Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirect on firefox


  • Please log in to reply
12 replies to this topic

#1 cjef

cjef

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 18 June 2012 - 07:41 PM

Greetings,

I'm having a problem with a Google redirect virus using firefox. The problem keeps occurring if I update fire fox past version 8.0. If I keep restoring back to that google works fine. Apparently I've had this a while and going back for FF 8.0 avoids the issue but I'd really like to clean it out. My AV software is not catching anything and multiple different anti-malware programs (spybot, etc.) are not finding or getting rid of it. The redirect always directs me a few different websites:

http://click.findsearchengineresults.com/ads-clicktrack/click/.........

or

http://click.to-get-answers-fast.com/ads-clicktrack/click/....

Any help would be appreciated.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:42 PM

Posted 18 June 2012 - 09:19 PM

Hello and welcome, Lets do these next and see how it is.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.




Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cjef

cjef
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 18 June 2012 - 10:42 PM

Thanks for the welcome, I appreciate the help. Logs are below.

TDSS killer did not require a reboot. BTW all items were run in safe mode(w networking).

After the steps above were run, the virus is not currently affecting the main account, but a second account (also an administrator) is still experiencing the same issue. Do the same steps need to be run from that account as well?

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Mini too box log:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Craig (administrator) on 18-06-2012 at 21:24:04
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Nerwork
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100links.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCI GBE Family Controller = Local Area Connection (Connected)
Kingston EtherRx KNE111TX PCI Fast Ethernet Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tsunami
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Kingston EtherRx KNE111TX PCI Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-C0-F0-75-CB-EB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
Physical Address. . . . . . . . . : 00-14-2A-38-07-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fd0d:7cc4:4c15:af44%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, June 18, 2012 9:00:28 PM
Lease Expires . . . . . . . . . . : Tuesday, June 19, 2012 9:00:28 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234886186
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-07-4C-10-00-14-2A-38-07-AD
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{5D4B6CA4-C037-4AFF-B8B2-EB40DEA950D6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4002:801::100e
74.125.227.8
74.125.227.9
74.125.227.14
74.125.227.0
74.125.227.1
74.125.227.2
74.125.227.3
74.125.227.4
74.125.227.5
74.125.227.6
74.125.227.7


Pinging google.com [74.125.227.110] with 32 bytes of data:
Reply from 74.125.227.110: bytes=32 time=40ms TTL=50
Reply from 74.125.227.110: bytes=32 time=40ms TTL=50

Ping statistics for 74.125.227.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 40ms, Average = 40ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=81ms TTL=45
Reply from 98.139.183.24: bytes=32 time=158ms TTL=45

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 81ms, Maximum = 158ms, Average = 119ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 c0 f0 75 cb eb ......Kingston EtherRx KNE111TX PCI Fast Ethernet Adapter
11...00 14 2a 38 07 ad ......Realtek PCI GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.108 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.108 276
192.168.1.108 255.255.255.255 On-link 192.168.1.108 276
192.168.1.255 255.255.255.255 On-link 192.168.1.108 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.108 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.108 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::fd0d:7cc4:4c15:af44/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/18/2012 09:01:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 01:36:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 12.0.0.4493, time stamp: 0x4f9207d9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0005333f
Faulting process id: 0xe04
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (06/18/2012 01:35:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 12.0.0.4493, time stamp: 0x4f9207d9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc00000fd
Fault offset: 0x0001f9c5
Faulting process id: 0xe04
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (06/18/2012 01:33:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 12.0.0.4493, time stamp: 0x4f9207d9
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0002d225
Faulting process id: 0xe04
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3


System errors:
=============
Error: (06/18/2012 09:21:29 PM) (Source: DCOM) (User: )
Description: 1084McAfee SiteAdvisor Service{5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error: (06/18/2012 09:04:11 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (06/18/2012 09:01:06 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (06/18/2012 09:01:06 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (06/18/2012 09:00:51 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (06/18/2012 09:00:50 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/18/2012 09:00:50 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/18/2012 09:00:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/18/2012 09:00:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (06/18/2012 09:00:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (06/18/2012 09:01:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 01:36:25 PM) (Source: Application Error)(User: )
Description: firefox.exe12.0.0.44934f9207d9ntdll.dll6.1.7601.177254ec49b60c00000050005333fe0401cd4d760692d78cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll81f4ae5f-b974-11e1-a347-00142a3807ad

Error: (06/18/2012 01:35:13 PM) (Source: Application Error)(User: )
Description: firefox.exe12.0.0.44934f9207d9ntdll.dll6.1.7601.177254ec49b60c00000fd0001f9c5e0401cd4d760692d78cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll56dbdc84-b974-11e1-a347-00142a3807ad

Error: (06/18/2012 01:33:41 PM) (Source: Application Error)(User: )
Description: firefox.exe12.0.0.44934f9207d9ole32.dll6.1.7601.175144ce7b96fc00000050002d225e0401cd4d760692d78cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\ole32.dll1ff4c9c2-b974-11e1-a347-00142a3807ad


=========================== Installed Programs ============================

Acronis True Image WD Edition (Version: 13.0.14157)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Amazon Kindle
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.1.364.0)
C3500 Series MFP (Version: 1.20.0024)
C3530MFP Series FAX Driver from OKI® Printing Solutions for Windows (Version: 2.1.3)
C3530MFP Series GDI Driver from OKI® Printing Solutions for Windows (Version: 2.2.2)
C3530nMFP TWAIN Driver for Windows XP - Windows Vista - Windows Server 2003 - Windows 2000 (Version: 32)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
McAfee SecurityCenter (Version: 11.0.678)
McAfee Virtual Technician (Version: 6.0.0.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MotoHelper 2.1.40 Driver 5.5.0 (Version: 2.1.40)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8562)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Pdf995
Quicken 2012 (Version: 21.1.7.18)
QuickTime (Version: 7.70.80.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
RSDLite (Version: 5.6)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Virtual Account Numbers (Version: 1.0.0.9)
Virtual Account Numbers (Version: 3.7.11.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.11 (32-bit) (Version: 4.11.0)
Yahoo! BrowserPlus 2.9.8

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 2047.36 MB
Available physical RAM: 1321.37 MB
Total Pagefile: 4094.72 MB
Available Pagefile: 3503.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.82 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:297.99 GB) (Free:138.06 GB) NTFS
4 Drive e: () (Fixed) (Total:279.47 GB) (Free:141.49 GB) NTFS
5 Drive f: (My Book AV) (Fixed) (Total:931.51 GB) (Free:216.23 GB) NTFS
7 Drive h: () (Removable) (Total:0.24 GB) (Free:0.17 GB) FAT

========================= Users: ========================================

User accounts for \\TSUNAMI

Administrator Craig Guest
Kids LaDawna UpdatusUser


**** End of log ****

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Goordfix log:


GooredFix by jpshortstuff (03.07.10.1)
Log created at 21:46 on 18/06/2012 (Craig)
Firefox version 13.0.1 (en-US)

========== GooredScan ==========

Deleting "C:\Users\Craig\Application Data\Mozilla\Firefox\Profiles\ev45ws3r.default\extensions\{468bb6f3-ab00-4f0f-bb84-eb1f43783677}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [08:41 18/09/2011]
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [19:39 17/06/2012]

C:\Users\Craig\Application Data\Mozilla\Firefox\Profiles\ev45ws3r.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [17:24 09/12/2011]
{20a82645-c095-46ed-80e3-08825760534b} [17:46 18/09/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [07:55 18/09/2011]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [05:10 03/12/2011]
"citiucs@orbiscom"="C:\Program Files\UCS\Virtual Account Numbers" [19:57 13/02/2012]
"{D19CA586-DD6C-4a0a-96F8-14644F340D60}"="C:\Program Files\Common Files\McAfee\SystemCore" [07:54 18/09/2011]

-=E.O.F=-

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


TDSSKiller log:

Did not need reboot.

