Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

USPS Customer Service Spam


  • Please log in to reply
12 replies to this topic

#1 Sn17

Sn17

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 10 May 2012 - 08:29 PM

Hi,

I received an e-mail in my spam folder titled USPS Customer Service. The name looked legitimate, so I opened it. Something about them holding my parcel post and going to charge me. I didn't have much information, so I downloaded the "label parcel post." The thing I downloaded showed up with an empty folder icon. Thinking it was a folder I double clicked it and then, it asked me to run it. After running it, it saved a new file onto my computer with an adobe icon next to it. I tried opening it, but it wouldn't open. That's when I realized it was probably not a good thing. I was able to delete the file with the adobe icon, but not the original "empty" folder. It wouldn't let me delete the original folder and after clicking on it a couple more times, my avast system detected a threat with some url- something like about.open.motive or something like that. Sorry, I probably should've written that down. I did an avast boot-time scan on my computer and it didn't come up with anything. My brother told me to get malware bytes which is scanning now. I also went to some password protected sites after, but changed all those now using a different computer. Am I infected? Should I be worried or do anything in addition to the avast scan?

Thank you,
sn17

Edited by Sn17, 10 May 2012 - 08:47 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:17 PM

Posted 10 May 2012 - 09:25 PM

Hello and welcome! Please run these 3 apps.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Sn17

Sn17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 11 May 2012 - 12:20 AM

Hey guys,

Thanks for the help. I finished running malware bytes and got 3 Trojan.Downloaders and 1 Trojan.Agent. I removed them and I'll post the log below. I went ahead and ran a couple of tests from the first post: tdss killer and the avast awsMBR. I tried running the gmer, but it gave me an error. The second try caused a bsod. Then I tried running the minitool box farbar and it got stuck at some point so forced-closed it. I was wondering if you still want me to run the e-set online scan since I've already done the avast.
These are my logs:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.11.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Fox :: FOX-PC [administrator]

5/10/2012 6:56:13 PM
mbam-log-2012-05-10 (18-56-13).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 293509
Time elapsed: 57 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Fox\AppData\Local\urlmon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Fox\AppData\Local\Temp\Temp1_Label_Parcel_ID5814-45US.zip\Label_Parcel_ID5814-45US.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Fox\AppData\Local\Temp\.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Fox\Local Settings\Application Data\urlmon.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

(end)


