Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another GAC_32 virus victim


  • This topic is locked This topic is locked
57 replies to this topic

#1 adrianbeaky

adrianbeaky

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 19 July 2012 - 09:21 AM

I thank you in advance for helping me remove this virus from my computer. I noticed the infection a few days ago when I ran avast and Malwarebytes in my routine scan. Avast said I had GAC_32 and GAC_64 infection and I could not delete or quarantine the virus(though I was able to delete GAC_64 but it always comes back up in new scans). Things I have noticed from my infection is that Adobe Flash always tries to update and when I do, my flash is disabled in my browser. This has gone on for a couple weeks. When I do a Google search, I get redirected to random websites, some that are jibberish. After I do my virus scan and restart the computer, my desktop reorganizes itself. The most troubling to me is also, my firewall was disabled. I always make sure its on. When I tried to re enable it for this post, I would get error messages. One of the error codes I get is Error Code 0x80070424 and that I can't enable the firewall. Attached below is my log from DDS. Thanks again!

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by user at 10:02:29 on 2012-07-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12279.10352 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\conhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\consent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uDefault_Page_URL = hxxp://www.msn.com
mDefault_Page_URL = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Diagnostics] rundll32.exe "C:\Users\user\AppData\Local\Temp\",CreateInstance
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\Users\user\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 167.206.245.129 167.206.245.130
TCP: Interfaces\{96B8A96D-0C68-4C9B-8F4A-DCDA1278A4F7} : DhcpNameServer = 167.206.245.129 167.206.245.130
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ry60q5bt.default\
FF - prefs.js: browser.startup.homepage - dpreview.com
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 mv91xx;mv91xx;C:\Windows\system32\DRIVERS\mv91xx.sys --> C:\Windows\system32\DRIVERS\mv91xx.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-5-17 42184]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 TabletServicePen;TabletServicePen;C:\Windows\system32\Pen_Tablet.exe --> C:\Windows\system32\Pen_Tablet.exe [?]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2011-7-23 127784]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 AeLookupSvc32;Application Experience ;c:\programdata\display32.exe --> c:\programdata\display32.exe [?]
S2 AeLookupSvc3232;Application Experience ;c:\programdata\iphlpapi32.exe --> c:\programdata\iphlpapi32.exe [?]
S2 ALG3232;Application Layer Gateway Service ;c:\programdata\kbdlk41a32.exe --> c:\programdata\kbdlk41a32.exe [?]
S2 AppIDSvc32;Application Identity ;c:\programdata\wmpdxm32.exe --> c:\programdata\wmpdxm32.exe [?]
S2 Appinfo32;Application Information ;c:\programdata\uiribbon32.exe --> c:\programdata\uiribbon32.exe [?]
S2 Appinfo3232;Application Information ;c:\programdata\w32topl32.exe --> c:\programdata\w32topl32.exe [?]
S2 Appinfo323232;Application Information ;c:\programdata\smbhelperclass32.exe --> c:\programdata\smbhelperclass32.exe [?]
S2 AudioEndpointBuilder32;Windows Audio Endpoint Builder ;c:\programdata\cmicryptinstall32.exe --> c:\programdata\cmicryptinstall32.exe [?]
S2 AudioEndpointBuilder3232;Windows Audio Endpoint Builder ;c:\programdata\sechost32.exe --> c:\programdata\sechost32.exe [?]
S2 AudioEndpointBuilder323232;Windows Audio Endpoint Builder ;c:\programdata\msclmd32.exe --> c:\programdata\msclmd32.exe [?]
S2 AudioEndpointBuilder32323232;Windows Audio Endpoint Builder ;c:\programdata\storagecontexthandler32.exe --> c:\programdata\storagecontexthandler32.exe [?]
S2 AudioSrv32;Windows Audio ;c:\programdata\advpack32.exe --> c:\programdata\advpack32.exe [?]
S2 AudioSrv3232;Windows Audio ;c:\programdata\msrdpwebaccess32.exe --> c:\programdata\msrdpwebaccess32.exe [?]
S2 AudioSrv323232;Windows Audio ;c:\programdata\odfox3232.exe --> c:\programdata\odfox3232.exe [?]
S2 avast! Antivirus32;avast! Antivirus ;c:\programdata\wmi32.exe --> c:\programdata\wmi32.exe [?]
S2 avast! Antivirus3232;avast! Antivirus ;c:\programdata\dsauth32.exe --> c:\programdata\dsauth32.exe [?]
S2 AxInstSV32;ActiveX Installer (AxInstSV) ;c:\programdata\msrepl4032.exe --> c:\programdata\msrepl4032.exe [?]
S2 AxInstSV3232;ActiveX Installer (AxInstSV) ;c:\programdata\nlsdata000a32.exe --> c:\programdata\nlsdata000a32.exe [?]
S2 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BDESVC32;BitLocker Drive Encryption Service ;c:\programdata\oddbse3232.exe --> c:\programdata\oddbse3232.exe [?]
S2 BDESVC3232;BitLocker Drive Encryption Service ;c:\programdata\secproc_ssp32.exe --> c:\programdata\secproc_ssp32.exe [?]
S2 BFE32;Base Filtering Engine ;c:\programdata\difxapi32.exe --> c:\programdata\difxapi32.exe [?]
S2 BFE3232;Base Filtering Engine ;c:\programdata\lvui2rc32.exe --> c:\programdata\lvui2rc32.exe [?]
S2 BFE323232;Base Filtering Engine ;c:\programdata\kbdwol32.exe --> c:\programdata\kbdwol32.exe [?]
S2 BITS32;Background Intelligent Transfer Service ;c:\programdata\elscore32.exe --> c:\programdata\elscore32.exe [?]
S2 BITS3232;Background Intelligent Transfer Service ;c:\programdata\p2pgraph32.exe --> c:\programdata\p2pgraph32.exe [?]
S2 BITS323232;Background Intelligent Transfer Service ;c:\programdata\ntshrui32.exe --> c:\programdata\ntshrui32.exe [?]
S2 BITS32323232;Background Intelligent Transfer Service ;c:\programdata\certpoleng32.exe --> c:\programdata\certpoleng32.exe [?]
S2 Browser32;Computer Browser ;c:\programdata\api-ms-win-core-processthreads-l1-1-032.exe --> c:\programdata\api-ms-win-core-processthreads-l1-1-032.exe [?]
S2 Browser3232;Computer Browser ;c:\programdata\fxscom32.exe --> c:\programdata\fxscom32.exe [?]
S2 bthserv32;Bluetooth Support Service ;c:\programdata\virtdisk32.exe --> c:\programdata\virtdisk32.exe [?]
S2 bthserv3232;Bluetooth Support Service ;c:\programdata\occache32.exe --> c:\programdata\occache32.exe [?]
S2 CertPropSvc32;Certificate Propagation ;c:\programdata\cngprovider32.exe --> c:\programdata\cngprovider32.exe [?]
S2 CertPropSvc3232;Certificate Propagation ;c:\programdata\dhcpcore32.exe --> c:\programdata\dhcpcore32.exe [?]
S2 clr_optimization_v2.0.50727_3232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\autoplay32.exe --> c:\programdata\autoplay32.exe [?]
S2 clr_optimization_v2.0.50727_323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\mfvdsp32.exe --> c:\programdata\mfvdsp32.exe [?]
S2 clr_optimization_v2.0.50727_32323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\clusapi32.exe --> c:\programdata\clusapi32.exe [?]
S2 clr_optimization_v2.0.50727_3232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\kbdtiprc32.exe --> c:\programdata\kbdtiprc32.exe [?]
S2 clr_optimization_v2.0.50727_323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\usbperf32.exe --> c:\programdata\usbperf32.exe [?]
S2 clr_optimization_v2.0.50727_6432;Microsoft .NET Framework NGEN v2.0.50727_X64 ;c:\programdata\iepeers32.exe --> c:\programdata\iepeers32.exe [?]
S2 clr_optimization_v2.0.50727_643232;Microsoft .NET Framework NGEN v2.0.50727_X64 ;c:\programdata\mf321632.exe --> c:\programdata\mf321632.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_3232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\sensapi32.exe --> c:\programdata\sensapi32.exe [?]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 clr_optimization_v4.0.30319_6432;Microsoft .NET Framework NGEN v4.0.30319_X64 ;c:\programdata\ir50_qcx32.exe --> c:\programdata\ir50_qcx32.exe [?]
S2 clr_optimization_v4.0.30319_643232;Microsoft .NET Framework NGEN v4.0.30319_X64 ;c:\programdata\kbdth032.exe --> c:\programdata\kbdth032.exe [?]
S2 COMSysApp32;COM+ System Application ;c:\programdata\kbdmlt4732.exe --> c:\programdata\kbdmlt4732.exe [?]
S2 CryptSvc32;Cryptographic Services ;c:\programdata\winsyncproviders32.exe --> c:\programdata\winsyncproviders32.exe [?]
S2 DcomLaunch32;DCOM Server Process Launcher ;c:\programdata\fde32.exe --> c:\programdata\fde32.exe [?]
S2 defragsvc32;Disk Defragmenter ;c:\programdata\appidapi32.exe --> c:\programdata\appidapi32.exe [?]
S2 defragsvc3232;Disk Defragmenter ;c:\programdata\provsvc32.exe --> c:\programdata\provsvc32.exe [?]
S2 Dnscache32;DNS Client ;c:\programdata\syssetup32.exe --> c:\programdata\syssetup32.exe [?]
S2 Dnscache3232;DNS Client ;c:\programdata\apphelp32.exe --> c:\programdata\apphelp32.exe [?]
S2 dot3svc3232;Wired AutoConfig ;c:\programdata\kbdno132.exe --> c:\programdata\kbdno132.exe [?]
S2 dot3svc323232;Wired AutoConfig ;c:\programdata\cmstplua32.exe --> c:\programdata\cmstplua32.exe [?]
S2 EapHost32;Extensible Authentication Protocol ;c:\programdata\wmdmlog32.exe --> c:\programdata\wmdmlog32.exe [?]
S2 EapHost3232;Extensible Authentication Protocol ;c:\programdata\msvcrt32.exe --> c:\programdata\msvcrt32.exe [?]
S2 EapHost323232;Extensible Authentication Protocol ;c:\programdata\pcaui32.exe --> c:\programdata\pcaui32.exe [?]
S2 EFS32;Encrypting File System (EFS) ;c:\programdata\wmerror32.exe --> c:\programdata\wmerror32.exe [?]
S2 EFS3232;Encrypting File System (EFS) ;c:\programdata\usp1032.exe --> c:\programdata\usp1032.exe [?]
S2 ehRecvr32;Windows Media Center Receiver Service ;c:\programdata\fundisc32.exe --> c:\programdata\fundisc32.exe [?]
S2 ehRecvr3232;Windows Media Center Receiver Service ;c:\programdata\kbdbgph132.exe --> c:\programdata\kbdbgph132.exe [?]
S2 ehRecvr323232;Windows Media Center Receiver Service ;c:\programdata\umdmxfrm32.exe --> c:\programdata\umdmxfrm32.exe [?]
S2 ehRecvr32323232;Windows Media Center Receiver Service ;c:\programdata\mmcshext32.exe --> c:\programdata\mmcshext32.exe [?]
S2 ehSched32;Windows Media Center Scheduler Service ;c:\programdata\logidpp32.exe --> c:\programdata\logidpp32.exe [?]
S2 ehSched3232;Windows Media Center Scheduler Service ;c:\programdata\radardt32.exe --> c:\programdata\radardt32.exe [?]
S2 ehSched323232;Windows Media Center Scheduler Service ;c:\programdata\sppcommdlg32.exe --> c:\programdata\sppcommdlg32.exe [?]
S2 eventlog32;Windows Event Log ;c:\programdata\samcli32.exe --> c:\programdata\samcli32.exe [?]
S2 EventSystem32;COM+ Event System ;c:\programdata\nlslexicons000232.exe --> c:\programdata\nlslexicons000232.exe [?]
S2 EventSystem3232;COM+ Event System ;c:\programdata\atiadlxy32.exe --> c:\programdata\atiadlxy32.exe [?]
S2 Fax32;Fax ;c:\programdata\nlmgp32.exe --> c:\programdata\nlmgp32.exe [?]
S2 Fax3232;Fax ;c:\programdata\iepeers32.exe --> c:\programdata\iepeers32.exe [?]
S2 fdPHost32;Function Discovery Provider Host ;c:\programdata\query32.exe --> c:\programdata\query32.exe [?]
S2 FDResPub32;Function Discovery Resource Publication ;c:\programdata\dpx32.exe --> c:\programdata\dpx32.exe [?]
S2 FDResPub3232;Function Discovery Resource Publication ;c:\programdata\api-ms-win-core-console-l1-1-032.exe --> c:\programdata\api-ms-win-core-console-l1-1-032.exe [?]
S2 FontCache3.0.0.032;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\prncache32.exe --> c:\programdata\prncache32.exe [?]
S2 FontCache3.0.0.03232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\nlsdata081632.exe --> c:\programdata\nlsdata081632.exe [?]
S2 FontCache3.0.0.0323232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\console32.exe --> c:\programdata\console32.exe [?]
S2 FontCache32;Windows Font Cache Service ;c:\programdata\chsbrkr32.exe --> c:\programdata\chsbrkr32.exe [?]
S2 FontCache3232;Windows Font Cache Service ;c:\programdata\msjet4032.exe --> c:\programdata\msjet4032.exe [?]
S2 Futuremark SystemInfo Service32;Futuremark SystemInfo Service ;c:\programdata\iprtprio32.exe --> c:\programdata\iprtprio32.exe [?]
