a04d7b1960b33e92b9080e6a94) C:\Windows\System32\termsrv.dll
18:53:47.0231 2920 TermService - ok
18:53:47.0246 2920 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:53:47.0246 2920 Themes - ok
18:53:47.0278 2920 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:53:47.0278 2920 THREADORDER - ok
18:53:47.0309 2920 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:53:47.0309 2920 TrkWks - ok
18:53:47.0356 2920 TrustedInstaller (41a4c781d2286208d397d72099304133) C:\Windows\servicing\TrustedInstaller.exe
18:53:47.0356 2920 TrustedInstaller - ok
18:53:47.0387 2920 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:53:47.0387 2920 tssecsrv - ok
18:53:47.0402 2920 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
18:53:47.0402 2920 tunnel - ok
18:53:47.0418 2920 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:53:47.0418 2920 uagp35 - ok
18:53:47.0465 2920 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
18:53:47.0465 2920 udfs - ok
18:53:47.0496 2920 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:53:47.0496 2920 UI0Detect - ok
18:53:47.0512 2920 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
18:53:47.0512 2920 uliagpkx - ok
18:53:47.0527 2920 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
18:53:47.0527 2920 umbus - ok
18:53:47.0543 2920 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:53:47.0543 2920 UmPass - ok
18:53:47.0574 2920 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:53:47.0574 2920 upnphost - ok
18:53:47.0621 2920 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
18:53:47.0621 2920 usbccgp - ok
18:53:47.0652 2920 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
18:53:47.0652 2920 usbcir - ok
18:53:47.0683 2920 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
18:53:47.0683 2920 usbehci - ok
18:53:47.0730 2920 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
18:53:47.0730 2920 usbhub - ok
18:53:47.0746 2920 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
18:53:47.0746 2920 usbohci - ok
18:53:47.0761 2920 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:53:47.0761 2920 usbprint - ok
18:53:47.0792 2920 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:53:47.0792 2920 USBSTOR - ok
18:53:47.0808 2920 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
18:53:47.0808 2920 usbuhci - ok
18:53:47.0839 2920 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
18:53:47.0839 2920 usbvideo - ok
18:53:47.0870 2920 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:53:47.0870 2920 UxSms - ok
18:53:47.0902 2920 VaultSvc (c2243ff9e9aad0c30e8b1a0914da15b6) C:\Windows\system32\lsass.exe
18:53:47.0917 2920 VaultSvc - ok
18:53:47.0948 2920 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
18:53:47.0964 2920 vdrvroot - ok
18:53:48.0026 2920 vds (8c4e7c49d3641bc9e299e466a7f8867d) C:\Windows\System32\vds.exe
18:53:48.0026 2920 vds - ok
18:53:48.0042 2920 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:53:48.0042 2920 vga - ok
18:53:48.0058 2920 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:53:48.0058 2920 VgaSave - ok
18:53:48.0073 2920 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
18:53:48.0073 2920 vhdmp - ok
18:53:48.0073 2920 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
18:53:48.0073 2920 viaagp - ok
18:53:48.0089 2920 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:53:48.0089 2920 ViaC7 - ok
18:53:48.0104 2920 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
18:53:48.0104 2920 viaide - ok
18:53:48.0120 2920 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
18:53:48.0120 2920 volmgr - ok
18:53:48.0136 2920 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:53:48.0151 2920 volmgrx - ok
18:53:48.0198 2920 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
18:53:48.0198 2920 volsnap - ok
18:53:48.0229 2920 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:53:48.0245 2920 vsmraid - ok
18:53:48.0338 2920 VSS (7ea2bcd94d9cfaf4c556f5cc94532a6c) C:\Windows\system32\vssvc.exe
18:53:48.0354 2920 VSS - ok
18:53:48.0354 2920 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
18:53:48.0354 2920 vwifibus - ok
18:53:48.0370 2920 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
18:53:48.0370 2920 vwififlt - ok
18:53:48.0432 2920 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:53:48.0432 2920 W32Time - ok
18:53:48.0448 2920 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:53:48.0448 2920 WacomPen - ok
18:53:48.0479 2920 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
18:53:48.0479 2920 WANARP - ok
18:53:48.0479 2920 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