Tdss log:
20:14:31.0103 6136 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:14:31.0499 6136 ============================================================
20:14:31.0499 6136 Current date / time: 2012/05/10 20:14:31.0499
20:14:31.0499 6136 SystemInfo:
20:14:31.0499 6136
20:14:31.0499 6136 OS Version: 6.0.6002 ServicePack: 2.0
20:14:31.0499 6136 Product type: Workstation
20:14:31.0499 6136 ComputerName: FOX-PC
20:14:31.0500 6136 UserName: Fox
20:14:31.0500 6136 Windows directory: C:\Windows
20:14:31.0500 6136 System windows directory: C:\Windows
20:14:31.0500 6136 Processor architecture: Intel x86
20:14:31.0500 6136 Number of processors: 2
20:14:31.0500 6136 Page size: 0x1000
20:14:31.0500 6136 Boot type: Normal boot
20:14:31.0500 6136 ============================================================
20:14:32.0487 6136 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:14:32.0490 6136 ============================================================
20:14:32.0490 6136 \Device\Harddisk0\DR0:
20:14:32.0490 6136 MBR partitions:
20:14:32.0490 6136 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
20:14:32.0490 6136 ============================================================
20:14:32.0514 6136 C: <-> \Device\Harddisk0\DR0\Partition0
20:14:32.0514 6136 ============================================================
20:14:32.0514 6136 Initialize success
20:14:32.0514 6136 ============================================================
20:15:01.0046 4288 ============================================================
20:15:01.0046 4288 Scan started
20:15:01.0046 4288 Mode: Manual; TDLFS;
20:15:01.0046 4288 ============================================================
20:15:01.0567 4288 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
20:15:01.0572 4288 ACPI - ok
20:15:01.0675 4288 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:15:01.0693 4288 adp94xx - ok
20:15:01.0768 4288 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:15:01.0780 4288 adpahci - ok
20:15:01.0805 4288 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:15:01.0810 4288 adpu160m - ok
20:15:01.0849 4288 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:15:01.0859 4288 adpu320 - ok
20:15:01.0904 4288 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
20:15:01.0906 4288 AeLookupSvc - ok
20:15:02.0002 4288 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe
20:15:02.0005 4288 AESTFilters - ok
20:15:02.0078 4288 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
20:15:02.0092 4288 AFD - ok
20:15:02.0130 4288 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:15:02.0132 4288 agp440 - ok
20:15:02.0195 4288 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:15:02.0198 4288 aic78xx - ok
20:15:02.0250 4288 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
20:15:02.0254 4288 ALG - ok
20:15:02.0287 4288 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
20:15:02.0289 4288 aliide - ok
20:15:02.0312 4288 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:15:02.0315 4288 amdagp - ok
20:15:02.0339 4288 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
20:15:02.0341 4288 amdide - ok
20:15:02.0360 4288 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:15:02.0363 4288 AmdK7 - ok
20:15:02.0388 4288 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
20:15:02.0391 4288 AmdK8 - ok
20:15:02.0473 4288 ApfiltrService (448da519f3b6ffa158c513156053181e) C:\Windows\system32\DRIVERS\Apfiltr.sys
20:15:02.0488 4288 ApfiltrService - ok
20:15:02.0523 4288 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
20:15:02.0526 4288 Appinfo - ok
20:15:02.0659 4288 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:15:02.0663 4288 Apple Mobile Device - ok
20:15:02.0705 4288 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:15:02.0708 4288 arc - ok
20:15:02.0760 4288 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:15:02.0763 4288 arcsas - ok
20:15:02.0834 4288 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\Windows\system32\drivers\aswFsBlk.sys
20:15:02.0836 4288 aswFsBlk - ok
20:15:02.0924 4288 aswMonFlt (6693141560b1615d8dccf0d8eb00087e) C:\Windows\system32\drivers\aswMonFlt.sys
20:15:02.0927 4288 aswMonFlt - ok
20:15:02.0959 4288 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\Windows\system32\drivers\aswRdr.sys
20:15:02.0961 4288 aswRdr - ok
20:15:03.0099 4288 aswSnx (dcb199b967375753b5019ec15f008f53) C:\Windows\system32\drivers\aswSnx.sys
20:15:03.0129 4288 aswSnx - ok
20:15:03.0202 4288 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\Windows\system32\drivers\aswSP.sys
20:15:03.0212 4288 aswSP - ok
20:15:03.0264 4288 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\Windows\system32\drivers\aswTdi.sys
20:15:03.0266 4288 aswTdi - ok
20:15:03.0313 4288 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:03.0315 4288 AsyncMac - ok
20:15:03.0337 4288 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
20:15:03.0338 4288 atapi - ok
20:15:03.0420 4288 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:15:03.0426 4288 AudioEndpointBuilder - ok
20:15:03.0437 4288 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
20:15:03.0444 4288 Audiosrv - ok
20:15:03.0532 4288 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:15:03.0534 4288 avast! Antivirus - ok
20:15:03.0548 4288 BCM42RLY - ok
20:15:03.0721 4288 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:15:03.0738 4288 BCM43XX - ok
20:15:03.0765 4288 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
20:15:03.0767 4288 Beep - ok
20:15:03.0844 4288 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
20:15:03.0871 4288 BFE - ok
20:15:03.0988 4288 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
20:15:04.0009 4288 BITS - ok
20:15:04.0018 4288 blbdrive - ok
20:15:04.0132 4288 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
20:15:04.0138 4288 Bonjour Service - ok
20:15:04.0161 4288 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
20:15:04.0164 4288 bowser - ok
20:15:04.0209 4288 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:15:04.0211 4288 BrFiltLo - ok
20:15:04.0234 4288 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:15:04.0236 4288 BrFiltUp - ok
20:15:04.0273 4288 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
20:15:04.0276 4288 Browser - ok
20:15:04.0312 4288 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
20:15:04.0321 4288 Brserid - ok
20:15:04.0349 4288 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:15:04.0351 4288 BrSerWdm - ok
20:15:04.0361 4288 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:15:04.0363 4288 BrUsbMdm - ok
20:15:04.0385 4288 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
20:15:04.0387 4288 BrUsbSer - ok
20:15:04.0415 4288 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:15:04.0417 4288 BTHMODEM - ok
20:15:04.0462 4288 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
20:15:04.0464 4288 cdfs - ok
20:15:04.0515 4288 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
20:15:04.0518 4288 cdrom - ok
20:15:04.0543 4288 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:15:04.0545 4288 CertPropSvc - ok
20:15:04.0575 4288 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:15:04.0576 4288 circlass - ok
20:15:04.0637 4288 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
20:15:04.0643 4288 CLFS - ok
20:15:04.0702 4288 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:04.0706 4288 clr_optimization_v2.0.50727_32 - ok
20:15:04.0780 4288 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:15:04.0782 4288 clr_optimization_v4.0.30319_32 - ok
20:15:04.0801 4288 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:04.0803 4288 CmBatt - ok
20:15:04.0838 4288 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
20:15:04.0840 4288 cmdide - ok
20:15:04.0866 4288 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
20:15:04.0868 4288 Compbatt - ok
20:15:04.0873 4288 COMSysApp - ok
20:15:04.0885 4288 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:15:04.0889 4288 crcdisk - ok
20:15:04.0912 4288 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:15:04.0914 4288 Crusoe - ok
20:15:04.0959 4288 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
20:15:04.0962 4288 CryptSvc - ok
20:15:05.0054 4288 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:15:05.0068 4288 DcomLaunch - ok
20:15:05.0096 4288 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
20:15:05.0099 4288 DfsC - ok
