Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to create GMER logs


  • This topic is locked This topic is locked
49 replies to this topic

#1 sawdog

sawdog

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 17 July 2012 - 11:36 AM

I have pop ups and address redirects.
Then e-mail was hacked.
Have been following directions in Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Upon opening GMER, none of the settings can be selected. I ran GMER as is ad nothing was detected.
Here are the DDS logs:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Kuehl at 9:02:50 on 2012-07-17
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.1626 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Family\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\ProgramData\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\atibtmon.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: US Job Search Toolbar: {f409caa5-db4f-48aa-a238-ca307c481237} - C:\Program Files (x86)\usjobsearchtoolbar\vmntemplateX.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: US Job Search Toolbar: {f409caa5-db4f-48aa-a238-ca307c481237} - C:\Program Files (x86)\usjobsearchtoolbar\vmntemplateX.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [MusicManager] "C:\Users\Family\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [BYRUA_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Kuehl\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{5725D892-F0EE-4758-BC64-91C891605BF8} : DhcpNameServer = 40.5.1.100
TCP: Interfaces\{6EEB3568-E6C4-4297-B188-300870F9D395} : DhcpNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: US Job Search Toolbar: {f409caa5-db4f-48aa-a238-ca307c481237} - C:\Program Files (x86)\usjobsearchtoolbar\vmntemplateX.dll
BHO-X64: US Job Search Toolbar - No File
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: US Job Search Toolbar: {f409caa5-db4f-48aa-a238-ca307c481237} - C:\Program Files (x86)\usjobsearchtoolbar\vmntemplateX.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [BYRUA_AGENT] C:\ProgramData\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Hosts: 67.215.245.19 www.google-analytics.com.
Hosts: 67.215.245.19 ad-emea.doubleclick.net.
Hosts: 67.215.245.19 www.statcounter.com.
Hosts: 108.163.215.51 www.google-analytics.com.
Hosts: 108.163.215.51 ad-emea.doubleclick.net.
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-2-28 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-5-13 514232]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-3-30 26680]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-20 1751656]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-22 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-22 136176]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-07-17 02:50:21 9133488 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{84F6318D-875C-43F5-A523-682293B3B02F}\mpengine.dll
2012-07-16 02:14:23 9013136 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-11 17:03:49 -------- d-----w- C:\ProgramData\Synaptics
2012-07-11 16:55:26 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-07-11 16:55:25 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-07-11 16:07:50 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 14:56:18 -------- d-----w- C:\ProgramData\Soluto
2012-07-10 21:20:59 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll
2012-07-10 21:20:59 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll
2012-07-10 21:20:59 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll
2012-07-10 21:20:58 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-07-10 21:20:58 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2012-07-10 21:20:57 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll
2012-07-10 21:20:57 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll
2012-07-10 21:20:57 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll
2012-07-10 21:20:57 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll
2012-07-10 21:20:57 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll
2012-07-10 21:20:56 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll
2012-07-10 21:20:56 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll
2012-07-10 21:20:56 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-07-09 01:47:34 -------- d-----w- C:\Users\Kuehl\AppData\Local\ElevatedDiagnostics
2012-07-08 22:23:24 98816 ----a-w- C:\Windows\sed.exe
2012-07-08 22:23:24 518144 ----a-w- C:\Windows\SWREG.exe
2012-07-08 22:23:24 256000 ----a-w- C:\Windows\PEV.exe
2012-07-08 22:23:24 208896 ----a-w- C:\Windows\MBR.exe
2012-07-08 22:23:19 -------- d-s---w- C:\ComboFix
2012-07-08 21:16:40 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{02B23579-A622-499E-BB87-7268DBEAFE83}\gapaengine.dll
2012-06-25 16:24:27 -------- d-----w- C:\Program Files (x86)\Oracle
2012-06-25 16:23:54 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-06-21 14:43:59 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-21 14:43:35 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-21 14:43:16 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-21 14:43:15 36864 ----a-w- C:\Windows\System32\wuapp.exe
.
==================== Find3M ====================
.
2012-07-16 04:00:58 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-16 04:00:58 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-04-19 02:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 02:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 9:04:14.12 ===============

BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:14 AM

Posted 22 July 2012 - 11:40 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461080 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows, you should not bother creating a GMER log.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 22 July 2012 - 06:09 PM

Greetings sawdog and Welcome to the forums,

As the instructions indicate Here (point #8), the GMER log isn't required for 64bit systems, and specifically instructs users to skip that part. I believe now, you know why...that said, we have what we DO need. Thanks!

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application. Click the "Change parameters". Under Additional options, check the box next to "Verify Driver Digital Signature" then click the OK button.
  • Click the Start scan button.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • You may be prompted to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file back here on your next reply.
  • ...otherwise, if a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". If this was the case, then we need to see that log.

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#4 sawdog

sawdog
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 22 July 2012 - 08:47 PM