21:48:12.0029 2632 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
21:48:14.0029 2632 ============================================================
21:48:14.0029 2632 Current date / time: 2012/06/18 21:48:14.0029
21:48:14.0029 2632 SystemInfo:
21:48:14.0029 2632
21:48:14.0029 2632 OS Version: 6.1.7601 ServicePack: 1.0
21:48:14.0029 2632 Product type: Workstation
21:48:14.0029 2632 ComputerName: TSUNAMI
21:48:14.0029 2632 UserName: Craig
21:48:14.0029 2632 Windows directory: C:\Windows
21:48:14.0029 2632 System windows directory: C:\Windows
21:48:14.0029 2632 Processor architecture: Intel x86
21:48:14.0029 2632 Number of processors: 2
21:48:14.0029 2632 Page size: 0x1000
21:48:14.0029 2632 Boot type: Safe boot with network
21:48:14.0029 2632 ============================================================
21:48:22.0826 2632 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000058
21:48:22.0826 2632 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
21:48:29.0294 2632 Drive \Device\Harddisk1\DR1 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x8E83, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:48:29.0326 2632 Drive \Device\Harddisk3\DR3 - Size: 0xF4FFE00 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:48:29.0326 2632 ============================================================
21:48:29.0326 2632 \Device\Harddisk2\DR2:
21:48:29.0326 2632 MBR partitions:
21:48:29.0326 2632 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
21:48:29.0326 2632 \Device\Harddisk0\DR0:
21:48:29.0404 2632 MBR partitions:
21:48:29.0404 2632 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:48:29.0404 2632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
21:48:29.0404 2632 \Device\Harddisk1\DR1:
21:48:29.0404 2632 MBR partitions:
21:48:29.0404 2632 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEEBC3
21:48:29.0404 2632 \Device\Harddisk3\DR3:
21:48:29.0404 2632 MBR partitions:
21:48:29.0404 2632 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x6, StartLBA 0x63, BlocksNum 0x7A59D
21:48:29.0404 2632 ============================================================
21:48:29.0435 2632 C: <-> \Device\Harddisk0\DR0\Partition1
21:48:29.0513 2632 E: <-> \Device\Harddisk1\DR1\Partition0
21:48:29.0513 2632 F: <-> \Device\Harddisk2\DR2\Partition0
21:48:29.0513 2632 ============================================================
21:48:29.0513 2632 Initialize success
21:48:29.0513 2632 ============================================================
21:49:32.0138 1152 ============================================================
21:49:32.0138 1152 Scan started
21:49:32.0138 1152 Mode: Manual;
21:49:32.0138 1152 ============================================================
21:49:32.0513 1152 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
21:49:32.0513 1152 1394ohci - ok
21:49:32.0544 1152 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
21:49:32.0544 1152 ACPI - ok
21:49:32.0560 1152 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
21:49:32.0560 1152 AcpiPmi - ok
21:49:32.0669 1152 AcrSch2Svc (af6481c648ea9a76569aacb73eac286a) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
21:49:32.0685 1152 AcrSch2Svc - ok
21:49:32.0763 1152 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:49:32.0779 1152 AdobeARMservice - ok
21:49:32.0873 1152 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:49:32.0873 1152 AdobeFlashPlayerUpdateSvc - ok
21:49:32.0904 1152 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
21:49:32.0919 1152 adp94xx - ok
21:49:32.0951 1152 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
21:49:32.0966 1152 adpahci - ok
21:49:32.0982 1152 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
21:49:32.0982 1152 adpu320 - ok
21:49:33.0013 1152 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
21:49:33.0013 1152 AeLookupSvc - ok
21:49:33.0060 1152 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
21:49:33.0076 1152 AFD - ok
21:49:33.0091 1152 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
21:49:33.0091 1152 agp440 - ok
21:49:33.0123 1152 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
21:49:33.0123 1152 aic78xx - ok
21:49:33.0154 1152 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
21:49:33.0154 1152 ALG - ok
21:49:33.0169 1152 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
21:49:33.0169 1152 aliide - ok
21:49:33.0185 1152 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
21:49:33.0185 1152 amdagp - ok
21:49:33.0185 1152 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
21:49:33.0185 1152 amdide - ok
21:49:33.0216 1152 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
21:49:33.0216 1152 AmdK8 - ok
21:49:33.0232 1152 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
21:49:33.0232 1152 AmdPPM - ok
21:49:33.0263 1152 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
21:49:33.0263 1152 amdsata - ok
21:49:33.0294 1152 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
21:49:33.0294 1152 amdsbs - ok
21:49:33.0294 1152 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
21:49:33.0294 1152 amdxata - ok
21:49:33.0326 1152 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
21:49:33.0326 1152 AppID - ok
21:49:33.0357 1152 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
21:49:33.0357 1152 AppIDSvc - ok
21:49:33.0388 1152 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
21:49:33.0388 1152 Appinfo - ok
21:49:33.0419 1152 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
21:49:33.0419 1152 arc - ok
21:49:33.0419 1152 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
21:49:33.0419 1152 arcsas - ok
21:49:33.0451 1152 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
21:49:33.0451 1152 AsyncMac - ok
21:49:33.0466 1152 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
21:49:33.0466 1152 atapi - ok
21:49:33.0513 1152 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:49:33.0529 1152 AudioEndpointBuilder - ok
21:49:33.0529 1152 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
21:49:33.0529 1152 Audiosrv - ok
21:49:33.0560 1152 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
21:49:33.0560 1152 AxInstSV - ok
21:49:33.0607 1152 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
21:49:33.0623 1152 b06bdrv - ok
21:49:33.0669 1152 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
21:49:33.0669 1152 b57nd60x - ok
21:49:33.0810 1152 BBSvc (37bfed63841e56f465e1a0cd32f1bcc9) C:\Program Files\Microsoft\BingBar\7.1.364.0\BBSvc.exe
21:49:33.0810 1152 BBSvc - ok
21:49:33.0841 1152 BBUpdate (b47230df549e171449b5d25cfcee9f57) C:\Program Files\Microsoft\BingBar\7.1.364.0\SeaPort.exe
21:49:33.0841 1152 BBUpdate - ok
21:49:33.0873 1152 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
21:49:33.0873 1152 BDESVC - ok
21:49:33.0873 1152 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
21:49:33.0873 1152 Beep - ok
21:49:33.0919 1152 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
21:49:33.0935 1152 BFE - ok
21:49:33.0982 1152 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
21:49:33.0998 1152 BITS - ok
21:49:34.0029 1152 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
21:49:34.0029 1152 blbdrive - ok
21:49:34.0060 1152 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
21:49:34.0060 1152 bowser - ok
21:49:34.0076 1152 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
21:49:34.0076 1152 BrFiltLo - ok
21:49:34.0091 1152 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
21:49:34.0091 1152 BrFiltUp - ok
21:49:34.0107 1152 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
21:49:34.0107 1152 Browser - ok
21:49:34.0123 1152 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
21:49:34.0138 1152 Brserid - ok
21:49:34.0154 1152 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
21:49:34.0154 1152 BrSerWdm - ok
21:49:34.0169 1152 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:49:34.0169 1152 BrUsbMdm - ok
21:49:34.0185 1152 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
21:49:34.0185 1152 BrUsbSer - ok
21:49:34.0216 1152 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
21:49:34.0216 1152 BTCFilterService - ok
21:49:34.0232 1152 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
21:49:34.0232 1152 BTHMODEM - ok
21:49:34.0263 1152 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
21:49:34.0263 1152 bthserv - ok
21:49:34.0294 1152 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
21:49:34.0294 1152 cdfs - ok
21:49:34.0326 1152 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
21:49:34.0326 1152 cdrom - ok
21:49:34.0357 1152 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:49:34.0357 1152 CertPropSvc - ok
21:49:34.0404 1152 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
21:49:34.0404 1152 cfwids - ok
21:49:34.0419 1152 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
21:49:34.0419 1152 circlass - ok
21:49:34.0451 1152 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
21:49:34.0451 1152 CLFS - ok
21:49:34.0529 1152 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:49:34.0529 1152 clr_optimization_v2.0.50727_32 - ok
21:49:34.0591 1152 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:49:34.0607 1152 clr_optimization_v4.0.30319_32 - ok
21:49:34.0607 1152 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
21:49:34.0607 1152 CmBatt - ok
21:49:34.0623 1152 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
21:49:34.0623 1152 cmdide - ok
21:49:34.0669 1152 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
21:49:34.0669 1152 CNG - ok
21:49:34.0685 1152 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
21:49:34.0685 1152 Compbatt - ok
21:49:34.0716 1152 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:49:34.0716 1152 CompositeBus - ok
21:49:34.0732 1152 COMSysApp - ok
21:49:34.0748 1152 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
21:49:34.0748 1152 crcdisk - ok
21:49:34.0841 1152 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
21:49:34.0841 1152 CryptSvc - ok
21:49:34.0904 1152 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
21:49:34.0904 1152 dc3d - ok
21:49:34.0935 1152 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:49:34.0951 1152 DcomLaunch - ok
21:49:34.0982 1152 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
21:49:34.0982 1152 defragsvc - ok
21:49:34.0998 1152 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
21:49:34.0998 1152 DfsC - ok
21:49:35.0044 1152 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
21:49:35.0044 1152 Dhcp - ok
21:49:35.0060 1152 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
21:49:35.0060 1152 discache - ok
21:49:35.0091 1152 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
21:49:35.0091 1152 Disk - ok
21:49:35.0123 1152 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
21:49:35.0123 1152 Dnscache - ok
21:49:35.0138 1152 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
21:49:35.0154 1152 dot3svc - ok
21:49:35.0169 1152 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
21:49:35.0169 1152 DPS - ok
21:49:35.0201 1152 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
21:49:35.0201 1152 drmkaud - ok
21:49:35.0248 1152 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
21:49:35.0263 1152 DXGKrnl - ok
21:49:35.0294 1152 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
21:49:35.0294 1152 EapHost - ok
21:49:35.0419 1152 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
21:49:35.0466 1152 ebdrv - ok
21:49:35.0544 1152 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
21:49:35.0544 1152 EFS - ok
21:49:35.0607 1152 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
21:49:35.0623 1152 ehRecvr - ok
21:49:35.0638 1152 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
21:49:35.0638 1152 ehSched - ok
21:49:35.0716 1152 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
21:49:35.0716 1152 elxstor - ok
21:49:35.0732 1152 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
21:49:35.0732 1152 ErrDev - ok
21:49:35.0841 1152 esgiguard - ok
21:49:35.0873 1152 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
21:49:35.0888 1152 EventSystem - ok
21:49:35.0919 1152 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
21:49:35.0919 1152 exfat - ok
21:49:35.0951 1152 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
21:49:35.0951 1152 fastfat - ok
21:49:35.0998 1152 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
21:49:35.0998 1152 Fax - ok
21:49:36.0029 1152 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
21:49:36.0029 1152 fdc - ok
21:49:36.0044 1152 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
21:49:36.0044 1152 fdPHost - ok
21:49:36.0060 1152 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
21:49:36.0060 1152 FDResPub - ok
21:49:36.0076 1152 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
21:49:36.0076 1152 FileInfo - ok
21:49:36.0091 1152 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
21:49:36.0091 1152 Filetrace - ok
21:49:36.0107 1152 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
21:49:36.0107 1152 flpydisk - ok
21:49:36.0138 1152 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
21:49:36.0138 1152 FltMgr - ok
21:49:36.0201 1152 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
21:49:36.0216 1152 FontCache - ok
21:49:36.0294 1152 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:49:36.0294 1152 FontCache3.0.0.0 - ok
21:49:36.0310 1152 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
21:49:36.0310 1152 FsDepends - ok
21:49:36.0357 1152 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
21:49:36.0357 1152 fssfltr - ok
21:49:36.0498 1152 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
21:49:36.0529 1152 fsssvc - ok
21:49:36.0607 1152 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
21:49:36.0607 1152 Fs_Rec - ok
21:49:36.0654 1152 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
21:49:36.0654 1152 fvevol - ok
21:49:36.0685 1152 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
21:49:36.0685 1152 gagp30kx - ok
21:49:36.0748 1152 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
21:49:36.0763 1152 gpsvc - ok
21:49:36.0841 1152 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:49:36.0841 1152 gupdate - ok
21:49:36.0873 1152 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
21:49:36.0873 1152 gupdatem - ok
21:49:36.0888 1152 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
21:49:36.0888 1152 hcw85cir - ok
21:49:36.0935 1152 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
21:49:36.0935 1152 HdAudAddService - ok
21:49:36.0966 1152 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:49:36.0966 1152 HDAudBus - ok
21:49:36.0982 1152 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
21:49:36.0982 1152 HidBatt - ok
21:49:36.0998 1152 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
21:49:36.0998 1152 HidBth - ok
21:49:37.0029 1152 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
21:49:37.0029 1152 HidIr - ok
21:49:37.0060 1152 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
21:49:37.0060 1152 hidserv - ok
21:49:37.0091 1152 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
21:49:37.0091 1152 HidUsb - ok
21:49:37.0107 1152 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
21:49:37.0107 1152 hkmsvc - ok
21:49:37.0123 1152 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
21:49:37.0138 1152 HomeGroupListener - ok
21:49:37.0169 1152 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
21:49:37.0169 1152 HomeGroupProvider - ok
21:49:37.0185 1152 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
21:49:37.0185 1152 HpSAMD - ok
21:49:37.0232 1152 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
21:49:37.0248 1152 HTTP - ok
21:49:37.0248 1152 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
21:49:37.0248 1152 hwpolicy - ok
21:49:37.0279 1152 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
21:49:37.0279 1152 i8042prt - ok
21:49:37.0326 1152 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
21:49:37.0326 1152 iaStorV - ok
21:49:37.0419 1152 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:49:37.0435 1152 idsvc - ok
21:49:37.0451 1152 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
21:49:37.0451 1152 iirsp - ok
21:49:37.0498 1152 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
21:49:37.0513 1152 IKEEXT - ok
21:49:37.0638 1152 IntcAzAudAddService (44792ccbc7b41b42ec068c6416d17de1) C:\Windows\system32\drivers\RtkHDAud.sys
21:49:37.0685 1152 IntcAzAudAddService - ok
21:49:37.0810 1152 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
21:49:37.0810 1152 intelide - ok
21:49:37.0826 1152 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
21:49:37.0826 1152 intelppm - ok
21:49:37.0841 1152 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
21:49:37.0841 1152 IPBusEnum - ok
21:49:37.0857 1152 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:49:37.0873 1152 IpFilterDriver - ok
21:49:37.0904 1152 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
21:49:37.0919 1152 iphlpsvc - ok
21:49:37.0919 1152 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
21:49:37.0935 1152 IPMIDRV - ok
21:49:37.0951 1152 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
21:49:37.0951 1152 IPNAT - ok
21:49:37.0982 1152 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
21:49:37.0982 1152 IRENUM - ok
21:49:37.0998 1152 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
21:49:37.0998 1152 isapnp - ok
21:49:38.0029 1152 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
21:49:38.0029 1152 iScsiPrt - ok
21:49:38.0044 1152 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
21:49:38.0044 1152 kbdclass - ok
21:49:38.0076 1152 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
21:49:38.0076 1152 kbdhid - ok
21:49:38.0107 1152 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:49:38.0107 1152 KeyIso - ok
21:49:38.0138 1152 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
21:49:38.0138 1152 KSecDD - ok
21:49:38.0154 1152 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
21:49:38.0154 1152 KSecPkg - ok
21:49:38.0185 1152 KTC111 (c1ff26110f5e4306fa3b585c7f7603b2) C:\Windows\system32\DRIVERS\KTC111.SYS
21:49:38.0185 1152 KTC111 - ok
21:49:38.0232 1152 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
21:49:38.0232 1152 KtmRm - ok
21:49:38.0263 1152 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
21:49:38.0279 1152 LanmanServer - ok
21:49:38.0294 1152 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
21:49:38.0294 1152 LanmanWorkstation - ok
21:49:38.0341 1152 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
21:49:38.0341 1152 lltdio - ok
21:49:38.0373 1152 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
21:49:38.0373 1152 lltdsvc - ok
21:49:38.0388 1152 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
21:49:38.0388 1152 lmhosts - ok
21:49:38.0419 1152 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
21:49:38.0419 1152 LSI_FC - ok
21:49:38.0435 1152 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
21:49:38.0435 1152 LSI_SAS - ok
21:49:38.0451 1152 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
21:49:38.0466 1152 LSI_SAS2 - ok
21:49:38.0482 1152 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
21:49:38.0482 1152 LSI_SCSI - ok
21:49:38.0513 1152 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
21:49:38.0513 1152 luafv - ok
21:49:38.0607 1152 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:49:38.0607 1152 McAfee SiteAdvisor Service - ok
21:49:38.0607 1152 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:49:38.0607 1152 McMPFSvc - ok
21:49:38.0623 1152 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:49:38.0623 1152 mcmscsvc - ok
21:49:38.0623 1152 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:49:38.0623 1152 McNaiAnn - ok
21:49:38.0654 1152 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:49:38.0654 1152 McNASvc - ok
21:49:38.0748 1152 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
21:49:38.0763 1152 McODS - ok
21:49:38.0779 1152 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
21:49:38.0779 1152 McProxy - ok
21:49:38.0810 1152 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
21:49:38.0810 1152 McShield - ok
21:49:38.0841 1152 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
21:49:38.0841 1152 Mcx2Svc - ok
21:49:38.0857 1152 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
21:49:38.0857 1152 megasas - ok
21:49:38.0888 1152 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
21:49:38.0888 1152 MegaSR - ok
21:49:38.0935 1152 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
21:49:38.0935 1152 mfeapfk - ok
21:49:38.0982 1152 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
21:49:38.0982 1152 mfeavfk - ok
21:49:38.0998 1152 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
21:49:39.0013 1152 mfebopk - ok
21:49:39.0060 1152 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:49:39.0060 1152 mfefire - ok
21:49:39.0091 1152 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
21:49:39.0091 1152 mfefirek - ok
21:49:39.0123 1152 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
21:49:39.0123 1152 mfehidk - ok
21:49:39.0123 1152 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
21:49:39.0123 1152 mfenlfk - ok
21:49:39.0154 1152 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
21:49:39.0154 1152 mferkdet - ok
21:49:39.0201 1152 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe
21:49:39.0201 1152 mfevtp - ok
21:49:39.0232 1152 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
21:49:39.0232 1152 mfewfpk - ok
21:49:39.0248 1152 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:49:39.0263 1152 MMCSS - ok
21:49:39.0279 1152 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
21:49:39.0279 1152 Modem - ok
21:49:39.0310 1152 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
21:49:39.0310 1152 monitor - ok
21:49:39.0341 1152 motandroidusb (0a43169e115b5e9346a4ba1effcb04cb) C:\Windows\system32\Drivers\motoandroid.sys
21:49:39.0341 1152 motandroidusb - ok
21:49:39.0388 1152 motccgp (0bc43805b6da0d7d4f99c737839fc9ec) C:\Windows\system32\DRIVERS\motccgp.sys
21:49:39.0388 1152 motccgp - ok
21:49:39.0404 1152 motccgpfl (1b3720c4d16904756d49ef306706b978) C:\Windows\system32\DRIVERS\motccgpfl.sys
21:49:39.0404 1152 motccgpfl - ok
21:49:39.0451 1152 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
21:49:39.0451 1152 MotDev - ok
21:49:39.0482 1152 motmodem (11b8118f538b579488e7645b2578e544) C:\Windows\system32\DRIVERS\motmodem.sys
21:49:39.0498 1152 motmodem - ok
21:49:39.0607 1152 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
21:49:39.0607 1152 MotoHelper - ok
21:49:39.0623 1152 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
21:49:39.0623 1152 MotoSwitchService - ok
21:49:39.0623 1152 Motousbnet (5073ed2d13d77f89df99caaa72e23526) C:\Windows\system32\DRIVERS\Motousbnet.sys
21:49:39.0623 1152 Motousbnet - ok
21:49:39.0654 1152 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
21:49:39.0654 1152 mouclass - ok
21:49:39.0685 1152 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
21:49:39.0685 1152 mouhid - ok
21:49:39.0701 1152 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
21:49:39.0701 1152 mountmgr - ok
21:49:39.0748 1152 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:49:39.0748 1152 MozillaMaintenance - ok
21:49:39.0763 1152 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
21:49:39.0763 1152 mpio - ok
21:49:39.0779 1152 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
21:49:39.0779 1152 mpsdrv - ok
21:49:39.0826 1152 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
21:49:39.0841 1152 MpsSvc - ok
21:49:39.0857 1152 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
21:49:39.0857 1152 MRxDAV - ok
21:49:39.0888 1152 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:49:39.0888 1152 mrxsmb - ok
21:49:39.0919 1152 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:49:39.0919 1152 mrxsmb10 - ok
21:49:39.0935 1152 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:49:39.0935 1152 mrxsmb20 - ok
21:49:39.0951 1152 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
21:49:39.0951 1152 msahci - ok
21:49:39.0966 1152 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
21:49:39.0966 1152 msdsm - ok
21:49:39.0982 1152 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
21:49:39.0982 1152 MSDTC - ok
21:49:40.0013 1152 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
21:49:40.0013 1152 Msfs - ok
21:49:40.0029 1152 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
21:49:40.0029 1152 mshidkmdf - ok
21:49:40.0044 1152 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
21:49:40.0044 1152 msisadrv - ok
21:49:40.0076 1152 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
21:49:40.0076 1152 MSiSCSI - ok
21:49:40.0091 1152 msiserver - ok
21:49:40.0107 1152 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
21:49:40.0107 1152 MSKSSRV - ok
21:49:40.0123 1152 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
21:49:40.0123 1152 MSPCLOCK - ok
21:49:40.0138 1152 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
21:49:40.0138 1152 MSPQM - ok
21:49:40.0169 1152 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
21:49:40.0169 1152 MsRPC - ok
21:49:40.0185 1152 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
21:49:40.0185 1152 mssmbios - ok
21:49:40.0185 1152 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
21:49:40.0185 1152 MSTEE - ok
21:49:40.0201 1152 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
21:49:40.0201 1152 MTConfig - ok
21:49:40.0216 1152 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
21:49:40.0216 1152 Mup - ok
21:49:40.0263 1152 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
21:49:40.0279 1152 napagent - ok
21:49:40.0310 1152 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
21:49:40.0310 1152 NativeWifiP - ok
21:49:40.0357 1152 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
21:49:40.0357 1152 NDIS - ok
21:49:40.0373 1152 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
21:49:40.0373 1152 NdisCap - ok
21:49:40.0388 1152 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
21:49:40.0388 1152 NdisTapi - ok
21:49:40.0419 1152 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
21:49:40.0419 1152 Ndisuio - ok
21:49:40.0435 1152 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
21:49:40.0435 1152 NdisWan - ok
21:49:40.0451 1152 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
21:49:40.0451 1152 NDProxy - ok
21:49:40.0466 1152 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
21:49:40.0466 1152 NetBIOS - ok
21:49:40.0498 1152 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
21:49:40.0498 1152 NetBT - ok
21:49:40.0529 1152 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:49:40.0529 1152 Netlogon - ok
21:49:40.0576 1152 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
21:49:40.0576 1152 Netman - ok
21:49:40.0607 1152 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
21:49:40.0623 1152 netprofm - ok
21:49:40.0701 1152 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:49:40.0701 1152 NetTcpPortSharing - ok
21:49:40.0732 1152 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
21:49:40.0732 1152 nfrd960 - ok
21:49:40.0748 1152 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
21:49:40.0763 1152 NlaSvc - ok
21:49:40.0779 1152 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
21:49:40.0779 1152 Npfs - ok
21:49:40.0794 1152 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
21:49:40.0794 1152 nsi - ok
21:49:40.0810 1152 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
21:49:40.0810 1152 nsiproxy - ok
21:49:40.0904 1152 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
21:49:40.0904 1152 Ntfs - ok
21:49:40.0919 1152 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
21:49:40.0919 1152 Null - ok
21:49:40.0966 1152 NVHDA (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers\nvhda32v.sys
21:49:40.0982 1152 NVHDA - ok
21:49:41.0310 1152 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:49:41.0466 1152 nvlddmkm - ok
21:49:41.0576 1152 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
21:49:41.0576 1152 nvraid - ok
21:49:41.0607 1152 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
21:49:41.0607 1152 nvstor - ok
21:49:41.0669 1152 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
21:49:41.0685 1152 nvsvc - ok
21:49:41.0826 1152 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:49:41.0857 1152 nvUpdatusService - ok
21:49:41.0935 1152 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
21:49:41.0951 1152 nv_agp - ok
21:49:41.0966 1152 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
21:49:41.0966 1152 ohci1394 - ok
21:49:42.0060 1152 OKI OPHI DCS Loader (e699a087ee11be3b1f27d669d40c7585) C:\Windows\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
21:49:42.0060 1152 OKI OPHI DCS Loader - ok
21:49:42.0107 1152 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:49:42.0107 1152 ose - ok
21:49:42.0310 1152 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:49:42.0388 1152 osppsvc - ok
21:49:42.0451 1152 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:49:42.0466 1152 p2pimsvc - ok
21:49:42.0498 1152 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
21:49:42.0513 1152 p2psvc - ok
21:49:42.0544 1152 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
21:49:42.0560 1152 Parport - ok
21:49:42.0591 1152 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
21:49:42.0591 1152 partmgr - ok
21:49:42.0607 1152 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
21:49:42.0607 1152 Parvdm - ok
21:49:42.0623 1152 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
21:49:42.0623 1152 PcaSvc - ok
21:49:42.0654 1152 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
21:49:42.0654 1152 pci - ok
21:49:42.0669 1152 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
21:49:42.0669 1152 pciide - ok
21:49:42.0701 1152 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
21:49:42.0701 1152 pcmcia - ok
21:49:42.0716 1152 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
21:49:42.0732 1152 pcw - ok
21:49:42.0779 1152 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
21:49:42.0779 1152 PEAUTH - ok
21:49:42.0888 1152 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
21:49:42.0904 1152 pla - ok
21:49:43.0013 1152 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
21:49:43.0013 1152 PlugPlay - ok
21:49:43.0044 1152 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
21:49:43.0044 1152 PNRPAutoReg - ok
21:49:43.0076 1152 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
21:49:43.0076 1152 PNRPsvc - ok
21:49:43.0123 1152 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
21:49:43.0123 1152 Point32 - ok
21:49:43.0169 1152 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
21:49:43.0169 1152 PolicyAgent - ok
21:49:43.0201 1152 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
21:49:43.0216 1152 Power - ok
21:49:43.0248 1152 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
21:49:43.0248 1152 PptpMiniport - ok
21:49:43.0263 1152 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
21:49:43.0263 1152 Processor - ok
21:49:43.0294 1152 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
21:49:43.0310 1152 ProfSvc - ok
21:49:43.0341 1152 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:49:43.0341 1152 ProtectedStorage - ok
21:49:43.0357 1152 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
21:49:43.0373 1152 Psched - ok
21:49:43.0435 1152 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
21:49:43.0466 1152 ql2300 - ok
21:49:43.0544 1152 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
21:49:43.0544 1152 ql40xx - ok
21:49:43.0560 1152 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
21:49:43.0576 1152 QWAVE - ok
21:49:43.0591 1152 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
21:49:43.0591 1152 QWAVEdrv - ok
21:49:43.0607 1152 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
21:49:43.0607 1152 RasAcd - ok
21:49:43.0654 1152 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:49:43.0654 1152 RasAgileVpn - ok
21:49:43.0669 1152 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
21:49:43.0669 1152 RasAuto - ok
21:49:43.0685 1152 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:49:43.0685 1152 Rasl2tp - ok
21:49:43.0732 1152 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
21:49:43.0732 1152 RasMan - ok
21:49:43.0748 1152 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
21:49:43.0748 1152 RasPppoe - ok
21:49:43.0763 1152 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
21:49:43.0779 1152 RasSstp - ok
21:49:43.0794 1152 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
21:49:43.0794 1152 rdbss - ok
21:49:43.0794 1152 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
21:49:43.0794 1152 rdpbus - ok
21:49:43.0810 1152 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:49:43.0810 1152 RDPCDD - ok
21:49:43.0841 1152 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
21:49:43.0841 1152 RDPENCDD - ok
21:49:43.0857 1152 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
21:49:43.0857 1152 RDPREFMP - ok
21:49:43.0904 1152 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
21:49:43.0919 1152 RDPWD - ok
21:49:43.0951 1152 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
21:49:43.0951 1152 rdyboost - ok
21:49:43.0982 1152 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
21:49:43.0982 1152 RemoteAccess - ok
21:49:44.0013 1152 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
21:49:44.0013 1152 RemoteRegistry - ok
21:49:44.0060 1152 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
21:49:44.0060 1152 RimUsb - ok
21:49:44.0091 1152 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
21:49:44.0091 1152 RpcEptMapper - ok
21:49:44.0123 1152 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
21:49:44.0123 1152 RpcLocator - ok
21:49:44.0154 1152 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
21:49:44.0154 1152 RpcSs - ok
21:49:44.0169 1152 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
21:49:44.0169 1152 rspndr - ok
21:49:44.0232 1152 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
21:49:44.0232 1152 RTL8167 - ok
21:49:44.0263 1152 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:49:44.0263 1152 SamSs - ok
21:49:44.0294 1152 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
21:49:44.0294 1152 sbp2port - ok
21:49:44.0466 1152 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
21:49:44.0482 1152 SBSDWSCService - ok
21:49:44.0529 1152 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
21:49:44.0529 1152 SCardSvr - ok
21:49:44.0560 1152 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
21:49:44.0560 1152 scfilter - ok
21:49:44.0607 1152 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
21:49:44.0623 1152 Schedule - ok
21:49:44.0654 1152 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
21:49:44.0654 1152 SCPolicySvc - ok
21:49:44.0685 1152 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
21:49:44.0685 1152 SDRSVC - ok
21:49:44.0701 1152 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
21:49:44.0701 1152 secdrv - ok
21:49:44.0732 1152 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
21:49:44.0732 1152 seclogon - ok
21:49:44.0748 1152 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
21:49:44.0748 1152 SENS - ok
21:49:44.0779 1152 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
21:49:44.0779 1152 SensrSvc - ok
21:49:44.0810 1152 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
21:49:44.0810 1152 Serenum - ok
21:49:44.0841 1152 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
21:49:44.0857 1152 Serial - ok
21:49:44.0857 1152 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
21:49:44.0857 1152 sermouse - ok
21:49:44.0888 1152 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
21:49:44.0904 1152 SessionEnv - ok
21:49:44.0919 1152 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
21:49:44.0919 1152 sffdisk - ok
21:49:44.0919 1152 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
21:49:44.0935 1152 sffp_mmc - ok
21:49:44.0935 1152 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
21:49:44.0951 1152 sffp_sd - ok
21:49:44.0966 1152 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
21:49:44.0966 1152 sfloppy - ok
21:49:44.0998 1152 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
21:49:44.0998 1152 SharedAccess - ok
21:49:45.0044 1152 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
21:49:45.0060 1152 ShellHWDetection - ok
21:49:45.0091 1152 SI3132 (0b9b5c6df6226497ef4819b6e1b2efd5) C:\Windows\system32\DRIVERS\SI3132.sys
21:49:45.0091 1152 SI3132 - ok
21:49:45.0123 1152 SiFilter (ad29a80543c63e5b3588d118fb327e22) C:\Windows\system32\DRIVERS\SiWinAcc.sys
21:49:45.0123 1152 SiFilter - ok
21:49:45.0138 1152 SiRemFil (b19efe5e45ae31f3c3e4c4f0f9da3c49) C:\Windows\system32\DRIVERS\SiRemFil.sys
21:49:45.0138 1152 SiRemFil - ok
21:49:45.0154 1152 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
21:49:45.0154 1152 sisagp - ok
21:49:45.0169 1152 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
21:49:45.0169 1152 SiSRaid2 - ok
21:49:45.0185 1152 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
21:49:45.0201 1152 SiSRaid4 - ok
21:49:45.0232 1152 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
21:49:45.0232 1152 Smb - ok
21:49:45.0294 1152 snapman (98b44c15b4eed76aa8dccb64a4ca11af) C:\Windows\system32\DRIVERS\snapman.sys
21:49:45.0310 1152 snapman - ok
21:49:45.0341 1152 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
21:49:45.0341 1152 SNMPTRAP - ok
21:49:45.0357 1152 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
21:49:45.0357 1152 spldr - ok
21:49:45.0388 1152 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
21:49:45.0404 1152 Spooler - ok
21:49:45.0529 1152 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
21:49:45.0591 1152 sppsvc - ok
21:49:45.0654 1152 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
21:49:45.0654 1152 sppuinotify - ok
21:49:45.0716 1152 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
21:49:45.0716 1152 srv - ok
21:49:45.0748 1152 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
21:49:45.0748 1152 srv2 - ok
21:49:45.0779 1152 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
21:49:45.0779 1152 srvnet - ok
21:49:45.0810 1152 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
21:49:45.0810 1152 SSDPSRV - ok
21:49:45.0826 1152 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
21:49:45.0826 1152 SstpSvc - ok
21:49:45.0935 1152 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:49:45.0935 1152 Stereo Service - ok
21:49:45.0982 1152 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
21:49:45.0982 1152 stexstor - ok
21:49:46.0044 1152 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
21:49:46.0060 1152 StiSvc - ok
21:49:46.0076 1152 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
21:49:46.0076 1152 swenum - ok
21:49:46.0107 1152 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
21:49:46.0123 1152 swprv - ok
21:49:46.0201 1152 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
21:49:46.0216 1152 SysMain - ok
21:49:46.0248 1152 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
21:49:46.0248 1152 TabletInputService - ok
21:49:46.0263 1152 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
21:49:46.0279 1152 TapiSrv - ok
21:49:46.0294 1152 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
21:49:46.0294 1152 TBS - ok
21:49:46.0419 1152 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
21:49:46.0419 1152 Tcpip - ok
21:49:46.0451 1152 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
21:49:46.0451 1152 TCPIP6 - ok
21:49:46.0482 1152 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
21:49:46.0482 1152 tcpipreg - ok
21:49:46.0498 1152 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
21:49:46.0498 1152 TDPIPE - ok
21:49:46.0529 1152 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
21:49:46.0529 1152 TDTCP - ok
21:49:46.0560 1152 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
21:49:46.0560 1152 tdx - ok
21:49:46.0576 1152 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
21:49:46.0576 1152 TermDD - ok
21:49:46.0623 1152 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
21:49:46.0638 1152 TermService - ok
21:49:46.0669 1152 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
21:49:46.0669 1152 Themes - ok
21:49:46.0701 1152 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
21:49:46.0701 1152 THREADORDER - ok
21:49:46.0779 1152 timounter (d8a96d0e25d43fdac3bed09adf39fde9) C:\Windows\system32\DRIVERS\timntr.sys
21:49:46.0779 1152 timounter - ok
21:49:46.0794 1152 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
21:49:46.0794 1152 TrkWks - ok
21:49:46.0841 1152 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
21:49:46.0857 1152 TrustedInstaller - ok
21:49:46.0873 1152 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:49:46.0873 1152 tssecsrv - ok
21:49:46.0904 1152 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
21:49:46.0904 1152 TsUsbFlt - ok
21:49:46.0919 1152 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
21:49:46.0919 1152 TsUsbGD - ok
21:49:46.0951 1152 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
21:49:46.0951 1152 tunnel - ok
21:49:46.0966 1152 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
21:49:46.0966 1152 uagp35 - ok
21:49:46.0998 1152 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
21:49:46.0998 1152 udfs - ok
21:49:47.0029 1152 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
21:49:47.0029 1152 UI0Detect - ok
21:49:47.0060 1152 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
21:49:47.0060 1152 uliagpkx - ok
21:49:47.0091 1152 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
21:49:47.0091 1152 umbus - ok
21:49:47.0123 1152 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
21:49:47.0123 1152 UmPass - ok
21:49:47.0154 1152 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
21:49:47.0154 1152 upnphost - ok
21:49:47.0185 1152 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
21:49:47.0201 1152 usbccgp - ok
21:49:47.0216 1152 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
21:49:47.0216 1152 usbcir - ok
21:49:47.0232 1152 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
21:49:47.0232 1152 usbehci - ok
21:49:47.0263 1152 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
21:49:47.0263 1152 usbhub - ok
21:49:47.0279 1152 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
21:49:47.0279 1152 usbohci - ok
21:49:47.0310 1152 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
21:49:47.0310 1152 usbprint - ok
21:49:47.0341 1152 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
21:49:47.0341 1152 usbscan - ok
21:49:47.0357 1152 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:49:47.0373 1152 USBSTOR - ok
21:49:47.0388 1152 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
21:49:47.0388 1152 usbuhci - ok
21:49:47.0419 1152 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
21:49:47.0419 1152 UxSms - ok
21:49:47.0451 1152 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
21:49:47.0451 1152 VaultSvc - ok
21:49:47.0466 1152 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
21:49:47.0466 1152 vdrvroot - ok
21:49:47.0498 1152 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
21:49:47.0513 1152 vds - ok
21:49:47.0544 1152 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
21:49:47.0544 1152 vga - ok
21:49:47.0544 1152 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
21:49:47.0544 1152 VgaSave - ok
21:49:47.0560 1152 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
21:49:47.0560 1152 vhdmp - ok
21:49:47.0576 1152 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
21:49:47.0591 1152 viaagp - ok
21:49:47.0607 1152 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
21:49:47.0607 1152 ViaC7 - ok
21:49:47.0623 1152 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
21:49:47.0623 1152 viaide - ok
21:49:47.0669 1152 vididr (149ec3e217f9d11e9ca6c54ce3d70c73) C:\Windows\system32\DRIVERS\vididr.sys
21:49:47.0669 1152 vididr - ok
21:49:47.0732 1152 vidsflt53 (e31e9cd40677b84b3adaa7a0d80dc439) C:\Windows\system32\DRIVERS\vsflt53.sys
21:49:47.0732 1152 vidsflt53 - ok
21:49:47.0732 1152 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
21:49:47.0732 1152 volmgr - ok
21:49:47.0763 1152 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
21:49:47.0763 1152 volmgrx - ok
21:49:47.0779 1152 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
21:49:47.0794 1152 volsnap - ok
21:49:47.0794 1152 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
21:49:47.0794 1152 vsmraid - ok
21:49:47.0873 1152 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
21:49:47.0888 1152 VSS - ok
21:49:47.0904 1152 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
21:49:47.0904 1152 vwifibus - ok
21:49:47.0935 1152 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
21:49:47.0935 1152 W32Time - ok
21:49:47.0966 1152 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
21:49:47.0966 1152 WacomPen - ok
21:49:47.0982 1152 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:49:47.0982 1152 WANARP - ok
21:49:47.0982 1152 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
21:49:47.0982 1152 Wanarpv6 - ok
21:49:48.0060 1152 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
21:49:48.0076 1152 WatAdminSvc - ok
21:49:48.0138 1152 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
21:49:48.0169 1152 wbengine - ok
21:49:48.0185 1152 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
21:49:48.0185 1152 WbioSrvc - ok
21:49:48.0216 1152 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
21:49:48.0216 1152 wcncsvc - ok
21:49:48.0248 1152 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
21:49:48.0248 1152 WcsPlugInService - ok
21:49:48.0279 1152 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
21:49:48.0279 1152 Wd - ok
21:49:48.0310 1152 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
21:49:48.0326 1152 Wdf01000 - ok
21:49:48.0341 1152 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:49:48.0357 1152 WdiServiceHost - ok
21:49:48.0357 1152 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
21:49:48.0357 1152 WdiSystemHost - ok
21:49:48.0388 1152 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
21:49:48.0388 1152 WebClient - ok
21:49:48.0404 1152 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
21:49:48.0419 1152 Wecsvc - ok
21:49:48.0435 1152 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
21:49:48.0435 1152 wercplsupport - ok
21:49:48.0466 1152 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
21:49:48.0466 1152 WerSvc - ok
21:49:48.0482 1152 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
21:49:48.0482 1152 WfpLwf - ok
21:49:48.0498 1152 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
21:49:48.0498 1152 WIMMount - ok
21:49:48.0591 1152 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
21:49:48.0607 1152 WinDefend - ok
21:49:48.0607 1152 WinHttpAutoProxySvc - ok
21:49:48.0669 1152 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
21:49:48.0669 1152 Winmgmt - ok
21:49:48.0732 1152 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
21:49:48.0748 1152 WinRM - ok
21:49:48.0826 1152 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
21:49:48.0826 1152 WinUsb - ok
21:49:48.0873 1152 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
21:49:48.0888 1152 Wlansvc - ok
21:49:48.0982 1152 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:49:48.0998 1152 wlcrasvc - ok
21:49:49.0123 1152 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:49:49.0154 1152 wlidsvc - ok
21:49:49.0232 1152 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
21:49:49.0232 1152 WmiAcpi - ok
21:49:49.0279 1152 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
21:49:49.0279 1152 wmiApSrv - ok
21:49:49.0357 1152 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
21:49:49.0373 1152 WMPNetworkSvc - ok
21:49:49.0404 1152 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
21:49:49.0404 1152 WPCSvc - ok
21:49:49.0419 1152 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
21:49:49.0435 1152 WPDBusEnum - ok
21:49:49.0451 1152 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
21:49:49.0451 1152 ws2ifsl - ok
21:49:49.0466 1152 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
21:49:49.0482 1152 wscsvc - ok
21:49:49.0482 1152 WSearch - ok
21:49:49.0576 1152 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
21:49:49.0623 1152 wuauserv - ok
21:49:49.0669 1152 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
21:49:49.0669 1152 WudfPf - ok
21:49:49.0716 1152 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:49:49.0716 1152 WUDFRd - ok
21:49:49.0732 1152 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
21:49:49.0732 1152 wudfsvc - ok
21:49:49.0763 1152 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
21:49:49.0763 1152 WwanSvc - ok
21:49:49.0794 1152 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
21:49:49.0794 1152 XUIF - ok
21:49:49.0810 1152 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk2\DR2
21:49:50.0310 1152 \Device\Harddisk2\DR2 - ok
21:49:50.0326 1152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:49:50.0498 1152 \Device\Harddisk0\DR0 - ok
21:49:50.0498 1152 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
21:49:50.0529 1152 \Device\Harddisk1\DR1 - ok
21:49:50.0544 1152 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk3\DR3
21:49:50.0544 1152 \Device\Harddisk3\DR3 - ok
21:49:50.0544 1152 Boot (0x1200) (1f76f6bbbaf7fe6e514cc8870f9327ec) \Device\Harddisk2\DR2\Partition0
21:49:50.0544 1152 \Device\Harddisk2\DR2\Partition0 - ok
21:49:50.0560 1152 Boot (0x1200) (427bf9bf4d58614c53c51e181d94caf8) \Device\Harddisk0\DR0\Partition0
21:49:50.0560 1152 \Device\Harddisk0\DR0\Partition0 - ok
21:49:50.0576 1152 Boot (0x1200) (8749887a2fdff4bdd5c59691f05c05d6) \Device\Harddisk0\DR0\Partition1
21:49:50.0576 1152 \Device\Harddisk0\DR0\Partition1 - ok
21:49:50.0607 1152 Boot (0x1200) (a085a37c288bd056b852fccc81ccd562) \Device\Harddisk1\DR1\Partition0
21:49:50.0607 1152 \Device\Harddisk1\DR1\Partition0 - ok
21:49:50.0623 1152 Boot (0x1200) (8a46454ac6972e9090444393939a3b72) \Device\Harddisk3\DR3\Partition0
21:49:50.0623 1152 \Device\Harddisk3\DR3\Partition0 - ok
21:49:50.0623 1152 ============================================================
21:49:50.0623 1152 Scan finished
21:49:50.0623 1152 ============================================================
21:49:50.0638 1596 Detected object count: 0
21:49:50.0638 1596 Actual detected object count: 0
21:51:08.0451 2568 Deinitialize success

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

MBAM log:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.19.01

Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Craig :: TSUNAMI [administrator]

Protection: Disabled

6/18/2012 10:01:25 PM
mbam-log-2012-06-18 (22-01-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254269
Time elapsed: 3 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Kids\Downloads\freefileviewer_2_1283.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully.