S2 Futuremark SystemInfo Service3232;Futuremark SystemInfo Service ;c:\programdata\wwanapi32.exe --> c:\programdata\wwanapi32.exe [?]
S2 Futuremark SystemInfo Service323232;Futuremark SystemInfo Service ;c:\programdata\mspbde4032.exe --> c:\programdata\mspbde4032.exe [?]
S2 Futuremark SystemInfo Service32323232;Futuremark SystemInfo Service ;c:\programdata\msimg3232.exe --> c:\programdata\msimg3232.exe [?]
S2 Futuremark SystemInfo Service3232323232;Futuremark SystemInfo Service ;c:\programdata\mmcico32.exe --> c:\programdata\mmcico32.exe [?]
S2 gpsvc32;Group Policy Client ;c:\programdata\uxinit32.exe --> c:\programdata\uxinit32.exe [?]
S2 gpsvc3232;Group Policy Client ;c:\programdata\cliconfg32.exe --> c:\programdata\cliconfg32.exe [?]
S2 gpsvc323232;Group Policy Client ;c:\programdata\acledit32.exe --> c:\programdata\acledit32.exe [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-22 136176]
S2 hidserv32;Human Interface Device Access ;c:\programdata\rgb9rast32.exe --> c:\programdata\rgb9rast32.exe [?]
S2 hkmsvc32;Health Key and Certificate Management ;c:\programdata\netmsg32.exe --> c:\programdata\netmsg32.exe [?]
S2 hkmsvc3232;Health Key and Certificate Management ;c:\programdata\ncsi32.exe --> c:\programdata\ncsi32.exe [?]
S2 HomeGroupListener32;HomeGroup Listener ;c:\programdata\kbdhau32.exe --> c:\programdata\kbdhau32.exe [?]
S2 HomeGroupListener3232;HomeGroup Listener ;c:\programdata\amxread32.exe --> c:\programdata\amxread32.exe [?]
S2 HomeGroupListener323232;HomeGroup Listener ;c:\programdata\d3dx11_4332.exe --> c:\programdata\d3dx11_4332.exe [?]
S2 HomeGroupListener32323232;HomeGroup Listener ;c:\programdata\dbnetlib32.exe --> c:\programdata\dbnetlib32.exe [?]
S2 HomeGroupListener3232323232;HomeGroup Listener ;c:\programdata\apds32.exe --> c:\programdata\apds32.exe [?]
S2 HomeGroupProvider32;HomeGroup Provider ;c:\programdata\kbda132.exe --> c:\programdata\kbda132.exe [?]
S2 HomeGroupProvider3232;HomeGroup Provider ;c:\programdata\untfs32.exe --> c:\programdata\untfs32.exe [?]
S2 idsvc32;Windows CardSpace ;c:\programdata\d3dx9_4232.exe --> c:\programdata\d3dx9_4232.exe [?]
S2 idsvc3232;Windows CardSpace ;c:\programdata\adtschema32.exe --> c:\programdata\adtschema32.exe [?]
S2 idsvc323232;Windows CardSpace ;c:\programdata\storagecontexthandler32.exe --> c:\programdata\storagecontexthandler32.exe [?]
S2 idsvc32323232;Windows CardSpace ;c:\programdata\kbdarme32.exe --> c:\programdata\kbdarme32.exe [?]
S2 idsvc3232323232;Windows CardSpace ;c:\programdata\eappcfg32.exe --> c:\programdata\eappcfg32.exe [?]
S2 IKEEXT32;IKE and AuthIP IPsec Keying Modules ;c:\programdata\xwtpdui32.exe --> c:\programdata\xwtpdui32.exe [?]
S2 IKEEXT323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\kbdbr32.exe --> c:\programdata\kbdbr32.exe [?]
S2 IKEEXT32323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\dui7032.exe --> c:\programdata\dui7032.exe [?]
S2 IPBusEnum32;PnP-X IP Bus Enumerator ;c:\programdata\kbdlv132.exe --> c:\programdata\kbdlv132.exe [?]
S2 iphlpsvc32;IP Helper ;c:\programdata\ntlanman32.exe --> c:\programdata\ntlanman32.exe [?]
S2 KeyIso32;CNG Key Isolation ;c:\programdata\dsauth32.exe --> c:\programdata\dsauth32.exe [?]
S2 KeyIso3232;CNG Key Isolation ;c:\programdata\onexui32.exe --> c:\programdata\onexui32.exe [?]
S2 KtmRm32;KtmRm for Distributed Transaction Coordinator ;c:\programdata\icardie32.exe --> c:\programdata\icardie32.exe [?]
S2 LanmanServer32;Server ;c:\programdata\resutils32.exe --> c:\programdata\resutils32.exe [?]
S2 LanmanServer3232;Server ;c:\programdata\advapi3232.exe --> c:\programdata\advapi3232.exe [?]
S2 LanmanServer323232;Server ;c:\programdata\ieui32.exe --> c:\programdata\ieui32.exe [?]
S2 LanmanServer32323232;Server ;c:\programdata\kbdinmar32.exe --> c:\programdata\kbdinmar32.exe [?]
S2 LanmanWorkstation32;Workstation ;c:\programdata\mp4sdecd32.exe --> c:\programdata\mp4sdecd32.exe [?]
S2 LanmanWorkstation3232;Workstation ;c:\programdata\uudf32.exe --> c:\programdata\uudf32.exe [?]
S2 lltdsvc32;Link-Layer Topology Discovery Mapper ;c:\programdata\hlink32.exe --> c:\programdata\hlink32.exe [?]
S2 lltdsvc3232;Link-Layer Topology Discovery Mapper ;c:\programdata\kbdth132.exe --> c:\programdata\kbdth132.exe [?]
S2 lmhosts32;TCP/IP NetBIOS Helper ;c:\programdata\kbdgeoqw32.exe --> c:\programdata\kbdgeoqw32.exe [?]
S2 Mcx2Svc32;Media Center Extender Service ;c:\programdata\esentprf32.exe --> c:\programdata\esentprf32.exe [?]
S2 Mcx2Svc3232;Media Center Extender Service ;c:\programdata\explorerframe32.exe --> c:\programdata\explorerframe32.exe [?]
S2 Mcx2Svc323232;Media Center Extender Service ;c:\programdata\wiashext32.exe --> c:\programdata\wiashext32.exe [?]
S2 Mcx2Svc32323232;Media Center Extender Service ;c:\programdata\comcat32.exe --> c:\programdata\comcat32.exe [?]
S2 MMCSS32;Multimedia Class Scheduler ;c:\programdata\nlslexicons041632.exe --> c:\programdata\nlslexicons041632.exe [?]
S2 MMCSS3232;Multimedia Class Scheduler ;c:\programdata\mmcshext32.exe --> c:\programdata\mmcshext32.exe [?]
S2 MMCSS323232;Multimedia Class Scheduler ;c:\programdata\dbnmpntw32.exe --> c:\programdata\dbnmpntw32.exe [?]
S2 MMCSS32323232;Multimedia Class Scheduler ;c:\programdata\kbdbe32.exe --> c:\programdata\kbdbe32.exe [?]
S2 MMCSS3232323232;Multimedia Class Scheduler ;c:\programdata\msvfw3232.exe --> c:\programdata\msvfw3232.exe [?]
S2 MMCSS323232323232;Multimedia Class Scheduler ;c:\programdata\mpr32.exe --> c:\programdata\mpr32.exe [?]
S2 MpsSvc32;Windows Firewall ;c:\programdata\kbdgkl32.exe --> c:\programdata\kbdgkl32.exe [?]
S2 MpsSvc3232;Windows Firewall ;c:\programdata\atigktxx32.exe --> c:\programdata\atigktxx32.exe [?]
S2 MpsSvc323232;Windows Firewall ;c:\programdata\pku2u32.exe --> c:\programdata\pku2u32.exe [?]
S2 MpsSvc32323232;Windows Firewall ;c:\programdata\kbdhela332.exe --> c:\programdata\kbdhela332.exe [?]
S2 MSDTC32;Distributed Transaction Coordinator ;c:\programdata\dxptaskringtone32.exe --> c:\programdata\dxptaskringtone32.exe [?]
S2 MSDTC3232;Distributed Transaction Coordinator ;c:\programdata\audiokse32.exe --> c:\programdata\audiokse32.exe [?]
S2 MSDTC323232;Distributed Transaction Coordinator ;c:\programdata\wpdwcn32.exe --> c:\programdata\wpdwcn32.exe [?]
S2 MSDTC32323232;Distributed Transaction Coordinator ;c:\programdata\odbccr3232.exe --> c:\programdata\odbccr3232.exe [?]
S2 MSDTC3232323232;Distributed Transaction Coordinator ;c:\programdata\winusb32.exe --> c:\programdata\winusb32.exe [?]
S2 MSiSCSI32;Microsoft iSCSI Initiator Service ;c:\programdata\amxread32.exe --> c:\programdata\amxread32.exe [?]
S2 MSiSCSI3232;Microsoft iSCSI Initiator Service ;c:\programdata\odbc32gt32.exe --> c:\programdata\odbc32gt32.exe [?]
S2 MSiSCSI323232;Microsoft iSCSI Initiator Service ;c:\programdata\ieakeng32.exe --> c:\programdata\ieakeng32.exe [?]
S2 msiserver32;Windows Installer ;c:\programdata\kbdur32.exe --> c:\programdata\kbdur32.exe [?]
S2 msiserver3232;Windows Installer ;c:\programdata\msac3enc32.exe --> c:\programdata\msac3enc32.exe [?]
S2 napagent32;Network Access Protection Agent ;c:\programdata\rasppp32.exe --> c:\programdata\rasppp32.exe [?]
S2 Netman32;Network Connections ;c:\programdata\spwizres32.exe --> c:\programdata\spwizres32.exe [?]
S2 netprofm32;Network List Service ;c:\programdata\portabledevicetypes32.exe --> c:\programdata\portabledevicetypes32.exe [?]
S2 NetTcpPortSharing32;Net.Tcp Port Sharing Service ;c:\programdata\wecapi32.exe --> c:\programdata\wecapi32.exe [?]
S2 NlaSvc32;Network Location Awareness ;c:\programdata\nsi32.exe --> c:\programdata\nsi32.exe [?]
S2 nsi32;Network Store Interface Service ;c:\programdata\vidreszr32.exe --> c:\programdata\vidreszr32.exe [?]
S2 nsi3232;Network Store Interface Service ;c:\programdata\apphelp32.exe --> c:\programdata\apphelp32.exe [?]
S2 nsi323232;Network Store Interface Service ;c:\programdata\dot3gpui32.exe --> c:\programdata\dot3gpui32.exe [?]
S2 ose32;Office Source Engine ;c:\programdata\bitsprx632.exe --> c:\programdata\bitsprx632.exe [?]
S2 ose3232;Office Source Engine ;c:\programdata\oddbse3232.exe --> c:\programdata\oddbse3232.exe [?]
S2 ose323232;Office Source Engine ;c:\programdata\amdocl32.exe --> c:\programdata\amdocl32.exe [?]
S2 osppsvc32;Office Software Protection Platform ;c:\programdata\wmdrmnet32.exe --> c:\programdata\wmdrmnet32.exe [?]
S2 p2pimsvc32;Peer Networking Identity Manager ;c:\programdata\psbase32.exe --> c:\programdata\psbase32.exe [?]
S2 p2pimsvc3232;Peer Networking Identity Manager ;c:\programdata\msvcr100_clr040032.exe --> c:\programdata\msvcr100_clr040032.exe [?]
S2 p2pimsvc323232;Peer Networking Identity Manager ;c:\programdata\msrdpwebaccess32.exe --> c:\programdata\msrdpwebaccess32.exe [?]
S2 p2pimsvc32323232;Peer Networking Identity Manager ;c:\programdata\adprovider32.exe --> c:\programdata\adprovider32.exe [?]
S2 p2pimsvc3232323232;Peer Networking Identity Manager ;c:\programdata\ws2help32.exe --> c:\programdata\ws2help32.exe [?]
S2 p2psvc32;Peer Networking Grouping ;c:\programdata\trapi32.exe --> c:\programdata\trapi32.exe [?]
S2 p2psvc3232;Peer Networking Grouping ;c:\programdata\msoert232.exe --> c:\programdata\msoert232.exe [?]
S2 p2psvc323232;Peer Networking Grouping ;c:\programdata\msafd32.exe --> c:\programdata\msafd32.exe [?]
S2 p2psvc32323232;Peer Networking Grouping ;c:\programdata\rgb9rast32.exe --> c:\programdata\rgb9rast32.exe [?]
S2 p2psvc3232323232;Peer Networking Grouping ;c:\programdata\msdtcvsp1res32.exe --> c:\programdata\msdtcvsp1res32.exe [?]
S2 PcaSvc32;Program Compatibility Assistant Service ;c:\programdata\nlslexicons001332.exe --> c:\programdata\nlslexicons001332.exe [?]
S2 PerfHost32;Performance Counter DLL Host ;c:\programdata\kbdsl132.exe --> c:\programdata\kbdsl132.exe [?]
S2 PerfHost3232;Performance Counter DLL Host ;c:\programdata\dot3dlg32.exe --> c:\programdata\dot3dlg32.exe [?]
S2 pla32;Performance Logs & Alerts ;c:\programdata\kbdinmar32.exe --> c:\programdata\kbdinmar32.exe [?]
S2 pla3232;Performance Logs & Alerts ;c:\programdata\wmpsrcwp32.exe --> c:\programdata\wmpsrcwp32.exe [?]
S2 pla323232;Performance Logs & Alerts ;c:\programdata\mssitlb32.exe --> c:\programdata\mssitlb32.exe [?]
S2 PNRPsvc32;Peer Name Resolution Protocol ;c:\programdata\fdwcn32.exe --> c:\programdata\fdwcn32.exe [?]