19:30:32.0616 6756 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
19:30:33.0209 6756 ============================================================
19:30:33.0209 6756 Current date / time: 2012/07/22 19:30:33.0209
19:30:33.0209 6756 SystemInfo:
19:30:33.0209 6756
19:30:33.0209 6756 OS Version: 6.1.7601 ServicePack: 1.0
19:30:33.0209 6756 Product type: Workstation
19:30:33.0209 6756 ComputerName: KUEHL-HP
19:30:33.0209 6756 UserName: Kuehl
19:30:33.0209 6756 Windows directory: C:\Windows
19:30:33.0209 6756 System windows directory: C:\Windows
19:30:33.0209 6756 Running under WOW64
19:30:33.0209 6756 Processor architecture: Intel x64
19:30:33.0209 6756 Number of processors: 4
19:30:33.0209 6756 Page size: 0x1000
19:30:33.0209 6756 Boot type: Normal boot
19:30:33.0209 6756 ============================================================
19:30:36.0766 6756 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:30:36.0797 6756 ============================================================
19:30:36.0797 6756 \Device\Harddisk0\DR0:
19:30:36.0797 6756 MBR partitions:
19:30:36.0797 6756 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:30:36.0797 6756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x387E7800
19:30:36.0797 6756 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3884B800, BlocksNum 0x1B06800
19:30:36.0797 6756 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
19:30:36.0797 6756 ============================================================
19:30:36.0828 6756 C: <-> \Device\Harddisk0\DR0\Partition1
19:30:36.0968 6756 D: <-> \Device\Harddisk0\DR0\Partition2
19:30:36.0968 6756 ============================================================
19:30:36.0968 6756 Initialize success
19:30:36.0968 6756 ============================================================
19:31:16.0967 4172 ============================================================
19:31:16.0967 4172 Scan started
19:31:16.0967 4172 Mode: Manual; SigCheck;
19:31:16.0967 4172 ============================================================
19:31:17.0606 4172 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:31:17.0731 4172 1394ohci - ok
19:31:17.0887 4172 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:31:17.0934 4172 ACPI - ok
19:31:18.0043 4172 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:31:18.0215 4172 AcpiPmi - ok
19:31:18.0355 4172 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:31:18.0386 4172 AdobeARMservice - ok
19:31:18.0589 4172 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:31:18.0620 4172 AdobeFlashPlayerUpdateSvc - ok
19:31:18.0761 4172 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:31:18.0808 4172 adp94xx - ok
19:31:18.0901 4172 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:31:18.0917 4172 adpahci - ok
19:31:19.0026 4172 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:31:19.0057 4172 adpu320 - ok
19:31:19.0104 4172 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:31:19.0307 4172 AeLookupSvc - ok
19:31:19.0385 4172 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:31:19.0463 4172 AFD - ok
19:31:19.0525 4172 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:31:19.0556 4172 agp440 - ok
19:31:19.0666 4172 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:31:19.0712 4172 ALG - ok
19:31:19.0775 4172 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:31:19.0806 4172 aliide - ok
19:31:19.0915 4172 AMD External Events Utility (850f0c8034225fa3f50d551a905fa503) C:\Windows\system32\atiesrxx.exe
19:31:19.0993 4172 AMD External Events Utility - ok
19:31:20.0056 4172 AMD FUEL Service - ok
19:31:20.0102 4172 AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
19:31:20.0134 4172 AMD Reservation Manager - ok
19:31:20.0196 4172 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:31:20.0227 4172 amdide - ok
19:31:20.0321 4172 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:31:20.0368 4172 amdiox64 - ok
19:31:20.0446 4172 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:31:20.0477 4172 AmdK8 - ok
19:31:21.0506 4172 amdkmdag (7979bf4a66efdadf3d00a052409609b1) C:\Windows\system32\DRIVERS\atikmdag.sys
19:31:21.0928 4172 amdkmdag - ok
19:31:22.0146 4172 amdkmdap (7d5cdb0161e91951d3dd99e55cea4d01) C:\Windows\system32\DRIVERS\atikmpag.sys
19:31:22.0208 4172 amdkmdap - ok
19:31:22.0255 4172 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:31:22.0286 4172 AmdPPM - ok
19:31:22.0349 4172 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:31:22.0380 4172 amdsata - ok
19:31:22.0442 4172 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:31:22.0489 4172 amdsbs - ok
19:31:22.0536 4172 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:31:22.0567 4172 amdxata - ok
19:31:22.0614 4172 amd_sata (6363014d5e4ccd280fb4902ec3c2ccfe) C:\Windows\system32\DRIVERS\amd_sata.sys
19:31:22.0630 4172 amd_sata - ok
19:31:22.0630 4172 amd_xata (51a5aed2a4cceda6addcf3194c9b29eb) C:\Windows\system32\DRIVERS\amd_xata.sys
19:31:22.0661 4172 amd_xata - ok
19:31:22.0676 4172 Andbus - ok
19:31:22.0676 4172 AndDiag - ok
19:31:22.0708 4172 AndGps - ok
19:31:22.0723 4172 ANDModem - ok
19:31:22.0817 4172 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:31:23.0051 4172 AppID - ok
19:31:23.0082 4172 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:31:23.0129 4172 AppIDSvc - ok
19:31:23.0207 4172 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:31:23.0300 4172 Appinfo - ok
19:31:23.0472 4172 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:31:23.0503 4172 Apple Mobile Device - ok
19:31:23.0597 4172 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:31:23.0628 4172 arc - ok
19:31:23.0659 4172 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:31:23.0675 4172 arcsas - ok
19:31:23.0722 4172 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:31:23.0800 4172 AsyncMac - ok
19:31:23.0862 4172 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:31:23.0893 4172 atapi - ok
19:31:23.0987 4172 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
19:31:24.0018 4172 AtiHdmiService - ok
19:31:24.0018 4172 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:31:24.0034 4172 AtiPcie - ok
19:31:24.0190 4172 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:31:24.0268 4172 AudioEndpointBuilder - ok
19:31:24.0283 4172 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:31:24.0330 4172 AudioSrv - ok
19:31:24.0439 4172 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:31:24.0502 4172 AxInstSV - ok
19:31:24.0611 4172 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:31:24.0658 4172 b06bdrv - ok
19:31:24.0767 4172 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:31:24.0798 4172 b57nd60a - ok
19:31:24.0892 4172 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:31:24.0938 4172 BBSvc - ok
19:31:25.0141 4172 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:31:25.0219 4172 BCM43XX - ok
19:31:25.0297 4172 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:31:25.0344 4172 BDESVC - ok
19:31:25.0422 4172 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:31:25.0469 4172 Beep - ok
19:31:25.0578 4172 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:31:25.0672 4172 BFE - ok
19:31:25.0796 4172 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:31:25.0859 4172 BITS - ok
19:31:26.0015 4172 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:31:26.0062 4172 blbdrive - ok
19:31:26.0186 4172 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:31:26.0233 4172 Bonjour Service - ok
19:31:26.0296 4172 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:31:26.0327 4172 bowser - ok
19:31:26.0389 4172 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:31:26.0420 4172 BrFiltLo - ok
19:31:26.0467 4172 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:31:26.0498 4172 BrFiltUp - ok
19:31:26.0592 4172 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:31:26.0670 4172 BridgeMP - ok
19:31:26.0717 4172 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:31:26.0764 4172 Browser - ok
19:31:26.0826 4172 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:31:26.0920 4172 Brserid - ok
19:31:26.0951 4172 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:31:26.0982 4172 BrSerWdm - ok
19:31:26.0998 4172 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:31:27.0013 4172 BrUsbMdm - ok
19:31:27.0029 4172 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:31:27.0044 4172 BrUsbSer - ok
19:31:27.0076 4172 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:31:27.0091 4172 BTHMODEM - ok
19:31:27.0154 4172 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:31:27.0232 4172 bthserv - ok
19:31:27.0294 4172 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:31:27.0388 4172 cdfs - ok
19:31:27.0466 4172 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:31:27.0497 4172 cdrom - ok
19:31:27.0637 4172 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:31:27.0731 4172 CertPropSvc - ok
19:31:27.0824 4172 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:31:27.0856 4172 circlass - ok
19:31:27.0934 4172 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:31:27.0965 4172 CLFS - ok
19:31:28.0074 4172 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:31:28.0090 4172 clr_optimization_v2.0.50727_32 - ok
19:31:28.0168 4172 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:31:28.0183 4172 clr_optimization_v2.0.50727_64 - ok
19:31:28.0339 4172 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:31:28.0370 4172 clr_optimization_v4.0.30319_32 - ok
19:31:28.0464 4172 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:31:28.0480 4172 clr_optimization_v4.0.30319_64 - ok
19:31:28.0573 4172 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
19:31:28.0589 4172 clwvd - ok
19:31:28.0651 4172 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:31:28.0682 4172 CmBatt - ok
19:31:28.0745 4172 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:31:28.0776 4172 cmdide - ok
19:31:28.0854 4172 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:31:28.0932 4172 CNG - ok
19:31:29.0010 4172 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:31:29.0041 4172 Compbatt - ok
19:31:29.0088 4172 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:31:29.0135 4172 CompositeBus - ok
19:31:29.0150 4172 COMSysApp - ok
19:31:29.0353 4172 cpuz135 - ok
19:31:29.0369 4172 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:31:29.0400 4172 crcdisk - ok
19:31:29.0509 4172 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:31:29.0572 4172 CryptSvc - ok
19:31:29.0696 4172 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:31:29.0790 4172 DcomLaunch - ok
19:31:29.0884 4172 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:31:29.0962 4172 defragsvc - ok
19:31:30.0040 4172 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:31:30.0149 4172 DfsC - ok
19:31:30.0242 4172 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:31:30.0336 4172 Dhcp - ok
19:31:30.0383 4172 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:31:30.0445 4172 discache - ok
19:31:30.0508 4172 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:31:30.0539 4172 Disk - ok
19:31:30.0632 4172 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:31:30.0695 4172 Dnscache - ok
19:31:30.0773 4172 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:31:30.0835 4172 dot3svc - ok
19:31:30.0882 4172 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:31:30.0960 4172 DPS - ok
19:31:31.0054 4172 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:31:31.0085 4172 drmkaud - ok
19:31:31.0210 4172 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:31:31.0256 4172 DXGKrnl - ok
19:31:31.0350 4172 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:31:31.0459 4172 EapHost - ok
19:31:31.0818 4172 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:31:31.0990 4172 ebdrv - ok
19:31:32.0146 4172 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:31:32.0192 4172 EFS - ok
19:31:32.0333 4172 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:31:32.0380 4172 ehRecvr - ok
19:31:32.0411 4172 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:31:32.0458 4172 ehSched - ok
19:31:32.0598 4172 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:31:32.0629 4172 elxstor - ok
19:31:32.0707 4172 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:31:32.0738 4172 ErrDev - ok
19:31:32.0832 4172 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:31:32.0926 4172 EventSystem - ok
19:31:32.0988 4172 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:31:33.0066 4172 exfat - ok
19:31:33.0113 4172 ezSharedSvc - ok
19:31:33.0253 4172 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:31:33.0347 4172 fastfat - ok
19:31:33.0518 4172 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:31:33.0581 4172 Fax - ok
19:31:33.0628 4172 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:31:33.0643 4172 fdc - ok
19:31:33.0721 4172 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:31:33.0784 4172 fdPHost - ok
19:31:33.0799 4172 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:31:33.0862 4172 FDResPub - ok
19:31:33.0940 4172 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:31:33.0971 4172 FileInfo - ok
19:31:33.0986 4172 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:31:34.0033 4172 Filetrace - ok
19:31:34.0049 4172 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:31:34.0064 4172 flpydisk - ok
19:31:34.0158 4172 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:31:34.0205 4172 FltMgr - ok
19:31:34.0314 4172 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:31:34.0423 4172 FontCache - ok
19:31:34.0532 4172 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:31:34.0548 4172 FontCache3.0.0.0 - ok
19:31:34.0642 4172 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:31:34.0673 4172 FsDepends - ok
19:31:34.0720 4172 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:31:34.0735 4172 Fs_Rec - ok
19:31:34.0844 4172 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:31:34.0891 4172 fvevol - ok
19:31:34.0954 4172 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:31:34.0985 4172 gagp30kx - ok
19:31:35.0110 4172 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:31:35.0141 4172 GamesAppService - ok
19:31:35.0188 4172 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:31:35.0219 4172 GEARAspiWDM - ok
19:31:35.0359 4172 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:31:35.0437 4172 gpsvc - ok
19:31:35.0578 4172 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:31:35.0609 4172 gupdate - ok
19:31:35.0640 4172 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:31:35.0671 4172 gupdatem - ok
19:31:35.0718 4172 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:31:35.0780 4172 hcw85cir - ok
19:31:35.0858 4172 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:31:35.0890 4172 HdAudAddService - ok
19:31:35.0999 4172 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:31:36.0046 4172 HDAudBus - ok
19:31:36.0077 4172 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:31:36.0092 4172 HidBatt - ok
19:31:36.0186 4172 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:31:36.0264 4172 HidBth - ok
19:31:36.0295 4172 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:31:36.0326 4172 HidIr - ok
19:31:36.0358 4172 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:31:36.0436 4172 hidserv - ok
19:31:36.0545 4172 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:31:36.0576 4172 HidUsb - ok
19:31:36.0607 4172 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:31:36.0701 4172 hkmsvc - ok
19:31:36.0716 4172 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:31:36.0779 4172 HomeGroupListener - ok