(end)

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

The acct that the items were run from is acting normally now. But the problem was intermittent and random before. A second administrator account is still having the same problem.

Thanks again.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:42 PM

Posted 19 June 2012 - 09:34 AM

Yes run them from that account now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cjef

cjef
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 19 June 2012 - 12:14 PM

below are the logs running all 4 tools from the second account.

As far as requiring a reboot on TDSS - I think it did require a reboot. I ran it last night and dont remember. Sorry.

Good news is both accounts are no longer redirecting. I am concerned about all those 127.0.0.1 Ips in the MTB log. Can those be cleaned out?

Thanks again.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

MTB log:

MiniToolBox by Farbar Version: 09-06-2012
Ran by LaDawna (administrator) on 18-06-2012 at 22:57:25
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100links.com

There are 15218 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCI GBE Family Controller = Local Area Connection (Connected)
Kingston EtherRx KNE111TX PCI Fast Ethernet Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tsunami
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Kingston EtherRx KNE111TX PCI Fast Ethernet Adapter
Physical Address. . . . . . . . . : 00-C0-F0-75-CB-EB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek PCI GBE Family Controller
Physical Address. . . . . . . . . : 00-14-2A-38-07-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fd0d:7cc4:4c15:af44%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, June 18, 2012 10:07:51 PM
Lease Expires . . . . . . . . . . : Tuesday, June 19, 2012 10:07:51 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234886186
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-07-4C-10-00-14-2A-38-07-AD
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:ca7:948:9cf6:11fb(Preferred)
Link-local IPv6 Address . . . . . : fe80::ca7:948:9cf6:11fb%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{5D4B6CA4-C037-4AFF-B8B2-EB40DEA950D6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4000:801::1002
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99
74.125.227.100
74.125.227.101


Pinging google.com [74.125.227.133] with 32 bytes of data:
Reply from 74.125.227.133: bytes=32 time=41ms TTL=50
Reply from 74.125.227.133: bytes=32 time=41ms TTL=50

Ping statistics for 74.125.227.133:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 41ms, Maximum = 41ms, Average = 41ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=181ms TTL=48
Reply from 72.30.38.140: bytes=32 time=143ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 143ms, Maximum = 181ms, Average = 162ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
13...00 c0 f0 75 cb eb ......Kingston EtherRx KNE111TX PCI Fast Ethernet Adapter
11...00 14 2a 38 07 ad ......Realtek PCI GBE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.108 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.108 276
192.168.1.108 255.255.255.255 On-link 192.168.1.108 276
192.168.1.255 255.255.255.255 On-link 192.168.1.108 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.108 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.108 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:ca7:948:9cf6:11fb/128
On-link
11 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::ca7:948:9cf6:11fb/128
On-link
11 276 fe80::fd0d:7cc4:4c15:af44/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/18/2012 10:07:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 09:01:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 01:36:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 12.0.0.4493, time stamp: 0x4f9207d9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0005333f
Faulting process id: 0xe04
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (06/18/2012 01:35:13 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 12.0.0.4493, time stamp: 0x4f9207d9
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc00000fd
Fault offset: 0x0001f9c5
Faulting process id: 0xe04
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (06/18/2012 01:33:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 12.0.0.4493, time stamp: 0x4f9207d9
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0002d225
Faulting process id: 0xe04
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3


System errors:
=============
Error: (06/18/2012 10:26:30 PM) (Source: DCOM) (User: )
Description: {3A185DDE-E020-4985-A8F2-E27CDC4A0F3A}

Error: (06/18/2012 09:44:18 PM) (Source: DCOM) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (06/18/2012 09:21:29 PM) (Source: DCOM) (User: )
Description: 1084McAfee SiteAdvisor Service{5A90F5EE-16B8-4C2A-81B3-FD5329BA477C}

Error: (06/18/2012 09:04:11 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (06/18/2012 09:01:06 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (06/18/2012 09:01:06 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (06/18/2012 09:00:51 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (06/18/2012 09:00:50 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (06/18/2012 09:00:50 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/18/2012 09:00:49 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (06/18/2012 10:07:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 09:01:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 01:36:25 PM) (Source: Application Error)(User: )
Description: firefox.exe12.0.0.44934f9207d9ntdll.dll6.1.7601.177254ec49b60c00000050005333fe0401cd4d760692d78cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll81f4ae5f-b974-11e1-a347-00142a3807ad

Error: (06/18/2012 01:35:13 PM) (Source: Application Error)(User: )
Description: firefox.exe12.0.0.44934f9207d9ntdll.dll6.1.7601.177254ec49b60c00000fd0001f9c5e0401cd4d760692d78cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll56dbdc84-b974-11e1-a347-00142a3807ad

Error: (06/18/2012 01:33:41 PM) (Source: Application Error)(User: )
Description: firefox.exe12.0.0.44934f9207d9ole32.dll6.1.7601.175144ce7b96fc00000050002d225e0401cd4d760692d78cC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\system32\ole32.dll1ff4c9c2-b974-11e1-a347-00142a3807ad


=========================== Installed Programs ============================

Acronis True Image WD Edition (Version: 13.0.14157)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Amazon Kindle
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.1.364.0)
C3500 Series MFP (Version: 1.20.0024)
C3530MFP Series FAX Driver from OKI® Printing Solutions for Windows (Version: 2.1.3)
C3530MFP Series GDI Driver from OKI® Printing Solutions for Windows (Version: 2.2.2)
C3530nMFP TWAIN Driver for Windows XP - Windows Vista - Windows Server 2003 - Windows 2000 (Version: 32)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Google Chrome (Version: 19.0.1084.56)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee SecurityCenter (Version: 11.0.678)
McAfee Virtual Technician (Version: 6.0.0.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MotoHelper 2.1.40 Driver 5.5.0 (Version: 2.1.40)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.5.0 (Version: 5.5.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62)
NVIDIA 3D Vision Driver 285.62 (Version: 285.62)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.8562)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Pdf995
Quicken 2012 (Version: 21.1.7.18)
QuickTime (Version: 7.70.80.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealUpgrade 1.1 (Version: 1.1.0)
RSDLite (Version: 5.6)
Spybot - Search & Destroy (Version: 1.6.2)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Virtual Account Numbers (Version: 1.0.0.9)
Virtual Account Numbers (Version: 3.7.11.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.11 (32-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 2047.37 MB
Available physical RAM: 1225.13 MB
Total Pagefile: 4094.73 MB
Available Pagefile: 2783.3 MB
Total Virtual: 2047.88 MB
Available Virtual: 1948.54 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:297.99 GB) (Free:140.58 GB) NTFS
4 Drive e: () (Fixed) (Total:279.47 GB) (Free:141.49 GB) NTFS
5 Drive f: (My Book AV) (Fixed) (Total:931.51 GB) (Free:216.23 GB) NTFS
7 Drive h: () (Removable) (Total:0.24 GB) (Free:0.17 GB) FAT

========================= Users: ========================================

User accounts for \\TSUNAMI

Administrator Craig Guest
Kids LaDawna UpdatusUser


**** End of log ****
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Gooredfix log:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 23:15 on 18/06/2012 (LaDawna)
Firefox version 13.0.1 (en-US)

========== GooredScan ==========

Deleting "C:\Users\LaDawna\Application Data\Mozilla\Firefox\Profiles\ntx1ukxx.default\extensions\{468bb6f3-ab00-4f0f-bb84-eb1f43783677}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [08:41 18/09/2011]
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [19:39 17/06/2012]

C:\Users\LaDawna\Application Data\Mozilla\Firefox\Profiles\ntx1ukxx.default\extensions\
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [23:25 08/12/2011]
{20a82645-c095-46ed-80e3-08825760534b} [05:06 19/09/2011]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files\McAfee\SiteAdvisor" [07:55 18/09/2011]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [05:10 03/12/2011]
"citiucs@orbiscom"="C:\Program Files\UCS\Virtual Account Numbers" [19:57 13/02/2012]
"{D19CA586-DD6C-4a0a-96F8-14644F340D60}"="C:\Program Files\Common Files\McAfee\SystemCore" [07:54 18/09/2011]

-=E.O.F=-

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

TDSSkiller log:

23:15:45.0409 5184 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
23:15:47.0413 5184 ============================================================
23:15:47.0413 5184 Current date / time: 2012/06/18 23:15:47.0413
23:15:47.0413 5184 SystemInfo:
23:15:47.0413 5184
23:15:47.0413 5184 OS Version: 6.1.7601 ServicePack: 1.0
23:15:47.0413 5184 Product type: Workstation
23:15:47.0413 5184 ComputerName: TSUNAMI
23:15:47.0413 5184 UserName: LaDawna
23:15:47.0413 5184 Windows directory: C:\Windows
23:15:47.0413 5184 System windows directory: C:\Windows
23:15:47.0413 5184 Processor architecture: Intel x86
23:15:47.0413 5184 Number of processors: 2
23:15:47.0413 5184 Page size: 0x1000
23:15:47.0413 5184 Boot type: Normal boot
23:15:47.0413 5184 ============================================================
23:15:48.0530 5184 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
23:15:48.0534 5184 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
23:15:48.0557 5184 Drive \Device\Harddisk1\DR1 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x8E83, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:15:48.0584 5184 Drive \Device\Harddisk3\DR3 - Size: 0xF4FFE00 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:15:48.0584 5184 ============================================================
23:15:48.0584 5184 \Device\Harddisk2\DR2:
23:15:48.0584 5184 MBR partitions:
23:15:48.0584 5184 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
23:15:48.0584 5184 \Device\Harddisk0\DR0:
23:15:48.0584 5184 MBR partitions:
23:15:48.0584 5184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:15:48.0584 5184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
23:15:48.0584 5184 \Device\Harddisk1\DR1:
23:15:48.0588 5184 MBR partitions:
23:15:48.0588 5184 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEEBC3
23:15:48.0588 5184 \Device\Harddisk3\DR3:
23:15:48.0588 5184 MBR partitions:
23:15:48.0588 5184 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x6, StartLBA 0x63, BlocksNum 0x7A59D
23:15:48.0588 5184 ============================================================
23:15:48.0647 5184 C: <-> \Device\Harddisk0\DR0\Partition1
23:15:48.0663 5184 E: <-> \Device\Harddisk1\DR1\Partition0
23:15:48.0663 5184 F: <-> \Device\Harddisk2\DR2\Partition0
23:15:48.0663 5184 ============================================================
23:15:48.0663 5184 Initialize success
23:15:48.0663 5184 ============================================================
23:15:54.0545 2504 ============================================================
23:15:54.0545 2504 Scan started
23:15:54.0545 2504 Mode: Manual; TDLFS;
23:15:54.0545 2504 ============================================================
23:15:55.0581 2504 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
23:15:55.0584 2504 1394ohci - ok
23:15:55.0620 2504 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
23:15:55.0624 2504 ACPI - ok
23:15:55.0639 2504 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
23:15:55.0639 2504 AcpiPmi - ok
23:15:55.0745 2504 AcrSch2Svc (af6481c648ea9a76569aacb73eac286a) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
23:15:55.0752 2504 AcrSch2Svc - ok
23:15:55.0834 2504 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:15:55.0838 2504 AdobeARMservice - ok
23:15:55.0932 2504 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:15:55.0936 2504 AdobeFlashPlayerUpdateSvc - ok
23:15:55.0983 2504 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
23:15:55.0995 2504 adp94xx - ok
23:15:56.0022 2504 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
23:15:56.0030 2504 adpahci - ok
23:15:56.0049 2504 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
23:15:56.0053 2504 adpu320 - ok
23:15:56.0077 2504 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
23:15:56.0081 2504 AeLookupSvc - ok
23:15:56.0131 2504 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
23:15:56.0135 2504 AFD - ok
23:15:56.0155 2504 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
23:15:56.0155 2504 agp440 - ok
23:15:56.0178 2504 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
23:15:56.0178 2504 aic78xx - ok
23:15:56.0209 2504 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
23:15:56.0213 2504 ALG - ok
23:15:56.0229 2504 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
23:15:56.0233 2504 aliide - ok
23:15:56.0245 2504 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
23:15:56.0245 2504 amdagp - ok
23:15:56.0252 2504 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
23:15:56.0256 2504 amdide - ok
23:15:56.0272 2504 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
23:15:56.0276 2504 AmdK8 - ok
23:15:56.0291 2504 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
23:15:56.0295 2504 AmdPPM - ok
23:15:56.0327 2504 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
23:15:56.0331 2504 amdsata - ok
23:15:56.0362 2504 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
23:15:56.0366 2504 amdsbs - ok
23:15:56.0374 2504 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
23:15:56.0377 2504 amdxata - ok
23:15:56.0401 2504 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
23:15:56.0401 2504 AppID - ok
23:15:56.0440 2504 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
23:15:56.0440 2504 AppIDSvc - ok
23:15:56.0463 2504 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
23:15:56.0463 2504 Appinfo - ok
23:15:56.0483 2504 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
23:15:56.0487 2504 arc - ok
23:15:56.0499 2504 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
23:15:56.0499 2504 arcsas - ok
23:15:56.0518 2504 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
23:15:56.0518 2504 AsyncMac - ok
23:15:56.0530 2504 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
23:15:56.0534 2504 atapi - ok
23:15:56.0577 2504 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:15:56.0581 2504 AudioEndpointBuilder - ok
23:15:56.0588 2504 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
23:15:56.0592 2504 Audiosrv - ok
23:15:56.0620 2504 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
23:15:56.0620 2504 AxInstSV - ok
23:15:56.0659 2504 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
23:15:56.0670 2504 b06bdrv - ok
23:15:56.0702 2504 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
23:15:56.0706 2504 b57nd60x - ok
23:15:56.0834 2504 BBSvc (37bfed63841e56f465e1a0cd32f1bcc9) C:\Program Files\Microsoft\BingBar\7.1.364.0\BBSvc.exe
23:15:56.0838 2504 BBSvc - ok
23:15:56.0877 2504 BBUpdate (b47230df549e171449b5d25cfcee9f57) C:\Program Files\Microsoft\BingBar\7.1.364.0\SeaPort.exe
23:15:56.0877 2504 BBUpdate - ok
23:15:56.0897 2504 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
23:15:56.0901 2504 BDESVC - ok
23:15:56.0916 2504 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
23:15:56.0916 2504 Beep - ok
23:15:56.0959 2504 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
23:15:56.0971 2504 BFE - ok
23:15:57.0014 2504 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
23:15:57.0034 2504 BITS - ok
23:15:57.0053 2504 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
23:15:57.0053 2504 blbdrive - ok
23:15:57.0081 2504 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
23:15:57.0081 2504 bowser - ok
23:15:57.0092 2504 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
23:15:57.0096 2504 BrFiltLo - ok
23:15:57.0104 2504 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
23:15:57.0104 2504 BrFiltUp - ok
23:15:57.0127 2504 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
23:15:57.0131 2504 Browser - ok
23:15:57.0159 2504 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
23:15:57.0163 2504 Brserid - ok
23:15:57.0182 2504 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
23:15:57.0182 2504 BrSerWdm - ok
23:15:57.0198 2504 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:15:57.0198 2504 BrUsbMdm - ok
23:15:57.0206 2504 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
23:15:57.0206 2504 BrUsbSer - ok
23:15:57.0245 2504 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
23:15:57.0245 2504 BTCFilterService - ok
23:15:57.0260 2504 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
23:15:57.0264 2504 BTHMODEM - ok
23:15:57.0295 2504 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
23:15:57.0295 2504 bthserv - ok
23:15:57.0319 2504 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
23:15:57.0323 2504 cdfs - ok
23:15:57.0354 2504 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
23:15:57.0354 2504 cdrom - ok
23:15:57.0381 2504 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:15:57.0381 2504 CertPropSvc - ok
23:15:57.0420 2504 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
23:15:57.0424 2504 cfwids - ok
23:15:57.0444 2504 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
23:15:57.0444 2504 circlass - ok
23:15:57.0467 2504 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
23:15:57.0471 2504 CLFS - ok
23:15:57.0538 2504 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:15:57.0541 2504 clr_optimization_v2.0.50727_32 - ok
23:15:57.0604 2504 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:15:57.0608 2504 clr_optimization_v4.0.30319_32 - ok
23:15:57.0620 2504 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
23:15:57.0620 2504 CmBatt - ok
23:15:57.0627 2504 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
23:15:57.0627 2504 cmdide - ok
23:15:57.0678 2504 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
23:15:57.0682 2504 CNG - ok
23:15:57.0702 2504 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
23:15:57.0702 2504 Compbatt - ok
23:15:57.0721 2504 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
23:15:57.0725 2504 CompositeBus - ok
23:15:57.0729 2504 COMSysApp - ok
23:15:57.0741 2504 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
23:15:57.0745 2504 crcdisk - ok
23:15:57.0819 2504 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
23:15:57.0823 2504 CryptSvc - ok
23:15:57.0874 2504 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
23:15:57.0874 2504 dc3d - ok
23:15:57.0920 2504 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:15:57.0928 2504 DcomLaunch - ok
23:15:57.0959 2504 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
23:15:57.0963 2504 defragsvc - ok
23:15:57.0983 2504 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
23:15:57.0983 2504 DfsC - ok
23:15:58.0018 2504 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
23:15:58.0022 2504 Dhcp - ok
23:15:58.0049 2504 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
23:15:58.0053 2504 discache - ok
23:15:58.0084 2504 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
23:15:58.0084 2504 Disk - ok
23:15:58.0116 2504 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
23:15:58.0120 2504 Dnscache - ok
23:15:58.0143 2504 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
23:15:58.0147 2504 dot3svc - ok
23:15:58.0166 2504 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
23:15:58.0166 2504 DPS - ok
23:15:58.0198 2504 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
23:15:58.0198 2504 drmkaud - ok
23:15:58.0237 2504 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
23:15:58.0249 2504 DXGKrnl - ok
23:15:58.0268 2504 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
23:15:58.0272 2504 EapHost - ok
23:15:58.0393 2504 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
23:15:58.0436 2504 ebdrv - ok
23:15:58.0502 2504 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
23:15:58.0506 2504 EFS - ok
23:15:58.0573 2504 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
23:15:58.0588 2504 ehRecvr - ok
23:15:58.0604 2504 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
23:15:58.0608 2504 ehSched - ok
23:15:58.0686 2504 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
23:15:58.0698 2504 elxstor - ok
23:15:58.0709 2504 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
23:15:58.0709 2504 ErrDev - ok
23:15:58.0788 2504 esgiguard - ok
23:15:58.0827 2504 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
23:15:58.0831 2504 EventSystem - ok
23:15:58.0850 2504 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
23:15:58.0854 2504 exfat - ok
23:15:58.0877 2504 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
23:15:58.0881 2504 fastfat - ok
23:15:58.0924 2504 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
23:15:58.0932 2504 Fax - ok
23:15:58.0952 2504 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
23:15:58.0952 2504 fdc - ok
23:15:58.0967 2504 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
23:15:58.0971 2504 fdPHost - ok
23:15:58.0983 2504 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
23:15:58.0983 2504 FDResPub - ok
23:15:58.0999 2504 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
23:15:58.0999 2504 FileInfo - ok
23:15:59.0018 2504 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
23:15:59.0018 2504 Filetrace - ok
23:15:59.0026 2504 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
23:15:59.0026 2504 flpydisk - ok
23:15:59.0053 2504 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
23:15:59.0057 2504 FltMgr - ok
23:15:59.0112 2504 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
23:15:59.0131 2504 FontCache - ok
23:15:59.0221 2504 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:15:59.0221 2504 FontCache3.0.0.0 - ok
23:15:59.0237 2504 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
23:15:59.0237 2504 FsDepends - ok
23:15:59.0280 2504 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
23:15:59.0280 2504 fssfltr - ok
23:15:59.0440 2504 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:15:59.0452 2504 fsssvc - ok
23:15:59.0526 2504 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
23:15:59.0526 2504 Fs_Rec - ok
23:15:59.0565 2504 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
23:15:59.0565 2504 fvevol - ok
23:15:59.0592 2504 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
23:15:59.0592 2504 gagp30kx - ok
23:15:59.0639 2504 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
23:15:59.0647 2504 gpsvc - ok
23:15:59.0749 2504 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:15:59.0752 2504 gupdate - ok
23:15:59.0772 2504 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:15:59.0772 2504 gupdatem - ok
23:15:59.0788 2504 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
23:15:59.0788 2504 hcw85cir - ok
23:15:59.0827 2504 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
23:15:59.0834 2504 HdAudAddService - ok
23:15:59.0858 2504 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
23:15:59.0862 2504 HDAudBus - ok
23:15:59.0874 2504 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
23:15:59.0874 2504 HidBatt - ok
23:15:59.0893 2504 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
23:15:59.0893 2504 HidBth - ok
23:15:59.0920 2504 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
23:15:59.0920 2504 HidIr - ok
23:15:59.0940 2504 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
23:15:59.0944 2504 hidserv - ok
23:15:59.0975 2504 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
23:15:59.0975 2504 HidUsb - ok
23:15:59.0995 2504 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
23:15:59.0999 2504 hkmsvc - ok
23:16:00.0026 2504 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
23:16:00.0030 2504 HomeGroupListener - ok
23:16:00.0057 2504 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
23:16:00.0061 2504 HomeGroupProvider - ok
23:16:00.0088 2504 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
23:16:00.0088 2504 HpSAMD - ok
23:16:00.0135 2504 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
23:16:00.0143 2504 HTTP - ok
23:16:00.0159 2504 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
23:16:00.0159 2504 hwpolicy - ok
23:16:00.0178 2504 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
23:16:00.0182 2504 i8042prt - ok
23:16:00.0217 2504 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
23:16:00.0233 2504 iaStorV - ok
23:16:00.0315 2504 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:16:00.0331 2504 idsvc - ok
23:16:00.0342 2504 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
23:16:00.0346 2504 iirsp - ok
23:16:00.0389 2504 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
23:16:00.0405 2504 IKEEXT - ok
23:16:00.0682 2504 IntcAzAudAddService (44792ccbc7b41b42ec068c6416d17de1) C:\Windows\system32\drivers\RtkHDAud.sys
23:16:00.0733 2504 IntcAzAudAddService - ok
23:16:00.0827 2504 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
23:16:00.0827 2504 intelide - ok
23:16:00.0854 2504 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
23:16:00.0858 2504 intelppm - ok
23:16:00.0885 2504 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
23:16:00.0885 2504 IPBusEnum - ok
23:16:00.0905 2504 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:16:00.0905 2504 IpFilterDriver - ok
23:16:00.0952 2504 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
23:16:00.0959 2504 iphlpsvc - ok
23:16:00.0975 2504 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
23:16:00.0975 2504 IPMIDRV - ok
23:16:00.0991 2504 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
23:16:00.0995 2504 IPNAT - ok
23:16:01.0018 2504 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
23:16:01.0022 2504 IRENUM - ok
23:16:01.0034 2504 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
23:16:01.0038 2504 isapnp - ok
23:16:01.0061 2504 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
23:16:01.0065 2504 iScsiPrt - ok
23:16:01.0084 2504 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
23:16:01.0084 2504 kbdclass - ok
23:16:01.0116 2504 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
23:16:01.0120 2504 kbdhid - ok
23:16:01.0147 2504 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:16:01.0151 2504 KeyIso - ok
23:16:01.0170 2504 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
23:16:01.0174 2504 KSecDD - ok
23:16:01.0194 2504 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
23:16:01.0198 2504 KSecPkg - ok
23:16:01.0225 2504 KTC111 (c1ff26110f5e4306fa3b585c7f7603b2) C:\Windows\system32\DRIVERS\KTC111.SYS
23:16:01.0225 2504 KTC111 - ok
23:16:01.0264 2504 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
23:16:01.0280 2504 KtmRm - ok
23:16:01.0315 2504 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
23:16:01.0319 2504 LanmanServer - ok
23:16:01.0334 2504 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
23:16:01.0338 2504 LanmanWorkstation - ok
23:16:01.0377 2504 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
23:16:01.0377 2504 lltdio - ok
23:16:01.0413 2504 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
23:16:01.0416 2504 lltdsvc - ok
23:16:01.0428 2504 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
23:16:01.0432 2504 lmhosts - ok
23:16:01.0463 2504 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
23:16:01.0467 2504 LSI_FC - ok
23:16:01.0483 2504 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
23:16:01.0487 2504 LSI_SAS - ok
23:16:01.0506 2504 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
23:16:01.0506 2504 LSI_SAS2 - ok
23:16:01.0522 2504 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
23:16:01.0526 2504 LSI_SCSI - ok
23:16:01.0545 2504 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
23:16:01.0549 2504 luafv - ok
23:16:01.0581 2504 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
23:16:01.0581 2504 MBAMProtector - ok
23:16:01.0659 2504 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:16:01.0674 2504 MBAMService - ok
23:16:01.0749 2504 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:01.0752 2504 McAfee SiteAdvisor Service - ok
23:16:01.0756 2504 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:01.0760 2504 McMPFSvc - ok
23:16:01.0764 2504 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:01.0768 2504 mcmscsvc - ok
23:16:01.0772 2504 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:01.0776 2504 McNaiAnn - ok
23:16:01.0791 2504 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:01.0795 2504 McNASvc - ok
23:16:01.0893 2504 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
23:16:01.0909 2504 McODS - ok
23:16:01.0913 2504 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:16:01.0916 2504 McProxy - ok
23:16:01.0959 2504 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:16:01.0959 2504 McShield - ok
23:16:02.0022 2504 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
23:16:02.0022 2504 Mcx2Svc - ok
23:16:02.0065 2504 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
23:16:02.0069 2504 megasas - ok
23:16:02.0096 2504 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
23:16:02.0100 2504 MegaSR - ok
23:16:02.0135 2504 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
23:16:02.0135 2504 mfeapfk - ok
23:16:02.0182 2504 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
23:16:02.0186 2504 mfeavfk - ok
23:16:02.0209 2504 mfeavfk01 - ok
23:16:02.0237 2504 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
23:16:02.0237 2504 mfebopk - ok
23:16:02.0276 2504 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:16:02.0276 2504 mfefire - ok
23:16:02.0311 2504 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
23:16:02.0323 2504 mfefirek - ok
23:16:02.0358 2504 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
23:16:02.0362 2504 mfehidk - ok
23:16:02.0370 2504 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
23:16:02.0370 2504 mfenlfk - ok
23:16:02.0385 2504 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
23:16:02.0385 2504 mferkdet - ok
23:16:02.0432 2504 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe
23:16:02.0436 2504 mfevtp - ok
23:16:02.0459 2504 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
23:16:02.0463 2504 mfewfpk - ok
23:16:02.0483 2504 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:16:02.0487 2504 MMCSS - ok
23:16:02.0506 2504 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
23:16:02.0506 2504 Modem - ok
23:16:02.0534 2504 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
23:16:02.0534 2504 monitor - ok
23:16:02.0577 2504 motandroidusb (0a43169e115b5e9346a4ba1effcb04cb) C:\Windows\system32\Drivers\motoandroid.sys
23:16:02.0577 2504 motandroidusb - ok
23:16:02.0612 2504 motccgp (0bc43805b6da0d7d4f99c737839fc9ec) C:\Windows\system32\DRIVERS\motccgp.sys
23:16:02.0616 2504 motccgp - ok
23:16:02.0627 2504 motccgpfl (1b3720c4d16904756d49ef306706b978) C:\Windows\system32\DRIVERS\motccgpfl.sys
23:16:02.0627 2504 motccgpfl - ok
23:16:02.0682 2504 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
23:16:02.0686 2504 MotDev - ok
23:16:02.0717 2504 motmodem (11b8118f538b579488e7645b2578e544) C:\Windows\system32\DRIVERS\motmodem.sys
23:16:02.0721 2504 motmodem - ok
23:16:02.0831 2504 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
23:16:02.0834 2504 MotoHelper - ok
23:16:02.0846 2504 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
23:16:02.0846 2504 MotoSwitchService - ok
23:16:02.0858 2504 Motousbnet (5073ed2d13d77f89df99caaa72e23526) C:\Windows\system32\DRIVERS\Motousbnet.sys
23:16:02.0858 2504 Motousbnet - ok
23:16:02.0881 2504 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
23:16:02.0881 2504 mouclass - ok
23:16:02.0924 2504 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
23:16:02.0924 2504 mouhid - ok
23:16:02.0940 2504 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
23:16:02.0944 2504 mountmgr - ok
23:16:02.0979 2504 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:16:02.0983 2504 MozillaMaintenance - ok
23:16:03.0002 2504 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
23:16:03.0006 2504 mpio - ok
23:16:03.0026 2504 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
23:16:03.0026 2504 mpsdrv - ok
23:16:03.0077 2504 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
23:16:03.0096 2504 MpsSvc - ok
23:16:03.0112 2504 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
23:16:03.0116 2504 MRxDAV - ok
23:16:03.0151 2504 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:16:03.0151 2504 mrxsmb - ok
23:16:03.0174 2504 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:16:03.0178 2504 mrxsmb10 - ok
23:16:03.0198 2504 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:16:03.0202 2504 mrxsmb20 - ok
23:16:03.0213 2504 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
23:16:03.0217 2504 msahci - ok
23:16:03.0233 2504 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
23:16:03.0233 2504 msdsm - ok
23:16:03.0249 2504 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
23:16:03.0252 2504 MSDTC - ok
23:16:03.0284 2504 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
23:16:03.0284 2504 Msfs - ok
23:16:03.0295 2504 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
23:16:03.0295 2504 mshidkmdf - ok
23:16:03.0315 2504 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
23:16:03.0315 2504 msisadrv - ok
23:16:03.0334 2504 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
23:16:03.0338 2504 MSiSCSI - ok
23:16:03.0342 2504 msiserver - ok
23:16:03.0370 2504 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
23:16:03.0370 2504 MSKSSRV - ok
23:16:03.0389 2504 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
23:16:03.0389 2504 MSPCLOCK - ok
23:16:03.0405 2504 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
23:16:03.0409 2504 MSPQM - ok
23:16:03.0428 2504 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
23:16:03.0432 2504 MsRPC - ok
23:16:03.0456 2504 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
23:16:03.0456 2504 mssmbios - ok
23:16:03.0459 2504 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
23:16:03.0463 2504 MSTEE - ok
23:16:03.0475 2504 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
23:16:03.0475 2504 MTConfig - ok
23:16:03.0491 2504 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
23:16:03.0495 2504 Mup - ok
23:16:03.0534 2504 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
23:16:03.0549 2504 napagent - ok
23:16:03.0588 2504 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
23:16:03.0592 2504 NativeWifiP - ok
23:16:03.0639 2504 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
23:16:03.0647 2504 NDIS - ok
23:16:03.0666 2504 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
23:16:03.0666 2504 NdisCap - ok
23:16:03.0686 2504 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
23:16:03.0690 2504 NdisTapi - ok
23:16:03.0713 2504 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
23:16:03.0717 2504 Ndisuio - ok
23:16:03.0733 2504 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
23:16:03.0733 2504 NdisWan - ok
23:16:03.0752 2504 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
23:16:03.0756 2504 NDProxy - ok
23:16:03.0768 2504 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
23:16:03.0772 2504 NetBIOS - ok
23:16:03.0791 2504 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
23:16:03.0795 2504 NetBT - ok
23:16:03.0831 2504 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:16:03.0834 2504 Netlogon - ok
23:16:03.0874 2504 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
23:16:03.0881 2504 Netman - ok
23:16:03.0905 2504 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
23:16:03.0920 2504 netprofm - ok
23:16:03.0999 2504 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:16:04.0002 2504 NetTcpPortSharing - ok
23:16:04.0026 2504 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
23:16:04.0030 2504 nfrd960 - ok
23:16:04.0049 2504 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
23:16:04.0061 2504 NlaSvc - ok
23:16:04.0073 2504 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
23:16:04.0077 2504 Npfs - ok
23:16:04.0088 2504 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
23:16:04.0092 2504 nsi - ok
23:16:04.0108 2504 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
23:16:04.0108 2504 nsiproxy - ok
23:16:04.0194 2504 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
23:16:04.0237 2504 Ntfs - ok
23:16:04.0249 2504 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
23:16:04.0252 2504 Null - ok
23:16:04.0295 2504 NVHDA (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers\nvhda32v.sys
23:16:04.0299 2504 NVHDA - ok
23:16:04.0694 2504 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:16:04.0877 2504 nvlddmkm - ok
23:16:04.0979 2504 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
23:16:04.0979 2504 nvraid - ok
23:16:05.0002 2504 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
23:16:05.0006 2504 nvstor - ok
23:16:05.0084 2504 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
23:16:05.0092 2504 nvsvc - ok
23:16:05.0237 2504 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
23:16:05.0284 2504 nvUpdatusService - ok
23:16:05.0389 2504 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
23:16:05.0389 2504 nv_agp - ok
23:16:05.0409 2504 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
23:16:05.0413 2504 ohci1394 - ok
23:16:05.0502 2504 OKI OPHI DCS Loader (e699a087ee11be3b1f27d669d40c7585) C:\Windows\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
23:16:05.0502 2504 OKI OPHI DCS Loader - ok
23:16:05.0553 2504 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:16:05.0553 2504 ose - ok
23:16:05.0749 2504 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:16:05.0823 2504 osppsvc - ok
23:16:05.0913 2504 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:16:05.0920 2504 p2pimsvc - ok
23:16:05.0959 2504 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
23:16:05.0971 2504 p2psvc - ok
23:16:06.0014 2504 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
23:16:06.0018 2504 Parport - ok
23:16:06.0057 2504 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
23:16:06.0061 2504 partmgr - ok
23:16:06.0073 2504 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
23:16:06.0073 2504 Parvdm - ok
23:16:06.0092 2504 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
23:16:06.0096 2504 PcaSvc - ok
23:16:06.0112 2504 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
23:16:06.0116 2504 pci - ok
23:16:06.0131 2504 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
23:16:06.0131 2504 pciide - ok
23:16:06.0155 2504 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
23:16:06.0159 2504 pcmcia - ok
23:16:06.0170 2504 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
23:16:06.0174 2504 pcw - ok
23:16:06.0225 2504 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
23:16:06.0241 2504 PEAUTH - ok
23:16:06.0334 2504 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
23:16:06.0374 2504 pla - ok
23:16:06.0471 2504 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
23:16:06.0475 2504 PlugPlay - ok
23:16:06.0495 2504 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
23:16:06.0499 2504 PNRPAutoReg - ok
23:16:06.0538 2504 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
23:16:06.0541 2504 PNRPsvc - ok
23:16:06.0584 2504 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
23:16:06.0584 2504 Point32 - ok
23:16:06.0627 2504 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
23:16:06.0639 2504 PolicyAgent - ok
23:16:06.0670 2504 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
23:16:06.0674 2504 Power - ok
23:16:06.0709 2504 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
23:16:06.0709 2504 PptpMiniport - ok
23:16:06.0729 2504 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
23:16:06.0733 2504 Processor - ok
23:16:06.0764 2504 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
23:16:06.0768 2504 ProfSvc - ok
23:16:06.0799 2504 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:16:06.0799 2504 ProtectedStorage - ok
23:16:06.0827 2504 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
23:16:06.0831 2504 Psched - ok
23:16:06.0901 2504 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
23:16:06.0924 2504 ql2300 - ok
23:16:07.0002 2504 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
23:16:07.0006 2504 ql40xx - ok
23:16:07.0030 2504 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
23:16:07.0041 2504 QWAVE - ok
23:16:07.0057 2504 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
23:16:07.0057 2504 QWAVEdrv - ok
23:16:07.0077 2504 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
23:16:07.0077 2504 RasAcd - ok
23:16:07.0120 2504 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:16:07.0124 2504 RasAgileVpn - ok
23:16:07.0143 2504 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
23:16:07.0151 2504 RasAuto - ok
23:16:07.0163 2504 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:16:07.0166 2504 Rasl2tp - ok
23:16:07.0206 2504 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
23:16:07.0213 2504 RasMan - ok
23:16:07.0221 2504 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
23:16:07.0225 2504 RasPppoe - ok
23:16:07.0241 2504 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
23:16:07.0245 2504 RasSstp - ok
23:16:07.0264 2504 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
23:16:07.0272 2504 rdbss - ok
23:16:07.0280 2504 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
23:16:07.0284 2504 rdpbus - ok
23:16:07.0295 2504 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:16:07.0295 2504 RDPCDD - ok
23:16:07.0319 2504 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
23:16:07.0319 2504 RDPENCDD - ok
23:16:07.0327 2504 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
23:16:07.0331 2504 RDPREFMP - ok
23:16:07.0374 2504 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
23:16:07.0377 2504 RDPWD - ok
23:16:07.0409 2504 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
23:16:07.0409 2504 rdyboost - ok
23:16:07.0432 2504 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
23:16:07.0436 2504 RemoteAccess - ok
23:16:07.0463 2504 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
23:16:07.0471 2504 RemoteRegistry - ok
23:16:07.0518 2504 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
23:16:07.0518 2504 RimUsb - ok
23:16:07.0538 2504 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
23:16:07.0541 2504 RpcEptMapper - ok
23:16:07.0565 2504 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
23:16:07.0565 2504 RpcLocator - ok
23:16:07.0596 2504 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
23:16:07.0600 2504 RpcSs - ok
23:16:07.0620 2504 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
23:16:07.0624 2504 rspndr - ok
23:16:07.0670 2504 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
23:16:07.0686 2504 RTL8167 - ok
23:16:07.0713 2504 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:16:07.0717 2504 SamSs - ok
23:16:07.0741 2504 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
23:16:07.0745 2504 sbp2port - ok
23:16:07.0913 2504 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
23:16:07.0928 2504 SBSDWSCService - ok
23:16:07.0967 2504 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
23:16:07.0975 2504 SCardSvr - ok
23:16:08.0014 2504 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
23:16:08.0014 2504 scfilter - ok
23:16:08.0065 2504 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
23:16:08.0073 2504 Schedule - ok
23:16:08.0096 2504 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
23:16:08.0100 2504 SCPolicySvc - ok
23:16:08.0120 2504 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
23:16:08.0127 2504 SDRSVC - ok
23:16:08.0143 2504 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
23:16:08.0147 2504 secdrv - ok
23:16:08.0163 2504 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
23:16:08.0166 2504 seclogon - ok
23:16:08.0194 2504 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
23:16:08.0198 2504 SENS - ok
23:16:08.0217 2504 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
23:16:08.0225 2504 SensrSvc - ok
23:16:08.0252 2504 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
23:16:08.0252 2504 Serenum - ok
23:16:08.0288 2504 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
23:16:08.0288 2504 Serial - ok
23:16:08.0303 2504 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
23:16:08.0303 2504 sermouse - ok
23:16:08.0334 2504 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
23:16:08.0338 2504 SessionEnv - ok
23:16:08.0350 2504 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
23:16:08.0354 2504 sffdisk - ok
23:16:08.0366 2504 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
23:16:08.0366 2504 sffp_mmc - ok
23:16:08.0381 2504 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
23:16:08.0381 2504 sffp_sd - ok
23:16:08.0397 2504 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
23:16:08.0397 2504 sfloppy - ok
23:16:08.0436 2504 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
23:16:08.0444 2504 SharedAccess - ok
23:16:08.0471 2504 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
23:16:08.0487 2504 ShellHWDetection - ok
23:16:08.0514 2504 SI3132 (0b9b5c6df6226497ef4819b6e1b2efd5) C:\Windows\system32\DRIVERS\SI3132.sys
23:16:08.0514 2504 SI3132 - ok
23:16:08.0541 2504 SiFilter (ad29a80543c63e5b3588d118fb327e22) C:\Windows\system32\DRIVERS\SiWinAcc.sys
23:16:08.0541 2504 SiFilter - ok
23:16:08.0553 2504 SiRemFil (b19efe5e45ae31f3c3e4c4f0f9da3c49) C:\Windows\system32\DRIVERS\SiRemFil.sys
23:16:08.0557 2504 SiRemFil - ok
23:16:08.0565 2504 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
23:16:08.0565 2504 sisagp - ok
23:16:08.0584 2504 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
23:16:08.0588 2504 SiSRaid2 - ok
23:16:08.0608 2504 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
23:16:08.0608 2504 SiSRaid4 - ok
23:16:08.0635 2504 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
23:16:08.0639 2504 Smb - ok
23:16:08.0709 2504 snapman (98b44c15b4eed76aa8dccb64a4ca11af) C:\Windows\system32\DRIVERS\snapman.sys
23:16:08.0709 2504 snapman - ok
23:16:08.0752 2504 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
23:16:08.0756 2504 SNMPTRAP - ok
23:16:08.0768 2504 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
23:16:08.0772 2504 spldr - ok
23:16:08.0815 2504 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
23:16:08.0819 2504 Spooler - ok
23:16:08.0940 2504 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
23:16:08.0999 2504 sppsvc - ok
23:16:09.0061 2504 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
23:16:09.0069 2504 sppuinotify - ok
23:16:09.0124 2504 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
23:16:09.0131 2504 srv - ok
23:16:09.0155 2504 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
23:16:09.0163 2504 srv2 - ok
23:16:09.0194 2504 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
23:16:09.0194 2504 srvnet - ok
23:16:09.0217 2504 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
23:16:09.0225 2504 SSDPSRV - ok
23:16:09.0249 2504 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
23:16:09.0256 2504 SstpSvc - ok
23:16:09.0358 2504 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:16:09.0362 2504 Stereo Service - ok
23:16:09.0389 2504 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
23:16:09.0389 2504 stexstor - ok
23:16:09.0448 2504 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
23:16:09.0459 2504 StiSvc - ok
23:16:09.0475 2504 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
23:16:09.0475 2504 swenum - ok
23:16:09.0506 2504 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
23:16:09.0522 2504 swprv - ok
23:16:09.0577 2504 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
23:16:09.0588 2504 SysMain - ok
23:16:09.0616 2504 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
23:16:09.0620 2504 TabletInputService - ok
23:16:09.0651 2504 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
23:16:09.0659 2504 TapiSrv - ok
23:16:09.0674 2504 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
23:16:09.0682 2504 TBS - ok
23:16:09.0784 2504 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
23:16:09.0807 2504 Tcpip - ok
23:16:09.0831 2504 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
23:16:09.0842 2504 TCPIP6 - ok
23:16:09.0862 2504 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
23:16:09.0862 2504 tcpipreg - ok
23:16:09.0877 2504 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
23:16:09.0881 2504 TDPIPE - ok
23:16:09.0913 2504 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
23:16:09.0916 2504 TDTCP - ok
23:16:09.0932 2504 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
23:16:09.0936 2504 tdx - ok
23:16:09.0948 2504 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
23:16:09.0952 2504 TermDD - ok
23:16:09.0987 2504 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
23:16:09.0995 2504 TermService - ok
23:16:10.0010 2504 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
23:16:10.0014 2504 Themes - ok
23:16:10.0041 2504 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
23:16:10.0045 2504 THREADORDER - ok
23:16:10.0116 2504 timounter (d8a96d0e25d43fdac3bed09adf39fde9) C:\Windows\system32\DRIVERS\timntr.sys
23:16:10.0131 2504 timounter - ok
23:16:10.0163 2504 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
23:16:10.0166 2504 TrkWks - ok
23:16:10.0213 2504 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
23:16:10.0213 2504 TrustedInstaller - ok
23:16:10.0249 2504 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:16:10.0252 2504 tssecsrv - ok
23:16:10.0276 2504 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
23:16:10.0276 2504 TsUsbFlt - ok
23:16:10.0284 2504 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
23:16:10.0284 2504 TsUsbGD - ok
23:16:10.0327 2504 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
23:16:10.0327 2504 tunnel - ok
23:16:10.0334 2504 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
23:16:10.0338 2504 uagp35 - ok
23:16:10.0366 2504 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
23:16:10.0370 2504 udfs - ok
23:16:10.0393 2504 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
23:16:10.0397 2504 UI0Detect - ok
23:16:10.0413 2504 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
23:16:10.0416 2504 uliagpkx - ok
23:16:10.0436 2504 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
23:16:10.0436 2504 umbus - ok
23:16:10.0463 2504 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
23:16:10.0463 2504 UmPass - ok
23:16:10.0491 2504 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
23:16:10.0499 2504 upnphost - ok
23:16:10.0530 2504 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
23:16:10.0534 2504 usbccgp - ok
23:16:10.0541 2504 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
23:16:10.0545 2504 usbcir - ok
23:16:10.0565 2504 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
23:16:10.0565 2504 usbehci - ok
23:16:10.0596 2504 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
23:16:10.0604 2504 usbhub - ok
23:16:10.0624 2504 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
23:16:10.0624 2504 usbohci - ok
23:16:10.0643 2504 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
23:16:10.0643 2504 usbprint - ok
23:16:10.0690 2504 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
23:16:10.0690 2504 usbscan - ok
23:16:10.0702 2504 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:16:10.0706 2504 USBSTOR - ok
23:16:10.0721 2504 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
23:16:10.0721 2504 usbuhci - ok
23:16:10.0745 2504 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
23:16:10.0752 2504 UxSms - ok
23:16:10.0780 2504 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
23:16:10.0784 2504 VaultSvc - ok
23:16:10.0815 2504 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
23:16:10.0815 2504 vdrvroot - ok
23:16:10.0854 2504 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
23:16:10.0866 2504 vds - ok
23:16:10.0877 2504 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
23:16:10.0881 2504 vga - ok
23:16:10.0897 2504 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
23:16:10.0897 2504 VgaSave - ok
23:16:10.0909 2504 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
23:16:10.0913 2504 vhdmp - ok
23:16:10.0932 2504 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
23:16:10.0936 2504 viaagp - ok
23:16:10.0956 2504 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
23:16:10.0959 2504 ViaC7 - ok
23:16:10.0975 2504 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
23:16:10.0979 2504 viaide - ok
23:16:11.0010 2504 vididr (149ec3e217f9d11e9ca6c54ce3d70c73) C:\Windows\system32\DRIVERS\vididr.sys
23:16:11.0014 2504 vididr - ok
23:16:11.0065 2504 vidsflt53 (e31e9cd40677b84b3adaa7a0d80dc439) C:\Windows\system32\DRIVERS\vsflt53.sys
23:16:11.0065 2504 vidsflt53 - ok
23:16:11.0077 2504 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
23:16:11.0081 2504 volmgr - ok
23:16:11.0100 2504 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
23:16:11.0112 2504 volmgrx - ok
23:16:11.0131 2504 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
23:16:11.0139 2504 volsnap - ok
23:16:11.0163 2504 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
23:16:11.0166 2504 vsmraid - ok
23:16:11.0233 2504 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
23:16:11.0245 2504 VSS - ok
23:16:11.0252 2504 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
23:16:11.0256 2504 vwifibus - ok
23:16:11.0303 2504 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
23:16:11.0319 2504 W32Time - ok
23:16:11.0331 2504 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
23:16:11.0334 2504 WacomPen - ok
23:16:11.0385 2504 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:16:11.0385 2504 WANARP - ok
23:16:11.0389 2504 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
23:16:11.0393 2504 Wanarpv6 - ok
23:16:11.0467 2504 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
23:16:11.0487 2504 WatAdminSvc - ok
23:16:11.0553 2504 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
23:16:11.0577 2504 wbengine - ok
23:16:11.0600 2504 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
23:16:11.0608 2504 WbioSrvc - ok
23:16:11.0624 2504 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
23:16:11.0631 2504 wcncsvc - ok
23:16:11.0651 2504 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
23:16:11.0655 2504 WcsPlugInService - ok
23:16:11.0702 2504 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
23:16:11.0706 2504 Wd - ok
23:16:11.0741 2504 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
23:16:11.0752 2504 Wdf01000 - ok
23:16:11.0768 2504 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:16:11.0776 2504 WdiServiceHost - ok
23:16:11.0780 2504 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
23:16:11.0784 2504 WdiSystemHost - ok
23:16:11.0807 2504 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
23:16:11.0815 2504 WebClient - ok
23:16:11.0838 2504 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
23:16:11.0846 2504 Wecsvc - ok
23:16:11.0862 2504 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
23:16:11.0866 2504 wercplsupport - ok
23:16:11.0893 2504 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
23:16:11.0897 2504 WerSvc - ok
23:16:11.0932 2504 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
23:16:11.0932 2504 WfpLwf - ok
23:16:11.0940 2504 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
23:16:11.0944 2504 WIMMount - ok
23:16:12.0034 2504 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
23:16:12.0045 2504 WinDefend - ok
23:16:12.0057 2504 WinHttpAutoProxySvc - ok
23:16:12.0104 2504 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
23:16:12.0108 2504 Winmgmt - ok
23:16:12.0166 2504 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
23:16:12.0186 2504 WinRM - ok
23:16:12.0256 2504 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
23:16:12.0256 2504 WinUsb - ok
23:16:12.0307 2504 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
23:16:12.0327 2504 Wlansvc - ok
23:16:12.0393 2504 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:16:12.0397 2504 wlcrasvc - ok
23:16:12.0526 2504 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:16:12.0557 2504 wlidsvc - ok
23:16:12.0631 2504 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
23:16:12.0631 2504 WmiAcpi - ok
23:16:12.0682 2504 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
23:16:12.0686 2504 wmiApSrv - ok
23:16:12.0764 2504 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
23:16:12.0772 2504 WMPNetworkSvc - ok
23:16:12.0799 2504 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
23:16:12.0807 2504 WPCSvc - ok
23:16:12.0823 2504 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
23:16:12.0831 2504 WPDBusEnum - ok
23:16:12.0846 2504 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
23:16:12.0846 2504 ws2ifsl - ok
23:16:12.0870 2504 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
23:16:12.0874 2504 wscsvc - ok
23:16:12.0881 2504 WSearch - ok
23:16:12.0971 2504 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
23:16:13.0014 2504 wuauserv - ok
23:16:13.0065 2504 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
23:16:13.0069 2504 WudfPf - ok
23:16:13.0108 2504 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:16:13.0112 2504 WUDFRd - ok
23:16:13.0131 2504 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
23:16:13.0135 2504 wudfsvc - ok
23:16:13.0163 2504 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
23:16:13.0170 2504 WwanSvc - ok
23:16:13.0209 2504 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
23:16:13.0209 2504 XUIF - ok
23:16:13.0229 2504 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk2\DR2
23:16:13.0307 2504 \Device\Harddisk2\DR2 - ok
23:16:13.0315 2504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
23:16:13.0545 2504 \Device\Harddisk0\DR0 - ok
23:16:13.0549 2504 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
23:16:13.0592 2504 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
23:16:13.0592 2504 \Device\Harddisk1\DR1 - detected TDSS File System (1)
23:16:13.0604 2504 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk3\DR3
23:16:13.0717 2504 \Device\Harddisk3\DR3 - ok
23:16:13.0721 2504 Boot (0x1200) (1f76f6bbbaf7fe6e514cc8870f9327ec) \Device\Harddisk2\DR2\Partition0
23:16:13.0725 2504 \Device\Harddisk2\DR2\Partition0 - ok
23:16:13.0729 2504 Boot (0x1200) (427bf9bf4d58614c53c51e181d94caf8) \Device\Harddisk0\DR0\Partition0
23:16:13.0729 2504 \Device\Harddisk0\DR0\Partition0 - ok
23:16:13.0741 2504 Boot (0x1200) (8749887a2fdff4bdd5c59691f05c05d6) \Device\Harddisk0\DR0\Partition1
23:16:13.0745 2504 \Device\Harddisk0\DR0\Partition1 - ok
23:16:13.0772 2504 Boot (0x1200) (a085a37c288bd056b852fccc81ccd562) \Device\Harddisk1\DR1\Partition0
23:16:13.0772 2504 \Device\Harddisk1\DR1\Partition0 - ok
23:16:13.0780 2504 Boot (0x1200) (8a46454ac6972e9090444393939a3b72) \Device\Harddisk3\DR3\Partition0
23:16:13.0780 2504 \Device\Harddisk3\DR3\Partition0 - ok
23:16:13.0780 2504 ============================================================
23:16:13.0780 2504 Scan finished
23:16:13.0780 2504 ============================================================
23:16:13.0795 1752 Detected object count: 1
23:16:13.0795 1752 Actual detected object count: 1
23:17:24.0366 1752 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
23:17:24.0366 1752 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

MBAM log:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.19.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
LaDawna :: TSUNAMI [administrator]

Protection: Enabled

6/18/2012 11:27:30 PM
mbam-log-2012-06-18 (23-27-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 256905
Time elapsed: 6 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:42 PM

Posted 19 June 2012 - 02:40 PM

Ok reboot it now.