20:15:05.0391 4288 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
20:15:05.0459 4288 DFSR - ok
20:15:05.0641 4288 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
20:15:05.0647 4288 Dhcp - ok
20:15:05.0718 4288 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
20:15:05.0723 4288 disk - ok
20:15:05.0760 4288 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
20:15:05.0774 4288 Dnscache - ok
20:15:05.0825 4288 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
20:15:05.0859 4288 dot3svc - ok
20:15:05.0924 4288 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
20:15:05.0936 4288 Dot4 - ok
20:15:05.0974 4288 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
20:15:05.0976 4288 Dot4Print - ok
20:15:06.0014 4288 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
20:15:06.0016 4288 dot4usb - ok
20:15:06.0063 4288 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
20:15:06.0066 4288 DPS - ok
20:15:06.0095 4288 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
20:15:06.0096 4288 drmkaud - ok
20:15:06.0229 4288 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
20:15:06.0240 4288 DXGKrnl - ok
20:15:06.0298 4288 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:15:06.0302 4288 E1G60 - ok
20:15:06.0338 4288 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
20:15:06.0341 4288 EapHost - ok
20:15:06.0374 4288 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
20:15:06.0378 4288 Ecache - ok
20:15:06.0454 4288 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
20:15:06.0461 4288 ehRecvr - ok
20:15:06.0488 4288 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
20:15:06.0490 4288 ehSched - ok
20:15:06.0497 4288 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
20:15:06.0500 4288 ehstart - ok
20:15:06.0573 4288 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:15:06.0591 4288 elxstor - ok
20:15:06.0686 4288 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
20:15:06.0692 4288 EMDMgmt - ok
20:15:06.0746 4288 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
20:15:06.0750 4288 EventSystem - ok
20:15:06.0800 4288 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
20:15:06.0811 4288 exfat - ok
20:15:06.0866 4288 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
20:15:06.0877 4288 fastfat - ok
20:15:06.0918 4288 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:15:06.0920 4288 fdc - ok
20:15:06.0943 4288 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
20:15:06.0946 4288 fdPHost - ok
20:15:06.0963 4288 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
20:15:06.0965 4288 FDResPub - ok
20:15:06.0993 4288 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
20:15:06.0995 4288 FileInfo - ok
20:15:07.0030 4288 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
20:15:07.0031 4288 Filetrace - ok
20:15:07.0048 4288 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:07.0050 4288 flpydisk - ok
20:15:07.0117 4288 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
20:15:07.0122 4288 FltMgr - ok
20:15:07.0244 4288 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
20:15:07.0271 4288 FontCache - ok
20:15:07.0314 4288 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:15:07.0316 4288 FontCache3.0.0.0 - ok
20:15:07.0345 4288 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
20:15:07.0347 4288 Fs_Rec - ok
20:15:07.0381 4288 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:15:07.0383 4288 gagp30kx - ok
20:15:07.0408 4288 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:15:07.0411 4288 GEARAspiWDM - ok
20:15:07.0493 4288 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
20:15:07.0516 4288 gpsvc - ok
20:15:07.0604 4288 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
20:15:07.0620 4288 HdAudAddService - ok
20:15:07.0733 4288 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:15:07.0747 4288 HDAudBus - ok
20:15:07.0776 4288 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:15:07.0779 4288 HidBth - ok
20:15:07.0795 4288 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:15:07.0799 4288 HidIr - ok
20:15:07.0829 4288 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
20:15:07.0836 4288 hidserv - ok
20:15:07.0871 4288 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
20:15:07.0873 4288 HidUsb - ok
20:15:07.0921 4288 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
20:15:07.0939 4288 hkmsvc - ok
20:15:07.0967 4288 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:15:07.0970 4288 HpCISSs - ok
20:15:08.0106 4288 hpqcxs08 (fcb563b0a23643e5f80b6ff1e60f610f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
20:15:08.0110 4288 hpqcxs08 - ok
20:15:08.0156 4288 hpqddsvc (25e443e27165c652723a92d9bdfd4649) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
20:15:08.0159 4288 hpqddsvc - ok
20:15:08.0206 4288 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:15:08.0218 4288 HSFHWAZL - ok
20:15:08.0364 4288 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
20:15:08.0388 4288 HSF_DPV - ok
20:15:08.0455 4288 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
20:15:08.0466 4288 HTTP - ok
20:15:08.0491 4288 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:15:08.0493 4288 i2omp - ok
20:15:08.0539 4288 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
20:15:08.0541 4288 i8042prt - ok
20:15:08.0595 4288 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:15:08.0604 4288 iaStorV - ok
20:15:08.0785 4288 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:15:08.0807 4288 idsvc - ok
20:15:09.0117 4288 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:15:09.0186 4288 igfx - ok
20:15:09.0321 4288 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:15:09.0324 4288 iirsp - ok
20:15:09.0414 4288 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
20:15:09.0433 4288 IKEEXT - ok
20:15:09.0474 4288 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
20:15:09.0476 4288 intelide - ok
20:15:09.0506 4288 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
20:15:09.0508 4288 intelppm - ok
20:15:09.0580 4288 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
20:15:09.0581 4288 IntuitUpdateService - ok
20:15:09.0615 4288 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
20:15:09.0619 4288 IPBusEnum - ok
20:15:09.0644 4288 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:09.0646 4288 IpFilterDriver - ok
20:15:09.0692 4288 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
20:15:09.0696 4288 iphlpsvc - ok
20:15:09.0701 4288 IpInIp - ok
20:15:09.0723 4288 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:15:09.0726 4288 IPMIDRV - ok
20:15:09.0766 4288 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
20:15:09.0771 4288 IPNAT - ok
20:15:09.0904 4288 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
20:15:09.0913 4288 iPod Service - ok
20:15:09.0934 4288 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
20:15:09.0936 4288 IRENUM - ok
20:15:09.0961 4288 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:15:09.0964 4288 isapnp - ok
20:15:10.0048 4288 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
20:15:10.0051 4288 iScsiPrt - ok
20:15:10.0077 4288 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:15:10.0080 4288 iteatapi - ok
20:15:10.0098 4288 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:15:10.0100 4288 iteraid - ok
20:15:10.0135 4288 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
20:15:10.0137 4288 kbdclass - ok
20:15:10.0162 4288 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
20:15:10.0165 4288 kbdhid - ok
20:15:10.0201 4288 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:15:10.0205 4288 KeyIso - ok
20:15:10.0301 4288 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
20:15:10.0315 4288 KSecDD - ok
20:15:10.0391 4288 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
20:15:10.0400 4288 KtmRm - ok
20:15:10.0439 4288 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
20:15:10.0458 4288 LanmanServer - ok
20:15:10.0506 4288 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
20:15:10.0519 4288 LanmanWorkstation - ok
20:15:10.0552 4288 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
20:15:10.0554 4288 lltdio - ok
20:15:10.0613 4288 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
20:15:10.0628 4288 lltdsvc - ok
20:15:10.0661 4288 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
20:15:10.0665 4288 lmhosts - ok