19:31:36.0810 4172 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:31:36.0841 4172 HomeGroupProvider - ok
19:31:36.0966 4172 HP Health Check Service (45a12cacb97b4f15858fcfd59355a1e9) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
19:31:36.0982 4172 HP Health Check Service - ok
19:31:37.0122 4172 HPAuto (da075126f867727810ee9b98b3041c4c) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
19:31:37.0153 4172 HPAuto - ok
19:31:37.0216 4172 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:31:37.0247 4172 HPClientSvc - ok
19:31:37.0403 4172 hpCMSrv (e040f0064d39f73bb4995d494f3dcbb8) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
19:31:37.0450 4172 hpCMSrv - ok
19:31:37.0543 4172 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:31:37.0559 4172 HPDrvMntSvc.exe - ok
19:31:37.0668 4172 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:31:37.0699 4172 hpqwmiex - ok
19:31:37.0933 4172 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:31:37.0964 4172 HpSAMD - ok
19:31:38.0027 4172 HPWMISVC (ead185acdcfd81bf2172cd6f36277d50) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:31:38.0042 4172 HPWMISVC - ok
19:31:38.0152 4172 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:31:38.0276 4172 HTTP - ok
19:31:38.0308 4172 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:31:38.0339 4172 hwpolicy - ok
19:31:38.0479 4172 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:31:38.0526 4172 i8042prt - ok
19:31:38.0604 4172 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:31:38.0635 4172 iaStorV - ok
19:31:38.0885 4172 IconMan_R (2c3cc41fefcb77e2826886e6b7ef93ae) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:31:39.0010 4172 IconMan_R - ok
19:31:39.0228 4172 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:31:39.0290 4172 idsvc - ok
19:31:39.0478 4172 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:31:39.0509 4172 iirsp - ok
19:31:39.0587 4172 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:31:39.0680 4172 IKEEXT - ok
19:31:39.0743 4172 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:31:39.0774 4172 intelide - ok
19:31:39.0805 4172 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
19:31:39.0821 4172 intelppm - ok
19:31:39.0883 4172 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:31:39.0961 4172 IPBusEnum - ok
19:31:40.0024 4172 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:31:40.0102 4172 IpFilterDriver - ok
19:31:40.0180 4172 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:31:40.0242 4172 iphlpsvc - ok
19:31:40.0289 4172 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:31:40.0304 4172 IPMIDRV - ok
19:31:40.0382 4172 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:31:40.0445 4172 IPNAT - ok
19:31:40.0679 4172 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:31:40.0726 4172 iPod Service - ok
19:31:40.0772 4172 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:31:40.0804 4172 IRENUM - ok
19:31:40.0835 4172 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:31:40.0850 4172 isapnp - ok
19:31:40.0897 4172 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:31:40.0928 4172 iScsiPrt - ok
19:31:40.0975 4172 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:31:40.0991 4172 kbdclass - ok
19:31:41.0069 4172 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:31:41.0100 4172 kbdhid - ok
19:31:41.0147 4172 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:31:41.0178 4172 KeyIso - ok
19:31:41.0209 4172 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:31:41.0225 4172 KSecDD - ok
19:31:41.0303 4172 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:31:41.0318 4172 KSecPkg - ok
19:31:41.0381 4172 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:31:41.0443 4172 ksthunk - ok
19:31:41.0521 4172 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:31:41.0599 4172 KtmRm - ok
19:31:41.0677 4172 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:31:41.0740 4172 LanmanServer - ok
19:31:41.0818 4172 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:31:41.0896 4172 LanmanWorkstation - ok
19:31:42.0005 4172 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:31:42.0052 4172 lltdio - ok
19:31:42.0114 4172 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:31:42.0176 4172 lltdsvc - ok
19:31:42.0223 4172 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:31:42.0317 4172 lmhosts - ok
19:31:42.0395 4172 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:31:42.0426 4172 LSI_FC - ok
19:31:42.0551 4172 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:31:42.0582 4172 LSI_SAS - ok
19:31:42.0676 4172 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:31:42.0707 4172 LSI_SAS2 - ok
19:31:42.0754 4172 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:31:42.0785 4172 LSI_SCSI - ok
19:31:42.0956 4172 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:31:43.0019 4172 luafv - ok
19:31:43.0128 4172 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:31:43.0159 4172 Mcx2Svc - ok
19:31:43.0175 4172 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:31:43.0190 4172 megasas - ok
19:31:43.0331 4172 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:31:43.0362 4172 MegaSR - ok
19:31:43.0393 4172 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:31:43.0440 4172 MMCSS - ok
19:31:43.0534 4172 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:31:43.0612 4172 Modem - ok
19:31:43.0643 4172 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:31:43.0674 4172 monitor - ok
19:31:43.0768 4172 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:31:43.0799 4172 mouclass - ok
19:31:43.0861 4172 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:31:43.0892 4172 mouhid - ok
19:31:43.0939 4172 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:31:43.0970 4172 mountmgr - ok
19:31:44.0064 4172 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:31:44.0111 4172 MpFilter - ok
19:31:44.0142 4172 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:31:44.0173 4172 mpio - ok
19:31:44.0267 4172 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:31:44.0329 4172 mpsdrv - ok
19:31:44.0438 4172 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:31:44.0532 4172 MpsSvc - ok
19:31:44.0563 4172 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:31:44.0594 4172 MRxDAV - ok
19:31:44.0688 4172 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:31:44.0782 4172 mrxsmb - ok
19:31:44.0844 4172 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:31:44.0875 4172 mrxsmb10 - ok
19:31:44.0922 4172 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:31:44.0953 4172 mrxsmb20 - ok
19:31:45.0000 4172 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:31:45.0016 4172 msahci - ok
19:31:45.0047 4172 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:31:45.0062 4172 msdsm - ok
19:31:45.0156 4172 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:31:45.0187 4172 MSDTC - ok
19:31:45.0250 4172 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:31:45.0328 4172 Msfs - ok
19:31:45.0374 4172 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:31:45.0452 4172 mshidkmdf - ok
19:31:45.0515 4172 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:31:45.0546 4172 msisadrv - ok
19:31:45.0671 4172 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:31:45.0733 4172 MSiSCSI - ok
19:31:45.0749 4172 msiserver - ok
19:31:45.0827 4172 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:31:45.0889 4172 MSKSSRV - ok
19:31:46.0030 4172 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:31:46.0061 4172 MsMpSvc - ok
19:31:46.0123 4172 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:31:46.0186 4172 MSPCLOCK - ok
19:31:46.0217 4172 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:31:46.0264 4172 MSPQM - ok
19:31:46.0310 4172 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:31:46.0326 4172 MsRPC - ok
19:31:46.0435 4172 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:31:46.0466 4172 mssmbios - ok
19:31:46.0544 4172 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:31:46.0622 4172 MSTEE - ok
19:31:46.0669 4172 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:31:46.0700 4172 MTConfig - ok
19:31:46.0763 4172 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:31:46.0794 4172 Mup - ok
19:31:46.0872 4172 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:31:46.0934 4172 napagent - ok
19:31:47.0106 4172 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:31:47.0137 4172 NativeWifiP - ok
19:31:47.0356 4172 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:31:47.0402 4172 NDIS - ok
19:31:47.0496 4172 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:31:47.0543 4172 NdisCap - ok
19:31:47.0605 4172 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:31:47.0683 4172 NdisTapi - ok
19:31:47.0761 4172 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:31:47.0824 4172 Ndisuio - ok
19:31:47.0870 4172 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:31:47.0933 4172 NdisWan - ok
19:31:47.0995 4172 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:31:48.0073 4172 NDProxy - ok
19:31:48.0120 4172 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:31:48.0198 4172 NetBIOS - ok
19:31:48.0260 4172 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:31:48.0307 4172 NetBT - ok
19:31:48.0338 4172 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:31:48.0354 4172 Netlogon - ok
19:31:48.0510 4172 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:31:48.0619 4172 Netman - ok
19:31:48.0806 4172 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:31:48.0931 4172 netprofm - ok
19:31:49.0087 4172 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:31:49.0118 4172 NetTcpPortSharing - ok
19:31:49.0196 4172 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:31:49.0228 4172 nfrd960 - ok
19:31:49.0368 4172 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:31:49.0399 4172 NisDrv - ok
19:31:49.0696 4172 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:31:49.0727 4172 NisSrv - ok
19:31:49.0820 4172 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:31:49.0883 4172 NlaSvc - ok
19:31:49.0930 4172 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:31:49.0976 4172 Npfs - ok
19:31:50.0070 4172 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:31:50.0164 4172 nsi - ok
19:31:50.0210 4172 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:31:50.0273 4172 nsiproxy - ok
19:31:50.0460 4172 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:31:50.0538 4172 Ntfs - ok
19:31:50.0710 4172 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:31:50.0788 4172 Null - ok
19:31:50.0866 4172 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
19:31:50.0897 4172 NVENETFD - ok
19:31:50.0990 4172 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:31:51.0022 4172 nvraid - ok
19:31:51.0084 4172 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:31:51.0100 4172 nvstor - ok
19:31:51.0146 4172 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:31:51.0178 4172 nv_agp - ok
19:31:51.0271 4172 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:31:51.0302 4172 ohci1394 - ok
19:31:51.0412 4172 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:31:51.0443 4172 ose - ok
19:31:52.0067 4172 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:31:52.0316 4172 osppsvc - ok
19:31:52.0597 4172 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:31:52.0644 4172 p2pimsvc - ok
19:31:52.0738 4172 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:31:52.0784 4172 p2psvc - ok
19:31:52.0847 4172 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:31:52.0862 4172 Parport - ok
19:31:52.0972 4172 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:31:53.0003 4172 partmgr - ok
19:31:53.0143 4172 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:31:53.0190 4172 PcaSvc - ok
19:31:53.0221 4172 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:31:53.0252 4172 pci - ok
19:31:53.0330 4172 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:31:53.0346 4172 pciide - ok
19:31:53.0455 4172 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:31:53.0486 4172 pcmcia - ok
19:31:53.0564 4172 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:31:53.0596 4172 pcw - ok
19:31:53.0798 4172 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:31:53.0861 4172 PEAUTH - ok
19:31:54.0032 4172 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:31:54.0064 4172 PerfHost - ok
19:31:54.0344 4172 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:31:54.0438 4172 pla - ok
19:31:54.0485 4172 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:31:54.0516 4172 PlugPlay - ok
19:31:54.0547 4172 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:31:54.0563 4172 PNRPAutoReg - ok
19:31:54.0625 4172 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:31:54.0656 4172 PNRPsvc - ok
19:31:54.0719 4172 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:31:54.0766 4172 PolicyAgent - ok
19:31:54.0812 4172 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:31:54.0859 4172 Power - ok
19:31:54.0953 4172 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:31:55.0015 4172 PptpMiniport - ok
19:31:55.0046 4172 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:31:55.0093 4172 Processor - ok
19:31:55.0140 4172 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:31:55.0202 4172 ProfSvc - ok
19:31:55.0234 4172 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:31:55.0249 4172 ProtectedStorage - ok
19:31:55.0312 4172 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:31:55.0390 4172 Psched - ok
19:31:55.0546 4172 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:31:55.0624 4172 ql2300 - ok
19:31:55.0748 4172 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:31:55.0780 4172 ql40xx - ok
19:31:55.0811 4172 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:31:55.0842 4172 QWAVE - ok
19:31:55.0873 4172 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:31:55.0920 4172 QWAVEdrv - ok
19:31:55.0936 4172 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:31:55.0998 4172 RasAcd - ok
19:31:56.0060 4172 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:31:56.0107 4172 RasAgileVpn - ok
19:31:56.0232 4172 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:31:56.0294 4172 RasAuto - ok
19:31:56.0341 4172 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:31:56.0419 4172 Rasl2tp - ok
19:31:56.0513 4172 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:31:56.0622 4172 RasMan - ok
19:31:56.0700 4172 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:31:56.0762 4172 RasPppoe - ok
19:31:56.0794 4172 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:31:56.0856 4172 RasSstp - ok
19:31:56.0903 4172 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:31:56.0965 4172 rdbss - ok
19:31:57.0012 4172 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:31:57.0043 4172 rdpbus - ok
19:31:57.0059 4172 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:31:57.0106 4172 RDPCDD - ok
19:31:57.0199 4172 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:31:57.0246 4172 RDPENCDD - ok
19:31:57.0262 4172 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:31:57.0308 4172 RDPREFMP - ok
19:31:57.0386 4172 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:31:57.0418 4172 RDPWD - ok
19:31:57.0480 4172 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:31:57.0511 4172 rdyboost - ok
19:31:57.0574 4172 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:31:57.0652 4172 RemoteAccess - ok
19:31:57.0714 4172 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:31:57.0792 4172 RemoteRegistry - ok