Rerun TDSS
see if you can chage the option to Cure or Delete and not Skip for these
23:17:24.0366 1752 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
23:17:24.0366 1752 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip


reboot again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 cjef

cjef
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 19 June 2012 - 03:11 PM

Reran TDSSkiller on 2nd acct and deleted. Tried first to Quarantine, and the threat still existed after first scan. Ran second time and deleted. Ran 3rd scan and no threats were found.

TDSSkiller log 1:

15:01:10.0702 3224 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
15:01:11.0502 3224 ============================================================
15:01:11.0502 3224 Current date / time: 2012/06/19 15:01:11.0502
15:01:11.0502 3224 SystemInfo:
15:01:11.0502 3224
15:01:11.0502 3224 OS Version: 6.1.7601 ServicePack: 1.0
15:01:11.0502 3224 Product type: Workstation
15:01:11.0502 3224 ComputerName: TSUNAMI
15:01:11.0502 3224 UserName: LaDawna
15:01:11.0502 3224 Windows directory: C:\Windows
15:01:11.0502 3224 System windows directory: C:\Windows
15:01:11.0502 3224 Processor architecture: Intel x86
15:01:11.0502 3224 Number of processors: 2
15:01:11.0502 3224 Page size: 0x1000
15:01:11.0502 3224 Boot type: Normal boot
15:01:11.0502 3224 ============================================================
15:01:13.0225 3224 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000058
15:01:13.0241 3224 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
15:01:13.0249 3224 Drive \Device\Harddisk1\DR1 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x8E83, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:01:13.0252 3224 Drive \Device\Harddisk3\DR3 - Size: 0xF4FFE00 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:01:13.0256 3224 ============================================================
15:01:13.0256 3224 \Device\Harddisk2\DR2:
15:01:13.0256 3224 MBR partitions:
15:01:13.0256 3224 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
15:01:13.0256 3224 \Device\Harddisk0\DR0:
15:01:13.0256 3224 MBR partitions:
15:01:13.0256 3224 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:01:13.0256 3224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
15:01:13.0256 3224 \Device\Harddisk1\DR1:
15:01:13.0256 3224 MBR partitions:
15:01:13.0256 3224 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEEBC3
15:01:13.0256 3224 \Device\Harddisk3\DR3:
15:01:13.0256 3224 MBR partitions:
15:01:13.0256 3224 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x6, StartLBA 0x63, BlocksNum 0x7A59D
15:01:13.0256 3224 ============================================================
15:01:13.0280 3224 C: <-> \Device\Harddisk0\DR0\Partition1
15:01:13.0291 3224 E: <-> \Device\Harddisk1\DR1\Partition0
15:01:13.0319 3224 F: <-> \Device\Harddisk2\DR2\Partition0
15:01:13.0319 3224 ============================================================
15:01:13.0319 3224 Initialize success
15:01:13.0319 3224 ============================================================
15:01:22.0975 3152 ============================================================
15:01:22.0975 3152 Scan started
15:01:22.0975 3152 Mode: Manual; TDLFS;
15:01:22.0975 3152 ============================================================
15:01:25.0256 3152 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:01:25.0260 3152 1394ohci - ok
15:01:25.0284 3152 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:01:25.0288 3152 ACPI - ok
15:01:25.0303 3152 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:01:25.0307 3152 AcpiPmi - ok
15:01:25.0413 3152 AcrSch2Svc (af6481c648ea9a76569aacb73eac286a) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
15:01:25.0416 3152 AcrSch2Svc - ok
15:01:25.0502 3152 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:01:25.0502 3152 AdobeARMservice - ok
15:01:25.0592 3152 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:01:25.0596 3152 AdobeFlashPlayerUpdateSvc - ok
15:01:25.0655 3152 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
15:01:25.0702 3152 adp94xx - ok
15:01:25.0737 3152 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
15:01:25.0745 3152 adpahci - ok
15:01:25.0764 3152 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
15:01:25.0764 3152 adpu320 - ok
15:01:25.0791 3152 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:01:25.0795 3152 AeLookupSvc - ok
15:01:25.0846 3152 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:01:25.0850 3152 AFD - ok
15:01:25.0870 3152 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:01:25.0870 3152 agp440 - ok
15:01:25.0901 3152 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
15:01:25.0901 3152 aic78xx - ok
15:01:25.0924 3152 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:01:25.0928 3152 ALG - ok
15:01:25.0936 3152 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:01:25.0940 3152 aliide - ok
15:01:25.0948 3152 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:01:25.0952 3152 amdagp - ok
15:01:25.0959 3152 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:01:25.0963 3152 amdide - ok
15:01:25.0971 3152 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
15:01:25.0975 3152 AmdK8 - ok
15:01:25.0987 3152 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
15:01:25.0991 3152 AmdPPM - ok
15:01:26.0018 3152 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:01:26.0022 3152 amdsata - ok
15:01:26.0041 3152 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
15:01:26.0045 3152 amdsbs - ok
15:01:26.0057 3152 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:01:26.0057 3152 amdxata - ok
15:01:26.0081 3152 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:01:26.0084 3152 AppID - ok
15:01:26.0120 3152 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:01:26.0124 3152 AppIDSvc - ok
15:01:26.0147 3152 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:01:26.0147 3152 Appinfo - ok
15:01:26.0166 3152 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
15:01:26.0170 3152 arc - ok
15:01:26.0190 3152 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
15:01:26.0190 3152 arcsas - ok
15:01:26.0229 3152 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:01:26.0229 3152 AsyncMac - ok
15:01:26.0249 3152 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:01:26.0249 3152 atapi - ok
15:01:26.0291 3152 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:01:26.0295 3152 AudioEndpointBuilder - ok
15:01:26.0299 3152 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:01:26.0307 3152 Audiosrv - ok
15:01:26.0327 3152 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:01:26.0331 3152 AxInstSV - ok
15:01:26.0374 3152 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
15:01:26.0385 3152 b06bdrv - ok
15:01:26.0416 3152 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:01:26.0420 3152 b57nd60x - ok
15:01:26.0549 3152 BBSvc (37bfed63841e56f465e1a0cd32f1bcc9) C:\Program Files\Microsoft\BingBar\7.1.364.0\BBSvc.exe
15:01:26.0549 3152 BBSvc - ok
15:01:26.0592 3152 BBUpdate (b47230df549e171449b5d25cfcee9f57) C:\Program Files\Microsoft\BingBar\7.1.364.0\SeaPort.exe
15:01:26.0596 3152 BBUpdate - ok
15:01:26.0639 3152 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:01:26.0643 3152 BDESVC - ok
15:01:26.0659 3152 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:01:26.0659 3152 Beep - ok
15:01:26.0702 3152 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:01:26.0706 3152 BFE - ok
15:01:26.0749 3152 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
15:01:26.0756 3152 BITS - ok
15:01:26.0768 3152 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:01:26.0772 3152 blbdrive - ok
15:01:26.0795 3152 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:01:26.0795 3152 bowser - ok
15:01:26.0807 3152 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
15:01:26.0811 3152 BrFiltLo - ok
15:01:26.0819 3152 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
15:01:26.0819 3152 BrFiltUp - ok
15:01:26.0834 3152 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:01:26.0838 3152 Browser - ok
15:01:26.0858 3152 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:01:26.0866 3152 Brserid - ok
15:01:26.0881 3152 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:01:26.0881 3152 BrSerWdm - ok
15:01:26.0897 3152 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:01:26.0897 3152 BrUsbMdm - ok
15:01:26.0905 3152 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:01:26.0905 3152 BrUsbSer - ok
15:01:26.0952 3152 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
15:01:26.0967 3152 BTCFilterService - ok
15:01:26.0983 3152 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
15:01:26.0987 3152 BTHMODEM - ok
15:01:27.0010 3152 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:01:27.0010 3152 bthserv - ok
15:01:27.0038 3152 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:01:27.0038 3152 cdfs - ok
15:01:27.0073 3152 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
15:01:27.0073 3152 cdrom - ok
15:01:27.0104 3152 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:01:27.0108 3152 CertPropSvc - ok
15:01:27.0147 3152 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
15:01:27.0147 3152 cfwids - ok
15:01:27.0174 3152 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
15:01:27.0178 3152 circlass - ok
15:01:27.0225 3152 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:01:27.0229 3152 CLFS - ok
15:01:27.0354 3152 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:01:27.0358 3152 clr_optimization_v2.0.50727_32 - ok
15:01:27.0420 3152 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:01:27.0432 3152 clr_optimization_v4.0.30319_32 - ok
15:01:27.0444 3152 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
15:01:27.0444 3152 CmBatt - ok
15:01:27.0456 3152 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:01:27.0456 3152 cmdide - ok
15:01:27.0502 3152 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
15:01:27.0518 3152 CNG - ok
15:01:27.0534 3152 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
15:01:27.0538 3152 Compbatt - ok
15:01:27.0561 3152 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:01:27.0565 3152 CompositeBus - ok
15:01:27.0581 3152 COMSysApp - ok
15:01:27.0596 3152 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
15:01:27.0600 3152 crcdisk - ok
15:01:27.0670 3152 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
15:01:27.0670 3152 CryptSvc - ok
15:01:27.0721 3152 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
15:01:27.0721 3152 dc3d - ok
15:01:27.0768 3152 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:01:27.0776 3152 DcomLaunch - ok
15:01:27.0831 3152 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:01:27.0834 3152 defragsvc - ok
15:01:27.0846 3152 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:01:27.0850 3152 DfsC - ok
15:01:27.0893 3152 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:01:27.0897 3152 Dhcp - ok
15:01:27.0916 3152 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:01:27.0916 3152 discache - ok
15:01:27.0940 3152 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
15:01:27.0944 3152 Disk - ok
15:01:27.0975 3152 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:01:27.0975 3152 Dnscache - ok
15:01:28.0002 3152 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:01:28.0006 3152 dot3svc - ok
15:01:28.0022 3152 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:01:28.0026 3152 DPS - ok
15:01:28.0069 3152 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:01:28.0073 3152 drmkaud - ok
15:01:28.0112 3152 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:01:28.0124 3152 DXGKrnl - ok
15:01:28.0143 3152 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:01:28.0143 3152 EapHost - ok
15:01:28.0272 3152 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
15:01:28.0334 3152 ebdrv - ok
15:01:28.0416 3152 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:01:28.0420 3152 EFS - ok
15:01:28.0491 3152 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:01:28.0495 3152 ehRecvr - ok
15:01:28.0514 3152 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:01:28.0514 3152 ehSched - ok
15:01:28.0569 3152 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
15:01:28.0584 3152 elxstor - ok
15:01:28.0624 3152 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:01:28.0627 3152 ErrDev - ok
15:01:28.0709 3152 esgiguard - ok
15:01:28.0749 3152 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:01:28.0752 3152 EventSystem - ok
15:01:28.0776 3152 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:01:28.0780 3152 exfat - ok
15:01:28.0795 3152 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:01:28.0795 3152 fastfat - ok
15:01:28.0831 3152 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:01:28.0838 3152 Fax - ok
15:01:28.0850 3152 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:01:28.0854 3152 fdc - ok
15:01:28.0866 3152 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:01:28.0870 3152 fdPHost - ok
15:01:28.0881 3152 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:01:28.0881 3152 FDResPub - ok
15:01:28.0897 3152 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:01:28.0897 3152 FileInfo - ok
15:01:28.0916 3152 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:01:28.0916 3152 Filetrace - ok
15:01:28.0924 3152 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:01:28.0924 3152 flpydisk - ok
15:01:28.0952 3152 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:01:28.0956 3152 FltMgr - ok
15:01:29.0014 3152 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:01:29.0030 3152 FontCache - ok
15:01:29.0120 3152 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:01:29.0120 3152 FontCache3.0.0.0 - ok
15:01:29.0135 3152 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:01:29.0135 3152 FsDepends - ok
15:01:29.0170 3152 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
15:01:29.0170 3152 fssfltr - ok
15:01:29.0323 3152 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:01:29.0334 3152 fsssvc - ok
15:01:29.0416 3152 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:01:29.0420 3152 Fs_Rec - ok
15:01:29.0456 3152 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:01:29.0456 3152 fvevol - ok
15:01:29.0483 3152 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
15:01:29.0483 3152 gagp30kx - ok
15:01:29.0530 3152 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:01:29.0565 3152 gpsvc - ok
15:01:29.0682 3152 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:01:29.0682 3152 gupdate - ok
15:01:29.0706 3152 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:01:29.0706 3152 gupdatem - ok
15:01:29.0752 3152 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:01:29.0752 3152 hcw85cir - ok
15:01:29.0795 3152 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:01:29.0799 3152 HdAudAddService - ok
15:01:29.0823 3152 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:01:29.0827 3152 HDAudBus - ok
15:01:29.0838 3152 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
15:01:29.0838 3152 HidBatt - ok
15:01:29.0854 3152 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
15:01:29.0858 3152 HidBth - ok
15:01:29.0877 3152 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
15:01:29.0877 3152 HidIr - ok
15:01:29.0905 3152 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
15:01:29.0905 3152 hidserv - ok
15:01:29.0932 3152 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:01:29.0932 3152 HidUsb - ok
15:01:29.0952 3152 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:01:29.0956 3152 hkmsvc - ok
15:01:29.0983 3152 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:01:29.0987 3152 HomeGroupListener - ok
15:01:30.0014 3152 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:01:30.0018 3152 HomeGroupProvider - ok
15:01:30.0045 3152 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:01:30.0045 3152 HpSAMD - ok
15:01:30.0092 3152 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:01:30.0100 3152 HTTP - ok
15:01:30.0116 3152 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:01:30.0116 3152 hwpolicy - ok
15:01:30.0135 3152 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:01:30.0139 3152 i8042prt - ok
15:01:30.0178 3152 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:01:30.0190 3152 iaStorV - ok
15:01:30.0288 3152 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:01:30.0303 3152 idsvc - ok
15:01:30.0334 3152 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
15:01:30.0334 3152 iirsp - ok
15:01:30.0389 3152 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:01:30.0397 3152 IKEEXT - ok
15:01:30.0534 3152 IntcAzAudAddService (44792ccbc7b41b42ec068c6416d17de1) C:\Windows\system32\drivers\RtkHDAud.sys
15:01:30.0581 3152 IntcAzAudAddService - ok
15:01:30.0690 3152 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:01:30.0694 3152 intelide - ok
15:01:30.0721 3152 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:01:30.0721 3152 intelppm - ok
15:01:30.0749 3152 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:01:30.0752 3152 IPBusEnum - ok
15:01:30.0768 3152 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:01:30.0772 3152 IpFilterDriver - ok
15:01:30.0819 3152 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:01:30.0823 3152 iphlpsvc - ok
15:01:30.0866 3152 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:01:30.0866 3152 IPMIDRV - ok
15:01:30.0889 3152 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:01:30.0893 3152 IPNAT - ok
15:01:30.0916 3152 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:01:30.0920 3152 IRENUM - ok
15:01:30.0932 3152 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:01:30.0936 3152 isapnp - ok
15:01:30.0959 3152 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:01:30.0963 3152 iScsiPrt - ok
15:01:30.0983 3152 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:01:30.0987 3152 kbdclass - ok
15:01:31.0014 3152 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
15:01:31.0018 3152 kbdhid - ok
15:01:31.0045 3152 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:01:31.0049 3152 KeyIso - ok
15:01:31.0069 3152 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
15:01:31.0073 3152 KSecDD - ok
15:01:31.0092 3152 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
15:01:31.0092 3152 KSecPkg - ok
15:01:31.0124 3152 KTC111 (c1ff26110f5e4306fa3b585c7f7603b2) C:\Windows\system32\DRIVERS\KTC111.SYS
15:01:31.0124 3152 KTC111 - ok
15:01:31.0163 3152 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:01:31.0178 3152 KtmRm - ok
15:01:31.0213 3152 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
15:01:31.0217 3152 LanmanServer - ok
15:01:31.0233 3152 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:01:31.0237 3152 LanmanWorkstation - ok
15:01:31.0284 3152 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:01:31.0284 3152 lltdio - ok
15:01:31.0319 3152 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:01:31.0323 3152 lltdsvc - ok
15:01:31.0334 3152 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:01:31.0338 3152 lmhosts - ok
15:01:31.0362 3152 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
15:01:31.0366 3152 LSI_FC - ok
15:01:31.0385 3152 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
15:01:31.0385 3152 LSI_SAS - ok
15:01:31.0405 3152 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
15:01:31.0405 3152 LSI_SAS2 - ok
15:01:31.0420 3152 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
15:01:31.0424 3152 LSI_SCSI - ok
15:01:31.0436 3152 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:01:31.0440 3152 luafv - ok
15:01:31.0487 3152 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
15:01:31.0487 3152 MBAMProtector - ok
15:01:31.0608 3152 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:01:31.0612 3152 MBAMService - ok
15:01:31.0717 3152 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:01:31.0717 3152 McAfee SiteAdvisor Service - ok
15:01:31.0721 3152 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:01:31.0725 3152 McMPFSvc - ok
15:01:31.0729 3152 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:01:31.0733 3152 mcmscsvc - ok
15:01:31.0737 3152 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:01:31.0737 3152 McNaiAnn - ok
15:01:31.0749 3152 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:01:31.0752 3152 McNASvc - ok
15:01:31.0842 3152 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
15:01:31.0846 3152 McODS - ok
15:01:31.0850 3152 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:01:31.0854 3152 McProxy - ok
15:01:31.0889 3152 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:01:31.0893 3152 McShield - ok
15:01:31.0952 3152 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:01:31.0956 3152 Mcx2Svc - ok
15:01:31.0999 3152 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
15:01:32.0002 3152 megasas - ok
15:01:32.0038 3152 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
15:01:32.0041 3152 MegaSR - ok
15:01:32.0073 3152 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
15:01:32.0077 3152 mfeapfk - ok
15:01:32.0135 3152 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
15:01:32.0135 3152 mfeavfk - ok
15:01:32.0166 3152 mfeavfk01 - ok
15:01:32.0194 3152 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
15:01:32.0194 3152 mfebopk - ok
15:01:32.0233 3152 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:01:32.0233 3152 mfefire - ok
15:01:32.0264 3152 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
15:01:32.0280 3152 mfefirek - ok
15:01:32.0323 3152 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
15:01:32.0334 3152 mfehidk - ok
15:01:32.0342 3152 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
15:01:32.0342 3152 mfenlfk - ok
15:01:32.0358 3152 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
15:01:32.0362 3152 mferkdet - ok
15:01:32.0409 3152 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe
15:01:32.0409 3152 mfevtp - ok
15:01:32.0432 3152 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
15:01:32.0436 3152 mfewfpk - ok
15:01:32.0459 3152 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:01:32.0459 3152 MMCSS - ok
15:01:32.0479 3152 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:01:32.0483 3152 Modem - ok
15:01:32.0506 3152 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:01:32.0510 3152 monitor - ok
15:01:32.0549 3152 motandroidusb (0a43169e115b5e9346a4ba1effcb04cb) C:\Windows\system32\Drivers\motoandroid.sys
15:01:32.0553 3152 motandroidusb - ok
15:01:32.0592 3152 motccgp (0bc43805b6da0d7d4f99c737839fc9ec) C:\Windows\system32\DRIVERS\motccgp.sys
15:01:32.0592 3152 motccgp - ok
15:01:32.0600 3152 motccgpfl (1b3720c4d16904756d49ef306706b978) C:\Windows\system32\DRIVERS\motccgpfl.sys
15:01:32.0604 3152 motccgpfl - ok
15:01:32.0659 3152 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
15:01:32.0659 3152 MotDev - ok
15:01:32.0694 3152 motmodem (11b8118f538b579488e7645b2578e544) C:\Windows\system32\DRIVERS\motmodem.sys
15:01:32.0694 3152 motmodem - ok
15:01:32.0803 3152 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
15:01:32.0807 3152 MotoHelper - ok
15:01:32.0819 3152 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
15:01:32.0823 3152 MotoSwitchService - ok
15:01:32.0831 3152 Motousbnet (5073ed2d13d77f89df99caaa72e23526) C:\Windows\system32\DRIVERS\Motousbnet.sys
15:01:32.0834 3152 Motousbnet - ok
15:01:32.0854 3152 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:01:32.0858 3152 mouclass - ok
15:01:32.0885 3152 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:01:32.0889 3152 mouhid - ok
15:01:32.0905 3152 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:01:32.0909 3152 mountmgr - ok
15:01:32.0944 3152 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:01:32.0948 3152 MozillaMaintenance - ok
15:01:32.0971 3152 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:01:32.0971 3152 mpio - ok
15:01:32.0991 3152 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:01:32.0995 3152 mpsdrv - ok
15:01:33.0045 3152 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:01:33.0049 3152 MpsSvc - ok
15:01:33.0092 3152 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:01:33.0096 3152 MRxDAV - ok
15:01:33.0131 3152 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:01:33.0135 3152 mrxsmb - ok
15:01:33.0159 3152 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:01:33.0163 3152 mrxsmb10 - ok
15:01:33.0178 3152 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:01:33.0182 3152 mrxsmb20 - ok
15:01:33.0198 3152 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:01:33.0198 3152 msahci - ok
15:01:33.0213 3152 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:01:33.0217 3152 msdsm - ok
15:01:33.0233 3152 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:01:33.0237 3152 MSDTC - ok
15:01:33.0256 3152 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:01:33.0256 3152 Msfs - ok
15:01:33.0268 3152 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:01:33.0268 3152 mshidkmdf - ok
15:01:33.0280 3152 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:01:33.0280 3152 msisadrv - ok
15:01:33.0319 3152 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:01:33.0319 3152 MSiSCSI - ok
15:01:33.0327 3152 msiserver - ok
15:01:33.0342 3152 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:01:33.0346 3152 MSKSSRV - ok
15:01:33.0362 3152 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:01:33.0362 3152 MSPCLOCK - ok
15:01:33.0370 3152 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:01:33.0374 3152 MSPQM - ok
15:01:33.0393 3152 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:01:33.0397 3152 MsRPC - ok
15:01:33.0413 3152 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
15:01:33.0413 3152 mssmbios - ok
15:01:33.0416 3152 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:01:33.0420 3152 MSTEE - ok
15:01:33.0432 3152 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
15:01:33.0432 3152 MTConfig - ok
15:01:33.0452 3152 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:01:33.0452 3152 Mup - ok
15:01:33.0491 3152 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:01:33.0499 3152 napagent - ok
15:01:33.0538 3152 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:01:33.0545 3152 NativeWifiP - ok
15:01:33.0592 3152 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:01:33.0600 3152 NDIS - ok
15:01:33.0639 3152 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:01:33.0643 3152 NdisCap - ok
15:01:33.0663 3152 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:01:33.0663 3152 NdisTapi - ok
15:01:33.0690 3152 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:01:33.0690 3152 Ndisuio - ok
15:01:33.0706 3152 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:01:33.0709 3152 NdisWan - ok
15:01:33.0725 3152 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:01:33.0729 3152 NDProxy - ok
15:01:33.0745 3152 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:01:33.0745 3152 NetBIOS - ok
15:01:33.0764 3152 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:01:33.0768 3152 NetBT - ok
15:01:33.0795 3152 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:01:33.0799 3152 Netlogon - ok
15:01:33.0838 3152 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:01:33.0842 3152 Netman - ok
15:01:33.0870 3152 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:01:33.0885 3152 netprofm - ok
15:01:33.0956 3152 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:01:33.0959 3152 NetTcpPortSharing - ok
15:01:33.0991 3152 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
15:01:33.0995 3152 nfrd960 - ok
15:01:34.0026 3152 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:01:34.0030 3152 NlaSvc - ok
15:01:34.0041 3152 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:01:34.0041 3152 Npfs - ok
15:01:34.0053 3152 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:01:34.0057 3152 nsi - ok
15:01:34.0073 3152 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:01:34.0077 3152 nsiproxy - ok
15:01:34.0159 3152 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:01:34.0174 3152 Ntfs - ok
15:01:34.0217 3152 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:01:34.0217 3152 Null - ok
15:01:34.0260 3152 NVHDA (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers\nvhda32v.sys
15:01:34.0264 3152 NVHDA - ok
15:01:34.0604 3152 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:01:34.0795 3152 nvlddmkm - ok
15:01:34.0901 3152 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:01:34.0905 3152 nvraid - ok
15:01:34.0928 3152 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:01:34.0932 3152 nvstor - ok
15:01:35.0010 3152 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
15:01:35.0018 3152 nvsvc - ok
15:01:35.0147 3152 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:01:35.0163 3152 nvUpdatusService - ok
15:01:35.0221 3152 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:01:35.0221 3152 nv_agp - ok
15:01:35.0241 3152 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:01:35.0245 3152 ohci1394 - ok
15:01:35.0327 3152 OKI OPHI DCS Loader (e699a087ee11be3b1f27d669d40c7585) C:\Windows\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
15:01:35.0327 3152 OKI OPHI DCS Loader - ok
15:01:35.0377 3152 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:01:35.0377 3152 ose - ok
15:01:35.0565 3152 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:01:35.0639 3152 osppsvc - ok
15:01:35.0717 3152 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:01:35.0725 3152 p2pimsvc - ok
15:01:35.0764 3152 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:01:35.0780 3152 p2psvc - ok
15:01:35.0815 3152 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:01:35.0819 3152 Parport - ok
15:01:35.0858 3152 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
15:01:35.0858 3152 partmgr - ok
15:01:35.0870 3152 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:01:35.0874 3152 Parvdm - ok
15:01:35.0889 3152 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:01:35.0893 3152 PcaSvc - ok
15:01:35.0909 3152 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:01:35.0913 3152 pci - ok
15:01:35.0928 3152 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:01:35.0932 3152 pciide - ok
15:01:35.0956 3152 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
15:01:35.0959 3152 pcmcia - ok
15:01:35.0979 3152 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:01:35.0979 3152 pcw - ok
15:01:36.0034 3152 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:01:36.0049 3152 PEAUTH - ok
15:01:36.0143 3152 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:01:36.0155 3152 pla - ok
15:01:36.0252 3152 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:01:36.0256 3152 PlugPlay - ok
15:01:36.0288 3152 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:01:36.0288 3152 PNRPAutoReg - ok
15:01:36.0327 3152 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:01:36.0331 3152 PNRPsvc - ok
15:01:36.0374 3152 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
15:01:36.0374 3152 Point32 - ok
15:01:36.0416 3152 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:01:36.0432 3152 PolicyAgent - ok
15:01:36.0459 3152 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:01:36.0463 3152 Power - ok
15:01:36.0499 3152 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:01:36.0502 3152 PptpMiniport - ok
15:01:36.0522 3152 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
15:01:36.0522 3152 Processor - ok
15:01:36.0553 3152 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
15:01:36.0557 3152 ProfSvc - ok
15:01:36.0596 3152 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:01:36.0600 3152 ProtectedStorage - ok
15:01:36.0635 3152 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:01:36.0639 3152 Psched - ok
15:01:36.0709 3152 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
15:01:36.0764 3152 ql2300 - ok
15:01:36.0846 3152 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
15:01:36.0846 3152 ql40xx - ok
15:01:36.0870 3152 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:01:36.0874 3152 QWAVE - ok
15:01:36.0889 3152 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:01:36.0889 3152 QWAVEdrv - ok
15:01:36.0909 3152 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:01:36.0909 3152 RasAcd - ok
15:01:36.0944 3152 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:01:36.0948 3152 RasAgileVpn - ok
15:01:36.0967 3152 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:01:36.0971 3152 RasAuto - ok
15:01:36.0987 3152 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:01:36.0991 3152 Rasl2tp - ok
15:01:37.0026 3152 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:01:37.0034 3152 RasMan - ok
15:01:37.0045 3152 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:01:37.0049 3152 RasPppoe - ok
15:01:37.0073 3152 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:01:37.0077 3152 RasSstp - ok
15:01:37.0096 3152 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:01:37.0108 3152 rdbss - ok
15:01:37.0112 3152 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
15:01:37.0116 3152 rdpbus - ok
15:01:37.0127 3152 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:01:37.0127 3152 RDPCDD - ok
15:01:37.0143 3152 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:01:37.0143 3152 RDPENCDD - ok
15:01:37.0151 3152 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:01:37.0155 3152 RDPREFMP - ok
15:01:37.0198 3152 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
15:01:37.0202 3152 RDPWD - ok
15:01:37.0233 3152 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:01:37.0237 3152 rdyboost - ok
15:01:37.0264 3152 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:01:37.0268 3152 RemoteAccess - ok
15:01:37.0288 3152 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:01:37.0295 3152 RemoteRegistry - ok
15:01:37.0338 3152 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
15:01:37.0342 3152 RimUsb - ok
15:01:37.0362 3152 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:01:37.0366 3152 RpcEptMapper - ok
15:01:37.0389 3152 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:01:37.0389 3152 RpcLocator - ok
15:01:37.0420 3152 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:01:37.0424 3152 RpcSs - ok
15:01:37.0444 3152 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:01:37.0448 3152 rspndr - ok
15:01:37.0495 3152 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
15:01:37.0510 3152 RTL8167 - ok
15:01:37.0545 3152 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:01:37.0549 3152 SamSs - ok
15:01:37.0581 3152 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:01:37.0581 3152 sbp2port - ok
15:01:37.0756 3152 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
15:01:37.0764 3152 SBSDWSCService - ok
15:01:37.0799 3152 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:01:37.0807 3152 SCardSvr - ok
15:01:37.0846 3152 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:01:37.0846 3152 scfilter - ok
15:01:37.0897 3152 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:01:37.0916 3152 Schedule - ok
15:01:37.0948 3152 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:01:37.0948 3152 SCPolicySvc - ok
15:01:37.0971 3152 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:01:37.0975 3152 SDRSVC - ok
15:01:37.0983 3152 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:01:37.0987 3152 secdrv - ok
15:01:38.0002 3152 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:01:38.0006 3152 seclogon - ok
15:01:38.0026 3152 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
15:01:38.0030 3152 SENS - ok
15:01:38.0049 3152 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:01:38.0053 3152 SensrSvc - ok
15:01:38.0084 3152 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:01:38.0084 3152 Serenum - ok
15:01:38.0120 3152 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:01:38.0124 3152 Serial - ok
15:01:38.0135 3152 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
15:01:38.0135 3152 sermouse - ok
15:01:38.0166 3152 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:01:38.0170 3152 SessionEnv - ok
15:01:38.0182 3152 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:01:38.0186 3152 sffdisk - ok
15:01:38.0198 3152 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:01:38.0198 3152 sffp_mmc - ok
15:01:38.0213 3152 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:01:38.0213 3152 sffp_sd - ok
15:01:38.0229 3152 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
15:01:38.0229 3152 sfloppy - ok
15:01:38.0272 3152 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:01:38.0276 3152 SharedAccess - ok
15:01:38.0319 3152 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:01:38.0327 3152 ShellHWDetection - ok
15:01:38.0354 3152 SI3132 (0b9b5c6df6226497ef4819b6e1b2efd5) C:\Windows\system32\DRIVERS\SI3132.sys
15:01:38.0354 3152 SI3132 - ok
15:01:38.0381 3152 SiFilter (ad29a80543c63e5b3588d118fb327e22) C:\Windows\system32\DRIVERS\SiWinAcc.sys
15:01:38.0381 3152 SiFilter - ok
15:01:38.0393 3152 SiRemFil (b19efe5e45ae31f3c3e4c4f0f9da3c49) C:\Windows\system32\DRIVERS\SiRemFil.sys
15:01:38.0397 3152 SiRemFil - ok
15:01:38.0405 3152 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:01:38.0405 3152 sisagp - ok
15:01:38.0428 3152 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
15:01:38.0428 3152 SiSRaid2 - ok
15:01:38.0444 3152 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
15:01:38.0448 3152 SiSRaid4 - ok
15:01:38.0479 3152 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:01:38.0479 3152 Smb - ok
15:01:38.0549 3152 snapman (98b44c15b4eed76aa8dccb64a4ca11af) C:\Windows\system32\DRIVERS\snapman.sys
15:01:38.0553 3152 snapman - ok
15:01:38.0592 3152 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:01:38.0596 3152 SNMPTRAP - ok
15:01:38.0608 3152 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:01:38.0612 3152 spldr - ok
15:01:38.0647 3152 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:01:38.0651 3152 Spooler - ok
15:01:38.0799 3152 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:01:38.0854 3152 sppsvc - ok
15:01:38.0928 3152 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:01:38.0932 3152 sppuinotify - ok
15:01:38.0991 3152 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:01:38.0995 3152 srv - ok
15:01:39.0022 3152 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:01:39.0026 3152 srv2 - ok
15:01:39.0053 3152 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:01:39.0057 3152 srvnet - ok
15:01:39.0096 3152 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:01:39.0100 3152 SSDPSRV - ok
15:01:39.0116 3152 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:01:39.0120 3152 SstpSvc - ok
15:01:39.0225 3152 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:01:39.0229 3152 Stereo Service - ok
15:01:39.0252 3152 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
15:01:39.0256 3152 stexstor - ok
15:01:39.0295 3152 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:01:39.0307 3152 StiSvc - ok
15:01:39.0323 3152 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
15:01:39.0327 3152 swenum - ok
15:01:39.0358 3152 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:01:39.0370 3152 swprv - ok
15:01:39.0428 3152 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:01:39.0444 3152 SysMain - ok
15:01:39.0471 3152 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:01:39.0475 3152 TabletInputService - ok
15:01:39.0510 3152 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:01:39.0518 3152 TapiSrv - ok
15:01:39.0534 3152 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:01:39.0538 3152 TBS - ok
15:01:39.0643 3152 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
15:01:39.0698 3152 Tcpip - ok
15:01:39.0721 3152 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
15:01:39.0733 3152 TCPIP6 - ok
15:01:39.0760 3152 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:01:39.0760 3152 tcpipreg - ok
15:01:39.0776 3152 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:01:39.0780 3152 TDPIPE - ok
15:01:39.0811 3152 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:01:39.0815 3152 TDTCP - ok
15:01:39.0834 3152 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:01:39.0834 3152 tdx - ok
15:01:39.0850 3152 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
15:01:39.0850 3152 TermDD - ok
15:01:39.0885 3152 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:01:39.0889 3152 TermService - ok
15:01:39.0909 3152 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:01:39.0913 3152 Themes - ok
15:01:39.0932 3152 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:01:39.0936 3152 THREADORDER - ok
15:01:40.0006 3152 timounter (d8a96d0e25d43fdac3bed09adf39fde9) C:\Windows\system32\DRIVERS\timntr.sys
15:01:40.0022 3152 timounter - ok
15:01:40.0053 3152 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:01:40.0057 3152 TrkWks - ok
15:01:40.0104 3152 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:01:40.0104 3152 TrustedInstaller - ok
15:01:40.0131 3152 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:01:40.0135 3152 tssecsrv - ok
15:01:40.0147 3152 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:01:40.0151 3152 TsUsbFlt - ok
15:01:40.0159 3152 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
15:01:40.0159 3152 TsUsbGD - ok
15:01:40.0190 3152 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:01:40.0194 3152 tunnel - ok
15:01:40.0202 3152 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
15:01:40.0206 3152 uagp35 - ok
15:01:40.0241 3152 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:01:40.0249 3152 udfs - ok
15:01:40.0284 3152 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:01:40.0288 3152 UI0Detect - ok
15:01:40.0303 3152 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:01:40.0307 3152 uliagpkx - ok
15:01:40.0327 3152 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
15:01:40.0327 3152 umbus - ok
15:01:40.0354 3152 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
15:01:40.0354 3152 UmPass - ok
15:01:40.0381 3152 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:01:40.0389 3152 upnphost - ok
15:01:40.0420 3152 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:01:40.0424 3152 usbccgp - ok
15:01:40.0432 3152 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:01:40.0436 3152 usbcir - ok
15:01:40.0456 3152 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:01:40.0456 3152 usbehci - ok
15:01:40.0487 3152 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:01:40.0495 3152 usbhub - ok
15:01:40.0514 3152 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
15:01:40.0514 3152 usbohci - ok
15:01:40.0541 3152 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:01:40.0541 3152 usbprint - ok
15:01:40.0596 3152 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
15:01:40.0596 3152 usbscan - ok
15:01:40.0612 3152 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:01:40.0616 3152 USBSTOR - ok
15:01:40.0627 3152 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:01:40.0627 3152 usbuhci - ok
15:01:40.0655 3152 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:01:40.0659 3152 UxSms - ok
15:01:40.0690 3152 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:01:40.0690 3152 VaultSvc - ok
15:01:40.0713 3152 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:01:40.0717 3152 vdrvroot - ok
15:01:40.0752 3152 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:01:40.0795 3152 vds - ok
15:01:40.0811 3152 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:01:40.0815 3152 vga - ok
15:01:40.0827 3152 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:01:40.0831 3152 VgaSave - ok
15:01:40.0842 3152 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:01:40.0846 3152 vhdmp - ok
15:01:40.0866 3152 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:01:40.0870 3152 viaagp - ok
15:01:40.0889 3152 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
15:01:40.0889 3152 ViaC7 - ok
15:01:40.0909 3152 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:01:40.0909 3152 viaide - ok
15:01:40.0952 3152 vididr (149ec3e217f9d11e9ca6c54ce3d70c73) C:\Windows\system32\DRIVERS\vididr.sys
15:01:40.0956 3152 vididr - ok
15:01:41.0006 3152 vidsflt53 (e31e9cd40677b84b3adaa7a0d80dc439) C:\Windows\system32\DRIVERS\vsflt53.sys
15:01:41.0006 3152 vidsflt53 - ok
15:01:41.0018 3152 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:01:41.0022 3152 volmgr - ok
15:01:41.0045 3152 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:01:41.0049 3152 volmgrx - ok
15:01:41.0073 3152 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:01:41.0077 3152 volsnap - ok
15:01:41.0092 3152 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
15:01:41.0096 3152 vsmraid - ok
15:01:41.0163 3152 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:01:41.0182 3152 VSS - ok
15:01:41.0190 3152 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:01:41.0190 3152 vwifibus - ok
15:01:41.0217 3152 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:01:41.0225 3152 W32Time - ok
15:01:41.0237 3152 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
15:01:41.0241 3152 WacomPen - ok
15:01:41.0256 3152 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:01:41.0260 3152 WANARP - ok
15:01:41.0264 3152 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:01:41.0268 3152 Wanarpv6 - ok
15:01:41.0342 3152 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:01:41.0362 3152 WatAdminSvc - ok
15:01:41.0428 3152 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:01:41.0452 3152 wbengine - ok
15:01:41.0475 3152 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:01:41.0483 3152 WbioSrvc - ok
15:01:41.0499 3152 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:01:41.0506 3152 wcncsvc - ok
15:01:41.0522 3152 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:01:41.0526 3152 WcsPlugInService - ok
15:01:41.0581 3152 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
15:01:41.0584 3152 Wd - ok
15:01:41.0616 3152 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:01:41.0659 3152 Wdf01000 - ok
15:01:41.0674 3152 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:01:41.0678 3152 WdiServiceHost - ok
15:01:41.0686 3152 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:01:41.0690 3152 WdiSystemHost - ok
15:01:41.0713 3152 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:01:41.0717 3152 WebClient - ok
15:01:41.0737 3152 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:01:41.0745 3152 Wecsvc - ok
15:01:41.0760 3152 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:01:41.0764 3152 wercplsupport - ok
15:01:41.0791 3152 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:01:41.0791 3152 WerSvc - ok
15:01:41.0815 3152 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:01:41.0815 3152 WfpLwf - ok
15:01:41.0823 3152 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:01:41.0823 3152 WIMMount - ok
15:01:41.0909 3152 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:01:41.0920 3152 WinDefend - ok
15:01:41.0928 3152 WinHttpAutoProxySvc - ok
15:01:41.0979 3152 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:01:41.0983 3152 Winmgmt - ok
15:01:42.0049 3152 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:01:42.0061 3152 WinRM - ok
15:01:42.0127 3152 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
15:01:42.0131 3152 WinUsb - ok
15:01:42.0190 3152 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:01:42.0217 3152 Wlansvc - ok
15:01:42.0295 3152 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:01:42.0295 3152 wlcrasvc - ok
15:01:42.0416 3152 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:01:42.0428 3152 wlidsvc - ok
15:01:42.0495 3152 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:01:42.0499 3152 WmiAcpi - ok
15:01:42.0549 3152 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:01:42.0553 3152 wmiApSrv - ok
15:01:42.0639 3152 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:01:42.0647 3152 WMPNetworkSvc - ok
15:01:42.0690 3152 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:01:42.0694 3152 WPCSvc - ok
15:01:42.0713 3152 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:01:42.0717 3152 WPDBusEnum - ok
15:01:42.0737 3152 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:01:42.0737 3152 ws2ifsl - ok
15:01:42.0760 3152 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
15:01:42.0764 3152 wscsvc - ok
15:01:42.0772 3152 WSearch - ok
15:01:42.0866 3152 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
15:01:42.0905 3152 wuauserv - ok
15:01:42.0959 3152 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:01:42.0959 3152 WudfPf - ok
15:01:42.0999 3152 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:01:43.0002 3152 WUDFRd - ok
15:01:43.0022 3152 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:01:43.0026 3152 wudfsvc - ok
15:01:43.0045 3152 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:01:43.0053 3152 WwanSvc - ok
15:01:43.0081 3152 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
15:01:43.0084 3152 XUIF - ok
15:01:43.0104 3152 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk2\DR2
15:01:43.0616 3152 \Device\Harddisk2\DR2 - ok
15:01:43.0631 3152 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:01:43.0870 3152 \Device\Harddisk0\DR0 - ok
15:01:43.0874 3152 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
15:01:43.0920 3152 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
15:01:43.0920 3152 \Device\Harddisk1\DR1 - detected TDSS File System (1)
15:01:43.0932 3152 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk3\DR3
15:01:44.0061 3152 \Device\Harddisk3\DR3 - ok
15:01:44.0065 3152 Boot (0x1200) (1f76f6bbbaf7fe6e514cc8870f9327ec) \Device\Harddisk2\DR2\Partition0
15:01:44.0065 3152 \Device\Harddisk2\DR2\Partition0 - ok
15:01:44.0069 3152 Boot (0x1200) (427bf9bf4d58614c53c51e181d94caf8) \Device\Harddisk0\DR0\Partition0
15:01:44.0073 3152 \Device\Harddisk0\DR0\Partition0 - ok
15:01:44.0100 3152 Boot (0x1200) (8749887a2fdff4bdd5c59691f05c05d6) \Device\Harddisk0\DR0\Partition1
15:01:44.0100 3152 \Device\Harddisk0\DR0\Partition1 - ok
15:01:44.0124 3152 Boot (0x1200) (a085a37c288bd056b852fccc81ccd562) \Device\Harddisk1\DR1\Partition0
15:01:44.0124 3152 \Device\Harddisk1\DR1\Partition0 - ok
15:01:44.0131 3152 Boot (0x1200) (8a46454ac6972e9090444393939a3b72) \Device\Harddisk3\DR3\Partition0
15:01:44.0131 3152 \Device\Harddisk3\DR3\Partition0 - ok
15:01:44.0135 3152 ============================================================
15:01:44.0135 3152 Scan finished
15:01:44.0135 3152 ============================================================
15:01:44.0147 2580 Detected object count: 1
15:01:44.0147 2580 Actual detected object count: 1
15:01:55.0940 2580 \Device\Harddisk1\DR1\TDLFS\config.ini - copied to quarantine
15:01:55.0944 2580 \Device\Harddisk1\DR1\TDLFS\tdl - copied to quarantine
15:01:55.0948 2580 \Device\Harddisk1\DR1\TDLFS\rsrc.dat - copied to quarantine
15:01:55.0952 2580 \Device\Harddisk1\DR1\TDLFS\bckfg.tmp - copied to quarantine
15:01:55.0956 2580 \Device\Harddisk1\DR1\TDLFS\tdlcmd.dll - copied to quarantine
15:01:55.0956 2580 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Quarantine
15:02:21.0420 3572 Deinitialize success