20:15:10.0702 4288 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:15:10.0704 4288 LSI_FC - ok
20:15:10.0723 4288 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:15:10.0726 4288 LSI_SAS - ok
20:15:10.0759 4288 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:15:10.0762 4288 LSI_SCSI - ok
20:15:10.0802 4288 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
20:15:10.0809 4288 luafv - ok
20:15:10.0850 4288 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
20:15:10.0854 4288 Mcx2Svc - ok
20:15:10.0882 4288 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:15:10.0884 4288 megasas - ok
20:15:10.0916 4288 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:15:10.0920 4288 MMCSS - ok
20:15:10.0941 4288 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
20:15:10.0942 4288 Modem - ok
20:15:10.0957 4288 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
20:15:10.0959 4288 monitor - ok
20:15:10.0977 4288 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
20:15:10.0979 4288 mouclass - ok
20:15:11.0007 4288 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
20:15:11.0008 4288 mouhid - ok
20:15:11.0040 4288 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
20:15:11.0042 4288 MountMgr - ok
20:15:11.0157 4288 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:15:11.0159 4288 MozillaMaintenance - ok
20:15:11.0206 4288 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:15:11.0208 4288 mpio - ok
20:15:11.0238 4288 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
20:15:11.0240 4288 mpsdrv - ok
20:15:11.0309 4288 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
20:15:11.0317 4288 MpsSvc - ok
20:15:11.0346 4288 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:15:11.0349 4288 Mraid35x - ok
20:15:11.0387 4288 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
20:15:11.0390 4288 MRxDAV - ok
20:15:11.0417 4288 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:11.0422 4288 mrxsmb - ok
20:15:11.0459 4288 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:11.0465 4288 mrxsmb10 - ok
20:15:11.0481 4288 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:11.0484 4288 mrxsmb20 - ok
20:15:11.0530 4288 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
20:15:11.0532 4288 msahci - ok
20:15:11.0554 4288 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:15:11.0561 4288 msdsm - ok
20:15:11.0610 4288 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
20:15:11.0624 4288 MSDTC - ok
20:15:11.0669 4288 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
20:15:11.0671 4288 Msfs - ok
20:15:11.0687 4288 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
20:15:11.0689 4288 msisadrv - ok
20:15:11.0733 4288 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
20:15:11.0744 4288 MSiSCSI - ok
20:15:11.0751 4288 msiserver - ok
20:15:11.0787 4288 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
20:15:11.0789 4288 MSKSSRV - ok
20:15:11.0816 4288 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:11.0818 4288 MSPCLOCK - ok
20:15:11.0837 4288 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
20:15:11.0839 4288 MSPQM - ok
20:15:11.0881 4288 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
20:15:11.0887 4288 MsRPC - ok
20:15:11.0918 4288 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
20:15:11.0920 4288 mssmbios - ok
20:15:11.0947 4288 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
20:15:11.0949 4288 MSTEE - ok
20:15:11.0965 4288 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
20:15:11.0971 4288 Mup - ok
20:15:12.0039 4288 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
20:15:12.0053 4288 napagent - ok
20:15:12.0099 4288 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
20:15:12.0106 4288 NativeWifiP - ok
20:15:12.0198 4288 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
20:15:12.0207 4288 NDIS - ok
20:15:12.0238 4288 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
20:15:12.0240 4288 NdisTapi - ok
20:15:12.0268 4288 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
20:15:12.0271 4288 Ndisuio - ok
20:15:12.0300 4288 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
20:15:12.0311 4288 NdisWan - ok
20:15:12.0345 4288 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
20:15:12.0350 4288 NDProxy - ok
20:15:12.0422 4288 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\Windows\system32\HPZinw12.dll
20:15:12.0427 4288 Net Driver HPZ12 - ok
20:15:12.0449 4288 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
20:15:12.0453 4288 NetBIOS - ok
20:15:12.0491 4288 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
20:15:12.0504 4288 netbt - ok
20:15:12.0559 4288 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:15:12.0566 4288 Netlogon - ok
20:15:12.0629 4288 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
20:15:12.0642 4288 Netman - ok
20:15:12.0696 4288 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
20:15:12.0707 4288 netprofm - ok
20:15:12.0803 4288 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:15:12.0814 4288 NetTcpPortSharing - ok
20:15:12.0856 4288 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:15:12.0859 4288 nfrd960 - ok
20:15:12.0911 4288 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
20:15:12.0922 4288 NlaSvc - ok
20:15:12.0935 4288 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
20:15:12.0939 4288 Npfs - ok
20:15:12.0971 4288 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
20:15:12.0981 4288 nsi - ok
20:15:13.0001 4288 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
20:15:13.0004 4288 nsiproxy - ok
20:15:13.0171 4288 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
20:15:13.0201 4288 Ntfs - ok
20:15:13.0236 4288 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:15:13.0239 4288 ntrigdigi - ok
20:15:13.0265 4288 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
20:15:13.0268 4288 Null - ok
20:15:13.0301 4288 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
20:15:13.0307 4288 nvraid - ok
20:15:13.0336 4288 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
20:15:13.0340 4288 nvstor - ok
20:15:13.0373 4288 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:15:13.0384 4288 nv_agp - ok
20:15:13.0393 4288 NwlnkFlt - ok
20:15:13.0406 4288 NwlnkFwd - ok
20:15:13.0481 4288 OEM02Dev (19cac780b858822055f46c58a111723c) C:\Windows\system32\DRIVERS\OEM02Dev.sys
20:15:13.0490 4288 OEM02Dev - ok
20:15:13.0499 4288 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
20:15:13.0502 4288 OEM02Vfx - ok
20:15:13.0568 4288 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
20:15:13.0570 4288 ohci1394 - ok
20:15:13.0683 4288 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:15:13.0689 4288 ose - ok
20:15:13.0800 4288 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:15:13.0832 4288 p2pimsvc - ok
20:15:13.0852 4288 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:15:13.0874 4288 p2psvc - ok
20:15:13.0905 4288 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:15:13.0914 4288 Parport - ok
20:15:13.0954 4288 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
20:15:13.0957 4288 partmgr - ok
20:15:13.0987 4288 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:15:13.0990 4288 Parvdm - ok
20:15:14.0015 4288 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
20:15:14.0025 4288 PcaSvc - ok
20:15:14.0069 4288 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
20:15:14.0075 4288 pci - ok
20:15:14.0117 4288 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys
20:15:14.0120 4288 pciide - ok
20:15:14.0185 4288 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:15:14.0200 4288 pcmcia - ok
20:15:14.0334 4288 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:15:14.0361 4288 PEAUTH - ok
20:15:14.0632 4288 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
20:15:14.0685 4288 pla - ok
20:15:14.0860 4288 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
20:15:14.0875 4288 PlugPlay - ok
20:15:14.0940 4288 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\Windows\system32\HPZipm12.dll
20:15:14.0946 4288 Pml Driver HPZ12 - ok
20:15:15.0048 4288 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:15:15.0066 4288 PNRPAutoReg - ok
20:15:15.0084 4288 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
20:15:15.0104 4288 PNRPsvc - ok
20:15:15.0180 4288 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
20:15:15.0192 4288 PolicyAgent - ok
20:15:15.0235 4288 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