19:31:57.0917 4172 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:31:57.0948 4172 RoxioNow Service - ok
19:31:57.0995 4172 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:31:58.0042 4172 RpcEptMapper - ok
19:31:58.0088 4172 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:31:58.0120 4172 RpcLocator - ok
19:31:58.0182 4172 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:31:58.0244 4172 RpcSs - ok
19:31:58.0369 4172 RSPCIESTOR (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:31:58.0400 4172 RSPCIESTOR - ok
19:31:58.0525 4172 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:31:58.0603 4172 rspndr - ok
19:31:58.0728 4172 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:31:58.0759 4172 RTL8167 - ok
19:31:58.0946 4172 RTL8192Ce (5fa2f4f658fca7816a5ff6980b95c5f9) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
19:31:59.0009 4172 RTL8192Ce - ok
19:31:59.0071 4172 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:31:59.0102 4172 SamSs - ok
19:31:59.0134 4172 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:31:59.0165 4172 sbp2port - ok
19:31:59.0258 4172 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:31:59.0321 4172 SCardSvr - ok
19:31:59.0336 4172 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:31:59.0383 4172 scfilter - ok
19:31:59.0477 4172 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:31:59.0555 4172 Schedule - ok
19:31:59.0664 4172 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:31:59.0726 4172 SCPolicySvc - ok
19:31:59.0851 4172 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:31:59.0882 4172 sdbus - ok
19:31:59.0929 4172 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:31:59.0960 4172 SDRSVC - ok
19:32:00.0085 4172 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:32:00.0132 4172 SeaPort - ok
19:32:00.0163 4172 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:32:00.0241 4172 secdrv - ok
19:32:00.0319 4172 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:32:00.0382 4172 seclogon - ok
19:32:00.0428 4172 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:32:00.0475 4172 SENS - ok
19:32:00.0584 4172 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:32:00.0631 4172 SensrSvc - ok
19:32:00.0662 4172 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:32:00.0678 4172 Serenum - ok
19:32:00.0787 4172 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:32:00.0834 4172 Serial - ok
19:32:00.0865 4172 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:32:00.0896 4172 sermouse - ok
19:32:00.0959 4172 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:32:01.0021 4172 SessionEnv - ok
19:32:01.0052 4172 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:32:01.0068 4172 sffdisk - ok
19:32:01.0084 4172 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:32:01.0099 4172 sffp_mmc - ok
19:32:01.0224 4172 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:32:01.0255 4172 sffp_sd - ok
19:32:01.0302 4172 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:32:01.0318 4172 sfloppy - ok
19:32:01.0489 4172 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:32:01.0567 4172 SharedAccess - ok
19:32:01.0645 4172 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:32:01.0723 4172 ShellHWDetection - ok
19:32:01.0786 4172 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:32:01.0817 4172 SiSRaid2 - ok
19:32:01.0910 4172 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:32:01.0926 4172 SiSRaid4 - ok
19:32:02.0144 4172 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:32:02.0176 4172 SkypeUpdate - ok
19:32:02.0300 4172 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:32:02.0363 4172 Smb - ok
19:32:02.0472 4172 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:32:02.0534 4172 SNMPTRAP - ok
19:32:02.0566 4172 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:32:02.0597 4172 spldr - ok
19:32:02.0737 4172 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:32:02.0831 4172 Spooler - ok
19:32:03.0221 4172 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:32:03.0408 4172 sppsvc - ok
19:32:03.0595 4172 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:32:03.0658 4172 sppuinotify - ok
19:32:03.0751 4172 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:32:03.0798 4172 srv - ok
19:32:03.0845 4172 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:32:03.0876 4172 srv2 - ok
19:32:03.0954 4172 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:32:03.0985 4172 SrvHsfHDA - ok
19:32:04.0094 4172 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:32:04.0157 4172 SrvHsfV92 - ok
19:32:04.0328 4172 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:32:04.0375 4172 SrvHsfWinac - ok
19:32:04.0484 4172 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:32:04.0516 4172 srvnet - ok
19:32:04.0578 4172 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:32:04.0656 4172 SSDPSRV - ok
19:32:04.0687 4172 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:32:04.0750 4172 SstpSvc - ok
19:32:04.0937 4172 STacSV (293a556e04f815477ae93e07b35065e6) C:\Program Files\IDT\WDM\STacSV64.exe
19:32:04.0999 4172 STacSV - ok
19:32:05.0015 4172 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:32:05.0030 4172 stexstor - ok
19:32:05.0140 4172 STHDA (aa3c0336514c239a171f00a6902b59b8) C:\Windows\system32\DRIVERS\stwrt64.sys
19:32:05.0171 4172 STHDA - ok
19:32:05.0327 4172 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:32:05.0374 4172 stisvc - ok
19:32:05.0420 4172 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:32:05.0436 4172 swenum - ok
19:32:05.0530 4172 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:32:05.0608 4172 swprv - ok
19:32:05.0764 4172 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
19:32:05.0795 4172 SynTP - ok
19:32:05.0998 4172 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:32:06.0060 4172 SysMain - ok
19:32:06.0325 4172 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:32:06.0372 4172 TabletInputService - ok
19:32:06.0466 4172 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:32:06.0528 4172 TapiSrv - ok
19:32:06.0559 4172 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:32:06.0606 4172 TBS - ok
19:32:06.0918 4172 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:32:07.0012 4172 Tcpip - ok
19:32:07.0417 4172 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:32:07.0495 4172 TCPIP6 - ok
19:32:07.0745 4172 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:32:07.0823 4172 tcpipreg - ok
19:32:07.0870 4172 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:32:07.0901 4172 TDPIPE - ok
19:32:07.0948 4172 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:32:07.0963 4172 TDTCP - ok
19:32:07.0994 4172 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:32:08.0041 4172 tdx - ok
19:32:08.0182 4172 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:32:08.0213 4172 TermDD - ok
19:32:08.0306 4172 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:32:08.0416 4172 TermService - ok
19:32:08.0462 4172 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:32:08.0509 4172 Themes - ok
19:32:08.0540 4172 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:32:08.0618 4172 THREADORDER - ok
19:32:08.0665 4172 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:32:08.0728 4172 TrkWks - ok
19:32:08.0790 4172 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:32:08.0852 4172 TrustedInstaller - ok
19:32:08.0930 4172 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:32:09.0024 4172 tssecsrv - ok
19:32:09.0133 4172 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:32:09.0164 4172 TsUsbFlt - ok
19:32:09.0211 4172 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:32:09.0227 4172 TsUsbGD - ok
19:32:09.0289 4172 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:32:09.0352 4172 tunnel - ok
19:32:09.0383 4172 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:32:09.0398 4172 uagp35 - ok
19:32:09.0492 4172 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:32:09.0554 4172 udfs - ok
19:32:09.0601 4172 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:32:09.0632 4172 UI0Detect - ok
19:32:09.0679 4172 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:32:09.0695 4172 uliagpkx - ok
19:32:09.0757 4172 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:32:09.0788 4172 umbus - ok
19:32:09.0866 4172 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:32:09.0898 4172 UmPass - ok
19:32:09.0960 4172 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:32:10.0038 4172 upnphost - ok
19:32:10.0100 4172 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:32:10.0163 4172 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
19:32:10.0163 4172 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
19:32:10.0194 4172 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:32:10.0272 4172 usbccgp - ok
19:32:10.0381 4172 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:32:10.0412 4172 usbcir - ok
19:32:10.0444 4172 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:32:10.0459 4172 usbehci - ok
19:32:10.0522 4172 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
19:32:10.0553 4172 usbfilter - ok
19:32:10.0646 4172 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:32:10.0662 4172 usbhub - ok
19:32:10.0693 4172 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:32:10.0709 4172 usbohci - ok
19:32:10.0818 4172 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:32:10.0865 4172 usbprint - ok
19:32:10.0912 4172 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:32:10.0958 4172 usbscan - ok
19:32:11.0083 4172 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:32:11.0114 4172 USBSTOR - ok
19:32:11.0146 4172 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:32:11.0177 4172 usbuhci - ok
19:32:11.0270 4172 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:32:11.0317 4172 usbvideo - ok
19:32:11.0364 4172 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:32:11.0411 4172 UxSms - ok
19:32:11.0458 4172 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:32:11.0473 4172 VaultSvc - ok
19:32:11.0504 4172 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:32:11.0520 4172 vdrvroot - ok
19:32:11.0567 4172 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:32:11.0629 4172 vds - ok
19:32:11.0692 4172 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:32:11.0723 4172 vga - ok
19:32:11.0738 4172 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:32:11.0785 4172 VgaSave - ok
19:32:11.0832 4172 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:32:11.0863 4172 vhdmp - ok
19:32:11.0894 4172 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:32:11.0910 4172 viaide - ok
19:32:11.0988 4172 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:32:12.0019 4172 volmgr - ok
19:32:12.0066 4172 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:32:12.0082 4172 volmgrx - ok
19:32:12.0175 4172 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:32:12.0222 4172 volsnap - ok
19:32:12.0284 4172 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:32:12.0316 4172 vsmraid - ok
19:32:12.0690 4172 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:32:12.0846 4172 VSS - ok
19:32:13.0142 4172 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:32:13.0189 4172 vwifibus - ok
19:32:13.0236 4172 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:32:13.0283 4172 vwififlt - ok
19:32:13.0361 4172 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:32:13.0408 4172 vwifimp - ok
19:32:13.0486 4172 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:32:13.0548 4172 W32Time - ok
19:32:13.0610 4172 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:32:13.0642 4172 WacomPen - ok
19:32:13.0704 4172 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:32:13.0782 4172 WANARP - ok
19:32:13.0829 4172 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:32:13.0891 4172 Wanarpv6 - ok
19:32:14.0156 4172 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:32:14.0219 4172 WatAdminSvc - ok
19:32:14.0578 4172 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:32:14.0656 4172 wbengine - ok
19:32:14.0890 4172 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:32:14.0936 4172 WbioSrvc - ok
19:32:15.0014 4172 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:32:15.0061 4172 wcncsvc - ok
19:32:15.0092 4172 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:32:15.0139 4172 WcsPlugInService - ok
19:32:15.0186 4172 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:32:15.0217 4172 Wd - ok
19:32:15.0311 4172 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:32:15.0358 4172 Wdf01000 - ok
19:32:15.0389 4172 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:32:15.0482 4172 WdiServiceHost - ok
19:32:15.0498 4172 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:32:15.0514 4172 WdiSystemHost - ok
19:32:15.0576 4172 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:32:15.0638 4172 WebClient - ok
19:32:15.0685 4172 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:32:15.0732 4172 Wecsvc - ok
19:32:15.0779 4172 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:32:15.0841 4172 wercplsupport - ok
19:32:15.0904 4172 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:32:15.0966 4172 WerSvc - ok
19:32:16.0106 4172 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:32:16.0169 4172 WfpLwf - ok
19:32:16.0216 4172 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:32:16.0247 4172 WIMMount - ok
19:32:16.0294 4172 WinDefend - ok
19:32:16.0325 4172 WinHttpAutoProxySvc - ok
19:32:16.0418 4172 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:32:16.0496 4172 Winmgmt - ok
19:32:16.0715 4172 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:32:16.0855 4172 WinRM - ok
19:32:17.0074 4172 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:32:17.0136 4172 WinUsb - ok
19:32:17.0230 4172 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:32:17.0276 4172 Wlansvc - ok
19:32:17.0386 4172 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:32:17.0417 4172 wlcrasvc - ok
19:32:18.0088 4172 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:32:18.0213 4172 wlidsvc - ok
19:32:18.0556 4172 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:32:18.0587 4172 WmiAcpi - ok
19:32:18.0649 4172 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:32:18.0681 4172 wmiApSrv - ok
19:32:18.0743 4172 WMPNetworkSvc - ok
19:32:18.0852 4172 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:32:18.0899 4172 WPCSvc - ok
19:32:18.0915 4172 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:32:18.0977 4172 WPDBusEnum - ok
19:32:19.0024 4172 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:32:19.0071 4172 ws2ifsl - ok
19:32:19.0102 4172 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:32:19.0133 4172 wscsvc - ok
19:32:19.0133 4172 WSearch - ok
19:32:19.0429 4172 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:32:19.0523 4172 wuauserv - ok
19:32:19.0804 4172 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:32:19.0882 4172 WudfPf - ok
19:32:19.0944 4172 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:32:20.0007 4172 WUDFRd - ok
19:32:20.0069 4172 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:32:20.0131 4172 wudfsvc - ok
19:32:20.0194 4172 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:32:20.0241 4172 WwanSvc - ok
19:32:20.0303 4172 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:32:20.0833 4172 \Device\Harddisk0\DR0 - ok
19:32:20.0865 4172 Boot (0x1200) (8c5f8c9b4d6df9a28df09f875155850c) \Device\Harddisk0\DR0\Partition0
19:32:20.0865 4172 \Device\Harddisk0\DR0\Partition0 - ok