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


TDSSkiller log 2:

15:02:27.0633 2440 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
15:02:28.0422 2440 ============================================================
15:02:28.0422 2440 Current date / time: 2012/06/19 15:02:28.0422
15:02:28.0422 2440 SystemInfo:
15:02:28.0422 2440
15:02:28.0422 2440 OS Version: 6.1.7601 ServicePack: 1.0
15:02:28.0422 2440 Product type: Workstation
15:02:28.0422 2440 ComputerName: TSUNAMI
15:02:28.0422 2440 UserName: LaDawna
15:02:28.0422 2440 Windows directory: C:\Windows
15:02:28.0422 2440 System windows directory: C:\Windows
15:02:28.0422 2440 Processor architecture: Intel x86
15:02:28.0422 2440 Number of processors: 2
15:02:28.0422 2440 Page size: 0x1000
15:02:28.0422 2440 Boot type: Normal boot
15:02:28.0422 2440 ============================================================
15:02:29.0461 2440 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000058
15:02:29.0469 2440 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x23DC4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
15:02:29.0469 2440 Drive \Device\Harddisk1\DR1 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x8E83, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:02:29.0477 2440 Drive \Device\Harddisk3\DR3 - Size: 0xF4FFE00 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:02:29.0477 2440 ============================================================
15:02:29.0481 2440 \Device\Harddisk2\DR2:
15:02:29.0481 2440 MBR partitions:
15:02:29.0481 2440 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
15:02:29.0481 2440 \Device\Harddisk0\DR0:
15:02:29.0481 2440 MBR partitions:
15:02:29.0481 2440 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:02:29.0481 2440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
15:02:29.0481 2440 \Device\Harddisk1\DR1:
15:02:29.0481 2440 MBR partitions:
15:02:29.0481 2440 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEEBC3
15:02:29.0481 2440 \Device\Harddisk3\DR3:
15:02:29.0481 2440 MBR partitions:
15:02:29.0481 2440 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x6, StartLBA 0x63, BlocksNum 0x7A59D
15:02:29.0481 2440 ============================================================
15:02:29.0500 2440 C: <-> \Device\Harddisk0\DR0\Partition1
15:02:29.0504 2440 E: <-> \Device\Harddisk1\DR1\Partition0
15:02:29.0504 2440 F: <-> \Device\Harddisk2\DR2\Partition0
15:02:29.0504 2440 ============================================================
15:02:29.0504 2440 Initialize success
15:02:29.0504 2440 ============================================================
15:02:35.0446 5440 ============================================================
15:02:35.0446 5440 Scan started
15:02:35.0446 5440 Mode: Manual; TDLFS;
15:02:35.0446 5440 ============================================================
15:02:36.0168 5440 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
15:02:36.0172 5440 1394ohci - ok
15:02:36.0208 5440 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
15:02:36.0208 5440 ACPI - ok
15:02:36.0227 5440 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
15:02:36.0227 5440 AcpiPmi - ok
15:02:36.0333 5440 AcrSch2Svc (af6481c648ea9a76569aacb73eac286a) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
15:02:36.0340 5440 AcrSch2Svc - ok
15:02:36.0422 5440 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:02:36.0422 5440 AdobeARMservice - ok
15:02:36.0508 5440 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:02:36.0512 5440 AdobeFlashPlayerUpdateSvc - ok
15:02:36.0579 5440 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\drivers\adp94xx.sys
15:02:36.0583 5440 adp94xx - ok
15:02:36.0625 5440 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\drivers\adpahci.sys
15:02:36.0629 5440 adpahci - ok
15:02:36.0653 5440 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\drivers\adpu320.sys
15:02:36.0653 5440 adpu320 - ok
15:02:36.0680 5440 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
15:02:36.0684 5440 AeLookupSvc - ok
15:02:36.0735 5440 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
15:02:36.0739 5440 AFD - ok
15:02:36.0747 5440 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
15:02:36.0750 5440 agp440 - ok
15:02:36.0770 5440 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\drivers\djsvs.sys
15:02:36.0774 5440 aic78xx - ok
15:02:36.0797 5440 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
15:02:36.0797 5440 ALG - ok
15:02:36.0809 5440 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
15:02:36.0809 5440 aliide - ok
15:02:36.0821 5440 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
15:02:36.0821 5440 amdagp - ok
15:02:36.0833 5440 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
15:02:36.0833 5440 amdide - ok
15:02:36.0844 5440 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\drivers\amdk8.sys
15:02:36.0844 5440 AmdK8 - ok
15:02:36.0860 5440 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\drivers\amdppm.sys
15:02:36.0860 5440 AmdPPM - ok
15:02:36.0891 5440 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
15:02:36.0891 5440 amdsata - ok
15:02:36.0915 5440 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\drivers\amdsbs.sys
15:02:36.0915 5440 amdsbs - ok
15:02:36.0926 5440 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
15:02:36.0930 5440 amdxata - ok
15:02:36.0954 5440 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
15:02:36.0958 5440 AppID - ok
15:02:36.0993 5440 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
15:02:36.0993 5440 AppIDSvc - ok
15:02:37.0008 5440 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
15:02:37.0012 5440 Appinfo - ok
15:02:37.0028 5440 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\drivers\arc.sys
15:02:37.0032 5440 arc - ok
15:02:37.0043 5440 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\drivers\arcsas.sys
15:02:37.0043 5440 arcsas - ok
15:02:37.0063 5440 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
15:02:37.0063 5440 AsyncMac - ok
15:02:37.0075 5440 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
15:02:37.0079 5440 atapi - ok
15:02:37.0114 5440 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:02:37.0118 5440 AudioEndpointBuilder - ok
15:02:37.0122 5440 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
15:02:37.0125 5440 Audiosrv - ok
15:02:37.0149 5440 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
15:02:37.0149 5440 AxInstSV - ok
15:02:37.0196 5440 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\drivers\bxvbdx.sys
15:02:37.0196 5440 b06bdrv - ok
15:02:37.0383 5440 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
15:02:37.0383 5440 b57nd60x - ok
15:02:37.0512 5440 BBSvc (37bfed63841e56f465e1a0cd32f1bcc9) C:\Program Files\Microsoft\BingBar\7.1.364.0\BBSvc.exe
15:02:37.0516 5440 BBSvc - ok
15:02:37.0555 5440 BBUpdate (b47230df549e171449b5d25cfcee9f57) C:\Program Files\Microsoft\BingBar\7.1.364.0\SeaPort.exe
15:02:37.0559 5440 BBUpdate - ok
15:02:37.0586 5440 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
15:02:37.0586 5440 BDESVC - ok
15:02:37.0606 5440 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
15:02:37.0606 5440 Beep - ok
15:02:37.0637 5440 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
15:02:37.0641 5440 BFE - ok
15:02:37.0719 5440 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
15:02:37.0727 5440 BITS - ok
15:02:37.0739 5440 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
15:02:37.0743 5440 blbdrive - ok
15:02:37.0766 5440 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
15:02:37.0766 5440 bowser - ok
15:02:37.0778 5440 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\BrFiltLo.sys
15:02:37.0782 5440 BrFiltLo - ok
15:02:37.0790 5440 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\BrFiltUp.sys
15:02:37.0790 5440 BrFiltUp - ok
15:02:37.0809 5440 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
15:02:37.0809 5440 Browser - ok
15:02:37.0829 5440 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
15:02:37.0833 5440 Brserid - ok
15:02:37.0852 5440 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
15:02:37.0852 5440 BrSerWdm - ok
15:02:37.0868 5440 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:02:37.0868 5440 BrUsbMdm - ok
15:02:37.0875 5440 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
15:02:37.0875 5440 BrUsbSer - ok
15:02:37.0922 5440 BTCFilterService (4813df77ede536a52e3737971f910baa) C:\Windows\system32\DRIVERS\motfilt.sys
15:02:37.0922 5440 BTCFilterService - ok
15:02:37.0938 5440 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\drivers\bthmodem.sys
15:02:37.0942 5440 BTHMODEM - ok
15:02:37.0973 5440 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
15:02:37.0973 5440 bthserv - ok
15:02:37.0997 5440 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
15:02:38.0000 5440 cdfs - ok
15:02:38.0032 5440 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
15:02:38.0036 5440 cdrom - ok
15:02:38.0059 5440 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:02:38.0063 5440 CertPropSvc - ok
15:02:38.0102 5440 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\Windows\system32\drivers\cfwids.sys
15:02:38.0102 5440 cfwids - ok
15:02:38.0122 5440 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\drivers\circlass.sys
15:02:38.0122 5440 circlass - ok
15:02:38.0149 5440 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
15:02:38.0149 5440 CLFS - ok
15:02:38.0243 5440 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:02:38.0243 5440 clr_optimization_v2.0.50727_32 - ok
15:02:38.0309 5440 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:02:38.0309 5440 clr_optimization_v4.0.30319_32 - ok
15:02:38.0325 5440 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\drivers\CmBatt.sys
15:02:38.0325 5440 CmBatt - ok
15:02:38.0329 5440 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
15:02:38.0329 5440 cmdide - ok
15:02:38.0375 5440 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
15:02:38.0375 5440 CNG - ok
15:02:38.0387 5440 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\drivers\compbatt.sys
15:02:38.0391 5440 Compbatt - ok
15:02:38.0418 5440 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:02:38.0418 5440 CompositeBus - ok
15:02:38.0430 5440 COMSysApp - ok
15:02:38.0446 5440 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\drivers\crcdisk.sys
15:02:38.0446 5440 crcdisk - ok
15:02:38.0516 5440 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
15:02:38.0516 5440 CryptSvc - ok
15:02:38.0567 5440 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
15:02:38.0567 5440 dc3d - ok
15:02:38.0618 5440 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:02:38.0622 5440 DcomLaunch - ok
15:02:38.0668 5440 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
15:02:38.0672 5440 defragsvc - ok
15:02:38.0711 5440 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
15:02:38.0711 5440 DfsC - ok
15:02:38.0747 5440 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
15:02:38.0750 5440 Dhcp - ok
15:02:38.0770 5440 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
15:02:38.0774 5440 discache - ok
15:02:38.0797 5440 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\drivers\disk.sys
15:02:38.0797 5440 Disk - ok
15:02:38.0829 5440 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
15:02:38.0829 5440 Dnscache - ok
15:02:38.0856 5440 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
15:02:38.0856 5440 dot3svc - ok
15:02:38.0875 5440 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
15:02:38.0879 5440 DPS - ok
15:02:38.0907 5440 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
15:02:38.0911 5440 drmkaud - ok
15:02:38.0958 5440 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
15:02:38.0961 5440 DXGKrnl - ok
15:02:38.0981 5440 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
15:02:38.0981 5440 EapHost - ok
15:02:39.0102 5440 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\drivers\evbdx.sys
15:02:39.0122 5440 ebdrv - ok
15:02:39.0200 5440 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
15:02:39.0200 5440 EFS - ok
15:02:39.0270 5440 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
15:02:39.0274 5440 ehRecvr - ok
15:02:39.0293 5440 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
15:02:39.0293 5440 ehSched - ok
15:02:39.0356 5440 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\drivers\elxstor.sys
15:02:39.0360 5440 elxstor - ok
15:02:39.0379 5440 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
15:02:39.0379 5440 ErrDev - ok
15:02:39.0458 5440 esgiguard - ok
15:02:39.0497 5440 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
15:02:39.0497 5440 EventSystem - ok
15:02:39.0512 5440 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
15:02:39.0516 5440 exfat - ok
15:02:39.0532 5440 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
15:02:39.0536 5440 fastfat - ok
15:02:39.0571 5440 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
15:02:39.0575 5440 Fax - ok
15:02:39.0590 5440 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
15:02:39.0590 5440 fdc - ok
15:02:39.0606 5440 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
15:02:39.0606 5440 fdPHost - ok
15:02:39.0618 5440 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
15:02:39.0622 5440 FDResPub - ok
15:02:39.0633 5440 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
15:02:39.0637 5440 FileInfo - ok
15:02:39.0657 5440 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
15:02:39.0657 5440 Filetrace - ok
15:02:39.0661 5440 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
15:02:39.0661 5440 flpydisk - ok
15:02:39.0692 5440 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
15:02:39.0692 5440 FltMgr - ok
15:02:39.0750 5440 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
15:02:39.0754 5440 FontCache - ok
15:02:39.0856 5440 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:02:39.0860 5440 FontCache3.0.0.0 - ok
15:02:39.0872 5440 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
15:02:39.0875 5440 FsDepends - ok
15:02:39.0907 5440 fssfltr (b0082808a6856a252f7cdd939892ce50) C:\Windows\system32\DRIVERS\fssfltr.sys
15:02:39.0907 5440 fssfltr - ok
15:02:40.0055 5440 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:02:40.0083 5440 fsssvc - ok
15:02:40.0157 5440 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
15:02:40.0157 5440 Fs_Rec - ok
15:02:40.0192 5440 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
15:02:40.0196 5440 fvevol - ok
15:02:40.0219 5440 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\drivers\gagp30kx.sys
15:02:40.0219 5440 gagp30kx - ok
15:02:40.0270 5440 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
15:02:40.0274 5440 gpsvc - ok
15:02:40.0372 5440 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:02:40.0372 5440 gupdate - ok
15:02:40.0391 5440 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:02:40.0395 5440 gupdatem - ok
15:02:40.0407 5440 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
15:02:40.0407 5440 hcw85cir - ok
15:02:40.0438 5440 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
15:02:40.0442 5440 HdAudAddService - ok
15:02:40.0473 5440 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:02:40.0473 5440 HDAudBus - ok
15:02:40.0485 5440 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\drivers\HidBatt.sys
15:02:40.0485 5440 HidBatt - ok
15:02:40.0504 5440 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\drivers\hidbth.sys
15:02:40.0504 5440 HidBth - ok
15:02:40.0524 5440 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\drivers\hidir.sys
15:02:40.0524 5440 HidIr - ok
15:02:40.0543 5440 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
15:02:40.0543 5440 hidserv - ok
15:02:40.0590 5440 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
15:02:40.0590 5440 HidUsb - ok
15:02:40.0618 5440 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
15:02:40.0618 5440 hkmsvc - ok
15:02:40.0645 5440 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
15:02:40.0649 5440 HomeGroupListener - ok
15:02:40.0676 5440 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
15:02:40.0680 5440 HomeGroupProvider - ok
15:02:40.0700 5440 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
15:02:40.0700 5440 HpSAMD - ok
15:02:40.0747 5440 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
15:02:40.0750 5440 HTTP - ok
15:02:40.0786 5440 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
15:02:40.0790 5440 hwpolicy - ok
15:02:40.0809 5440 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
15:02:40.0809 5440 i8042prt - ok
15:02:40.0844 5440 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
15:02:40.0848 5440 iaStorV - ok
15:02:40.0934 5440 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:02:40.0938 5440 idsvc - ok
15:02:40.0958 5440 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\drivers\iirsp.sys
15:02:40.0958 5440 iirsp - ok
15:02:41.0004 5440 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
15:02:41.0008 5440 IKEEXT - ok
15:02:41.0125 5440 IntcAzAudAddService (44792ccbc7b41b42ec068c6416d17de1) C:\Windows\system32\drivers\RtkHDAud.sys
15:02:41.0141 5440 IntcAzAudAddService - ok
15:02:41.0231 5440 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
15:02:41.0231 5440 intelide - ok
15:02:41.0258 5440 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
15:02:41.0258 5440 intelppm - ok
15:02:41.0278 5440 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
15:02:41.0282 5440 IPBusEnum - ok
15:02:41.0297 5440 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:02:41.0301 5440 IpFilterDriver - ok
15:02:41.0340 5440 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
15:02:41.0344 5440 iphlpsvc - ok
15:02:41.0379 5440 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
15:02:41.0379 5440 IPMIDRV - ok
15:02:41.0395 5440 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
15:02:41.0395 5440 IPNAT - ok
15:02:41.0422 5440 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
15:02:41.0422 5440 IRENUM - ok
15:02:41.0438 5440 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
15:02:41.0442 5440 isapnp - ok
15:02:41.0465 5440 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
15:02:41.0465 5440 iScsiPrt - ok
15:02:41.0489 5440 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:02:41.0489 5440 kbdclass - ok
15:02:41.0520 5440 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
15:02:41.0520 5440 kbdhid - ok
15:02:41.0551 5440 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:02:41.0555 5440 KeyIso - ok
15:02:41.0579 5440 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
15:02:41.0579 5440 KSecDD - ok
15:02:41.0594 5440 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
15:02:41.0598 5440 KSecPkg - ok
15:02:41.0625 5440 KTC111 (c1ff26110f5e4306fa3b585c7f7603b2) C:\Windows\system32\DRIVERS\KTC111.SYS
15:02:41.0629 5440 KTC111 - ok
15:02:41.0668 5440 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
15:02:41.0672 5440 KtmRm - ok
15:02:41.0727 5440 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
15:02:41.0731 5440 LanmanServer - ok
15:02:41.0747 5440 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
15:02:41.0750 5440 LanmanWorkstation - ok
15:02:41.0797 5440 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
15:02:41.0797 5440 lltdio - ok
15:02:41.0825 5440 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
15:02:41.0825 5440 lltdsvc - ok
15:02:41.0840 5440 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
15:02:41.0844 5440 lmhosts - ok
15:02:41.0868 5440 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\drivers\lsi_fc.sys
15:02:41.0868 5440 LSI_FC - ok
15:02:41.0887 5440 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\drivers\lsi_sas.sys
15:02:41.0891 5440 LSI_SAS - ok
15:02:41.0903 5440 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\drivers\lsi_sas2.sys
15:02:41.0903 5440 LSI_SAS2 - ok
15:02:41.0918 5440 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\drivers\lsi_scsi.sys
15:02:41.0918 5440 LSI_SCSI - ok
15:02:41.0950 5440 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
15:02:41.0950 5440 luafv - ok
15:02:42.0008 5440 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
15:02:42.0008 5440 MBAMProtector - ok
15:02:42.0118 5440 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:02:42.0122 5440 MBAMService - ok
15:02:42.0219 5440 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:02:42.0223 5440 McAfee SiteAdvisor Service - ok
15:02:42.0227 5440 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:02:42.0231 5440 McMPFSvc - ok
15:02:42.0235 5440 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:02:42.0239 5440 mcmscsvc - ok
15:02:42.0243 5440 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:02:42.0243 5440 McNaiAnn - ok
15:02:42.0254 5440 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:02:42.0254 5440 McNASvc - ok
15:02:42.0348 5440 McODS (135aa9e9e7047b7dc1f753205d421a26) C:\Program Files\McAfee\VirusScan\mcods.exe
15:02:42.0352 5440 McODS - ok
15:02:42.0356 5440 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
15:02:42.0360 5440 McProxy - ok
15:02:42.0516 5440 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:02:42.0520 5440 McShield - ok
15:02:42.0583 5440 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
15:02:42.0586 5440 Mcx2Svc - ok
15:02:42.0629 5440 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\drivers\megasas.sys
15:02:42.0629 5440 megasas - ok
15:02:42.0661 5440 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\drivers\MegaSR.sys
15:02:42.0661 5440 MegaSR - ok
15:02:42.0688 5440 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\Windows\system32\drivers\mfeapfk.sys
15:02:42.0688 5440 mfeapfk - ok
15:02:42.0739 5440 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\Windows\system32\drivers\mfeavfk.sys
15:02:42.0739 5440 mfeavfk - ok
15:02:42.0770 5440 mfeavfk01 - ok
15:02:42.0805 5440 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\Windows\system32\drivers\mfebopk.sys
15:02:42.0805 5440 mfebopk - ok
15:02:42.0844 5440 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:02:42.0844 5440 mfefire - ok
15:02:42.0872 5440 mfefirek (4ea6ff90015424517843e931448e00f1) C:\Windows\system32\drivers\mfefirek.sys
15:02:42.0872 5440 mfefirek - ok
15:02:42.0903 5440 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\Windows\system32\drivers\mfehidk.sys
15:02:42.0907 5440 mfehidk - ok
15:02:42.0915 5440 mfenlfk (ac04a618aef3de0fce91c766f9e069da) C:\Windows\system32\DRIVERS\mfenlfk.sys
15:02:42.0915 5440 mfenlfk - ok
15:02:42.0930 5440 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\Windows\system32\drivers\mferkdet.sys
15:02:42.0930 5440 mferkdet - ok
15:02:42.0977 5440 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\Windows\system32\mfevtps.exe
15:02:42.0981 5440 mfevtp - ok
15:02:43.0012 5440 mfewfpk (f284337aedb7483df8a5fa840647e2b0) C:\Windows\system32\drivers\mfewfpk.sys
15:02:43.0016 5440 mfewfpk - ok
15:02:43.0028 5440 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:02:43.0032 5440 MMCSS - ok
15:02:43.0051 5440 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
15:02:43.0051 5440 Modem - ok
15:02:43.0079 5440 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
15:02:43.0079 5440 monitor - ok
15:02:43.0122 5440 motandroidusb (0a43169e115b5e9346a4ba1effcb04cb) C:\Windows\system32\Drivers\motoandroid.sys
15:02:43.0122 5440 motandroidusb - ok
15:02:43.0157 5440 motccgp (0bc43805b6da0d7d4f99c737839fc9ec) C:\Windows\system32\DRIVERS\motccgp.sys
15:02:43.0161 5440 motccgp - ok
15:02:43.0176 5440 motccgpfl (1b3720c4d16904756d49ef306706b978) C:\Windows\system32\DRIVERS\motccgpfl.sys
15:02:43.0176 5440 motccgpfl - ok
15:02:43.0239 5440 MotDev (e190ed75bcc7928143f8f2af4c34d91d) C:\Windows\system32\DRIVERS\motodrv.sys
15:02:43.0239 5440 MotDev - ok
15:02:43.0274 5440 motmodem (11b8118f538b579488e7645b2578e544) C:\Windows\system32\DRIVERS\motmodem.sys
15:02:43.0274 5440 motmodem - ok
15:02:43.0383 5440 MotoHelper (290750346f5937b02f62594b8eb03215) C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
15:02:43.0383 5440 MotoHelper - ok
15:02:43.0399 5440 MotoSwitchService (fd8c2cef7ad8b23c6714103d621fac1f) C:\Windows\system32\DRIVERS\motswch.sys
15:02:43.0399 5440 MotoSwitchService - ok
15:02:43.0411 5440 Motousbnet (5073ed2d13d77f89df99caaa72e23526) C:\Windows\system32\DRIVERS\Motousbnet.sys
15:02:43.0411 5440 Motousbnet - ok
15:02:43.0434 5440 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
15:02:43.0438 5440 mouclass - ok
15:02:43.0473 5440 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
15:02:43.0473 5440 mouhid - ok
15:02:43.0559 5440 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
15:02:43.0563 5440 mountmgr - ok
15:02:43.0739 5440 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:02:43.0739 5440 MozillaMaintenance - ok
15:02:43.0883 5440 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
15:02:43.0883 5440 mpio - ok
15:02:43.0954 5440 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
15:02:43.0958 5440 mpsdrv - ok
15:02:44.0008 5440 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
15:02:44.0012 5440 MpsSvc - ok
15:02:44.0055 5440 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
15:02:44.0059 5440 MRxDAV - ok
15:02:44.0086 5440 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:02:44.0090 5440 mrxsmb - ok
15:02:44.0110 5440 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:02:44.0114 5440 mrxsmb10 - ok
15:02:44.0125 5440 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:02:44.0129 5440 mrxsmb20 - ok
15:02:44.0141 5440 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
15:02:44.0145 5440 msahci - ok
15:02:44.0161 5440 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
15:02:44.0161 5440 msdsm - ok
15:02:44.0176 5440 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
15:02:44.0180 5440 MSDTC - ok
15:02:44.0204 5440 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
15:02:44.0204 5440 Msfs - ok
15:02:44.0215 5440 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
15:02:44.0215 5440 mshidkmdf - ok
15:02:44.0235 5440 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
15:02:44.0235 5440 msisadrv - ok
15:02:44.0254 5440 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
15:02:44.0258 5440 MSiSCSI - ok
15:02:44.0262 5440 msiserver - ok
15:02:44.0282 5440 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
15:02:44.0282 5440 MSKSSRV - ok
15:02:44.0301 5440 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
15:02:44.0301 5440 MSPCLOCK - ok
15:02:44.0309 5440 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
15:02:44.0313 5440 MSPQM - ok
15:02:44.0333 5440 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
15:02:44.0333 5440 MsRPC - ok