20:15:15.0237 4288 PptpMiniport - ok
20:15:15.0267 4288 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:15:15.0269 4288 Processor - ok
20:15:15.0310 4288 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
20:15:15.0316 4288 ProfSvc - ok
20:15:15.0366 4288 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:15:15.0370 4288 ProtectedStorage - ok
20:15:15.0407 4288 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
20:15:15.0409 4288 PSched - ok
20:15:15.0559 4288 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:15:15.0587 4288 ql2300 - ok
20:15:15.0617 4288 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:15:15.0622 4288 ql40xx - ok
20:15:15.0683 4288 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
20:15:15.0701 4288 QWAVE - ok
20:15:15.0726 4288 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
20:15:15.0729 4288 QWAVEdrv - ok
20:15:15.0740 4288 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
20:15:15.0743 4288 RasAcd - ok
20:15:15.0779 4288 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
20:15:15.0787 4288 RasAuto - ok
20:15:15.0807 4288 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:15:15.0810 4288 Rasl2tp - ok
20:15:15.0864 4288 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
20:15:15.0878 4288 RasMan - ok
20:15:15.0905 4288 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
20:15:15.0907 4288 RasPppoe - ok
20:15:15.0930 4288 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
20:15:15.0934 4288 RasSstp - ok
20:15:15.0979 4288 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
20:15:15.0990 4288 rdbss - ok
20:15:16.0006 4288 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:15:16.0008 4288 RDPCDD - ok
20:15:16.0073 4288 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:15:16.0083 4288 rdpdr - ok
20:15:16.0090 4288 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
20:15:16.0094 4288 RDPENCDD - ok
20:15:16.0155 4288 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
20:15:16.0167 4288 RDPWD - ok
20:15:16.0203 4288 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
20:15:16.0211 4288 RemoteAccess - ok
20:15:16.0244 4288 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
20:15:16.0254 4288 RemoteRegistry - ok
20:15:16.0280 4288 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:15:16.0284 4288 rimmptsk - ok
20:15:16.0313 4288 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:15:16.0316 4288 rimsptsk - ok
20:15:16.0340 4288 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:15:16.0343 4288 rismxdp - ok
20:15:16.0366 4288 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
20:15:16.0372 4288 RpcLocator - ok
20:15:16.0460 4288 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
20:15:16.0475 4288 RpcSs - ok
20:15:16.0497 4288 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
20:15:16.0500 4288 rspndr - ok
20:15:16.0528 4288 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
20:15:16.0534 4288 SamSs - ok
20:15:16.0570 4288 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:15:16.0574 4288 sbp2port - ok
20:15:16.0612 4288 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
20:15:16.0627 4288 SCardSvr - ok
20:15:16.0733 4288 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
20:15:16.0748 4288 Schedule - ok
20:15:16.0766 4288 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
20:15:16.0768 4288 SCPolicySvc - ok
20:15:16.0822 4288 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
20:15:16.0830 4288 sdbus - ok
20:15:16.0857 4288 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
20:15:16.0876 4288 SDRSVC - ok
20:15:16.0890 4288 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:15:16.0894 4288 secdrv - ok
20:15:16.0923 4288 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
20:15:16.0932 4288 seclogon - ok
20:15:16.0951 4288 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
20:15:16.0963 4288 SENS - ok
20:15:16.0990 4288 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:15:16.0993 4288 Serenum - ok
20:15:17.0021 4288 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:15:17.0029 4288 Serial - ok
20:15:17.0074 4288 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
20:15:17.0077 4288 sermouse - ok
20:15:17.0142 4288 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
20:15:17.0154 4288 SessionEnv - ok
20:15:17.0180 4288 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
20:15:17.0184 4288 sffdisk - ok
20:15:17.0213 4288 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:15:17.0216 4288 sffp_mmc - ok
20:15:17.0235 4288 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
20:15:17.0238 4288 sffp_sd - ok
20:15:17.0261 4288 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:15:17.0264 4288 sfloppy - ok
20:15:17.0333 4288 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
20:15:17.0352 4288 SharedAccess - ok
20:15:17.0429 4288 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
20:15:17.0437 4288 ShellHWDetection - ok
20:15:17.0467 4288 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:15:17.0470 4288 sisagp - ok
20:15:17.0494 4288 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:15:17.0496 4288 SiSRaid2 - ok
20:15:17.0520 4288 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:15:17.0528 4288 SiSRaid4 - ok
20:15:17.0978 4288 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
20:15:18.0069 4288 slsvc - ok
20:15:18.0215 4288 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
20:15:18.0226 4288 SLUINotify - ok
20:15:18.0272 4288 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
20:15:18.0275 4288 Smb - ok
20:15:18.0312 4288 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
20:15:18.0318 4288 SNMPTRAP - ok
20:15:18.0341 4288 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
20:15:18.0344 4288 spldr - ok
20:15:18.0384 4288 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
20:15:18.0391 4288 Spooler - ok
20:15:18.0453 4288 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
20:15:18.0461 4288 srv - ok
20:15:18.0498 4288 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
20:15:18.0502 4288 srv2 - ok
20:15:18.0523 4288 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
20:15:18.0527 4288 srvnet - ok
20:15:18.0564 4288 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
20:15:18.0581 4288 SSDPSRV - ok
20:15:18.0646 4288 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
20:15:18.0654 4288 SstpSvc - ok
20:15:18.0736 4288 STacSV (71679f24d0d0b2c6403bb5ac57026e99) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe
20:15:18.0737 4288 STacSV - ok
20:15:18.0794 4288 STHDA (68a0d39e357dd7a234b1d4f1e844c615) C:\Windows\system32\drivers\stwrt.sys
20:15:18.0811 4288 STHDA - ok
20:15:18.0825 4288 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
20:15:18.0827 4288 StillCam - ok
20:15:18.0913 4288 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
20:15:18.0940 4288 stisvc - ok
20:15:18.0962 4288 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
20:15:18.0965 4288 swenum - ok
20:15:19.0035 4288 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
20:15:19.0052 4288 swprv - ok
20:15:19.0097 4288 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:15:19.0100 4288 Symc8xx - ok
20:15:19.0121 4288 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:15:19.0124 4288 Sym_hi - ok
20:15:19.0171 4288 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:15:19.0174 4288 Sym_u3 - ok
20:15:19.0268 4288 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
20:15:19.0300 4288 SysMain - ok
20:15:19.0342 4288 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
20:15:19.0360 4288 TabletInputService - ok
20:15:19.0421 4288 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
20:15:19.0443 4288 TapiSrv - ok
20:15:19.0476 4288 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
20:15:19.0488 4288 TBS - ok
20:15:19.0618 4288 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
20:15:19.0640 4288 Tcpip - ok
20:15:19.0661 4288 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
20:15:19.0670 4288 Tcpip6 - ok
20:15:19.0689 4288 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
20:15:19.0692 4288 tcpipreg - ok
20:15:19.0802 4288 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
20:15:19.0818 4288 TDPIPE - ok
20:15:19.0921 4288 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
20:15:19.0935 4288 TDTCP - ok
20:15:20.0018 4288 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