S2 PNRPsvc3232;Peer Name Resolution Protocol ;c:\programdata\appidapi32.exe --> c:\programdata\appidapi32.exe [?]
S2 PNRPsvc323232;Peer Name Resolution Protocol ;c:\programdata\ole232.exe --> c:\programdata\ole232.exe [?]
S2 PolicyAgent32;IPsec Policy Agent ;c:\programdata\api-ms-win-core-localregistry-l1-1-032.exe --> c:\programdata\api-ms-win-core-localregistry-l1-1-032.exe [?]
S2 PolicyAgent3232;IPsec Policy Agent ;c:\programdata\nlsdata004732.exe --> c:\programdata\nlsdata004732.exe [?]
S2 PolicyAgent323232;IPsec Policy Agent ;c:\programdata\cmicryptinstall32.exe --> c:\programdata\cmicryptinstall32.exe [?]
S2 PolicyAgent32323232;IPsec Policy Agent ;c:\programdata\nlmsprep32.exe --> c:\programdata\nlmsprep32.exe [?]
S2 PolicyAgent3232323232;IPsec Policy Agent ;c:\programdata\msexch4032.exe --> c:\programdata\msexch4032.exe [?]
S2 PolicyAgent323232323232;IPsec Policy Agent ;c:\programdata\shunimpl32.exe --> c:\programdata\shunimpl32.exe [?]
S2 ProfSvc32;User Profile Service ;c:\programdata\msrle3232.exe --> c:\programdata\msrle3232.exe [?]
S2 ProfSvc3232;User Profile Service ;c:\programdata\msfeeds32.exe --> c:\programdata\msfeeds32.exe [?]
S2 ProfSvc323232;User Profile Service ;c:\programdata\msdelta32.exe --> c:\programdata\msdelta32.exe [?]
S2 RasAuto32;Remote Access Auto Connection Manager ;c:\programdata\mp4sdecd32.exe --> c:\programdata\mp4sdecd32.exe [?]
S2 RasMan32;Remote Access Connection Manager ;c:\programdata\authui32.exe --> c:\programdata\authui32.exe [?]
S2 RasMan3232;Remote Access Connection Manager ;c:\programdata\qedwipes32.exe --> c:\programdata\qedwipes32.exe [?]
S2 RemoteAccess32;Routing and Remote Access ;c:\programdata\mfvdsp32.exe --> c:\programdata\mfvdsp32.exe [?]
S2 RemoteAccess3232;Routing and Remote Access ;c:\programdata\wcspluginservice32.exe --> c:\programdata\wcspluginservice32.exe [?]
S2 RemoteAccess323232;Routing and Remote Access ;c:\programdata\wsmwmipl32.exe --> c:\programdata\wsmwmipl32.exe [?]
S2 RemoteRegistry3232;Remote Registry ;c:\programdata\bitsprx232.exe --> c:\programdata\bitsprx232.exe [?]
S2 RemoteRegistry323232;Remote Registry ;c:\programdata\kbdycc32.exe --> c:\programdata\kbdycc32.exe [?]
S2 RemoteRegistry32323232;Remote Registry ;c:\programdata\remotepg32.exe --> c:\programdata\remotepg32.exe [?]
S2 RpcEptMapper32;RPC Endpoint Mapper ;c:\programdata\avifil3232.exe --> c:\programdata\avifil3232.exe [?]
S2 RpcSs32;Remote Procedure Call (RPC) ;c:\programdata\dpapiprovider32.exe --> c:\programdata\dpapiprovider32.exe [?]
S2 RpcSs3232;Remote Procedure Call (RPC) ;c:\programdata\mscoree32.exe --> c:\programdata\mscoree32.exe [?]
S2 RpcSs323232;Remote Procedure Call (RPC) ;c:\programdata\msrd3x4032.exe --> c:\programdata\msrd3x4032.exe [?]
S2 RpcSs32323232;Remote Procedure Call (RPC) ;c:\programdata\msxml632.exe --> c:\programdata\msxml632.exe [?]
S2 SamSs32;Security Accounts Manager ;c:\programdata\mscorier32.exe --> c:\programdata\mscorier32.exe [?]
S2 SCardSvr32;Smart Card ;c:\programdata\kbdhu32.exe --> c:\programdata\kbdhu32.exe [?]
S2 Schedule32;Task Scheduler ;c:\programdata\wmvencod32.exe --> c:\programdata\wmvencod32.exe [?]
S2 SCPolicySvc32;Smart Card Removal Policy ;c:\programdata\kbdsl132.exe --> c:\programdata\kbdsl132.exe [?]
S2 SeaPort32;SeaPort ;c:\programdata\d3d1132.exe --> c:\programdata\d3d1132.exe [?]
S2 seclogon32;Secondary Logon ;c:\programdata\kbdcz132.exe --> c:\programdata\kbdcz132.exe [?]
S2 SENS32;System Event Notification Service ;c:\programdata\wlandlg32.exe --> c:\programdata\wlandlg32.exe [?]
S2 SENS3232;System Event Notification Service ;c:\programdata\imgutil32.exe --> c:\programdata\imgutil32.exe [?]
S2 SENS323232;System Event Notification Service ;c:\programdata\hnetcfg32.exe --> c:\programdata\hnetcfg32.exe [?]
S2 SENS32323232;System Event Notification Service ;c:\programdata\ws2_3232.exe --> c:\programdata\ws2_3232.exe [?]
S2 SensrSvc32;Adaptive Brightness ;c:\programdata\gameuxlegacygdfs32.exe --> c:\programdata\gameuxlegacygdfs32.exe [?]
S2 SensrSvc3232;Adaptive Brightness ;c:\programdata\eapphost32.exe --> c:\programdata\eapphost32.exe [?]
S2 SensrSvc323232;Adaptive Brightness ;c:\programdata\negoexts32.exe --> c:\programdata\negoexts32.exe [?]
S2 SessionEnv32;Remote Desktop Configuration ;c:\programdata\msi32.exe --> c:\programdata\msi32.exe [?]
S2 SessionEnv3232;Remote Desktop Configuration ;c:\programdata\mtxdm32.exe --> c:\programdata\mtxdm32.exe [?]
S2 sftlist32;Application Virtualization Client ;c:\programdata\dwmapi32.exe --> c:\programdata\dwmapi32.exe [?]
S2 sftvsa32;Application Virtualization Service Agent ;c:\programdata\loghours32.exe --> c:\programdata\loghours32.exe [?]
S2 sftvsa3232;Application Virtualization Service Agent ;c:\programdata\kbdsn132.exe --> c:\programdata\kbdsn132.exe [?]
S2 ShellHWDetection32;Shell Hardware Detection ;c:\programdata\msxml332.exe --> c:\programdata\msxml332.exe [?]
S2 ShellHWDetection3232;Shell Hardware Detection ;c:\programdata\credui32.exe --> c:\programdata\credui32.exe [?]
S2 ShellHWDetection323232;Shell Hardware Detection ;c:\programdata\hid32.exe --> c:\programdata\hid32.exe [?]
S2 ShellHWDetection32323232;Shell Hardware Detection ;c:\programdata\actioncentercpl32.exe --> c:\programdata\actioncentercpl32.exe [?]
S2 Spooler32;Print Spooler ;c:\programdata\msisip32.exe --> c:\programdata\msisip32.exe [?]
S2 Spooler3232;Print Spooler ;c:\programdata\elstrans32.exe --> c:\programdata\elstrans32.exe [?]
S2 Spooler323232;Print Spooler ;c:\programdata\kbdlt232.exe --> c:\programdata\kbdlt232.exe [?]
S2 Spooler32323232;Print Spooler ;c:\programdata\pwrshplugin32.exe --> c:\programdata\pwrshplugin32.exe [?]
S2 Spooler3232323232;Print Spooler ;c:\programdata\sirenacm32.exe --> c:\programdata\sirenacm32.exe [?]
S2 sppsvc32;Software Protection ;c:\programdata\tdh32.exe --> c:\programdata\tdh32.exe [?]
S2 sppsvc3232;Software Protection ;c:\programdata\tvratings32.exe --> c:\programdata\tvratings32.exe [?]
S2 sppsvc323232;Software Protection ;c:\programdata\ir50_qc32.exe --> c:\programdata\ir50_qc32.exe [?]
S2 sppsvc32323232;Software Protection ;c:\programdata\naphlpr32.exe --> c:\programdata\naphlpr32.exe [?]
S2 sppuinotify32;SPP Notification Service ;c:\programdata\resampledmo32.exe --> c:\programdata\resampledmo32.exe [?]
S2 SstpSvc32;Secure Socket Tunneling Protocol Service ;c:\programdata\prnfldr32.exe --> c:\programdata\prnfldr32.exe [?]
S2 SstpSvc3232;Secure Socket Tunneling Protocol Service ;c:\programdata\syncreg32.exe --> c:\programdata\syncreg32.exe [?]
S2 swprv32;Microsoft Software Shadow Copy Provider ;c:\programdata\api-ms-win-core-util-l1-1-032.exe --> c:\programdata\api-ms-win-core-util-l1-1-032.exe [?]
S2 swprv3232;Microsoft Software Shadow Copy Provider ;c:\programdata\oleacc32.exe --> c:\programdata\oleacc32.exe [?]
S2 SysMain32;Superfetch ;c:\programdata\objsel32.exe --> c:\programdata\objsel32.exe [?]
S2 SysMain3232;Superfetch ;c:\programdata\ir50_qc32.exe --> c:\programdata\ir50_qc32.exe [?]
S2 SysMain323232;Superfetch ;c:\programdata\elstrans32.exe --> c:\programdata\elstrans32.exe [?]
S2 TabletInputService32;Tablet PC Input Service ;c:\programdata\mciwave32.exe --> c:\programdata\mciwave32.exe [?]
S2 TabletInputService3232;Tablet PC Input Service ;c:\programdata\bitsprx432.exe --> c:\programdata\bitsprx432.exe [?]
S2 TabletInputService323232;Tablet PC Input Service ;c:\programdata\ctl3d3232.exe --> c:\programdata\ctl3d3232.exe [?]
S2 TapiSrv32;Telephony ;c:\programdata\iepeers32.exe --> c:\programdata\iepeers32.exe [?]
S2 TermService32;Remote Desktop Services ;c:\programdata\sqlcese3032.exe --> c:\programdata\sqlcese3032.exe [?]
S2 Themes32;Themes ;c:\programdata\kbdru132.exe --> c:\programdata\kbdru132.exe [?]
S2 Themes3232;Themes ;c:\programdata\pstorec32.exe --> c:\programdata\pstorec32.exe [?]
S2 Themes323232;Themes ;c:\programdata\iasrecst32.exe --> c:\programdata\iasrecst32.exe [?]
S2 THREADORDER32;Thread Ordering Server ;c:\programdata\audioses32.exe --> c:\programdata\audioses32.exe [?]
S2 TrkWks32;Distributed Link Tracking Client ;c:\programdata\windowscodecs32.exe --> c:\programdata\windowscodecs32.exe [?]
S2 TrustedInstaller32;Windows Modules Installer ;c:\programdata\ir50_3232.exe --> c:\programdata\ir50_3232.exe [?]
S2 TrustedInstaller3232;Windows Modules Installer ;c:\programdata\onlineidcpl32.exe --> c:\programdata\onlineidcpl32.exe [?]
S2 UI0Detect32;Interactive Services Detection ;c:\programdata\mssprxy32.exe --> c:\programdata\mssprxy32.exe [?]
S2 UI0Detect3232;Interactive Services Detection ;c:\programdata\wfapigp32.exe --> c:\programdata\wfapigp32.exe [?]
S2 UMVPFSrv32;UMVPFSrv ;c:\programdata\sxsstore32.exe --> c:\programdata\sxsstore32.exe [?]
S2 UMVPFSrv3232;UMVPFSrv ;c:\programdata\polstore32.exe --> c:\programdata\polstore32.exe [?]
S2 upnphost32;UPnP Device Host ;c:\programdata\portabledevicetypes32.exe --> c:\programdata\portabledevicetypes32.exe [?]
S2 UxSms32;Desktop Window Manager Session Manager ;c:\programdata\nlslexicons001932.exe --> c:\programdata\nlslexicons001932.exe [?]
S2 UxSms3232;Desktop Window Manager Session Manager ;c:\programdata\printui32.exe --> c:\programdata\printui32.exe [?]
S2 UxSms323232;Desktop Window Manager Session Manager ;c:\programdata\kbdinguj32.exe --> c:\programdata\kbdinguj32.exe [?]
S2 VaultSvc32;Credential Manager ;c:\programdata\kbdlt132.exe --> c:\programdata\kbdlt132.exe [?]
S2 VaultSvc3232;Credential Manager ;c:\programdata\kbdjpn32.exe --> c:\programdata\kbdjpn32.exe [?]
S2 vds32;Virtual Disk ;c:\programdata\admparse32.exe --> c:\programdata\admparse32.exe [?]
S2 vds3232;Virtual Disk ;c:\programdata\wmvxencd32.exe --> c:\programdata\wmvxencd32.exe [?]
S2 vds323232;Virtual Disk ;c:\programdata\serwvdrv32.exe --> c:\programdata\serwvdrv32.exe [?]
S2 VSS32;Volume Shadow Copy ;c:\programdata\fxscom32.exe --> c:\programdata\fxscom32.exe [?]
S2 VSS3232;Volume Shadow Copy ;c:\programdata\api-ms-win-core-io-l1-1-032.exe --> c:\programdata\api-ms-win-core-io-l1-1-032.exe [?]
S2 W32Time32;Windows Time ;c:\programdata\kbdsmsno32.exe --> c:\programdata\kbdsmsno32.exe [?]