15:02:44.0348 5440 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
15:02:44.0352 5440 mssmbios - ok
15:02:44.0356 5440 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
15:02:44.0356 5440 MSTEE - ok
15:02:44.0372 5440 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\drivers\MTConfig.sys
15:02:44.0372 5440 MTConfig - ok
15:02:44.0387 5440 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
15:02:44.0391 5440 Mup - ok
15:02:44.0430 5440 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
15:02:44.0434 5440 napagent - ok
15:02:44.0465 5440 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
15:02:44.0469 5440 NativeWifiP - ok
15:02:44.0508 5440 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
15:02:44.0516 5440 NDIS - ok
15:02:44.0528 5440 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
15:02:44.0532 5440 NdisCap - ok
15:02:44.0551 5440 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
15:02:44.0551 5440 NdisTapi - ok
15:02:44.0575 5440 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
15:02:44.0579 5440 Ndisuio - ok
15:02:44.0594 5440 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
15:02:44.0594 5440 NdisWan - ok
15:02:44.0606 5440 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
15:02:44.0610 5440 NDProxy - ok
15:02:44.0622 5440 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
15:02:44.0625 5440 NetBIOS - ok
15:02:44.0645 5440 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
15:02:44.0645 5440 NetBT - ok
15:02:44.0676 5440 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:02:44.0680 5440 Netlogon - ok
15:02:44.0719 5440 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
15:02:44.0723 5440 Netman - ok
15:02:44.0774 5440 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
15:02:44.0782 5440 netprofm - ok
15:02:44.0852 5440 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:02:44.0856 5440 NetTcpPortSharing - ok
15:02:44.0872 5440 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\drivers\nfrd960.sys
15:02:44.0875 5440 nfrd960 - ok
15:02:44.0895 5440 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
15:02:44.0899 5440 NlaSvc - ok
15:02:44.0911 5440 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
15:02:44.0911 5440 Npfs - ok
15:02:44.0926 5440 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
15:02:44.0930 5440 nsi - ok
15:02:44.0946 5440 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
15:02:44.0946 5440 nsiproxy - ok
15:02:45.0032 5440 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
15:02:45.0040 5440 Ntfs - ok
15:02:45.0055 5440 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
15:02:45.0055 5440 Null - ok
15:02:45.0106 5440 NVHDA (93c0f383b39b1f5fe7203e3270d4cf52) C:\Windows\system32\drivers\nvhda32v.sys
15:02:45.0110 5440 NVHDA - ok
15:02:45.0458 5440 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:02:45.0524 5440 nvlddmkm - ok
15:02:45.0629 5440 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
15:02:45.0633 5440 nvraid - ok
15:02:45.0657 5440 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
15:02:45.0661 5440 nvstor - ok
15:02:45.0723 5440 nvsvc (d122f7c5f79c68868f5dc28cefeb2ecf) C:\Windows\system32\nvvsvc.exe
15:02:45.0731 5440 nvsvc - ok
15:02:45.0879 5440 nvUpdatusService (003cb0a155568b4a53a301f07c734233) C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:02:45.0891 5440 nvUpdatusService - ok
15:02:45.0950 5440 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
15:02:45.0954 5440 nv_agp - ok
15:02:45.0973 5440 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
15:02:45.0973 5440 ohci1394 - ok
15:02:46.0063 5440 OKI OPHI DCS Loader (e699a087ee11be3b1f27d669d40c7585) C:\Windows\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
15:02:46.0067 5440 OKI OPHI DCS Loader - ok
15:02:46.0114 5440 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:02:46.0114 5440 ose - ok
15:02:46.0297 5440 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:02:46.0325 5440 osppsvc - ok
15:02:46.0399 5440 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:02:46.0403 5440 p2pimsvc - ok
15:02:46.0434 5440 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
15:02:46.0442 5440 p2psvc - ok
15:02:46.0477 5440 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
15:02:46.0481 5440 Parport - ok
15:02:46.0520 5440 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
15:02:46.0524 5440 partmgr - ok
15:02:46.0536 5440 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
15:02:46.0536 5440 Parvdm - ok
15:02:46.0551 5440 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
15:02:46.0555 5440 PcaSvc - ok
15:02:46.0575 5440 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
15:02:46.0575 5440 pci - ok
15:02:46.0590 5440 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
15:02:46.0594 5440 pciide - ok
15:02:46.0618 5440 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\drivers\pcmcia.sys
15:02:46.0618 5440 pcmcia - ok
15:02:46.0633 5440 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
15:02:46.0633 5440 pcw - ok
15:02:46.0688 5440 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
15:02:46.0692 5440 PEAUTH - ok
15:02:46.0790 5440 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
15:02:46.0801 5440 pla - ok
15:02:46.0907 5440 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
15:02:46.0911 5440 PlugPlay - ok
15:02:46.0934 5440 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
15:02:46.0934 5440 PNRPAutoReg - ok
15:02:46.0973 5440 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
15:02:46.0977 5440 PNRPsvc - ok
15:02:47.0020 5440 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
15:02:47.0020 5440 Point32 - ok
15:02:47.0063 5440 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
15:02:47.0067 5440 PolicyAgent - ok
15:02:47.0098 5440 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
15:02:47.0102 5440 Power - ok
15:02:47.0137 5440 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
15:02:47.0141 5440 PptpMiniport - ok
15:02:47.0161 5440 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\drivers\processr.sys
15:02:47.0161 5440 Processor - ok
15:02:47.0200 5440 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
15:02:47.0204 5440 ProfSvc - ok
15:02:47.0235 5440 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:02:47.0239 5440 ProtectedStorage - ok
15:02:47.0266 5440 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
15:02:47.0266 5440 Psched - ok
15:02:47.0340 5440 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\drivers\ql2300.sys
15:02:47.0348 5440 ql2300 - ok
15:02:47.0434 5440 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\drivers\ql40xx.sys
15:02:47.0434 5440 ql40xx - ok
15:02:47.0458 5440 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
15:02:47.0461 5440 QWAVE - ok
15:02:47.0477 5440 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
15:02:47.0477 5440 QWAVEdrv - ok
15:02:47.0489 5440 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
15:02:47.0489 5440 RasAcd - ok
15:02:47.0559 5440 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:02:47.0563 5440 RasAgileVpn - ok
15:02:47.0739 5440 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
15:02:47.0743 5440 RasAuto - ok
15:02:47.0758 5440 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:02:47.0762 5440 Rasl2tp - ok
15:02:47.0790 5440 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
15:02:47.0793 5440 RasMan - ok
15:02:47.0805 5440 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
15:02:47.0805 5440 RasPppoe - ok
15:02:47.0821 5440 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
15:02:47.0821 5440 RasSstp - ok
15:02:47.0844 5440 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
15:02:47.0844 5440 rdbss - ok
15:02:47.0852 5440 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\drivers\rdpbus.sys
15:02:47.0856 5440 rdpbus - ok
15:02:47.0864 5440 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:02:47.0868 5440 RDPCDD - ok
15:02:47.0887 5440 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
15:02:47.0887 5440 RDPENCDD - ok
15:02:47.0899 5440 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
15:02:47.0899 5440 RDPREFMP - ok
15:02:47.0938 5440 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
15:02:47.0942 5440 RDPWD - ok
15:02:47.0969 5440 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
15:02:47.0973 5440 rdyboost - ok
15:02:47.0993 5440 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
15:02:47.0997 5440 RemoteAccess - ok
15:02:48.0028 5440 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
15:02:48.0032 5440 RemoteRegistry - ok
15:02:48.0071 5440 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
15:02:48.0071 5440 RimUsb - ok
15:02:48.0090 5440 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
15:02:48.0094 5440 RpcEptMapper - ok
15:02:48.0118 5440 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
15:02:48.0122 5440 RpcLocator - ok
15:02:48.0149 5440 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
15:02:48.0153 5440 RpcSs - ok
15:02:48.0176 5440 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
15:02:48.0176 5440 rspndr - ok
15:02:48.0227 5440 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
15:02:48.0231 5440 RTL8167 - ok
15:02:48.0258 5440 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:02:48.0262 5440 SamSs - ok
15:02:48.0290 5440 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
15:02:48.0290 5440 sbp2port - ok
15:02:48.0458 5440 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
15:02:48.0465 5440 SBSDWSCService - ok
15:02:48.0497 5440 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
15:02:48.0500 5440 SCardSvr - ok
15:02:48.0532 5440 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
15:02:48.0536 5440 scfilter - ok
15:02:48.0586 5440 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
15:02:48.0594 5440 Schedule - ok
15:02:48.0633 5440 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
15:02:48.0637 5440 SCPolicySvc - ok
15:02:48.0657 5440 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
15:02:48.0661 5440 SDRSVC - ok
15:02:48.0668 5440 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:02:48.0668 5440 secdrv - ok
15:02:48.0684 5440 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
15:02:48.0688 5440 seclogon - ok
15:02:48.0715 5440 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
15:02:48.0719 5440 SENS - ok
15:02:48.0739 5440 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
15:02:48.0743 5440 SensrSvc - ok
15:02:48.0774 5440 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
15:02:48.0774 5440 Serenum - ok
15:02:48.0809 5440 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
15:02:48.0809 5440 Serial - ok
15:02:48.0821 5440 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\drivers\sermouse.sys
15:02:48.0825 5440 sermouse - ok
15:02:48.0856 5440 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
15:02:48.0856 5440 SessionEnv - ok
15:02:48.0872 5440 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
15:02:48.0872 5440 sffdisk - ok
15:02:48.0887 5440 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
15:02:48.0887 5440 sffp_mmc - ok
15:02:48.0903 5440 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
15:02:48.0903 5440 sffp_sd - ok
15:02:48.0915 5440 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\drivers\sfloppy.sys
15:02:48.0918 5440 sfloppy - ok
15:02:48.0958 5440 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
15:02:48.0961 5440 SharedAccess - ok
15:02:48.0993 5440 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
15:02:49.0008 5440 ShellHWDetection - ok
15:02:49.0032 5440 SI3132 (0b9b5c6df6226497ef4819b6e1b2efd5) C:\Windows\system32\DRIVERS\SI3132.sys
15:02:49.0036 5440 SI3132 - ok
15:02:49.0059 5440 SiFilter (ad29a80543c63e5b3588d118fb327e22) C:\Windows\system32\DRIVERS\SiWinAcc.sys
15:02:49.0059 5440 SiFilter - ok
15:02:49.0075 5440 SiRemFil (b19efe5e45ae31f3c3e4c4f0f9da3c49) C:\Windows\system32\DRIVERS\SiRemFil.sys
15:02:49.0075 5440 SiRemFil - ok
15:02:49.0086 5440 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
15:02:49.0086 5440 sisagp - ok
15:02:49.0106 5440 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\drivers\SiSRaid2.sys
15:02:49.0106 5440 SiSRaid2 - ok
15:02:49.0125 5440 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\drivers\sisraid4.sys
15:02:49.0125 5440 SiSRaid4 - ok
15:02:49.0149 5440 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
15:02:49.0149 5440 Smb - ok
15:02:49.0219 5440 snapman (98b44c15b4eed76aa8dccb64a4ca11af) C:\Windows\system32\DRIVERS\snapman.sys
15:02:49.0223 5440 snapman - ok
15:02:49.0247 5440 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
15:02:49.0250 5440 SNMPTRAP - ok
15:02:49.0266 5440 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
15:02:49.0266 5440 spldr - ok
15:02:49.0301 5440 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
15:02:49.0305 5440 Spooler - ok
15:02:49.0434 5440 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
15:02:49.0454 5440 sppsvc - ok
15:02:49.0516 5440 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
15:02:49.0520 5440 sppuinotify - ok
15:02:49.0583 5440 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
15:02:49.0583 5440 srv - ok
15:02:49.0641 5440 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
15:02:49.0645 5440 srv2 - ok
15:02:49.0668 5440 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
15:02:49.0672 5440 srvnet - ok
15:02:49.0688 5440 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
15:02:49.0692 5440 SSDPSRV - ok
15:02:49.0711 5440 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
15:02:49.0715 5440 SstpSvc - ok
15:02:49.0821 5440 Stereo Service (9e1222c417291bc836210743624a8e5e) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:02:49.0825 5440 Stereo Service - ok
15:02:49.0852 5440 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\drivers\stexstor.sys
15:02:49.0852 5440 stexstor - ok
15:02:49.0911 5440 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
15:02:49.0915 5440 StiSvc - ok
15:02:49.0930 5440 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
15:02:49.0930 5440 swenum - ok
15:02:49.0961 5440 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
15:02:49.0965 5440 swprv - ok
15:02:50.0020 5440 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
15:02:50.0032 5440 SysMain - ok
15:02:50.0051 5440 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
15:02:50.0055 5440 TabletInputService - ok
15:02:50.0079 5440 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
15:02:50.0083 5440 TapiSrv - ok
15:02:50.0114 5440 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
15:02:50.0114 5440 TBS - ok
15:02:50.0219 5440 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
15:02:50.0243 5440 Tcpip - ok
15:02:50.0270 5440 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
15:02:50.0278 5440 TCPIP6 - ok
15:02:50.0297 5440 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
15:02:50.0297 5440 tcpipreg - ok
15:02:50.0317 5440 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
15:02:50.0317 5440 TDPIPE - ok
15:02:50.0348 5440 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
15:02:50.0352 5440 TDTCP - ok
15:02:50.0372 5440 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
15:02:50.0372 5440 tdx - ok
15:02:50.0387 5440 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\DRIVERS\termdd.sys
15:02:50.0387 5440 TermDD - ok
15:02:50.0422 5440 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
15:02:50.0430 5440 TermService - ok
15:02:50.0446 5440 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
15:02:50.0450 5440 Themes - ok
15:02:50.0481 5440 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
15:02:50.0481 5440 THREADORDER - ok
15:02:50.0551 5440 timounter (d8a96d0e25d43fdac3bed09adf39fde9) C:\Windows\system32\DRIVERS\timntr.sys
15:02:50.0559 5440 timounter - ok
15:02:50.0586 5440 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
15:02:50.0590 5440 TrkWks - ok
15:02:50.0633 5440 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
15:02:50.0633 5440 TrustedInstaller - ok
15:02:50.0688 5440 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:02:50.0688 5440 tssecsrv - ok
15:02:50.0704 5440 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
15:02:50.0704 5440 TsUsbFlt - ok
15:02:50.0711 5440 TsUsbGD (01246f0baad7b68ec0f472aa41e33282) C:\Windows\system32\drivers\TsUsbGD.sys
15:02:50.0711 5440 TsUsbGD - ok
15:02:50.0747 5440 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
15:02:50.0747 5440 tunnel - ok
15:02:50.0754 5440 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\drivers\uagp35.sys
15:02:50.0758 5440 uagp35 - ok
15:02:50.0786 5440 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
15:02:50.0786 5440 udfs - ok
15:02:50.0805 5440 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
15:02:50.0809 5440 UI0Detect - ok
15:02:50.0825 5440 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
15:02:50.0825 5440 uliagpkx - ok
15:02:50.0848 5440 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
15:02:50.0848 5440 umbus - ok
15:02:50.0875 5440 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\drivers\umpass.sys
15:02:50.0875 5440 UmPass - ok
15:02:50.0903 5440 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
15:02:50.0907 5440 upnphost - ok
15:02:50.0934 5440 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
15:02:50.0938 5440 usbccgp - ok
15:02:50.0946 5440 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
15:02:50.0950 5440 usbcir - ok
15:02:50.0969 5440 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
15:02:50.0969 5440 usbehci - ok
15:02:51.0008 5440 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
15:02:51.0012 5440 usbhub - ok
15:02:51.0028 5440 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
15:02:51.0028 5440 usbohci - ok
15:02:51.0047 5440 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
15:02:51.0047 5440 usbprint - ok
15:02:51.0083 5440 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
15:02:51.0086 5440 usbscan - ok
15:02:51.0098 5440 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:02:51.0102 5440 USBSTOR - ok
15:02:51.0114 5440 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
15:02:51.0118 5440 usbuhci - ok
15:02:51.0141 5440 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
15:02:51.0145 5440 UxSms - ok
15:02:51.0184 5440 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
15:02:51.0188 5440 VaultSvc - ok
15:02:51.0211 5440 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
15:02:51.0211 5440 vdrvroot - ok
15:02:51.0250 5440 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
15:02:51.0254 5440 vds - ok
15:02:51.0274 5440 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
15:02:51.0278 5440 vga - ok
15:02:51.0290 5440 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
15:02:51.0293 5440 VgaSave - ok
15:02:51.0305 5440 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
15:02:51.0309 5440 vhdmp - ok
15:02:51.0321 5440 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
15:02:51.0321 5440 viaagp - ok
15:02:51.0336 5440 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\drivers\viac7.sys
15:02:51.0336 5440 ViaC7 - ok
15:02:51.0356 5440 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
15:02:51.0356 5440 viaide - ok
15:02:51.0391 5440 vididr (149ec3e217f9d11e9ca6c54ce3d70c73) C:\Windows\system32\DRIVERS\vididr.sys
15:02:51.0391 5440 vididr - ok
15:02:51.0442 5440 vidsflt53 (e31e9cd40677b84b3adaa7a0d80dc439) C:\Windows\system32\DRIVERS\vsflt53.sys
15:02:51.0446 5440 vidsflt53 - ok
15:02:51.0458 5440 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
15:02:51.0458 5440 volmgr - ok
15:02:51.0481 5440 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
15:02:51.0485 5440 volmgrx - ok
15:02:51.0536 5440 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
15:02:51.0540 5440 volsnap - ok
15:02:51.0551 5440 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\drivers\vsmraid.sys
15:02:51.0555 5440 vsmraid - ok
15:02:51.0625 5440 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
15:02:51.0633 5440 VSS - ok
15:02:51.0641 5440 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
15:02:51.0641 5440 vwifibus - ok
15:02:51.0680 5440 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
15:02:51.0688 5440 W32Time - ok
15:02:51.0696 5440 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\drivers\wacompen.sys
15:02:51.0696 5440 WacomPen - ok
15:02:51.0754 5440 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:02:51.0754 5440 WANARP - ok
15:02:51.0758 5440 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
15:02:51.0762 5440 Wanarpv6 - ok
15:02:51.0829 5440 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
15:02:51.0836 5440 WatAdminSvc - ok
15:02:51.0899 5440 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
15:02:51.0907 5440 wbengine - ok
15:02:51.0930 5440 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
15:02:51.0934 5440 WbioSrvc - ok
15:02:51.0954 5440 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
15:02:51.0958 5440 wcncsvc - ok
15:02:51.0985 5440 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
15:02:51.0989 5440 WcsPlugInService - ok
15:02:52.0016 5440 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\drivers\wd.sys
15:02:52.0016 5440 Wd - ok
15:02:52.0051 5440 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
15:02:52.0055 5440 Wdf01000 - ok
15:02:52.0071 5440 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:02:52.0075 5440 WdiServiceHost - ok
15:02:52.0083 5440 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
15:02:52.0086 5440 WdiSystemHost - ok
15:02:52.0110 5440 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
15:02:52.0114 5440 WebClient - ok
15:02:52.0137 5440 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
15:02:52.0141 5440 Wecsvc - ok
15:02:52.0157 5440 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
15:02:52.0161 5440 wercplsupport - ok
15:02:52.0176 5440 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
15:02:52.0180 5440 WerSvc - ok
15:02:52.0211 5440 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
15:02:52.0211 5440 WfpLwf - ok
15:02:52.0239 5440 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
15:02:52.0243 5440 WIMMount - ok
15:02:52.0321 5440 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
15:02:52.0325 5440 WinDefend - ok
15:02:52.0333 5440 WinHttpAutoProxySvc - ok
15:02:52.0375 5440 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
15:02:52.0379 5440 Winmgmt - ok
15:02:52.0438 5440 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
15:02:52.0450 5440 WinRM - ok
15:02:52.0516 5440 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
15:02:52.0520 5440 WinUsb - ok
15:02:52.0571 5440 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
15:02:52.0579 5440 Wlansvc - ok
15:02:52.0649 5440 wlcrasvc (6067acef367e79914af628fa1e9b5330) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:02:52.0649 5440 wlcrasvc - ok
15:02:52.0930 5440 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:02:52.0938 5440 wlidsvc - ok
15:02:53.0008 5440 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
15:02:53.0008 5440 WmiAcpi - ok
15:02:53.0059 5440 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
15:02:53.0063 5440 wmiApSrv - ok
15:02:53.0141 5440 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:02:53.0161 5440 WMPNetworkSvc - ok
15:02:53.0188 5440 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
15:02:53.0192 5440 WPCSvc - ok
15:02:53.0211 5440 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
15:02:53.0215 5440 WPDBusEnum - ok
15:02:53.0231 5440 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
15:02:53.0235 5440 ws2ifsl - ok
15:02:53.0258 5440 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
15:02:53.0262 5440 wscsvc - ok
15:02:53.0266 5440 WSearch - ok
15:02:53.0368 5440 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
15:02:53.0383 5440 wuauserv - ok
15:02:53.0438 5440 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
15:02:53.0438 5440 WudfPf - ok
15:02:53.0477 5440 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:02:53.0481 5440 WUDFRd - ok
15:02:53.0500 5440 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
15:02:53.0504 5440 wudfsvc - ok
15:02:53.0528 5440 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
15:02:53.0532 5440 WwanSvc - ok
15:02:53.0571 5440 XUIF (6bbf7a3bab8ffdccf82057fa2aae2b7b) C:\Windows\system32\Drivers\x10ufx2.sys
15:02:53.0571 5440 XUIF - ok
15:02:53.0590 5440 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk2\DR2
15:02:53.0614 5440 \Device\Harddisk2\DR2 - ok
15:02:53.0637 5440 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:02:53.0875 5440 \Device\Harddisk0\DR0 - ok
15:02:53.0879 5440 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
15:02:53.0891 5440 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
15:02:53.0891 5440 \Device\Harddisk1\DR1 - detected TDSS File System (1)
15:02:53.0903 5440 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk3\DR3
15:02:54.0020 5440 \Device\Harddisk3\DR3 - ok
15:02:54.0024 5440 Boot (0x1200) (1f76f6bbbaf7fe6e514cc8870f9327ec) \Device\Harddisk2\DR2\Partition0
15:02:54.0028 5440 \Device\Harddisk2\DR2\Partition0 - ok
15:02:54.0032 5440 Boot (0x1200) (427bf9bf4d58614c53c51e181d94caf8) \Device\Harddisk0\DR0\Partition0
15:02:54.0036 5440 \Device\Harddisk0\DR0\Partition0 - ok
15:02:54.0043 5440 Boot (0x1200) (8749887a2fdff4bdd5c59691f05c05d6) \Device\Harddisk0\DR0\Partition1
15:02:54.0047 5440 \Device\Harddisk0\DR0\Partition1 - ok
15:02:54.0063 5440 Boot (0x1200) (a085a37c288bd056b852fccc81ccd562) \Device\Harddisk1\DR1\Partition0
15:02:54.0063 5440 \Device\Harddisk1\DR1\Partition0 - ok
15:02:54.0071 5440 Boot (0x1200) (8a46454ac6972e9090444393939a3b72) \Device\Harddisk3\DR3\Partition0
15:02:54.0071 5440 \Device\Harddisk3\DR3\Partition0 - ok
15:02:54.0071 5440 ============================================================
15:02:54.0071 5440 Scan finished
15:02:54.0071 5440 ============================================================
15:02:54.0086 1216 Detected object count: 1
15:02:54.0086 1216 Actual detected object count: 1
15:03:00.0786 1216 \Device\Harddisk1\DR1\TDLFS\config.ini - copied to quarantine
15:03:00.0821 1216 \Device\Harddisk1\DR1\TDLFS\tdl - copied to quarantine
15:03:00.0825 1216 \Device\Harddisk1\DR1\TDLFS\rsrc.dat - copied to quarantine
15:03:00.0825 1216 \Device\Harddisk1\DR1\TDLFS\bckfg.tmp - copied to quarantine
15:03:00.0829 1216 \Device\Harddisk1\DR1\TDLFS\tdlcmd.dll - copied to quarantine
15:03:00.0829 1216 \Device\Harddisk1\DR1\TDLFS - deleted
15:03:00.0829 1216 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
15:03:10.0110 1520 Deinitialize success