20:15:20.0027 4288 tdx - ok
20:15:20.0084 4288 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
20:15:20.0086 4288 TermDD - ok
20:15:20.0171 4288 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
20:15:20.0185 4288 TermService - ok
20:15:20.0253 4288 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
20:15:20.0260 4288 Themes - ok
20:15:20.0282 4288 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
20:15:20.0286 4288 THREADORDER - ok
20:15:20.0319 4288 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
20:15:20.0336 4288 TrkWks - ok
20:15:20.0376 4288 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
20:15:20.0377 4288 TrustedInstaller - ok
20:15:20.0409 4288 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:15:20.0411 4288 tssecsrv - ok
20:15:20.0448 4288 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
20:15:20.0450 4288 tunmp - ok
20:15:20.0460 4288 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
20:15:20.0462 4288 tunnel - ok
20:15:20.0495 4288 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:15:20.0498 4288 uagp35 - ok
20:15:20.0543 4288 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
20:15:20.0554 4288 udfs - ok
20:15:20.0592 4288 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
20:15:20.0601 4288 UI0Detect - ok
20:15:20.0625 4288 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:15:20.0628 4288 uliagpkx - ok
20:15:20.0682 4288 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:15:20.0691 4288 uliahci - ok
20:15:20.0719 4288 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:15:20.0725 4288 UlSata - ok
20:15:20.0758 4288 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:15:20.0771 4288 ulsata2 - ok
20:15:20.0804 4288 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
20:15:20.0807 4288 umbus - ok
20:15:20.0855 4288 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
20:15:20.0876 4288 upnphost - ok
20:15:20.0925 4288 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
20:15:20.0928 4288 USBAAPL - ok
20:15:20.0971 4288 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
20:15:20.0975 4288 usbccgp - ok
20:15:21.0015 4288 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:15:21.0019 4288 usbcir - ok
20:15:21.0081 4288 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
20:15:21.0084 4288 usbehci - ok
20:15:21.0117 4288 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
20:15:21.0121 4288 usbhub - ok
20:15:21.0185 4288 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
20:15:21.0188 4288 usbohci - ok
20:15:21.0225 4288 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
20:15:21.0227 4288 usbprint - ok
20:15:21.0276 4288 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
20:15:21.0280 4288 usbscan - ok
20:15:21.0314 4288 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:15:21.0318 4288 USBSTOR - ok
20:15:21.0346 4288 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
20:15:21.0349 4288 usbuhci - ok
20:15:21.0401 4288 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
20:15:21.0411 4288 usbvideo - ok
20:15:21.0451 4288 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
20:15:21.0465 4288 UxSms - ok
20:15:21.0533 4288 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
20:15:21.0557 4288 vds - ok
20:15:21.0592 4288 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:15:21.0595 4288 vga - ok
20:15:21.0624 4288 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
20:15:21.0628 4288 VgaSave - ok
20:15:21.0667 4288 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:15:21.0671 4288 viaagp - ok
20:15:21.0692 4288 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:15:21.0696 4288 ViaC7 - ok
20:15:21.0742 4288 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
20:15:21.0745 4288 viaide - ok
20:15:21.0789 4288 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
20:15:21.0793 4288 volmgr - ok
20:15:21.0846 4288 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
20:15:21.0852 4288 volmgrx - ok
20:15:21.0892 4288 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
20:15:21.0901 4288 volsnap - ok
20:15:21.0951 4288 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:15:21.0964 4288 vsmraid - ok
20:15:22.0132 4288 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
20:15:22.0184 4288 VSS - ok
20:15:22.0237 4288 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
20:15:22.0254 4288 W32Time - ok
20:15:22.0304 4288 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:15:22.0307 4288 WacomPen - ok
20:15:22.0350 4288 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:15:22.0359 4288 Wanarp - ok
20:15:22.0366 4288 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
20:15:22.0370 4288 Wanarpv6 - ok
20:15:22.0445 4288 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
20:15:22.0476 4288 wcncsvc - ok
20:15:22.0514 4288 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
20:15:22.0536 4288 WcsPlugInService - ok
20:15:22.0560 4288 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:15:22.0563 4288 Wd - ok
20:15:22.0670 4288 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
20:15:22.0691 4288 Wdf01000 - ok
20:15:22.0726 4288 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:15:22.0740 4288 WdiServiceHost - ok
20:15:22.0748 4288 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
20:15:22.0762 4288 WdiSystemHost - ok
20:15:22.0803 4288 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
20:15:22.0818 4288 WebClient - ok
20:15:22.0866 4288 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
20:15:22.0881 4288 Wecsvc - ok
20:15:22.0907 4288 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
20:15:22.0921 4288 wercplsupport - ok
20:15:22.0952 4288 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
20:15:22.0966 4288 WerSvc - ok
20:15:23.0068 4288 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
20:15:23.0093 4288 winachsf - ok
20:15:23.0224 4288 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
20:15:23.0229 4288 WinDefend - ok
20:15:23.0242 4288 WinHttpAutoProxySvc - ok
20:15:23.0303 4288 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
20:15:23.0308 4288 Winmgmt - ok
20:15:23.0491 4288 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
20:15:23.0543 4288 WinRM - ok
20:15:23.0649 4288 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
20:15:23.0673 4288 Wlansvc - ok
20:15:23.0683 4288 wltrysvc - ok
20:15:23.0725 4288 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:15:23.0728 4288 WmiAcpi - ok
20:15:23.0771 4288 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
20:15:23.0775 4288 wmiApSrv - ok
20:15:23.0895 4288 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
20:15:23.0904 4288 WMPNetworkSvc - ok
20:15:23.0932 4288 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
20:15:23.0950 4288 WPCSvc - ok
20:15:24.0001 4288 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
20:15:24.0010 4288 WPDBusEnum - ok
20:15:24.0058 4288 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
20:15:24.0060 4288 WpdUsb - ok
20:15:24.0249 4288 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:15:24.0274 4288 WPFFontCache_v0400 - ok
20:15:24.0307 4288 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
20:15:24.0309 4288 ws2ifsl - ok
20:15:24.0344 4288 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
20:15:24.0353 4288 wscsvc - ok
20:15:24.0359 4288 WSearch - ok
20:15:24.0623 4288 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
20:15:24.0658 4288 wuauserv - ok
20:15:24.0939 4288 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:15:24.0946 4288 WUDFRd - ok
20:15:24.0976 4288 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
20:15:24.0986 4288 wudfsvc - ok
20:15:25.0049 4288 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
20:15:25.0053 4288 yukonwlh - ok
20:15:25.0077 4288 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:15:25.0305 4288 \Device\Harddisk0\DR0 - ok
20:15:25.0310 4288 Boot (0x1200) (f5d69a5a0c013fbbe2768733302c9a8b) \Device\Harddisk0\DR0\Partition0
20:15:25.0313 4288 \Device\Harddisk0\DR0\Partition0 - ok
20:15:25.0315 4288 ============================================================
20:15:25.0315 4288 Scan finished
20:15:25.0315 4288 ============================================================
20:15:25.0331 4328 Detected object count: 0
20:15:25.0331 4328 Actual detected object count: 0
20:16:19.0539 6132 Deinitialize success