18:53:48.0494 2920 Wanarpv6 - ok
18:53:48.0650 2920 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
18:53:48.0666 2920 WatAdminSvc - ok
18:53:48.0994 2920 wbengine (7790b77fe1e5ee47dcc66247095bb4c9) C:\Windows\system32\wbengine.exe
18:53:49.0009 2920 wbengine - ok
18:53:49.0025 2920 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:53:49.0025 2920 WbioSrvc - ok
18:53:49.0072 2920 wcncsvc (d0f88aa11ee1a62bcc6d6a8a7783ca11) C:\Windows\System32\wcncsvc.dll
18:53:49.0072 2920 wcncsvc - ok
18:53:49.0103 2920 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:53:49.0103 2920 WcsPlugInService - ok
18:53:49.0243 2920 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:53:49.0243 2920 Wd - ok
18:53:49.0290 2920 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:53:49.0290 2920 Wdf01000 - ok
18:53:49.0368 2920 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:53:49.0368 2920 WdiServiceHost - ok
18:53:49.0384 2920 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:53:49.0384 2920 WdiSystemHost - ok
18:53:49.0430 2920 WebClient (d87c7d2c517f82a5ab7a73e203063d9e) C:\Windows\System32\webclnt.dll
18:53:49.0446 2920 WebClient - ok
18:53:49.0508 2920 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:53:49.0508 2920 Wecsvc - ok
18:53:49.0540 2920 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:53:49.0540 2920 wercplsupport - ok
18:53:49.0571 2920 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:53:49.0571 2920 WerSvc - ok
18:53:49.0602 2920 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:53:49.0602 2920 WfpLwf - ok
18:53:49.0633 2920 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:53:49.0633 2920 WIMMount - ok
18:53:49.0774 2920 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:53:49.0789 2920 WinDefend - ok
18:53:49.0789 2920 WinHttpAutoProxySvc - ok
18:53:49.0914 2920 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:53:49.0914 2920 Winmgmt - ok
18:53:50.0039 2920 WinRM (c4f5d3901d1b41d602ddc196e0b95b51) C:\Windows\system32\WsmSvc.dll
18:53:50.0054 2920 WinRM - ok
18:53:50.0148 2920 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:53:50.0164 2920 Wlansvc - ok
18:53:50.0304 2920 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
18:53:50.0304 2920 WmiAcpi - ok
18:53:50.0444 2920 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:53:50.0444 2920 wmiApSrv - ok
18:53:50.0647 2920 WMPNetworkSvc (77fbd400984cf72ba0fc4b3489d65f74) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:53:50.0663 2920 WMPNetworkSvc - ok
18:53:50.0897 2920 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:53:50.0897 2920 WPCSvc - ok
18:53:50.0912 2920 WPDBusEnum (b7f658a2ebc07129538ad9ab35212637) C:\Windows\system32\wpdbusenum.dll
18:53:50.0928 2920 WPDBusEnum - ok
18:53:51.0068 2920 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:53:51.0068 2920 ws2ifsl - ok
18:53:51.0100 2920 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
18:53:51.0100 2920 wscsvc - ok
18:53:51.0115 2920 WSearch - ok
18:53:51.0271 2920 wuauserv (a33408cc036f9c08142b11be5e93f0a1) C:\Windows\system32\wuaueng.dll
18:53:51.0302 2920 wuauserv - ok
18:53:51.0630 2920 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
18:53:51.0630 2920 WudfPf - ok
18:53:51.0646 2920 wudfsvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\Windows\System32\WUDFSvc.dll
18:53:51.0661 2920 wudfsvc - ok
18:53:51.0708 2920 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:53:51.0724 2920 WwanSvc - ok
18:53:51.0755 2920 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:53:51.0770 2920 \Device\Harddisk0\DR0 - ok
18:53:51.0770 2920 Boot (0x1200) (c4c0103556c6e529454da759989fd527) \Device\Harddisk0\DR0\Partition0
18:53:51.0770 2920 \Device\Harddisk0\DR0\Partition0 - ok
18:53:51.0786 2920 Boot (0x1200) (ab61808dd8cd521656f43bdb76365fd9) \Device\Harddisk0\DR0\Partition1
18:53:51.0786 2920 \Device\Harddisk0\DR0\Partition1 - ok
18:53:51.0817 2920 Boot (0x1200) (433427dc3520bdf30d1419dbc861d52b) \Device\Harddisk0\DR0\Partition2
18:53:51.0817 2920 \Device\Harddisk0\DR0\Partition2 - ok
18:53:51.0817 2920 ============================================================
18:53:51.0817 2920 Scan finished
18:53:51.0817 2920 ============================================================
18:53:51.0942 3736 Detected object count: 0
18:53:51.0942 3736 Actual detected object count: 0

#15 bwrighttwo

bwrighttwo
  • Topic Starter

  • Members
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:11 AM

Posted 11 May 2012 - 06:38 PM

Eset was clean.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users