19:32:20.0880 4172 Boot (0x1200) (8928f9d0c08dde5731763d8fa7e6f33e) \Device\Harddisk0\DR0\Partition1
19:32:20.0896 4172 \Device\Harddisk0\DR0\Partition1 - ok
19:32:20.0927 4172 Boot (0x1200) (9901be464f99b10b6ba600e55e96cf99) \Device\Harddisk0\DR0\Partition2
19:32:20.0927 4172 \Device\Harddisk0\DR0\Partition2 - ok
19:32:20.0943 4172 Boot (0x1200) (62352310113bc5439da76ae1a31835f8) \Device\Harddisk0\DR0\Partition3
19:32:20.0958 4172 \Device\Harddisk0\DR0\Partition3 - ok
19:32:20.0958 4172 ============================================================
19:32:20.0958 4172 Scan finished
19:32:20.0958 4172 ============================================================
19:32:20.0989 5264 Detected object count: 1
19:32:20.0989 5264 Actual detected object count: 1
19:32:57.0259 5264 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:32:57.0259 5264 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:44:30.0858 7512 ============================================================
19:44:30.0858 7512 Scan started
19:44:30.0858 7512 Mode: Manual; SigCheck;
19:44:30.0858 7512 ============================================================
19:44:31.0716 7512 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:44:31.0747 7512 1394ohci - ok
19:44:31.0856 7512 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:44:31.0887 7512 ACPI - ok
19:44:31.0950 7512 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:44:31.0997 7512 AcpiPmi - ok
19:44:32.0090 7512 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:44:32.0106 7512 AdobeARMservice - ok
19:44:32.0324 7512 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:32.0355 7512 AdobeFlashPlayerUpdateSvc - ok
19:44:32.0511 7512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:44:32.0543 7512 adp94xx - ok
19:44:32.0652 7512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:44:32.0683 7512 adpahci - ok
19:44:32.0761 7512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:44:32.0792 7512 adpu320 - ok
19:44:32.0823 7512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:44:32.0886 7512 AeLookupSvc - ok
19:44:33.0011 7512 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:44:33.0042 7512 AFD - ok
19:44:33.0104 7512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:44:33.0135 7512 agp440 - ok
19:44:33.0229 7512 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:44:33.0276 7512 ALG - ok
19:44:33.0307 7512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:44:33.0338 7512 aliide - ok
19:44:33.0385 7512 AMD External Events Utility (850f0c8034225fa3f50d551a905fa503) C:\Windows\system32\atiesrxx.exe
19:44:33.0432 7512 AMD External Events Utility - ok
19:44:33.0479 7512 AMD FUEL Service - ok
19:44:33.0510 7512 AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
19:44:33.0525 7512 AMD Reservation Manager - ok
19:44:33.0557 7512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:44:33.0572 7512 amdide - ok
19:44:33.0635 7512 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:44:33.0666 7512 amdiox64 - ok
19:44:33.0744 7512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:44:33.0775 7512 AmdK8 - ok
19:44:34.0680 7512 amdkmdag (7979bf4a66efdadf3d00a052409609b1) C:\Windows\system32\DRIVERS\atikmdag.sys
19:44:34.0883 7512 amdkmdag - ok
19:44:35.0163 7512 amdkmdap (7d5cdb0161e91951d3dd99e55cea4d01) C:\Windows\system32\DRIVERS\atikmpag.sys
19:44:35.0210 7512 amdkmdap - ok
19:44:35.0288 7512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:44:35.0319 7512 AmdPPM - ok
19:44:35.0366 7512 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:44:35.0397 7512 amdsata - ok
19:44:35.0444 7512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:44:35.0475 7512 amdsbs - ok
19:44:35.0507 7512 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:44:35.0522 7512 amdxata - ok
19:44:35.0600 7512 amd_sata (6363014d5e4ccd280fb4902ec3c2ccfe) C:\Windows\system32\DRIVERS\amd_sata.sys
19:44:35.0631 7512 amd_sata - ok
19:44:35.0631 7512 amd_xata (51a5aed2a4cceda6addcf3194c9b29eb) C:\Windows\system32\DRIVERS\amd_xata.sys
19:44:35.0663 7512 amd_xata - ok
19:44:35.0663 7512 Andbus - ok
19:44:35.0678 7512 AndDiag - ok
19:44:35.0678 7512 AndGps - ok
19:44:35.0694 7512 ANDModem - ok
19:44:35.0756 7512 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:44:35.0834 7512 AppID - ok
19:44:35.0897 7512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:44:35.0943 7512 AppIDSvc - ok
19:44:36.0006 7512 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:44:36.0053 7512 Appinfo - ok
19:44:36.0131 7512 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:44:36.0162 7512 Apple Mobile Device - ok
19:44:36.0287 7512 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:44:36.0318 7512 arc - ok
19:44:36.0365 7512 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:44:36.0380 7512 arcsas - ok
19:44:36.0443 7512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:44:36.0536 7512 AsyncMac - ok
19:44:36.0567 7512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:44:36.0599 7512 atapi - ok
19:44:36.0645 7512 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
19:44:36.0677 7512 AtiHdmiService - ok
19:44:36.0677 7512 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:44:36.0708 7512 AtiPcie - ok
19:44:36.0801 7512 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:44:36.0864 7512 AudioEndpointBuilder - ok
19:44:36.0864 7512 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:44:36.0926 7512 AudioSrv - ok
19:44:36.0973 7512 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:44:37.0004 7512 AxInstSV - ok
19:44:37.0067 7512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:44:37.0113 7512 b06bdrv - ok
19:44:37.0176 7512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:44:37.0207 7512 b57nd60a - ok
19:44:37.0269 7512 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:44:37.0301 7512 BBSvc - ok
19:44:37.0488 7512 BCM43XX (9e84a931dbee0292e38ed672f6293a99) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:44:37.0550 7512 BCM43XX - ok
19:44:37.0628 7512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:44:37.0659 7512 BDESVC - ok
19:44:37.0706 7512 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:44:37.0784 7512 Beep - ok
19:44:37.0971 7512 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:44:38.0049 7512 BFE - ok
19:44:38.0159 7512 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:44:38.0221 7512 BITS - ok
19:44:38.0393 7512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:44:38.0424 7512 blbdrive - ok
19:44:38.0517 7512 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:44:38.0564 7512 Bonjour Service - ok
19:44:38.0658 7512 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:44:38.0705 7512 bowser - ok
19:44:38.0736 7512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:44:38.0767 7512 BrFiltLo - ok
19:44:38.0814 7512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:44:38.0829 7512 BrFiltUp - ok
19:44:38.0907 7512 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:44:38.0970 7512 BridgeMP - ok
19:44:39.0001 7512 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:44:39.0048 7512 Browser - ok
19:44:39.0126 7512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:44:39.0157 7512 Brserid - ok
19:44:39.0173 7512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:44:39.0188 7512 BrSerWdm - ok
19:44:39.0235 7512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:44:39.0266 7512 BrUsbMdm - ok
19:44:39.0344 7512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:44:39.0375 7512 BrUsbSer - ok
19:44:39.0407 7512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:44:39.0438 7512 BTHMODEM - ok
19:44:39.0485 7512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:44:39.0594 7512 bthserv - ok
19:44:39.0641 7512 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:44:39.0719 7512 cdfs - ok
19:44:39.0781 7512 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:44:39.0812 7512 cdrom - ok
19:44:39.0890 7512 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:44:39.0937 7512 CertPropSvc - ok
19:44:39.0968 7512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:44:39.0984 7512 circlass - ok
19:44:40.0062 7512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:44:40.0093 7512 CLFS - ok
19:44:40.0171 7512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:44:40.0202 7512 clr_optimization_v2.0.50727_32 - ok
19:44:40.0296 7512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:44:40.0327 7512 clr_optimization_v2.0.50727_64 - ok
19:44:40.0405 7512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:44:40.0436 7512 clr_optimization_v4.0.30319_32 - ok
19:44:40.0561 7512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:44:40.0592 7512 clr_optimization_v4.0.30319_64 - ok
19:44:40.0608 7512 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
19:44:40.0623 7512 clwvd - ok
19:44:40.0686 7512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:44:40.0748 7512 CmBatt - ok
19:44:40.0795 7512 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:44:40.0826 7512 cmdide - ok
19:44:40.0904 7512 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:44:40.0967 7512 CNG - ok
19:44:40.0998 7512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:44:41.0029 7512 Compbatt - ok
19:44:41.0060 7512 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:44:41.0091 7512 CompositeBus - ok
19:44:41.0107 7512 COMSysApp - ok
19:44:41.0201 7512 cpuz135 - ok
19:44:41.0216 7512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:44:41.0247 7512 crcdisk - ok
19:44:41.0341 7512 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:44:41.0372 7512 CryptSvc - ok
19:44:41.0466 7512 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:44:41.0528 7512 DcomLaunch - ok
19:44:41.0637 7512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:44:41.0700 7512 defragsvc - ok
19:44:41.0762 7512 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:44:41.0825 7512 DfsC - ok
19:44:41.0887 7512 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:44:41.0949 7512 Dhcp - ok
19:44:41.0965 7512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:44:42.0074 7512 discache - ok
19:44:42.0105 7512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:44:42.0121 7512 Disk - ok
19:44:42.0168 7512 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:44:42.0199 7512 Dnscache - ok
19:44:42.0261 7512 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:44:42.0324 7512 dot3svc - ok
19:44:42.0371 7512 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:44:42.0433 7512 DPS - ok
19:44:42.0464 7512 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:44:42.0480 7512 drmkaud - ok
19:44:42.0573 7512 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:44:42.0620 7512 DXGKrnl - ok
19:44:42.0667 7512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:44:42.0745 7512 EapHost - ok
19:44:43.0057 7512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:44:43.0197 7512 ebdrv - ok
19:44:43.0338 7512 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:44:43.0369 7512 EFS - ok
19:44:43.0556 7512 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:44:43.0619 7512 ehRecvr - ok
19:44:43.0634 7512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:44:43.0650 7512 ehSched - ok
19:44:43.0821 7512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:44:43.0868 7512 elxstor - ok
19:44:43.0899 7512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:44:43.0915 7512 ErrDev - ok
19:44:44.0055 7512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:44:44.0118 7512 EventSystem - ok
19:44:44.0211 7512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:44:44.0258 7512 exfat - ok
19:44:44.0274 7512 ezSharedSvc - ok
19:44:44.0321 7512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:44:44.0414 7512 fastfat - ok
19:44:44.0508 7512 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:44:44.0539 7512 Fax - ok
19:44:44.0601 7512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:44:44.0617 7512 fdc - ok
19:44:44.0695 7512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:44:44.0773 7512 fdPHost - ok
19:44:44.0789 7512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:44:44.0867 7512 FDResPub - ok
19:44:44.0929 7512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:44:44.0960 7512 FileInfo - ok
19:44:44.0976 7512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:44:45.0038 7512 Filetrace - ok
19:44:45.0054 7512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:44:45.0085 7512 flpydisk - ok
19:44:45.0225 7512 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:44:45.0257 7512 FltMgr - ok
19:44:45.0397 7512 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:44:45.0459 7512 FontCache - ok
19:44:45.0569 7512 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:44:45.0569 7512 FontCache3.0.0.0 - ok
19:44:45.0709 7512 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:44:45.0740 7512 FsDepends - ok
19:44:45.0787 7512 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:44:45.0818 7512 Fs_Rec - ok
19:44:45.0912 7512 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:44:45.0943 7512 fvevol - ok
19:44:45.0990 7512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:44:46.0021 7512 gagp30kx - ok
19:44:46.0193 7512 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:44:46.0224 7512 GamesAppService - ok
19:44:46.0255 7512 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:44:46.0271 7512 GEARAspiWDM - ok
19:44:46.0427 7512 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:44:46.0520 7512 gpsvc - ok
19:44:46.0754 7512 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:44:46.0785 7512 gupdate - ok
19:44:46.0785 7512 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:44:46.0801 7512 gupdatem - ok
19:44:46.0879 7512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:44:46.0910 7512 hcw85cir - ok
19:44:46.0973 7512 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:44:47.0004 7512 HdAudAddService - ok
19:44:47.0097 7512 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:44:47.0144 7512 HDAudBus - ok
19:44:47.0191 7512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:44:47.0222 7512 HidBatt - ok
19:44:47.0269 7512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:44:47.0316 7512 HidBth - ok
19:44:47.0347 7512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:44:47.0409 7512 HidIr - ok
19:44:47.0456 7512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:44:47.0519 7512 hidserv - ok
19:44:47.0581 7512 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:44:47.0597 7512 HidUsb - ok
19:44:47.0643 7512 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:44:47.0690 7512 hkmsvc - ok
19:44:47.0721 7512 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:44:47.0753 7512 HomeGroupListener - ok
19:44:47.0831 7512 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:44:47.0862 7512 HomeGroupProvider - ok
19:44:47.0955 7512 HP Health Check Service (45a12cacb97b4f15858fcfd59355a1e9) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
19:44:47.0971 7512 HP Health Check Service - ok
19:44:48.0158 7512 HPAuto (da075126f867727810ee9b98b3041c4c) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
19:44:48.0189 7512 HPAuto - ok
19:44:48.0252 7512 HPClientSvc (6a181452d4e240b8ecc7614b9a19bde9) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:44:48.0267 7512 HPClientSvc - ok
19:44:48.0439 7512 hpCMSrv (e040f0064d39f73bb4995d494f3dcbb8) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
19:44:48.0501 7512 hpCMSrv - ok
19:44:48.0564 7512 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:44:48.0579 7512 HPDrvMntSvc.exe - ok
19:44:48.0657 7512 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:44:48.0689 7512 hpqwmiex - ok