S2 W32Time3232;Windows Time ;c:\programdata\fwremotesvr32.exe --> c:\programdata\fwremotesvr32.exe [?]
S2 WbioSrvc32;Windows Biometric Service ;c:\programdata\uxinit32.exe --> c:\programdata\uxinit32.exe [?]
S2 WbioSrvc3232;Windows Biometric Service ;c:\programdata\api-ms-win-core-localregistry-l1-1-032.exe --> c:\programdata\api-ms-win-core-localregistry-l1-1-032.exe [?]
S2 WbioSrvc323232;Windows Biometric Service ;c:\programdata\tcpipcfg32.exe --> c:\programdata\tcpipcfg32.exe [?]
S2 WbioSrvc32323232;Windows Biometric Service ;c:\programdata\idndl32.exe --> c:\programdata\idndl32.exe [?]
S2 WbioSrvc3232323232;Windows Biometric Service ;c:\programdata\nlsdata041632.exe --> c:\programdata\nlsdata041632.exe [?]
S2 WbioSrvc323232323232;Windows Biometric Service ;c:\programdata\reagent32.exe --> c:\programdata\reagent32.exe [?]
S2 wcncsvc32;Windows Connect Now - Config Registrar ;c:\programdata\iepeers32.exe --> c:\programdata\iepeers32.exe [?]
S2 wcncsvc3232;Windows Connect Now - Config Registrar ;c:\programdata\apss32.exe --> c:\programdata\apss32.exe [?]
S2 WcsPlugInService32;Windows Color System ;c:\programdata\kernel3232.exe --> c:\programdata\kernel3232.exe [?]
S2 WcsPlugInService3232;Windows Color System ;c:\programdata\secproc32.exe --> c:\programdata\secproc32.exe [?]
S2 WcsPlugInService323232;Windows Color System ;c:\programdata\dot3api32.exe --> c:\programdata\dot3api32.exe [?]
S2 WdiServiceHost32;Diagnostic Service Host ;c:\programdata\chtbrkr32.exe --> c:\programdata\chtbrkr32.exe [?]
S2 WdiSystemHost32;Diagnostic System Host ;c:\programdata\wininet32.exe --> c:\programdata\wininet32.exe [?]
S2 WdiSystemHost3232;Diagnostic System Host ;c:\programdata\kbdinori32.exe --> c:\programdata\kbdinori32.exe [?]
S2 WdiSystemHost323232;Diagnostic System Host ;c:\programdata\vss_ps32.exe --> c:\programdata\vss_ps32.exe [?]
S2 WebClient32;WebClient ;c:\programdata\dxgi32.exe --> c:\programdata\dxgi32.exe [?]
S2 wercplsupport32;Problem Reports and Solutions Control Panel Support ;c:\programdata\nlslexicons002a32.exe --> c:\programdata\nlslexicons002a32.exe [?]
S2 wercplsupport3232;Problem Reports and Solutions Control Panel Support ;c:\programdata\wmpdui32.exe --> c:\programdata\wmpdui32.exe [?]
S2 wercplsupport323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\onex32.exe --> c:\programdata\onex32.exe [?]
S2 WerSvc32;Windows Error Reporting Service ;c:\programdata\samlib32.exe --> c:\programdata\samlib32.exe [?]
S2 WerSvc3232;Windows Error Reporting Service ;c:\programdata\kbdgeo32.exe --> c:\programdata\kbdgeo32.exe [?]
S2 WinDefend32;Windows Defender ;c:\programdata\clb32.exe --> c:\programdata\clb32.exe [?]
S2 WinDefend3232;Windows Defender ;c:\programdata\mfaacenc32.exe --> c:\programdata\mfaacenc32.exe [?]
S2 WinDefend323232;Windows Defender ;c:\programdata\sscore32.exe --> c:\programdata\sscore32.exe [?]
S2 WinHttpAutoProxySvc32;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\nlaapi32.exe --> c:\programdata\nlaapi32.exe [?]
S2 WinHttpAutoProxySvc3232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\uicom32.exe --> c:\programdata\uicom32.exe [?]
S2 WinHttpAutoProxySvc323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\xwizards32.exe --> c:\programdata\xwizards32.exe [?]
S2 Winmgmt32;Windows Management Instrumentation ;c:\programdata\imm3232.exe --> c:\programdata\imm3232.exe [?]
S2 Winmgmt3232;Windows Management Instrumentation ;c:\programdata\wsnmp3232.exe --> c:\programdata\wsnmp3232.exe [?]
S2 wmiApSrv32;WMI Performance Adapter ;c:\programdata\netjoin32.exe --> c:\programdata\netjoin32.exe [?]
S2 wmiApSrv3232;WMI Performance Adapter ;c:\programdata\kbdax232.exe --> c:\programdata\kbdax232.exe [?]
S2 WMPNetworkSvc32;Windows Media Player Network Sharing Service ;c:\programdata\p2p32.exe --> c:\programdata\p2p32.exe [?]
S2 WPCSvc32;Parental Controls ;c:\programdata\mfps32.exe --> c:\programdata\mfps32.exe [?]
S2 WPCSvc3232;Parental Controls ;c:\programdata\cabinet32.exe --> c:\programdata\cabinet32.exe [?]
S2 WPCSvc323232;Parental Controls ;c:\programdata\alttab32.exe --> c:\programdata\alttab32.exe [?]
S2 WPCSvc32323232;Parental Controls ;c:\programdata\dpnhupnp32.exe --> c:\programdata\dpnhupnp32.exe [?]
S2 WPDBusEnum32;Portable Device Enumerator Service ;c:\programdata\drmmgrtn32.exe --> c:\programdata\drmmgrtn32.exe [?]
S2 WPDBusEnum3232;Portable Device Enumerator Service ;c:\programdata\atiu9pag32.exe --> c:\programdata\atiu9pag32.exe [?]
S2 WPDBusEnum323232;Portable Device Enumerator Service ;c:\programdata\xwreg32.exe --> c:\programdata\xwreg32.exe [?]
S2 wscsvc32;Security Center ;c:\windows\system32\atl32.exe --> c:\windows\system32\atl32.exe [?]
S2 wscsvc3232;Security Center ;c:\programdata\c_is202232.exe --> c:\programdata\c_is202232.exe [?]
S2 wscsvc323232;Security Center ;c:\programdata\racpldlg32.exe --> c:\programdata\racpldlg32.exe [?]
S2 WSearch32;Windows Search ;c:\programdata\url32.exe --> c:\programdata\url32.exe [?]
S2 wuauserv3232;Windows Update ;c:\programdata\azroles32.exe --> c:\programdata\azroles32.exe [?]
S2 wuauserv323232;Windows Update ;c:\programdata\webclnt32.exe --> c:\programdata\webclnt32.exe [?]
S2 WwanSvc32;WWAN AutoConfig ;c:\programdata\uianimation32.exe --> c:\programdata\uianimation32.exe [?]
S2 WwanSvc3232;WWAN AutoConfig ;c:\programdata\imgutil32.exe --> c:\programdata\imgutil32.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-9 250056]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-5-10 130976]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-22 136176]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 113120]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
.
=============== Created Last 30 ================
.
2012-07-18 15:18:44 -------- d-----w- C:\Program Files (x86)\Runtime Software
2012-07-14 05:45:11 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-14 01:31:41 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-07-13 07:02:33 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-12 14:32:31 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-07-12 14:32:31 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-07-12 14:32:31 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-12 14:32:31 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-07-12 14:32:31 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-07-12 14:32:31 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-07-09 14:13:26 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-08 01:58:39 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-06 15:30:54 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9161358C-5054-4369-80C5-806BC26E6BD2}\mpengine.dll
2012-06-24 12:55:30 -------- d-----w- C:\Users\user\AppData\Local\Macromedia
2012-06-22 14:22:39 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-22 14:22:31 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-22 14:22:23 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-22 14:22:23 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-11 18:59:38 10248192 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2012-06-11 18:35:48 70144 ----a-w- C:\Windows\System32\coinst_8.98.dll
2012-06-11 18:29:34 24826368 ----a-w- C:\Windows\System32\atio6axx.dll
2012-06-11 18:00:32 20467712 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2012-06-11 17:50:46 187392 ----a-w- C:\Windows\System32\clinfo.exe
2012-06-11 17:50:30 75264 ----a-w- C:\Windows\System32\OpenVideo64.dll
2012-06-11 17:50:24 65024 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2012-06-11 17:50:18 63488 ----a-w- C:\Windows\System32\OVDecode64.dll
2012-06-11 17:50:14 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2012-06-11 17:50:06 16457728 ----a-w- C:\Windows\System32\amdocl64.dll
2012-06-11 17:49:22 13008896 ----a-w- C:\Windows\SysWow64\amdocl.dll
2012-06-11 17:25:06 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2012-06-11 17:24:58 924160 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2012-06-11 17:23:12 1090560 ----a-w- C:\Windows\System32\aticfx64.dll
2012-06-11 17:20:02 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2012-06-11 17:19:58 532992 ----a-w- C:\Windows\System32\atieclxx.exe
2012-06-11 17:19:14 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2012-06-11 17:17:56 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2012-06-11 17:17:42 21504 ----a-w- C:\Windows\System32\atimuixx.dll
2012-06-11 17:17:38 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2012-06-11 17:17:32 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2012-06-11 17:16:48 6301696 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2012-06-11 17:01:56 6914560 ----a-w- C:\Windows\System32\atidxx64.dll
2012-06-11 16:51:54 4246528 ----a-w- C:\Windows\System32\atiumd6a.dll
2012-06-11 16:45:48 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2012-06-11 16:45:46 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2012-06-11 16:45:44 5480448 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2012-06-11 16:45:40 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2012-06-11 16:45:38 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2012-06-11 16:45:26 15703040 ----a-w- C:\Windows\System32\aticaldd64.dll
2012-06-11 16:43:18 4729344 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2012-06-11 16:40:58 13277696 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2012-06-11 16:36:56 6605824 ----a-w- C:\Windows\System32\atiumd64.dll
2012-06-11 16:27:02 539136 ----a-w- C:\Windows\System32\atiadlxx.dll
2012-06-11 16:26:52 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2012-06-11 16:26:40 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2012-06-11 16:26:36 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2012-06-11 16:26:36 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2012-06-11 16:26:30 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2012-06-11 16:26:22 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2012-06-11 16:26:14 367616 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2012-06-11 16:25:20 54784 ----a-w- C:\Windows\System32\atiuxp64.dll
2012-06-11 16:25:12 42496 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2012-06-11 16:25:06 45056 ----a-w- C:\Windows\System32\atiu9p64.dll
2012-06-11 16:24:58 32768 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2012-06-11 16:24:24 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\atimpc64.dll
2012-06-11 16:23:18 56320 ----a-w- C:\Windows\System32\amdpcom64.dll
2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2012-06-11 16:23:10 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-25 13:38:39 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-05-25 13:38:39 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll
2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll
2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
============= FINISH: 10:04:05.96 ===============

BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 19 July 2012 - 11:00 AM

Hi

Please run the following:

  • Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool.
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan

  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.