aswMBR log:
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-10 20:27:13
-----------------------------
20:27:13.555 OS Version: Windows 6.0.6002 Service Pack 2
20:27:13.556 Number of processors: 2 586 0xF0D
20:27:13.559 ComputerName: FOX-PC UserName: Fox
20:27:27.306 Initialize success
20:27:30.515 AVAST engine defs: 12051001
20:27:47.723 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
20:27:47.730 Disk 0 Vendor: WDC_WD3200BEKT-00KA9T0 01.01A01 Size: 305245MB BusType: 3
20:27:47.758 Disk 0 MBR read successfully
20:27:47.767 Disk 0 MBR scan
20:27:47.779 Disk 0 Windows VISTA default MBR code
20:27:47.801 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305243 MB offset 2048
20:27:47.818 Disk 0 scanning sectors +625139712
20:27:47.959 Disk 0 scanning C:\Windows\system32\drivers
20:28:11.264 Service scanning
20:28:27.553 Modules scanning
20:28:35.616 Disk 0 trace - called modules:
20:28:35.639 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
20:28:35.649 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x861331f8]
20:28:35.657 3 CLASSPNP.SYS[8afa78b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x85efdb98]
20:28:38.139 AVAST engine scan C:\Windows
20:28:46.796 AVAST engine scan C:\Windows\system32
20:31:47.706 AVAST engine scan C:\Windows\system32\drivers
20:32:38.953 AVAST engine scan C:\Users\Fox
20:39:05.653 AVAST engine scan C:\ProgramData
20:40:30.832 Scan finished successfully
20:41:14.653 Disk 0 MBR has been saved successfully to "C:\Users\Fox\Documents\MBR.dat"
20:41:14.668 The log file has been saved successfully to "C:\Users\Fox\Documents\aswMBR.txt"