19:44:48.0907 7512 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:44:48.0938 7512 HpSAMD - ok
19:44:49.0094 7512 HPWMISVC (ead185acdcfd81bf2172cd6f36277d50) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
19:44:49.0110 7512 HPWMISVC - ok
19:44:49.0188 7512 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:44:49.0281 7512 HTTP - ok
19:44:49.0313 7512 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:44:49.0344 7512 hwpolicy - ok
19:44:49.0375 7512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:44:49.0391 7512 i8042prt - ok
19:44:49.0500 7512 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:44:49.0547 7512 iaStorV - ok
19:44:49.0843 7512 IconMan_R (2c3cc41fefcb77e2826886e6b7ef93ae) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:44:49.0937 7512 IconMan_R - ok
19:44:50.0139 7512 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:44:50.0202 7512 idsvc - ok
19:44:50.0327 7512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:44:50.0358 7512 iirsp - ok
19:44:50.0529 7512 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:44:50.0592 7512 IKEEXT - ok
19:44:50.0654 7512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:44:50.0670 7512 intelide - ok
19:44:50.0701 7512 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
19:44:50.0717 7512 intelppm - ok
19:44:50.0748 7512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:44:50.0810 7512 IPBusEnum - ok
19:44:50.0873 7512 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:44:50.0935 7512 IpFilterDriver - ok
19:44:51.0013 7512 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:44:51.0091 7512 iphlpsvc - ok
19:44:51.0185 7512 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:44:51.0216 7512 IPMIDRV - ok
19:44:51.0231 7512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:44:51.0294 7512 IPNAT - ok
19:44:51.0497 7512 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:44:51.0559 7512 iPod Service - ok
19:44:51.0621 7512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:44:51.0668 7512 IRENUM - ok
19:44:51.0684 7512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:44:51.0715 7512 isapnp - ok
19:44:51.0809 7512 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:44:51.0840 7512 iScsiPrt - ok
19:44:51.0887 7512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:44:51.0918 7512 kbdclass - ok
19:44:51.0949 7512 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:44:51.0980 7512 kbdhid - ok
19:44:52.0011 7512 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:44:52.0027 7512 KeyIso - ok
19:44:52.0058 7512 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:44:52.0074 7512 KSecDD - ok
19:44:52.0183 7512 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:44:52.0230 7512 KSecPkg - ok
19:44:52.0261 7512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:44:52.0323 7512 ksthunk - ok
19:44:52.0433 7512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:44:52.0495 7512 KtmRm - ok
19:44:52.0557 7512 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:44:52.0604 7512 LanmanServer - ok
19:44:52.0635 7512 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:44:52.0682 7512 LanmanWorkstation - ok
19:44:52.0729 7512 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:44:52.0807 7512 lltdio - ok
19:44:52.0869 7512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:44:52.0932 7512 lltdsvc - ok
19:44:52.0979 7512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:44:53.0025 7512 lmhosts - ok
19:44:53.0103 7512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:44:53.0166 7512 LSI_FC - ok
19:44:53.0213 7512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:44:53.0228 7512 LSI_SAS - ok
19:44:53.0259 7512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:44:53.0291 7512 LSI_SAS2 - ok
19:44:53.0322 7512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:44:53.0337 7512 LSI_SCSI - ok
19:44:53.0384 7512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:44:53.0462 7512 luafv - ok
19:44:53.0571 7512 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:44:53.0603 7512 Mcx2Svc - ok
19:44:53.0634 7512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:44:53.0649 7512 megasas - ok
19:44:53.0774 7512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:44:53.0805 7512 MegaSR - ok
19:44:53.0899 7512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:44:53.0977 7512 MMCSS - ok
19:44:54.0039 7512 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:44:54.0086 7512 Modem - ok
19:44:54.0133 7512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:44:54.0164 7512 monitor - ok
19:44:54.0227 7512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:44:54.0258 7512 mouclass - ok
19:44:54.0351 7512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:44:54.0383 7512 mouhid - ok
19:44:54.0476 7512 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:44:54.0523 7512 mountmgr - ok
19:44:54.0585 7512 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:44:54.0617 7512 MpFilter - ok
19:44:54.0663 7512 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:44:54.0679 7512 mpio - ok
19:44:54.0757 7512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:44:54.0851 7512 mpsdrv - ok
19:44:55.0053 7512 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:44:55.0131 7512 MpsSvc - ok
19:44:55.0178 7512 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:44:55.0209 7512 MRxDAV - ok
19:44:55.0241 7512 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:44:55.0272 7512 mrxsmb - ok
19:44:55.0319 7512 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:44:55.0334 7512 mrxsmb10 - ok
19:44:55.0365 7512 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:44:55.0381 7512 mrxsmb20 - ok
19:44:55.0475 7512 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:44:55.0506 7512 msahci - ok
19:44:55.0553 7512 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:44:55.0568 7512 msdsm - ok
19:44:55.0599 7512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:44:55.0631 7512 MSDTC - ok
19:44:55.0646 7512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:44:55.0693 7512 Msfs - ok
19:44:55.0709 7512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:44:55.0755 7512 mshidkmdf - ok
19:44:55.0849 7512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:44:55.0880 7512 msisadrv - ok
19:44:55.0958 7512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:44:56.0036 7512 MSiSCSI - ok
19:44:56.0052 7512 msiserver - ok
19:44:56.0083 7512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:44:56.0161 7512 MSKSSRV - ok
19:44:56.0348 7512 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:44:56.0395 7512 MsMpSvc - ok
19:44:56.0426 7512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:44:56.0473 7512 MSPCLOCK - ok
19:44:56.0567 7512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:44:56.0645 7512 MSPQM - ok
19:44:56.0754 7512 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:44:56.0801 7512 MsRPC - ok
19:44:56.0925 7512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:44:56.0957 7512 mssmbios - ok
19:44:57.0003 7512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:44:57.0081 7512 MSTEE - ok
19:44:57.0113 7512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:44:57.0128 7512 MTConfig - ok
19:44:57.0159 7512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:44:57.0175 7512 Mup - ok
19:44:57.0237 7512 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:44:57.0300 7512 napagent - ok
19:44:57.0362 7512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:44:57.0393 7512 NativeWifiP - ok
19:44:57.0487 7512 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:44:57.0534 7512 NDIS - ok
19:44:57.0565 7512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:44:57.0612 7512 NdisCap - ok
19:44:57.0627 7512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:44:57.0659 7512 NdisTapi - ok
19:44:57.0705 7512 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:44:57.0752 7512 Ndisuio - ok
19:44:57.0799 7512 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:44:57.0861 7512 NdisWan - ok
19:44:57.0893 7512 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:44:57.0939 7512 NDProxy - ok
19:44:57.0955 7512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:44:58.0002 7512 NetBIOS - ok
19:44:58.0017 7512 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:44:58.0064 7512 NetBT - ok
19:44:58.0095 7512 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:44:58.0111 7512 Netlogon - ok
19:44:58.0158 7512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:44:58.0236 7512 Netman - ok
19:44:58.0267 7512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:44:58.0329 7512 netprofm - ok
19:44:58.0423 7512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:44:58.0439 7512 NetTcpPortSharing - ok
19:44:58.0485 7512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:44:58.0517 7512 nfrd960 - ok
19:44:58.0548 7512 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:44:58.0563 7512 NisDrv - ok
19:44:58.0688 7512 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:44:58.0735 7512 NisSrv - ok
19:44:58.0782 7512 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:44:58.0875 7512 NlaSvc - ok
19:44:58.0907 7512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:44:58.0953 7512 Npfs - ok
19:44:58.0985 7512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:44:59.0063 7512 nsi - ok
19:44:59.0078 7512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:44:59.0172 7512 nsiproxy - ok
19:44:59.0297 7512 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:44:59.0359 7512 Ntfs - ok
19:44:59.0531 7512 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:44:59.0593 7512 Null - ok
19:44:59.0640 7512 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
19:44:59.0671 7512 NVENETFD - ok
19:44:59.0702 7512 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:44:59.0733 7512 nvraid - ok
19:44:59.0765 7512 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:44:59.0780 7512 nvstor - ok
19:44:59.0827 7512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:44:59.0858 7512 nv_agp - ok
19:44:59.0889 7512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:44:59.0905 7512 ohci1394 - ok
19:45:00.0108 7512 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:00.0155 7512 ose - ok
19:45:00.0591 7512 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:45:00.0810 7512 osppsvc - ok
19:45:01.0013 7512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:45:01.0059 7512 p2pimsvc - ok
19:45:01.0137 7512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:45:01.0184 7512 p2psvc - ok
19:45:01.0262 7512 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:45:01.0293 7512 Parport - ok
19:45:01.0371 7512 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:45:01.0403 7512 partmgr - ok
19:45:01.0449 7512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:45:01.0496 7512 PcaSvc - ok
19:45:01.0527 7512 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:45:01.0559 7512 pci - ok
19:45:01.0637 7512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:45:01.0668 7512 pciide - ok
19:45:01.0699 7512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:45:01.0715 7512 pcmcia - ok
19:45:01.0746 7512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:45:01.0777 7512 pcw - ok
19:45:01.0855 7512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:45:01.0933 7512 PEAUTH - ok
19:45:02.0073 7512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:45:02.0120 7512 PerfHost - ok
19:45:02.0229 7512 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:45:02.0417 7512 pla - ok
19:45:02.0479 7512 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:45:02.0510 7512 PlugPlay - ok
19:45:02.0604 7512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:45:02.0635 7512 PNRPAutoReg - ok
19:45:02.0697 7512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:45:02.0729 7512 PNRPsvc - ok
19:45:02.0900 7512 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:45:02.0994 7512 PolicyAgent - ok
19:45:03.0056 7512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:45:03.0134 7512 Power - ok
19:45:03.0212 7512 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:45:03.0275 7512 PptpMiniport - ok
19:45:03.0306 7512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:45:03.0337 7512 Processor - ok
19:45:03.0368 7512 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:45:03.0415 7512 ProfSvc - ok
19:45:03.0446 7512 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:45:03.0462 7512 ProtectedStorage - ok
19:45:03.0509 7512 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:45:03.0571 7512 Psched - ok
19:45:03.0696 7512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:45:03.0774 7512 ql2300 - ok
19:45:03.0914 7512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:45:03.0945 7512 ql40xx - ok
19:45:04.0008 7512 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:45:04.0039 7512 QWAVE - ok
19:45:04.0070 7512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:45:04.0101 7512 QWAVEdrv - ok
19:45:04.0117 7512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:45:04.0195 7512 RasAcd - ok
19:45:04.0226 7512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:04.0304 7512 RasAgileVpn - ok
19:45:04.0335 7512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:45:04.0398 7512 RasAuto - ok
19:45:04.0429 7512 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:04.0491 7512 Rasl2tp - ok
19:45:04.0538 7512 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:45:04.0601 7512 RasMan - ok
19:45:04.0616 7512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:04.0663 7512 RasPppoe - ok
19:45:04.0679 7512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:45:04.0741 7512 RasSstp - ok
19:45:04.0772 7512 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:45:04.0835 7512 rdbss - ok
19:45:04.0866 7512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:45:04.0897 7512 rdpbus - ok
19:45:04.0928 7512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:04.0975 7512 RDPCDD - ok
19:45:05.0022 7512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:45:05.0053 7512 RDPENCDD - ok
19:45:05.0084 7512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:45:05.0131 7512 RDPREFMP - ok
19:45:05.0162 7512 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:45:05.0193 7512 RDPWD - ok
19:45:05.0240 7512 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:45:05.0271 7512 rdyboost - ok
19:45:05.0287 7512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:45:05.0349 7512 RemoteAccess - ok
19:45:05.0427 7512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:45:05.0490 7512 RemoteRegistry - ok
19:45:05.0599 7512 RoxioNow Service (085d18c71ab2611a3d61528132b6501e) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:45:05.0630 7512 RoxioNow Service - ok
19:45:05.0661 7512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:45:05.0708 7512 RpcEptMapper - ok
19:45:05.0724 7512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:45:05.0739 7512 RpcLocator - ok
19:45:05.0802 7512 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:45:05.0880 7512 RpcSs - ok
19:45:06.0036 7512 RSPCIESTOR (d5c3e1629a3f7f0857d27949252b94ce) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:45:06.0067 7512 RSPCIESTOR - ok
19:45:06.0114 7512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:45:06.0161 7512 rspndr - ok
19:45:06.0207 7512 RTL8167 (a73ed14670220307874ad6bc2f279349) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:45:06.0223 7512 RTL8167 - ok
19:45:06.0317 7512 RTL8192Ce (5fa2f4f658fca7816a5ff6980b95c5f9) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