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:42 PM

Posted 19 June 2012 - 03:46 PM

Thats good,thats a troublemaker..
Lets see if anything is left.

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.


How is it now??
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 cjef

cjef
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 19 June 2012 - 09:40 PM

Wow, that took 5.5 hours. Lots of viruses found with this. Mostly redundant files in multiple backups. Anyway, here is the log.

Eset log:

C:\Documents and Settings\Craig\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EGLZH8JT\setup_22470[1].exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Documents and Settings\Craig\Desktop\bleeping computer\GooredFix Backups\C\Users\Craig\Application Data\Mozilla\Firefox\Profiles\ev45ws3r.default\extensions\{468bb6f3-ab00-4f0f-bb84-eb1f43783677}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\Craig\Desktop\bleeping computer\GooredFix Backups\C\Users\Craig\Application Data\Mozilla\Firefox\Profiles\ev45ws3r.default\extensions\{468bb6f3-ab00-4f0f-bb84-eb1f43783677}\chrome\xulcache.jar JS/Agent.NDB trojan deleted - quarantined
C:\Documents and Settings\Craig\Documents\My downloads\Dtv hacks\PVT iso Phil 708\instantcake-dsr704-6[1].2-01-2-301.iso INF/Autorun.gen trojan deleted - quarantined
C:\Documents and Settings\Craig\Documents\My downloads\Dtv hacks\PVT iso Phil 708\ptvnet62-1[1].02.iso INF/Autorun.gen trojan deleted - quarantined
C:\Documents and Settings\Kids\Downloads\BestVideoDownloader.exe probably a variant of Win32/KBM application cleaned by deleting - quarantined
C:\Documents and Settings\LaDawna\Desktop\GooredFix Backups\C\Users\LaDawna\Application Data\Mozilla\Firefox\Profiles\ntx1ukxx.default\extensions\{468bb6f3-ab00-4f0f-bb84-eb1f43783677}\chrome.manifest Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Documents and Settings\LaDawna\Desktop\GooredFix Backups\C\Users\LaDawna\Application Data\Mozilla\Firefox\Profiles\ntx1ukxx.default\extensions\{468bb6f3-ab00-4f0f-bb84-eb1f43783677}\chrome\xulcache.jar JS/Agent.NDB trojan deleted - quarantined
C:\TDSSKiller_Quarantine\18.06.2012_19.44.28\tdlfs0000\tsk0004.dta Win32/Olmarik.XU trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.06.2012_23.15.47\tdlfs0000\tsk0004.dta Win32/Olmarik.XU trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_00.16.39\tdlfs0000\tsk0004.dta Win32/Olmarik.XU trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_15.01.11\tdlfs0000\tsk0004.dta Win32/Olmarik.XU trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\19.06.2012_15.02.28\tdlfs0000\tsk0004.dta Win32/Olmarik.XU trojan cleaned by deleting - quarantined
C:\Tsunami Backup\Craig's Docs and settings\My Documents\My downloads\Dtv hacks\PVT iso Phil 708\instantcake-dsr704-6[1].2-01-2-301.iso INF/Autorun.gen trojan deleted - quarantined
C:\Tsunami Backup\Craig's Docs and settings\My Documents\My downloads\Dtv hacks\PVT iso Phil 708\ptvnet62-1[1].02.iso INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-02-10 204636\Backup Files 2012-02-10 204636\Backup files 19.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-02-10 204636\Backup Files 2012-02-10 204636\Backup files 21.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-02-10 204636\Backup Files 2012-02-10 204636\Backup files 78.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-02-10 204636\Backup Files 2012-02-10 204636\Backup files 80.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-02-10 204636\Backup Files 2012-03-11 011618\Backup files 1.zip a variant of Win32/Toolbar.MyWebSearch.O application deleted - quarantined
F:\TSUNAMI\Backup Set 2012-03-14 033214\Backup Files 2012-03-14 033214\Backup files 19.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-03-14 033214\Backup Files 2012-03-14 033214\Backup files 22.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-03-14 033214\Backup Files 2012-03-14 033214\Backup files 23.zip a variant of Win32/Toolbar.MyWebSearch.O application deleted - quarantined
F:\TSUNAMI\Backup Set 2012-03-14 033214\Backup Files 2012-03-14 033214\Backup files 84.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-03-14 033214\Backup Files 2012-03-14 033214\Backup files 86.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-03-14 033214\Backup Files 2012-03-18 095010\Backup files 1.zip a variant of Win32/InstallIQ application deleted - quarantined
F:\TSUNAMI\Backup Set 2012-05-06 020010\Backup Files 2012-05-06 020010\Backup files 19.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-05-06 020010\Backup Files 2012-05-06 020010\Backup files 22.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-05-06 020010\Backup Files 2012-05-06 020010\Backup files 25.zip a variant of Win32/InstallIQ application deleted - quarantined
F:\TSUNAMI\Backup Set 2012-05-06 020010\Backup Files 2012-05-06 020010\Backup files 87.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-05-06 020010\Backup Files 2012-05-06 020010\Backup files 89.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-05-06 020010\Backup Files 2012-05-20 020009\Backup files 1.zip probably a variant of Win32/KBM application deleted - quarantined
F:\TSUNAMI\Backup Set 2012-06-17 020012\Backup Files 2012-06-17 020012\Backup files 19.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-06-17 020012\Backup Files 2012-06-17 020012\Backup files 23.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-06-17 020012\Backup Files 2012-06-17 020012\Backup files 32.zip multiple threats deleted - quarantined
F:\TSUNAMI\Backup Set 2012-06-17 020012\Backup Files 2012-06-17 020012\Backup files 95.zip INF/Autorun.gen trojan deleted - quarantined
F:\TSUNAMI\Backup Set 2012-06-17 020012\Backup Files 2012-06-17 020012\Backup files 97.zip INF/Autorun.gen trojan deleted - quarantined

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:42 PM

Posted 20 June 2012 - 09:07 AM

You're welcome! Looks like we got the bad guys.. How is it running now?
Two things..
Olmarik>>> The trojan contains a backdoor. It can be controlled remotely. So you should change your passwords. If you do any financials on here,you need to tell the back of the backdoor and to watch these accounts..


Second... Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u5-windows-i586.exe (or jre-7u5-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 cjef

cjef
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 20 June 2012 - 10:02 AM

Thank you again. It seems fine. No more redirect anyway. I will follow your directions above.

I do have financial info on this computer. If this cant be completely gotten rid of, should I wipe the hard drive and start over?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:42 PM

Posted 20 June 2012 - 11:29 AM

Not an unwise decision to make. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. Wiping your drive, reformatting, and performing a clean install of the OS or doing a factory restore removes everything and is the safest action but I cannot make that decision for you.

Reformatting a hard disk deletes all data. If you decide to reformat, you can back up all your important documents, data files and photos. The safest practice is not to backup any autorun.ini or .exe files because they may be infected. Some types of malware may disguise itself by adding and hiding its extension to the existing extension of files so be sure you take a close look at the full name. After reformatting, as a precaution, make sure you scan these files with your anti-virus prior to copying them back to your hard drive.

Only back up your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml ) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension or adding to the existing extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions. Then make sure you scan the backed up data with your anti-virus prior to to copying it back to your hard drive.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 cjef

cjef
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 20 June 2012 - 10:27 PM

thank you for the advice. I will do just that with all backed up info.

I appreciate all the help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users