Anything else I should do?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:17 PM

Posted 11 May 2012 - 10:14 AM

Thanks still need the last 2.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Sn17

Sn17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 11 May 2012 - 03:20 PM

Hello,

So i did the ESET scan and it found no infected files or threats.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:17 PM

Posted 11 May 2012 - 03:35 PM

Now that is Odd,, Are you still having the USPS issue??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Sn17

Sn17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 11 May 2012 - 08:48 PM

Well, avast only went crazy after I clicked on the usps file. So I don't think it's doing anything or at least anything noticeable and I did tell malware to remove the Trojan files it found. Then again, that "empty" folder Icon named "label parcel post" is still on my computer. That still worries me. Do you think my computer is okay now, though?

Edited by Sn17, 11 May 2012 - 08:50 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:17 PM

Posted 11 May 2012 - 09:05 PM

Can you delete the folder?

I believe Avast caught it as ESET always does.


Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Sn17

Sn17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 11 May 2012 - 11:26 PM

I tried deleting it and it worked! yay! I emptied the recycle bin. I also ran the TFC Old Timer. I should be fine by now right?

Edited by Sn17, 12 May 2012 - 12:17 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:17 PM

Posted 13 May 2012 - 02:49 PM

Looks good to me..
If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista Users can refer to these links: Create a New Restore Point and Disk Cleanup.

Tips to protect yourself against malware and reduce the potential for re-infection:Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Keeping Autorun enabled on USB and other removable drives has become a significant security risk due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Sn17

Sn17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 14 May 2012 - 08:36 PM

Great! Thank you for all your help. I really appreciate it. Just one last question: I have vista and when I hit cleanup under the systems restore and shadow copies, a little window popped up saying are you sure you want to delete all these files, and I hit delete. After that, all that happened was that the little window asking me closed. Is that it or was there supposed to be something else that happened?

Edited by Sn17, 14 May 2012 - 08:37 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,166 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:17 PM

Posted 14 May 2012 - 09:37 PM

No, all's good.. :thumbup2:
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Sn17

Sn17
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 14 May 2012 - 10:37 PM

Awesome! Thanks so much!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users