19:45:06.0379 7512 RTL8192Ce - ok
19:45:06.0441 7512 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:45:06.0473 7512 SamSs - ok
19:45:06.0582 7512 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:45:06.0613 7512 sbp2port - ok
19:45:06.0644 7512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:45:06.0691 7512 SCardSvr - ok
19:45:06.0722 7512 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:45:06.0785 7512 scfilter - ok
19:45:06.0909 7512 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:45:07.0019 7512 Schedule - ok
19:45:07.0065 7512 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:45:07.0128 7512 SCPolicySvc - ok
19:45:07.0175 7512 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:45:07.0190 7512 sdbus - ok
19:45:07.0253 7512 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:45:07.0284 7512 SDRSVC - ok
19:45:07.0377 7512 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:45:07.0424 7512 SeaPort - ok
19:45:07.0487 7512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:45:07.0580 7512 secdrv - ok
19:45:07.0611 7512 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:45:07.0643 7512 seclogon - ok
19:45:07.0658 7512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:45:07.0736 7512 SENS - ok
19:45:07.0783 7512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:45:07.0799 7512 SensrSvc - ok
19:45:07.0861 7512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:45:07.0892 7512 Serenum - ok
19:45:07.0908 7512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:45:07.0923 7512 Serial - ok
19:45:07.0939 7512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:45:07.0955 7512 sermouse - ok
19:45:08.0064 7512 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:45:08.0126 7512 SessionEnv - ok
19:45:08.0157 7512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:45:08.0189 7512 sffdisk - ok
19:45:08.0251 7512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:45:08.0267 7512 sffp_mmc - ok
19:45:08.0298 7512 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:45:08.0313 7512 sffp_sd - ok
19:45:08.0345 7512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:45:08.0360 7512 sfloppy - ok
19:45:08.0407 7512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:45:08.0485 7512 SharedAccess - ok
19:45:08.0563 7512 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:45:08.0625 7512 ShellHWDetection - ok
19:45:08.0688 7512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:45:08.0719 7512 SiSRaid2 - ok
19:45:08.0781 7512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:45:08.0813 7512 SiSRaid4 - ok
19:45:08.0922 7512 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
19:45:08.0953 7512 SkypeUpdate - ok
19:45:09.0000 7512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:45:09.0047 7512 Smb - ok
19:45:09.0156 7512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:45:09.0218 7512 SNMPTRAP - ok
19:45:09.0265 7512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:45:09.0281 7512 spldr - ok
19:45:09.0343 7512 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:45:09.0421 7512 Spooler - ok
19:45:09.0764 7512 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:45:09.0936 7512 sppsvc - ok
19:45:10.0107 7512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:45:10.0170 7512 sppuinotify - ok
19:45:10.0279 7512 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:45:10.0357 7512 srv - ok
19:45:10.0466 7512 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:45:10.0513 7512 srv2 - ok
19:45:10.0575 7512 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:45:10.0622 7512 SrvHsfHDA - ok
19:45:10.0794 7512 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:45:10.0841 7512 SrvHsfV92 - ok
19:45:11.0028 7512 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:45:11.0059 7512 SrvHsfWinac - ok
19:45:11.0121 7512 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:45:11.0137 7512 srvnet - ok
19:45:11.0168 7512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:45:11.0215 7512 SSDPSRV - ok
19:45:11.0246 7512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:45:11.0293 7512 SstpSvc - ok
19:45:11.0449 7512 STacSV (293a556e04f815477ae93e07b35065e6) C:\Program Files\IDT\WDM\STacSV64.exe
19:45:11.0480 7512 STacSV - ok
19:45:11.0511 7512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:45:11.0527 7512 stexstor - ok
19:45:11.0636 7512 STHDA (aa3c0336514c239a171f00a6902b59b8) C:\Windows\system32\DRIVERS\stwrt64.sys
19:45:11.0683 7512 STHDA - ok
19:45:11.0745 7512 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:45:11.0777 7512 stisvc - ok
19:45:11.0839 7512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:45:11.0870 7512 swenum - ok
19:45:11.0948 7512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:45:12.0026 7512 swprv - ok
19:45:12.0120 7512 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
19:45:12.0151 7512 SynTP - ok
19:45:12.0354 7512 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:45:12.0416 7512 SysMain - ok
19:45:12.0603 7512 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:45:12.0650 7512 TabletInputService - ok
19:45:12.0681 7512 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:45:12.0728 7512 TapiSrv - ok
19:45:12.0759 7512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:45:12.0822 7512 TBS - ok
19:45:13.0040 7512 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:45:13.0181 7512 Tcpip - ok
19:45:13.0524 7512 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:45:13.0571 7512 TCPIP6 - ok
19:45:13.0789 7512 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:45:13.0867 7512 tcpipreg - ok
19:45:13.0898 7512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:45:13.0945 7512 TDPIPE - ok
19:45:13.0976 7512 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:45:13.0992 7512 TDTCP - ok
19:45:14.0039 7512 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:45:14.0086 7512 tdx - ok
19:45:14.0132 7512 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:45:14.0148 7512 TermDD - ok
19:45:14.0210 7512 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:45:14.0273 7512 TermService - ok
19:45:14.0288 7512 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:45:14.0335 7512 Themes - ok
19:45:14.0351 7512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:45:14.0413 7512 THREADORDER - ok
19:45:14.0460 7512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:45:14.0538 7512 TrkWks - ok
19:45:14.0647 7512 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:45:14.0725 7512 TrustedInstaller - ok
19:45:14.0741 7512 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:45:14.0788 7512 tssecsrv - ok
19:45:14.0819 7512 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:45:14.0850 7512 TsUsbFlt - ok
19:45:14.0912 7512 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:45:14.0928 7512 TsUsbGD - ok
19:45:14.0959 7512 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:45:15.0006 7512 tunnel - ok
19:45:15.0037 7512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:45:15.0053 7512 uagp35 - ok
19:45:15.0100 7512 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:45:15.0162 7512 udfs - ok
19:45:15.0224 7512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:45:15.0256 7512 UI0Detect - ok
19:45:15.0287 7512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:45:15.0302 7512 uliagpkx - ok
19:45:15.0334 7512 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:45:15.0349 7512 umbus - ok
19:45:15.0412 7512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:45:15.0443 7512 UmPass - ok
19:45:15.0505 7512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:45:15.0568 7512 upnphost - ok
19:45:15.0599 7512 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:45:15.0599 7512 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
19:45:15.0599 7512 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
19:45:15.0692 7512 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:45:15.0708 7512 usbccgp - ok
19:45:15.0739 7512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:45:15.0770 7512 usbcir - ok
19:45:15.0786 7512 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:45:15.0802 7512 usbehci - ok
19:45:15.0833 7512 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
19:45:15.0848 7512 usbfilter - ok
19:45:15.0926 7512 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:45:15.0958 7512 usbhub - ok
19:45:15.0989 7512 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:45:16.0004 7512 usbohci - ok
19:45:16.0020 7512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:45:16.0036 7512 usbprint - ok
19:45:16.0067 7512 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:45:16.0114 7512 usbscan - ok
19:45:16.0238 7512 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:45:16.0270 7512 USBSTOR - ok
19:45:16.0301 7512 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:45:16.0316 7512 usbuhci - ok
19:45:16.0363 7512 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:45:16.0379 7512 usbvideo - ok
19:45:16.0410 7512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:45:16.0472 7512 UxSms - ok
19:45:16.0519 7512 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:45:16.0550 7512 VaultSvc - ok
19:45:16.0566 7512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:45:16.0582 7512 vdrvroot - ok
19:45:16.0644 7512 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:45:16.0738 7512 vds - ok
19:45:16.0784 7512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:45:16.0816 7512 vga - ok
19:45:16.0831 7512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:45:16.0878 7512 VgaSave - ok
19:45:16.0925 7512 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:45:16.0956 7512 vhdmp - ok
19:45:16.0972 7512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:45:17.0003 7512 viaide - ok
19:45:17.0081 7512 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:45:17.0112 7512 volmgr - ok
19:45:17.0159 7512 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:45:17.0190 7512 volmgrx - ok
19:45:17.0237 7512 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:45:17.0268 7512 volsnap - ok
19:45:17.0299 7512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:45:17.0315 7512 vsmraid - ok
19:45:17.0502 7512 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:45:17.0596 7512 VSS - ok
19:45:17.0814 7512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:45:17.0845 7512 vwifibus - ok
19:45:17.0861 7512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:45:17.0892 7512 vwififlt - ok
19:45:17.0908 7512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:45:17.0939 7512 vwifimp - ok
19:45:17.0970 7512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:45:18.0032 7512 W32Time - ok
19:45:18.0079 7512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:45:18.0095 7512 WacomPen - ok
19:45:18.0126 7512 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:45:18.0204 7512 WANARP - ok
19:45:18.0204 7512 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:45:18.0251 7512 Wanarpv6 - ok
19:45:18.0407 7512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:45:18.0438 7512 WatAdminSvc - ok
19:45:18.0563 7512 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:45:18.0610 7512 wbengine - ok
19:45:18.0812 7512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:45:18.0859 7512 WbioSrvc - ok
19:45:18.0937 7512 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:45:18.0984 7512 wcncsvc - ok
19:45:19.0015 7512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:45:19.0031 7512 WcsPlugInService - ok
19:45:19.0093 7512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:45:19.0124 7512 Wd - ok
19:45:19.0187 7512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:45:19.0218 7512 Wdf01000 - ok
19:45:19.0234 7512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:45:19.0265 7512 WdiServiceHost - ok
19:45:19.0265 7512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:45:19.0296 7512 WdiSystemHost - ok
19:45:19.0343 7512 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:45:19.0390 7512 WebClient - ok
19:45:19.0421 7512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:45:19.0468 7512 Wecsvc - ok
19:45:19.0483 7512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:45:19.0546 7512 wercplsupport - ok
19:45:19.0577 7512 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:45:19.0655 7512 WerSvc - ok
19:45:19.0733 7512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:45:19.0795 7512 WfpLwf - ok
19:45:19.0811 7512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:45:19.0826 7512 WIMMount - ok
19:45:19.0858 7512 WinDefend - ok
19:45:19.0873 7512 WinHttpAutoProxySvc - ok
19:45:19.0982 7512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:45:20.0045 7512 Winmgmt - ok
19:45:20.0232 7512 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:45:20.0388 7512 WinRM - ok
19:45:20.0575 7512 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:45:20.0622 7512 WinUsb - ok
19:45:20.0700 7512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:45:20.0747 7512 Wlansvc - ok
19:45:20.0794 7512 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:45:20.0809 7512 wlcrasvc - ok
19:45:21.0121 7512 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:45:21.0199 7512 wlidsvc - ok
19:45:21.0340 7512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:45:21.0371 7512 WmiAcpi - ok
19:45:21.0511 7512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:45:21.0558 7512 wmiApSrv - ok
19:45:21.0589 7512 WMPNetworkSvc - ok
19:45:21.0605 7512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:45:21.0636 7512 WPCSvc - ok
19:45:21.0652 7512 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:45:21.0683 7512 WPDBusEnum - ok
19:45:21.0698 7512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:45:21.0776 7512 ws2ifsl - ok
19:45:21.0808 7512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:45:21.0854 7512 wscsvc - ok
19:45:21.0854 7512 WSearch - ok
19:45:22.0057 7512 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:45:22.0213 7512 wuauserv - ok
19:45:22.0385 7512 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:45:22.0447 7512 WudfPf - ok
19:45:22.0478 7512 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:45:22.0525 7512 WUDFRd - ok
19:45:22.0556 7512 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:45:22.0634 7512 wudfsvc - ok
19:45:22.0666 7512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:45:22.0681 7512 WwanSvc - ok
19:45:22.0728 7512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:45:23.0024 7512 \Device\Harddisk0\DR0 - ok
19:45:23.0056 7512 Boot (0x1200) (8c5f8c9b4d6df9a28df09f875155850c) \Device\Harddisk0\DR0\Partition0
19:45:23.0071 7512 \Device\Harddisk0\DR0\Partition0 - ok
19:45:23.0071 7512 Boot (0x1200) (8928f9d0c08dde5731763d8fa7e6f33e) \Device\Harddisk0\DR0\Partition1
19:45:23.0071 7512 \Device\Harddisk0\DR0\Partition1 - ok
19:45:23.0102 7512 Boot (0x1200) (9901be464f99b10b6ba600e55e96cf99) \Device\Harddisk0\DR0\Partition2
19:45:23.0118 7512 \Device\Harddisk0\DR0\Partition2 - ok
19:45:23.0134 7512 Boot (0x1200) (62352310113bc5439da76ae1a31835f8) \Device\Harddisk0\DR0\Partition3
19:45:23.0134 7512 \Device\Harddisk0\DR0\Partition3 - ok
19:45:23.0134 7512 ============================================================
19:45:23.0134 7512 Scan finished
19:45:23.0134 7512 ============================================================
19:45:23.0165 1532 Detected object count: 1
19:45:23.0165 1532 Actual detected object count: 1
19:45:36.0362 1532 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:36.0362 1532 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