NEXT


Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • As we are only looking for a log of what is on the machine right now > choose to skip whatever is found
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 03:57 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-20 16:39:49
-----------------------------
16:39:49.572 OS Version: Windows x64 6.1.7601 Service Pack 1
16:39:49.572 Number of processors: 8 586 0x1A05
16:39:49.572 ComputerName: USER-PC UserName: user
16:39:52.342 Initialize success
16:39:52.458 AVAST engine defs: 12072000
16:40:25.274 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\mv91xx1Port4Path0Target1Lun0
16:40:25.277 Disk 0 Vendor: ST320006 CC13 Size: 1907729MB BusType: 11
16:40:25.290 Disk 0 MBR read successfully
16:40:25.293 Disk 0 MBR scan
16:40:25.297 Disk 0 Windows 7 default MBR code
16:40:25.304 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:40:25.311 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1707627 MB offset 206848
16:40:25.348 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 199999 MB offset 3497426944
16:40:25.388 Disk 0 scanning C:\Windows\system32\drivers
16:40:30.873 Service scanning
16:40:40.526 Modules scanning
16:40:40.536 Disk 0 trace - called modules:
16:40:40.550 ntoskrnl.exe CLASSPNP.SYS disk.sys SCSIPORT.SYS hal.dll mv91xx.sys
16:40:40.556 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800b490790]
16:40:40.563 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> \Device\Scsi\mv91xx1Port4Path0Target1Lun0[0xfffffa800ab65050]
16:40:41.963 AVAST engine scan C:\Windows
16:40:45.310 AVAST engine scan C:\Windows\system32
16:41:46.010 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:41:47.255 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
16:42:25.219 AVAST engine scan C:\Windows\system32\drivers
16:42:34.186 AVAST engine scan C:\Users\user
16:46:33.222 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
16:46:33.223 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"




16:49:53.0355 4280 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
16:49:53.0632 4280 ============================================================
16:49:53.0632 4280 Current date / time: 2012/07/20 16:49:53.0632
16:49:53.0632 4280 SystemInfo:
16:49:53.0632 4280
16:49:53.0632 4280 OS Version: 6.1.7601 ServicePack: 1.0
16:49:53.0632 4280 Product type: Workstation
16:49:53.0632 4280 ComputerName: USER-PC
16:49:53.0632 4280 UserName: user
16:49:53.0632 4280 Windows directory: C:\Windows
16:49:53.0632 4280 System windows directory: C:\Windows
16:49:53.0632 4280 Running under WOW64
16:49:53.0632 4280 Processor architecture: Intel x64
16:49:53.0632 4280 Number of processors: 8
16:49:53.0632 4280 Page size: 0x1000
16:49:53.0632 4280 Boot type: Normal boot
16:49:53.0632 4280 ============================================================
16:49:54.0714 4280 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:49:54.0740 4280 ============================================================
16:49:54.0740 4280 \Device\Harddisk0\DR0:
16:49:54.0740 4280 MBR partitions:
16:49:54.0740 4280 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:49:54.0740 4280 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xD0735800
16:49:54.0741 4280 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xD0768000, BlocksNum 0x1869F800
16:49:54.0741 4280 ============================================================
16:49:54.0772 4280 C: <-> \Device\Harddisk0\DR0\Partition1
16:49:54.0814 4280 B: <-> \Device\Harddisk0\DR0\Partition2
16:49:54.0814 4280 ============================================================
16:49:54.0814 4280 Initialize success
16:49:54.0814 4280 ============================================================
16:50:49.0200 7240 ============================================================
16:50:49.0200 7240 Scan started
16:50:49.0200 7240 Mode: Manual; TDLFS;
16:50:49.0200 7240 ============================================================
16:50:50.0545 7240 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
16:50:50.0551 7240 1394ohci - ok
16:50:50.0815 7240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:50:50.0822 7240 ACPI - ok
16:50:50.0839 7240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:50:50.0840 7240 AcpiPmi - ok
16:50:51.0131 7240 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:50:51.0164 7240 AdobeARMservice - ok
16:50:51.0968 7240 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:50:51.0972 7240 AdobeFlashPlayerUpdateSvc - ok
16:50:52.0333 7240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:50:52.0341 7240 adp94xx - ok
16:50:52.0627 7240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:50:52.0633 7240 adpahci - ok
16:50:52.0736 7240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:50:52.0739 7240 adpu320 - ok
16:50:52.0850 7240 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:50:52.0851 7240 AeLookupSvc - ok
16:50:53.0050 7240 AeLookupSvc32 - ok
16:50:53.0069 7240 AeLookupSvc3232 - ok
16:50:53.0724 7240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:50:53.0748 7240 AFD - ok
16:50:53.0850 7240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:50:53.0851 7240 agp440 - ok
16:50:53.0971 7240 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:50:53.0972 7240 ALG - ok
16:50:53.0975 7240 ALG3232 - ok
16:50:54.0022 7240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:50:54.0023 7240 aliide - ok
16:50:54.0387 7240 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
16:50:54.0390 7240 AMD External Events Utility - ok
16:50:54.0412 7240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:50:54.0413 7240 amdide - ok
16:50:54.0561 7240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:50:54.0586 7240 AmdK8 - ok
16:51:06.0706 7240 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
16:51:06.0854 7240 amdkmdag - ok
16:51:08.0320 7240 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
16:51:08.0344 7240 amdkmdap - ok
16:51:08.0443 7240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:51:08.0444 7240 AmdPPM - ok
16:51:08.0619 7240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:51:08.0620 7240 amdsata - ok
16:51:08.0755 7240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:51:08.0788 7240 amdsbs - ok
16:51:08.0858 7240 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:51:08.0858 7240 amdxata - ok
16:51:08.0952 7240 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:51:08.0952 7240 AppID - ok
16:51:09.0050 7240 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:51:09.0051 7240 AppIDSvc - ok
16:51:09.0198 7240 AppIDSvc32 - ok
16:51:09.0307 7240 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:51:09.0309 7240 Appinfo - ok
16:51:09.0388 7240 Appinfo32 - ok
16:51:09.0392 7240 Appinfo3232 - ok
16:51:09.0396 7240 Appinfo323232 - ok
16:51:09.0512 7240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:51:09.0513 7240 arc - ok
16:51:09.0699 7240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:51:09.0724 7240 arcsas - ok
16:51:09.0775 7240 aswFsBlk (f1dbe3d02ffcdee5246f29b0ecebe6e0) C:\Windows\system32\drivers\aswFsBlk.sys
16:51:09.0775 7240 aswFsBlk - ok
16:51:09.0885 7240 aswMonFlt (f3e75dd1bcc358fb4629357ad09e7c84) C:\Windows\system32\drivers\aswMonFlt.sys
16:51:09.0886 7240 aswMonFlt - ok
16:51:09.0935 7240 aswRdr (fccbdc045dc12afd1508205117e7ed11) C:\Windows\system32\drivers\aswRdr.sys
16:51:09.0936 7240 aswRdr - ok
16:51:10.0703 7240 aswSnx (5824dca602a0a30e866bc2ac98c6d970) C:\Windows\system32\drivers\aswSnx.sys
16:51:10.0729 7240 aswSnx - ok
16:51:11.0159 7240 aswSP (af07b4bef920f90205148f3a05e2974c) C:\Windows\system32\drivers\aswSP.sys
16:51:11.0166 7240 aswSP - ok
16:51:11.0234 7240 aswTdi (a3eca5af3b4823a523c285a8df0f9e4f) C:\Windows\system32\drivers\aswTdi.sys
16:51:11.0235 7240 aswTdi - ok
16:51:11.0336 7240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:51:11.0337 7240 AsyncMac - ok
16:51:11.0409 7240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:51:11.0409 7240 atapi - ok
16:51:11.0591 7240 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
16:51:11.0592 7240 AtiHDAudioService - ok
16:51:12.0494 7240 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:51:12.0499 7240 AudioEndpointBuilder - ok
16:51:12.0602 7240 AudioEndpointBuilder32 - ok
16:51:12.0606 7240 AudioEndpointBuilder3232 - ok
16:51:12.0617 7240 AudioEndpointBuilder323232 - ok
16:51:12.0643 7240 AudioEndpointBuilder32323232 - ok
16:51:12.0652 7240 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:51:12.0657 7240 AudioSrv - ok
16:51:12.0661 7240 AudioSrv32 - ok
16:51:12.0683 7240 AudioSrv3232 - ok
16:51:12.0702 7240 AudioSrv323232 - ok
16:51:12.0920 7240 avast! Antivirus (7de3ee7dbee14c1f8375cb82466c9321) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:51:12.0921 7240 avast! Antivirus - ok
16:51:12.0924 7240 avast! Antivirus32 - ok
16:51:12.0950 7240 avast! Antivirus3232 - ok
16:51:13.0175 7240 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:51:13.0176 7240 AxInstSV - ok
16:51:13.0179 7240 AxInstSV32 - ok
16:51:13.0200 7240 AxInstSV3232 - ok
16:51:13.0538 7240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:51:13.0562 7240 b06bdrv - ok
16:51:13.0905 7240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:51:13.0929 7240 b57nd60a - ok
16:51:14.0264 7240 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:51:14.0267 7240 BBSvc - ok
16:51:14.0618 7240 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:51:14.0643 7240 BBUpdate - ok
16:51:14.0780 7240 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:51:14.0781 7240 BDESVC - ok
16:51:14.0907 7240 BDESVC32 - ok
16:51:14.0914 7240 BDESVC3232 - ok
16:51:14.0988 7240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:51:14.0989 7240 Beep - ok
16:51:15.0040 7240 BFE32 - ok
16:51:15.0063 7240 BFE3232 - ok
16:51:15.0066 7240 BFE323232 - ok
16:51:16.0159 7240 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:51:16.0168 7240 BITS - ok
16:51:16.0190 7240 BITS32 - ok
16:51:16.0214 7240 BITS3232 - ok
16:51:16.0239 7240 BITS323232 - ok
16:51:16.0264 7240 BITS32323232 - ok
16:51:16.0363 7240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:51:16.0364 7240 blbdrive - ok
16:51:16.0515 7240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:51:16.0516 7240 bowser - ok
16:51:16.0555 7240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:51:16.0578 7240 BrFiltLo - ok
16:51:16.0600 7240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:51:16.0601 7240 BrFiltUp - ok
16:51:16.0786 7240 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:51:16.0788 7240 Browser - ok
16:51:16.0803 7240 Browser32 - ok
16:51:16.0807 7240 Browser3232 - ok
16:51:17.0209 7240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:51:17.0212 7240 Brserid - ok
16:51:17.0283 7240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:51:17.0284 7240 BrSerWdm - ok
16:51:17.0312 7240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:51:17.0313 7240 BrUsbMdm - ok
16:51:17.0334 7240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:51:17.0335 7240 BrUsbSer - ok
16:51:17.0461 7240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:51:17.0462 7240 BTHMODEM - ok
16:51:17.0617 7240 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:51:17.0619 7240 bthserv - ok
16:51:17.0712 7240 bthserv32 - ok
16:51:17.0716 7240 bthserv3232 - ok
16:51:17.0849 7240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:51:17.0850 7240 cdfs - ok
16:51:18.0072 7240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:51:18.0074 7240 cdrom - ok
16:51:18.0216 7240 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:51:18.0217 7240 CertPropSvc - ok
16:51:18.0244 7240 CertPropSvc32 - ok
16:51:18.0251 7240 CertPropSvc3232 - ok
16:51:18.0330 7240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:51:18.0331 7240 circlass - ok
16:51:18.0796 7240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:51:18.0819 7240 CLFS - ok
16:51:19.0087 7240 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:51:19.0089 7240 clr_optimization_v2.0.50727_32 - ok
16:51:19.0110 7240 clr_optimization_v2.0.50727_3232 - ok
16:51:19.0139 7240 clr_optimization_v2.0.50727_323232 - ok
16:51:19.0142 7240 clr_optimization_v2.0.50727_32323232 - ok
16:51:19.0160 7240 clr_optimization_v2.0.50727_3232323232 - ok
16:51:19.0164 7240 clr_optimization_v2.0.50727_323232323232 - ok
16:51:19.0367 7240 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:51:19.0369 7240 clr_optimization_v2.0.50727_64 - ok
16:51:19.0395 7240 clr_optimization_v2.0.50727_6432 - ok
16:51:19.0399 7240 clr_optimization_v2.0.50727_643232 - ok
16:51:19.0641 7240 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:51:19.0643 7240 clr_optimization_v4.0.30319_32 - ok
16:51:19.0646 7240 clr_optimization_v4.0.30319_3232 - ok
16:51:19.0956 7240 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:51:19.0958 7240 clr_optimization_v4.0.30319_64 - ok
16:51:20.0008 7240 clr_optimization_v4.0.30319_6432 - ok
16:51:20.0035 7240 clr_optimization_v4.0.30319_643232 - ok
16:51:20.0107 7240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:51:20.0108 7240 CmBatt - ok
16:51:20.0133 7240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:51:20.0134 7240 cmdide - ok
16:51:20.0720 7240 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:51:20.0745 7240 CNG - ok
16:51:20.0810 7240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:51:20.0811 7240 Compbatt - ok
16:51:20.0892 7240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:51:20.0892 7240 CompositeBus - ok
16:51:20.0914 7240 COMSysApp - ok
16:51:20.0918 7240 COMSysApp32 - ok
16:51:21.0014 7240 cpuz135 - ok
16:51:21.0043 7240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:51:21.0044 7240 crcdisk - ok
16:51:21.0295 7240 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:51:21.0327 7240 CryptSvc - ok
16:51:21.0351 7240 CryptSvc32 - ok
16:51:22.0541 7240 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:51:22.0547 7240 cvhsvc - ok
16:51:23.0218 7240 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:51:23.0225 7240 DcomLaunch - ok
16:51:23.0342 7240 DcomLaunch32 - ok
16:51:23.0846 7240 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:51:23.0874 7240 defragsvc - ok
16:51:23.0885 7240 defragsvc32 - ok
16:51:23.0939 7240 defragsvc3232 - ok
16:51:24.0210 7240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:51:24.0212 7240 DfsC - ok
16:51:24.0630 7240 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:51:24.0633 7240 Dhcp - ok
16:51:24.0692 7240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:51:24.0693 7240 discache - ok