#5 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 23 July 2012 - 03:14 AM

Please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here.
...of those, many people overlook the Windows Defender since, for most, there is no icon for it in the system tray. Scroll through those directives above and look for this application specifically, to make certain it is disabled.

Please download combofix from This Webpage...and read through the instructions there for running the tool.

***Important Note***
Please read through the guidance on that web page carefully and thoroughly...and install the Recovery Console. Using this tool without the Recovery Console installed is NOT RECOMMENDED.

If you have Windows Vista or Windows 7, you can skip the recovery console step...in Vista/7 it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista or Windows 7 installation disc. If Windows doesn't start correctly, you can use these tools to repair startup problems.


The Windows Recovery Console will allow you to boot into a special recovery (repair) mode that is not otherwise available. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It's a simple procedure that will only take a few moments.

Once installed, a blue screen prompt should appear that reads as follows:

The Recovery Console was successfully installed.

When you see that screen, please continue as follows:

  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a log file for you. Please post that log back here on your next reply. Thanks!

Note:
Do not mouseclick combofix's window while it's running....that may cause the scan to stall

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#6 sawdog

sawdog
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 23 July 2012 - 01:27 PM

Disabled Windows Defender, Firewall
Downloaded Cmbofix.
Saved and ran Combofix.
After scanning no opportunity to copy and save files - there are non stop cascading Combofix windows opening and closing.
Unable to stop this - happens even after hard shut down and start up.

#7 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 23 July 2012 - 04:20 PM

Try booting into safe mode. Do these cascading windows continue?

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#8 sawdog

sawdog
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 23 July 2012 - 04:45 PM

the cascading stopped in safe mode

#9 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 23 July 2012 - 04:48 PM

Alright then, while in safe mode, double-click the combofix utility and allow it to scan. If it reboots the system, then as it begins to come back up, begin tapping the F8 key to boot it back into safe mode. When it DOES come back up in safe mode, your Combofix log should appear at that point. Copy and paste the contents of that log back here on the next reply. Thanks!

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#10 sawdog

sawdog
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 23 July 2012 - 05:09 PM

Scanned with Combofix in safe mode.
It rebooted - in safe mode.
Just the desktop - no log appeared.

Scanned with Combofix in safe mode.
It rebooted - in safe mode.
Just the desktop - no log appeared.

#11 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 23 July 2012 - 05:10 PM

Look on the C: drive for a file named combofix.txt

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#12 sawdog

sawdog
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 23 July 2012 - 05:52 PM

I am unable to make an internet connection while in safe mode.
Also, the only combofix text file i could find on the C drive doesn't appear to be a scan log. It is a record of the firewall and windows defender bing disabled, as well as a new restore point being created.

#13 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 23 July 2012 - 05:54 PM

You've already downloaded combofix so there is no need for an internet connection. Just run it and post the log. Thanks!

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven


#14 sawdog

sawdog
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 23 July 2012 - 06:01 PM

Sorry for the confusion. I honestly do not understand what i am supposed to do now.
I had ran Combofix in safe mode.
It rebooted in safe mode.
I cannot find combofix.txt on the c drive.
I wouldn't know how to post the log anyhow while in safe mode.
I am corresponding from a seperate computer.
Thank you for your patience.

#15 1972vet

1972vet

  • Malware Response Team
  • 1,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midwest U.S.A.
  • Local time:05:14 AM

Posted 23 July 2012 - 06:22 PM

OK, boot back to your normal mode and see if it comes up ok now without the cascading Windows. If combofix ran in safe mode and rebooted, there has to be a log somewhere. Let me know what the normal mode desktop looks like now...that is, if there are any other pop up messages when it comes up...such as, IE asking whether or not you want to make it the default browser.

Disabled Veteran, U.S.C.G. 1972 - 1978
mvpsigpic.jpg
2009 - 2013

Member: U.N.I.T.E.
Performance and Maintenance for Windows XP, Windows Vista and Windows Seven





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users