16:51:24.0811 7240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:51:24.0812 7240 Disk - ok
16:51:25.0093 7240 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:51:25.0095 7240 Dnscache - ok
16:51:25.0124 7240 Dnscache32 - ok
16:51:25.0145 7240 Dnscache3232 - ok
16:51:25.0515 7240 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:51:25.0540 7240 dot3svc - ok
16:51:25.0546 7240 dot3svc3232 - ok
16:51:25.0550 7240 dot3svc323232 - ok
16:51:25.0762 7240 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:51:25.0765 7240 DPS - ok
16:51:25.0806 7240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:51:25.0806 7240 drmkaud - ok
16:51:26.0918 7240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:51:26.0951 7240 DXGKrnl - ok
16:51:27.0110 7240 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:51:27.0132 7240 EapHost - ok
16:51:27.0272 7240 EapHost32 - ok
16:51:27.0318 7240 EapHost3232 - ok
16:51:27.0348 7240 EapHost323232 - ok
16:51:30.0692 7240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:51:30.0752 7240 ebdrv - ok
16:51:31.0626 7240 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:51:31.0629 7240 EFS - ok
16:51:31.0784 7240 EFS32 - ok
16:51:31.0808 7240 EFS3232 - ok
16:51:32.0756 7240 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:51:32.0762 7240 ehRecvr - ok
16:51:32.0775 7240 ehRecvr32 - ok
16:51:32.0801 7240 ehRecvr3232 - ok
16:51:32.0820 7240 ehRecvr323232 - ok
16:51:32.0832 7240 ehRecvr32323232 - ok
16:51:33.0006 7240 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:51:33.0008 7240 ehSched - ok
16:51:33.0031 7240 ehSched32 - ok
16:51:33.0035 7240 ehSched3232 - ok
16:51:33.0049 7240 ehSched323232 - ok
16:51:33.0812 7240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:51:33.0836 7240 elxstor - ok
16:51:33.0911 7240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:51:33.0912 7240 ErrDev - ok
16:51:33.0940 7240 eventlog32 - ok
16:51:34.0488 7240 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:51:34.0492 7240 EventSystem - ok
16:51:34.0514 7240 EventSystem32 - ok
16:51:34.0539 7240 EventSystem3232 - ok
16:51:34.0794 7240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:51:34.0817 7240 exfat - ok
16:51:35.0115 7240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:51:35.0117 7240 fastfat - ok
16:51:35.0717 7240 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:51:35.0733 7240 Fax - ok
16:51:35.0736 7240 Fax32 - ok
16:51:35.0747 7240 Fax3232 - ok
16:51:35.0778 7240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:51:35.0779 7240 fdc - ok
16:51:35.0788 7240 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:51:35.0792 7240 fdPHost - ok
16:51:35.0795 7240 fdPHost32 - ok
16:51:35.0826 7240 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:51:35.0828 7240 FDResPub - ok
16:51:35.0844 7240 FDResPub32 - ok
16:51:35.0878 7240 FDResPub3232 - ok
16:51:35.0939 7240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:51:35.0940 7240 FileInfo - ok
16:51:35.0983 7240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:51:35.0984 7240 Filetrace - ok
16:51:36.0465 7240 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:51:36.0469 7240 FLEXnet Licensing Service - ok
16:51:36.0521 7240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:51:36.0521 7240 flpydisk - ok
16:51:36.0915 7240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:51:36.0923 7240 FltMgr - ok
16:51:38.0426 7240 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:51:38.0436 7240 FontCache - ok
16:51:38.0576 7240 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:51:38.0577 7240 FontCache3.0.0.0 - ok
16:51:38.0719 7240 FontCache3.0.0.032 - ok
16:51:38.0743 7240 FontCache3.0.0.03232 - ok
16:51:38.0748 7240 FontCache3.0.0.0323232 - ok
16:51:38.0752 7240 FontCache32 - ok
16:51:38.0756 7240 FontCache3232 - ok
16:51:39.0105 7240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:51:39.0106 7240 FsDepends - ok
16:51:39.0206 7240 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:51:39.0207 7240 Fs_Rec - ok
16:51:39.0475 7240 Futuremark SystemInfo Service (79b4cde2b69ed8ba4011859780a66a4d) C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
16:51:39.0476 7240 Futuremark SystemInfo Service - ok
16:51:39.0503 7240 Futuremark SystemInfo Service32 - ok
16:51:39.0508 7240 Futuremark SystemInfo Service3232 - ok
16:51:39.0512 7240 Futuremark SystemInfo Service323232 - ok
16:51:39.0517 7240 Futuremark SystemInfo Service32323232 - ok
16:51:39.0522 7240 Futuremark SystemInfo Service3232323232 - ok
16:51:39.0888 7240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:51:39.0912 7240 fvevol - ok
16:51:40.0099 7240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:51:40.0100 7240 gagp30kx - ok
16:51:41.0101 7240 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:51:41.0108 7240 gpsvc - ok
16:51:41.0173 7240 gpsvc32 - ok
16:51:41.0196 7240 gpsvc3232 - ok
16:51:41.0218 7240 gpsvc323232 - ok
16:51:41.0437 7240 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:51:41.0440 7240 gupdate - ok
16:51:41.0470 7240 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:51:41.0471 7240 gupdatem - ok
16:51:41.0548 7240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:51:41.0548 7240 hcw85cir - ok
16:51:41.0951 7240 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:51:41.0967 7240 HdAudAddService - ok
16:51:42.0139 7240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:51:42.0158 7240 HDAudBus - ok
16:51:42.0183 7240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:51:42.0184 7240 HidBatt - ok
16:51:42.0275 7240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:51:42.0276 7240 HidBth - ok
16:51:42.0316 7240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:51:42.0317 7240 HidIr - ok
16:51:42.0392 7240 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:51:42.0394 7240 hidserv - ok
16:51:42.0407 7240 hidserv32 - ok
16:51:42.0465 7240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:51:42.0466 7240 HidUsb - ok
16:51:42.0568 7240 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:51:42.0571 7240 hkmsvc - ok
16:51:42.0574 7240 hkmsvc32 - ok
16:51:42.0578 7240 hkmsvc3232 - ok
16:51:42.0817 7240 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:51:42.0821 7240 HomeGroupListener - ok
16:51:42.0824 7240 HomeGroupListener32 - ok
16:51:42.0849 7240 HomeGroupListener3232 - ok
16:51:42.0875 7240 HomeGroupListener323232 - ok
16:51:42.0880 7240 HomeGroupListener32323232 - ok
16:51:42.0891 7240 HomeGroupListener3232323232 - ok
16:51:43.0122 7240 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:51:43.0147 7240 HomeGroupProvider - ok
16:51:43.0150 7240 HomeGroupProvider32 - ok
16:51:43.0155 7240 HomeGroupProvider3232 - ok
16:51:43.0243 7240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:51:43.0244 7240 HpSAMD - ok
16:51:43.0923 7240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:51:43.0946 7240 HTTP - ok
16:51:43.0975 7240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:51:43.0976 7240 hwpolicy - ok
16:51:44.0176 7240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:51:44.0178 7240 i8042prt - ok
16:51:44.0524 7240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:51:44.0532 7240 iaStorV - ok
16:51:44.0807 7240 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:51:44.0830 7240 idsvc - ok
16:51:44.0906 7240 idsvc32 - ok
16:51:44.0910 7240 idsvc3232 - ok
16:51:44.0941 7240 idsvc323232 - ok
16:51:44.0945 7240 idsvc32323232 - ok
16:51:44.0949 7240 idsvc3232323232 - ok
16:51:45.0358 7240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:51:45.0359 7240 iirsp - ok
16:51:46.0163 7240 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:51:46.0189 7240 IKEEXT - ok
16:51:46.0202 7240 IKEEXT32 - ok
16:51:46.0212 7240 IKEEXT323232 - ok
16:51:46.0229 7240 IKEEXT32323232 - ok
16:51:48.0481 7240 IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
16:51:48.0524 7240 IntcAzAudAddService - ok
16:51:49.0378 7240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:51:49.0379 7240 intelide - ok
16:51:49.0488 7240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:51:49.0489 7240 intelppm - ok
16:51:49.0632 7240 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:51:49.0634 7240 IPBusEnum - ok
16:51:49.0802 7240 IPBusEnum32 - ok
16:51:49.0896 7240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:51:49.0897 7240 IpFilterDriver - ok
16:51:49.0924 7240 iphlpsvc32 - ok
16:51:50.0021 7240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:51:50.0022 7240 IPMIDRV - ok
16:51:50.0148 7240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:51:50.0172 7240 IPNAT - ok
16:51:50.0219 7240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:51:50.0220 7240 IRENUM - ok
16:51:50.0239 7240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:51:50.0241 7240 isapnp - ok
16:51:50.0522 7240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:51:50.0536 7240 iScsiPrt - ok
16:51:50.0590 7240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:51:50.0591 7240 kbdclass - ok
16:51:50.0634 7240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:51:50.0635 7240 kbdhid - ok
16:51:50.0708 7240 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:51:50.0710 7240 KeyIso - ok
16:51:50.0713 7240 KeyIso32 - ok
16:51:50.0725 7240 KeyIso3232 - ok
16:51:50.0859 7240 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:51:50.0861 7240 KSecDD - ok
16:51:51.0059 7240 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:51:51.0061 7240 KSecPkg - ok
16:51:51.0106 7240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:51:51.0107 7240 ksthunk - ok
16:51:51.0491 7240 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:51:51.0516 7240 KtmRm - ok
16:51:51.0539 7240 KtmRm32 - ok
16:51:51.0849 7240 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:51:51.0855 7240 LanmanServer - ok
16:51:51.0872 7240 LanmanServer32 - ok
16:51:51.0876 7240 LanmanServer3232 - ok
16:51:51.0880 7240 LanmanServer323232 - ok
16:51:51.0885 7240 LanmanServer32323232 - ok
16:51:52.0048 7240 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:51:52.0053 7240 LanmanWorkstation - ok
16:51:52.0056 7240 LanmanWorkstation32 - ok
16:51:52.0081 7240 LanmanWorkstation3232 - ok
16:51:52.0193 7240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:51:52.0194 7240 lltdio - ok
16:51:52.0579 7240 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:51:52.0602 7240 lltdsvc - ok
16:51:52.0615 7240 lltdsvc32 - ok
16:51:52.0619 7240 lltdsvc3232 - ok
16:51:52.0663 7240 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:51:52.0667 7240 lmhosts - ok
16:51:52.0680 7240 lmhosts32 - ok
16:51:52.0840 7240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:51:52.0842 7240 LSI_FC - ok
16:51:52.0991 7240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:51:52.0992 7240 LSI_SAS - ok
16:51:53.0001 7240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:51:53.0002 7240 LSI_SAS2 - ok
16:51:53.0077 7240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:51:53.0079 7240 LSI_SCSI - ok
16:51:53.0207 7240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:51:53.0209 7240 luafv - ok
16:51:53.0581 7240 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
16:51:53.0584 7240 LVRS64 - ok
16:51:56.0546 7240 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:51:56.0623 7240 LVUVC64 - ok
16:51:57.0447 7240 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:51:57.0449 7240 Mcx2Svc - ok
16:51:57.0543 7240 Mcx2Svc32 - ok
16:51:57.0559 7240 Mcx2Svc3232 - ok
16:51:57.0569 7240 Mcx2Svc323232 - ok
16:51:57.0575 7240 Mcx2Svc32323232 - ok
16:51:57.0778 7240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:51:57.0779 7240 megasas - ok
16:51:58.0054 7240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:51:58.0080 7240 MegaSR - ok
16:51:58.0101 7240 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:51:58.0103 7240 MMCSS - ok
16:51:58.0109 7240 MMCSS32 - ok
16:51:58.0141 7240 MMCSS3232 - ok
16:51:58.0145 7240 MMCSS323232 - ok
16:51:58.0171 7240 MMCSS32323232 - ok
16:51:58.0203 7240 MMCSS3232323232 - ok
16:51:58.0216 7240 MMCSS323232323232 - ok
16:51:58.0276 7240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:51:58.0277 7240 Modem - ok
16:51:58.0399 7240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:51:58.0400 7240 monitor - ok
16:51:58.0472 7240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:51:58.0473 7240 mouclass - ok
16:51:58.0493 7240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:51:58.0494 7240 mouhid - ok
16:51:58.0539 7240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:51:58.0541 7240 mountmgr - ok
16:51:58.0713 7240 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:51:58.0715 7240 MozillaMaintenance - ok
16:51:58.0945 7240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:51:58.0961 7240 mpio - ok
16:51:59.0061 7240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:51:59.0062 7240 mpsdrv - ok
16:51:59.0086 7240 MpsSvc32 - ok
16:51:59.0088 7240 MpsSvc3232 - ok
16:51:59.0104 7240 MpsSvc323232 - ok
16:51:59.0108 7240 MpsSvc32323232 - ok
16:51:59.0258 7240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:51:59.0272 7240 MRxDAV - ok
16:51:59.0372 7240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:51:59.0375 7240 mrxsmb - ok
16:51:59.0471 7240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:51:59.0476 7240 mrxsmb10 - ok
16:51:59.0532 7240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:51:59.0534 7240 mrxsmb20 - ok
16:51:59.0559 7240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:51:59.0560 7240 msahci - ok
16:51:59.0672 7240 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:51:59.0689 7240 msdsm - ok
16:51:59.0845 7240 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:51:59.0848 7240 MSDTC - ok
16:51:59.0855 7240 MSDTC32 - ok
16:51:59.0859 7240 MSDTC3232 - ok
16:51:59.0863 7240 MSDTC323232 - ok
16:51:59.0868 7240 MSDTC32323232 - ok
16:51:59.0872 7240 MSDTC3232323232 - ok
16:51:59.0902 7240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:51:59.0903 7240 Msfs - ok
16:51:59.0931 7240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:51:59.0932 7240 mshidkmdf - ok
16:52:00.0006 7240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:52:00.0032 7240 msisadrv - ok
16:52:00.0204 7240 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:52:00.0235 7240 MSiSCSI - ok
16:52:00.0257 7240 MSiSCSI32 - ok
16:52:00.0261 7240 MSiSCSI3232 - ok
16:52:00.0266 7240 MSiSCSI323232 - ok
16:52:00.0271 7240 msiserver - ok
16:52:00.0297 7240 msiserver32 - ok
16:52:00.0324 7240 msiserver3232 - ok
16:52:00.0372 7240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:52:00.0373 7240 MSKSSRV - ok
16:52:00.0398 7240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:52:00.0398 7240 MSPCLOCK - ok
16:52:00.0424 7240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:52:00.0425 7240 MSPQM - ok
16:52:00.0879 7240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:52:00.0904 7240 MsRPC - ok
16:52:00.0942 7240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:52:00.0943 7240 mssmbios - ok
16:52:00.0994 7240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:52:00.0994 7240 MSTEE - ok
16:52:01.0023 7240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:52:01.0023 7240 MTConfig - ok
16:52:01.0093 7240 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
16:52:01.0094 7240 MTsensor - ok
16:52:01.0175 7240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:52:01.0176 7240 Mup - ok
16:52:01.0541 7240 mv91xx (8db5861a8db19abaf430fcd001ef5e93) C:\Windows\system32\DRIVERS\mv91xx.sys
16:52:01.0543 7240 mv91xx - ok
16:52:02.0111 7240 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:52:02.0152 7240 napagent - ok
16:52:02.0281 7240 napagent32 - ok
16:52:02.0557 7240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:52:02.0573 7240 NativeWifiP - ok
16:52:03.0441 7240 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:52:03.0465 7240 NDIS - ok
16:52:03.0500 7240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:52:03.0501 7240 NdisCap - ok
16:52:03.0546 7240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:52:03.0547 7240 NdisTapi - ok
16:52:03.0652 7240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:52:03.0653 7240 Ndisuio - ok
16:52:03.0806 7240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:52:03.0830 7240 NdisWan - ok
16:52:03.0889 7240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:52:03.0890 7240 NDProxy - ok
16:52:03.0949 7240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:52:03.0951 7240 NetBIOS - ok
16:52:04.0222 7240 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:52:04.0237 7240 NetBT - ok
16:52:04.0280 7240 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:52:04.0283 7240 Netlogon - ok
16:52:04.0656 7240 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:52:04.0661 7240 Netman - ok
16:52:04.0778 7240 Netman32 - ok
16:52:05.0140 7240 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:52:05.0145 7240 netprofm - ok
16:52:05.0148 7240 netprofm32 - ok
16:52:05.0720 7240 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
16:52:05.0736 7240 netr28x - ok
16:52:05.0897 7240 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:52:05.0928 7240 NetTcpPortSharing - ok
16:52:05.0931 7240 NetTcpPortSharing32 - ok
16:52:06.0021 7240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:52:06.0023 7240 nfrd960 - ok
16:52:06.0321 7240 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:52:06.0326 7240 NlaSvc - ok
16:52:06.0340 7240 NlaSvc32 - ok
16:52:06.0452 7240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:52:06.0453 7240 Npfs - ok
16:52:06.0468 7240 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:52:06.0472 7240 nsi - ok
16:52:06.0474 7240 nsi32 - ok
16:52:06.0483 7240 nsi3232 - ok
16:52:06.0489 7240 nsi323232 - ok
16:52:06.0507 7240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:52:06.0508 7240 nsiproxy - ok
16:52:08.0054 7240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:52:08.0097 7240 Ntfs - ok
16:52:08.0719 7240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:52:08.0719 7240 Null - ok
16:52:08.0764 7240 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:52:08.0766 7240 nusb3hub - ok
16:52:08.0860 7240 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:52:08.0863 7240 nusb3xhc - ok
16:52:13.0028 7240 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:52:13.0185 7240 nvlddmkm - ok
16:52:13.0928 7240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:52:13.0930 7240 nvraid - ok
16:52:14.0081 7240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:52:14.0084 7240 nvstor - ok
16:52:14.0205 7240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:52:14.0206 7240 nv_agp - ok
16:52:14.0274 7240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:52:14.0275 7240 ohci1394 - ok
16:52:14.0440 7240 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:52:14.0442 7240 ose - ok
16:52:14.0502 7240 ose32 - ok
16:52:14.0506 7240 ose3232 - ok
16:52:14.0510 7240 ose323232 - ok
16:52:20.0446 7240 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:52:20.0527 7240 osppsvc - ok
16:52:20.0589 7240 osppsvc32 - ok
16:52:21.0354 7240 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:52:21.0363 7240 p2pimsvc - ok
16:52:21.0366 7240 p2pimsvc32 - ok
16:52:21.0379 7240 p2pimsvc3232 - ok
16:52:21.0398 7240 p2pimsvc323232 - ok
16:52:21.0403 7240 p2pimsvc32323232 - ok
16:52:21.0407 7240 p2pimsvc3232323232 - ok
16:52:21.0612 7240 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:52:21.0629 7240 p2psvc - ok
16:52:21.0632 7240 p2psvc32 - ok
16:52:21.0636 7240 p2psvc3232 - ok
16:52:21.0641 7240 p2psvc323232 - ok
16:52:21.0645 7240 p2psvc32323232 - ok
16:52:21.0649 7240 p2psvc3232323232 - ok
16:52:21.0784 7240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:52:21.0785 7240 Parport - ok
16:52:21.0875 7240 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:52:21.0876 7240 partmgr - ok
16:52:21.0961 7240 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:52:21.0965 7240 PcaSvc - ok
16:52:21.0969 7240 PcaSvc32 - ok
16:52:22.0025 7240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:52:22.0028 7240 pci - ok
16:52:22.0037 7240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:52:22.0038 7240 pciide - ok
16:52:22.0219 7240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:52:22.0222 7240 pcmcia - ok
16:52:22.0255 7240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:52:22.0256 7240 pcw - ok
16:52:22.0794 7240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:52:22.0803 7240 PEAUTH - ok
16:52:23.0060 7240 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:52:23.0063 7240 PerfHost - ok
16:52:23.0145 7240 PerfHost32 - ok
16:52:23.0149 7240 PerfHost3232 - ok
16:52:23.0488 7240 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:52:23.0513 7240 pla - ok
16:52:23.0540 7240 pla32 - ok
16:52:23.0551 7240 pla3232 - ok
16:52:23.0555 7240 pla323232 - ok
16:52:24.0495 7240 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:52:24.0502 7240 PlugPlay - ok
16:52:24.0519 7240 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:52:24.0522 7240 PNRPAutoReg - ok
16:52:24.0738 7240 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:52:24.0743 7240 PNRPsvc - ok
16:52:24.0746 7240 PNRPsvc32 - ok
16:52:24.0751 7240 PNRPsvc3232 - ok
16:52:24.0767 7240 PNRPsvc323232 - ok
16:52:24.0898 7240 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:52:24.0907 7240 PolicyAgent - ok
16:52:24.0911 7240 PolicyAgent32 - ok
16:52:24.0923 7240 PolicyAgent3232 - ok
16:52:24.0928 7240 PolicyAgent323232 - ok
16:52:24.0937 7240 PolicyAgent32323232 - ok
16:52:24.0941 7240 PolicyAgent3232323232 - ok
16:52:24.0945 7240 PolicyAgent323232323232 - ok
16:52:25.0028 7240 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:52:25.0033 7240 Power - ok
16:52:25.0194 7240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:52:25.0195 7240 PptpMiniport - ok
16:52:25.0262 7240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:52:25.0264 7240 Processor - ok
16:52:25.0471 7240 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:52:25.0475 7240 ProfSvc - ok
16:52:25.0478 7240 ProfSvc32 - ok
16:52:25.0482 7240 ProfSvc3232 - ok
16:52:25.0494 7240 ProfSvc323232 - ok
16:52:25.0529 7240 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:52:25.0532 7240 ProtectedStorage - ok
16:52:25.0571 7240 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:52:25.0574 7240 Psched - ok
16:52:26.0545 7240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:52:26.0578 7240 ql2300 - ok
16:52:27.0055 7240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:52:27.0056 7240 ql40xx - ok
16:52:27.0275 7240 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:52:27.0280 7240 QWAVE - ok
16:52:27.0323 7240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:52:27.0324 7240 QWAVEdrv - ok
16:52:27.0353 7240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:52:27.0354 7240 RasAcd - ok
16:52:27.0471 7240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:52:27.0472 7240 RasAgileVpn - ok
16:52:27.0509 7240 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:52:27.0513 7240 RasAuto - ok
16:52:27.0558 7240 RasAuto32 - ok
16:52:27.0619 7240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:52:27.0621 7240 Rasl2tp - ok
16:52:27.0902 7240 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:52:27.0917 7240 RasMan - ok
16:52:27.0920 7240 RasMan32 - ok
16:52:27.0924 7240 RasMan3232 - ok
16:52:27.0969 7240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:52:27.0970 7240 RasPppoe - ok
16:52:27.0999 7240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:52:28.0000 7240 RasSstp - ok
16:52:28.0092 7240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:52:28.0097 7240 rdbss - ok
16:52:28.0153 7240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:52:28.0154 7240 rdpbus - ok
16:52:28.0167 7240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:52:28.0168 7240 RDPCDD - ok
16:52:28.0207 7240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:52:28.0208 7240 RDPENCDD - ok
16:52:28.0219 7240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:52:28.0219 7240 RDPREFMP - ok
16:52:28.0481 7240 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:52:28.0483 7240 RDPWD - ok
16:52:28.0634 7240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:52:28.0638 7240 rdyboost - ok
16:52:28.0704 7240 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:52:28.0707 7240 RemoteAccess - ok
16:52:28.0712 7240 RemoteAccess32 - ok
16:52:28.0718 7240 RemoteAccess3232 - ok
16:52:28.0729 7240 RemoteAccess323232 - ok
16:52:28.0774 7240 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:52:28.0779 7240 RemoteRegistry - ok
16:52:28.0782 7240 RemoteRegistry3232 - ok
16:52:28.0809 7240 RemoteRegistry323232 - ok
16:52:28.0813 7240 RemoteRegistry32323232 - ok
16:52:28.0861 7240 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:52:28.0865 7240 RpcEptMapper - ok
16:52:28.0868 7240 RpcEptMapper32 - ok
16:52:28.0898 7240 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:52:28.0900 7240 RpcLocator - ok
16:52:29.0023 7240 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:52:29.0031 7240 RpcSs - ok
16:52:29.0034 7240 RpcSs32 - ok
16:52:29.0038 7240 RpcSs3232 - ok
16:52:29.0042 7240 RpcSs323232 - ok
16:52:29.0047 7240 RpcSs32323232 - ok
16:52:29.0079 7240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:52:29.0081 7240 rspndr - ok
16:52:29.0254 7240 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:52:29.0260 7240 RTL8167 - ok
16:52:29.0311 7240 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:52:29.0313 7240 SamSs - ok
16:52:29.0318 7240 SamSs32 - ok
16:52:29.0346 7240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:52:29.0347 7240 sbp2port - ok
16:52:29.0500 7240 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:52:29.0505 7240 SCardSvr - ok
16:52:29.0508 7240 SCardSvr32 - ok
16:52:29.0520 7240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:52:29.0521 7240 scfilter - ok
16:52:29.0946 7240 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:52:29.0957 7240 Schedule - ok
16:52:29.0960 7240 Schedule32 - ok
16:52:30.0029 7240 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:52:30.0031 7240 SCPolicySvc - ok
16:52:30.0034 7240 SCPolicySvc32 - ok
16:52:30.0184 7240 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:52:30.0189 7240 SDRSVC - ok
16:52:30.0192 7240 SeaPort32 - ok
16:52:30.0315 7240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:52:30.0316 7240 secdrv - ok
16:52:30.0349 7240 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:52:30.0353 7240 seclogon - ok
16:52:30.0364 7240 seclogon32 - ok
16:52:30.0384 7240 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:52:30.0389 7240 SENS - ok
16:52:30.0391 7240 SENS32 - ok
16:52:30.0395 7240 SENS3232 - ok
16:52:30.0399 7240 SENS323232 - ok
16:52:30.0405 7240 SENS32323232 - ok
16:52:30.0422 7240 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:52:30.0424 7240 SensrSvc - ok
16:52:30.0426 7240 SensrSvc32 - ok
16:52:30.0428 7240 SensrSvc3232 - ok
16:52:30.0431 7240 SensrSvc323232 - ok
16:52:30.0487 7240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:52:30.0488 7240 Serenum - ok
16:52:30.0609 7240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:52:30.0610 7240 Serial - ok
16:52:30.0646 7240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:52:30.0647 7240 sermouse - ok
16:52:30.0759 7240 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:52:30.0764 7240 SessionEnv - ok
16:52:30.0784 7240 SessionEnv32 - ok
16:52:30.0789 7240 SessionEnv3232 - ok
16:52:30.0807 7240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:52:30.0808 7240 sffdisk - ok
16:52:30.0826 7240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:52:30.0827 7240 sffp_mmc - ok
16:52:30.0841 7240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:52:30.0842 7240 sffp_sd - ok
16:52:30.0856 7240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:52:30.0857 7240 sfloppy - ok
16:52:31.0722 7240 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:52:31.0731 7240 Sftfs - ok
16:52:32.0328 7240 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:52:32.0351 7240 sftlist - ok
16:52:32.0442 7240 sftlist32 - ok
16:52:33.0326 7240 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:52:33.0329 7240 Sftplay - ok
16:52:33.0401 7240 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:52:33.0402 7240 Sftredir - ok
16:52:33.0435 7240 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:52:33.0436 7240 Sftvol - ok
16:52:33.0571 7240 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:52:33.0587 7240 sftvsa - ok
16:52:33.0602 7240 sftvsa32 - ok
16:52:33.0607 7240 sftvsa3232 - ok
16:52:33.0907 7240 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:52:33.0913 7240 ShellHWDetection - ok
16:52:33.0935 7240 ShellHWDetection32 - ok
16:52:33.0940 7240 ShellHWDetection3232 - ok
16:52:33.0944 7240 ShellHWDetection323232 - ok
16:52:33.0959 7240 ShellHWDetection32323232 - ok
16:52:34.0049 7240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:52:34.0050 7240 SiSRaid2 - ok
16:52:34.0092 7240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:52:34.0093 7240 SiSRaid4 - ok
16:52:34.0164 7240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:52:34.0166 7240 Smb - ok
16:52:34.0215 7240 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:52:34.0219 7240 SNMPTRAP - ok
16:52:34.0254 7240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:52:34.0255 7240 spldr - ok
16:52:34.0551 7240 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:52:34.0558 7240 Spooler - ok
16:52:34.0575 7240 Spooler32 - ok
16:52:34.0579 7240 Spooler3232 - ok
16:52:34.0584 7240 Spooler323232 - ok
16:52:34.0598 7240 Spooler32323232 - ok
16:52:34.0603 7240 Spooler3232323232 - ok
16:52:37.0733 7240 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:52:37.0800 7240 sppsvc - ok
16:52:37.0883 7240 sppsvc32 - ok
16:52:37.0887 7240 sppsvc3232 - ok
16:52:37.0892 7240 sppsvc323232 - ok
16:52:37.0905 7240 sppsvc32323232 - ok
16:52:38.0623 7240 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:52:38.0627 7240 sppuinotify - ok
16:52:38.0630 7240 sppuinotify32 - ok
16:52:39.0218 7240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:52:39.0242 7240 srv - ok
16:52:39.0670 7240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:52:39.0691 7240 srv2 - ok
16:52:39.0890 7240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:52:39.0892 7240 srvnet - ok
16:52:40.0118 7240 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:52:40.0124 7240 SSDPSRV - ok
16:52:40.0197 7240 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:52:40.0201 7240 SstpSvc - ok
16:52:40.0279 7240 SstpSvc32 - ok
16:52:40.0303 7240 SstpSvc3232 - ok
16:52:40.0346 7240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:52:40.0347 7240 stexstor - ok
16:52:40.0886 7240 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:52:40.0918 7240 stisvc - ok
16:52:40.0940 7240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:52:40.0941 7240 swenum - ok
16:52:41.0607 7240 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:52:41.0611 7240 SwitchBoard - ok
16:52:42.0034 7240 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:52:42.0054 7240 swprv - ok
16:52:42.0111 7240 swprv32 - ok
16:52:42.0140 7240 swprv3232 - ok
16:52:43.0717 7240 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:52:43.0750 7240 SysMain - ok
16:52:43.0844 7240 SysMain32 - ok
16:52:43.0849 7240 SysMain3232 - ok
16:52:43.0853 7240 SysMain323232 - ok
16:52:44.0653 7240 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:52:44.0658 7240 TabletInputService - ok
16:52:44.0661 7240 TabletInputService32 - ok
16:52:44.0682 7240 TabletInputService3232 - ok
16:52:44.0688 7240 TabletInputService323232 - ok
16:52:49.0672 7240 TabletServicePen (b5b736216ff7c71d320bf493825752a1) C:\Windows\system32\Pen_Tablet.exe
16:52:49.0758 7240 TabletServicePen - ok
16:52:50.0664 7240 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:52:50.0685 7240 TapiSrv - ok
16:52:50.0769 7240 TapiSrv32 - ok
16:52:50.0846 7240 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:52:50.0851 7240 TBS - ok
16:52:52.0582 7240 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:52:52.0620 7240 Tcpip - ok
16:52:54.0708 7240 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:52:54.0716 7240 TCPIP6 - ok
16:52:55.0216 7240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:52:55.0217 7240 tcpipreg - ok
16:52:55.0239 7240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:52:55.0240 7240 TDPIPE - ok
16:52:55.0288 7240 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:52:55.0289 7240 TDTCP - ok
16:52:55.0416 7240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:52:55.0417 7240 tdx - ok
16:52:55.0490 7240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
16:52:55.0491 7240 TermDD - ok
16:52:55.0898 7240 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:52:55.0921 7240 TermService - ok
16:52:56.0010 7240 TermService32 - ok
16:52:56.0063 7240 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:52:56.0068 7240 Themes - ok
16:52:56.0071 7240 Themes32 - ok
16:52:56.0075 7240 Themes3232 - ok
16:52:56.0080 7240 Themes323232 - ok
16:52:56.0184 7240 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:52:56.0187 7240 THREADORDER - ok
16:52:56.0198 7240 THREADORDER32 - ok
16:52:56.0288 7240 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:52:56.0293 7240 TrkWks - ok
16:52:56.0308 7240 TrkWks32 - ok
16:52:56.0421 7240 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:52:56.0424 7240 TrustedInstaller - ok
16:52:56.0446 7240 TrustedInstaller32 - ok
16:52:56.0450 7240 TrustedInstaller3232 - ok
16:52:56.0488 7240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:52:56.0490 7240 tssecsrv - ok
16:52:56.0572 7240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:52:56.0573 7240 TsUsbFlt - ok
16:52:56.0605 7240 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:52:56.0606 7240 TsUsbGD - ok
16:52:56.0775 7240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:52:56.0777 7240 tunnel - ok
16:52:56.0841 7240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:52:56.0842 7240 uagp35 - ok
16:52:56.0988 7240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:52:57.0003 7240 udfs - ok
16:52:57.0048 7240 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:52:57.0053 7240 UI0Detect - ok
16:52:57.0072 7240 UI0Detect32 - ok
16:52:57.0077 7240 UI0Detect3232 - ok
16:52:57.0138 7240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:52:57.0140 7240 uliagpkx - ok
16:52:57.0191 7240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:52:57.0192 7240 umbus - ok
16:52:57.0210 7240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:52:57.0210 7240 UmPass - ok
16:52:57.0743 7240 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:52:57.0745 7240 UMVPFSrv - ok
16:52:57.0747 7240 UMVPFSrv32 - ok
16:52:57.0751 7240 UMVPFSrv3232 - ok
16:52:58.0165 7240 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:52:58.0171 7240 upnphost - ok
16:52:58.0196 7240 upnphost32 - ok
16:52:58.0316 7240 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:52:58.0317 7240 usbaudio - ok
16:52:58.0383 7240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:52:58.0385 7240 usbccgp - ok
16:52:58.0458 7240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:52:58.0459 7240 usbcir - ok
16:52:58.0498 7240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:52:58.0500 7240 usbehci - ok
16:52:58.0887 7240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:52:58.0920 7240 usbhub - ok
16:52:58.0941 7240 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:52:58.0942 7240 usbohci - ok
16:52:58.0998 7240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:52:58.0999 7240 usbprint - ok
16:52:59.0102 7240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:52:59.0103 7240 USBSTOR - ok
16:52:59.0153 7240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
16:52:59.0154 7240 usbuhci - ok
16:52:59.0217 7240 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:52:59.0221 7240 UxSms - ok
16:52:59.0225 7240 UxSms32 - ok
16:52:59.0229 7240 UxSms3232 - ok
16:52:59.0234 7240 UxSms323232 - ok
16:52:59.0273 7240 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:52:59.0275 7240 VaultSvc - ok
16:52:59.0280 7240 VaultSvc32 - ok
16:52:59.0297 7240 VaultSvc3232 - ok
16:52:59.0419 7240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:52:59.0428 7240 vdrvroot - ok
16:52:59.0899 7240 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:52:59.0923 7240 vds - ok
16:52:59.0941 7240 vds32 - ok
16:52:59.0946 7240 vds3232 - ok
16:52:59.0951 7240 vds323232 - ok
16:52:59.0991 7240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:52:59.0992 7240 vga - ok
16:53:00.0042 7240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:53:00.0074 7240 VgaSave - ok
16:53:00.0373 7240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:53:00.0375 7240 vhdmp - ok
16:53:00.0392 7240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:53:00.0393 7240 viaide - ok
16:53:00.0468 7240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:53:00.0469 7240 volmgr - ok
16:53:00.0886 7240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:53:00.0900 7240 volmgrx - ok
16:53:01.0145 7240 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:53:01.0158 7240 volsnap - ok
16:53:01.0285 7240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:53:01.0287 7240 vsmraid - ok
16:53:03.0202 7240 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:53:03.0244 7240 VSS - ok
16:53:03.0308 7240 VSS32 - ok
16:53:03.0312 7240 VSS3232 - ok
16:53:04.0215 7240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:53:04.0217 7240 vwifibus - ok
16:53:04.0305 7240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:53:04.0307 7240 vwififlt - ok
16:53:04.0344 7240 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:53:04.0359 7240 vwifimp - ok
16:53:04.0785 7240 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:53:04.0801 7240 W32Time - ok
16:53:04.0819 7240 W32Time32 - ok
16:53:04.0831 7240 W32Time3232 - ok
16:53:04.0926 7240 wacmoumonitor (37e4600e2cdad3c1a3613a25b97d457c) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
16:53:04.0927 7240 wacmoumonitor - ok
16:53:04.0983 7240 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
16:53:04.0984 7240 wacommousefilter - ok
16:53:05.0021 7240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:53:05.0022 7240 WacomPen - ok
16:53:05.0048 7240 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
16:53:05.0049 7240 wacomvhid - ok
16:53:05.0182 7240 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:53:05.0183 7240 WANARP - ok
16:53:05.0187 7240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:53:05.0188 7240 Wanarpv6 - ok
16:53:06.0091 7240 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:53:06.0128 7240 WatAdminSvc - ok
16:53:06.0865 7240 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:53:06.0899 7240 wbengine - ok
16:53:07.0355 7240 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:53:07.0362 7240 WbioSrvc - ok
16:53:07.0448 7240 WbioSrvc32 - ok
16:53:07.0453 7240 WbioSrvc3232 - ok
16:53:07.0457 7240 WbioSrvc323232 - ok
16:53:07.0480 7240 WbioSrvc32323232 - ok
16:53:07.0485 7240 WbioSrvc3232323232 - ok
16:53:07.0490 7240 WbioSrvc323232323232 - ok
16:53:07.0581 7240 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:53:07.0589 7240 wcncsvc - ok
16:53:07.0592 7240 wcncsvc32 - ok
16:53:07.0595 7240 wcncsvc3232 - ok
16:53:07.0626 7240 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:53:07.0629 7240 WcsPlugInService - ok
16:53:07.0632 7240 WcsPlugInService32 - ok
16:53:07.0635 7240 WcsPlugInService3232 - ok
16:53:07.0638 7240 WcsPlugInService323232 - ok
16:53:07.0738 7240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:53:07.0739 7240 Wd - ok
16:53:07.0805 7240 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
16:53:07.0806 7240 WDC_SAM - ok
16:53:08.0124 7240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:53:08.0149 7240 Wdf01000 - ok
16:53:08.0204 7240 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:53:08.0209 7240 WdiServiceHost - ok
16:53:08.0212 7240 WdiServiceHost32 - ok
16:53:08.0219 7240 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:53:08.0224 7240 WdiSystemHost - ok
16:53:08.0227 7240 WdiSystemHost32 - ok
16:53:08.0232 7240 WdiSystemHost3232 - ok
16:53:08.0246 7240 WdiSystemHost323232 - ok
16:53:08.0457 7240 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:53:08.0463 7240 WebClient - ok
16:53:08.0467 7240 WebClient32 - ok
16:53:08.0637 7240 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:53:08.0643 7240 Wecsvc - ok
16:53:08.0667 7240 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:53:08.0672 7240 wercplsupport - ok
16:53:08.0675 7240 wercplsupport32 - ok
16:53:08.0680 7240 wercplsupport3232 - ok
16:53:08.0693 7240 wercplsupport323232 - ok
16:53:08.0768 7240 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:53:08.0791 7240 WerSvc - ok
16:53:08.0794 7240 WerSvc32 - ok
16:53:08.0799 7240 WerSvc3232 - ok
16:53:08.0910 7240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:53:08.0911 7240 WfpLwf - ok
16:53:08.0931 7240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:53:08.0932 7240 WIMMount - ok
16:53:08.0935 7240 WinDefend32 - ok
16:53:08.0958 7240 WinDefend3232 - ok
16:53:08.0963 7240 WinDefend323232 - ok
16:53:08.0970 7240 WinHttpAutoProxySvc - ok
16:53:08.0983 7240 WinHttpAutoProxySvc32 - ok
16:53:08.0988 7240 WinHttpAutoProxySvc3232 - ok
16:53:08.0992 7240 WinHttpAutoProxySvc323232 - ok
16:53:09.0344 7240 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:53:09.0347 7240 Winmgmt - ok
16:53:09.0350 7240 Winmgmt32 - ok
16:53:09.0355 7240 Winmgmt3232 - ok
16:53:11.0145 7240 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:53:11.0186 7240 WinRM - ok
16:53:11.0983 7240 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:53:11.0984 7240 WinUsb - ok
16:53:12.0853 7240 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:53:12.0863 7240 Wlansvc - ok
16:53:12.0944 7240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:53:12.0945 7240 WmiAcpi - ok
16:53:13.0226 7240 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:53:13.0240 7240 wmiApSrv - ok
16:53:13.0334 7240 wmiApSrv32 - ok
16:53:13.0351 7240 wmiApSrv3232 - ok
16:53:13.0401 7240 WMPNetworkSvc - ok
16:53:13.0416 7240 WMPNetworkSvc32 - ok
16:53:13.0457 7240 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:53:13.0462 7240 WPCSvc - ok
16:53:13.0466 7240 WPCSvc32 - ok
16:53:13.0481 7240 WPCSvc3232 - ok
16:53:13.0486 7240 WPCSvc323232 - ok
16:53:13.0491 7240 WPCSvc32323232 - ok
16:53:13.0602 7240 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:53:13.0607 7240 WPDBusEnum - ok
16:53:13.0611 7240 WPDBusEnum32 - ok
16:53:13.0616 7240 WPDBusEnum3232 - ok
16:53:13.0621 7240 WPDBusEnum323232 - ok
16:53:13.0668 7240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:53:13.0669 7240 ws2ifsl - ok
16:53:13.0692 7240 wscsvc32 - ok
16:53:13.0696 7240 wscsvc3232 - ok
16:53:13.0701 7240 wscsvc323232 - ok
16:53:13.0707 7240 WSearch - ok
16:53:13.0712 7240 WSearch32 - ok
16:53:13.0937 7240 WTouchService (a2cc9a9bc30c6141ff99d85a4e26d7a7) C:\Program Files\WTouch\WTouchService.exe
16:53:13.0938 7240 WTouchService - ok
16:53:15.0467 7240 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:53:15.0505 7240 wuauserv - ok
16:53:15.0572 7240 wuauserv3232 - ok
16:53:15.0577 7240 wuauserv323232 - ok
16:53:16.0242 7240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:53:16.0244 7240 WudfPf - ok
16:53:16.0403 7240 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:53:16.0410 7240 WUDFRd - ok
16:53:16.0472 7240 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:53:16.0477 7240 wudfsvc - ok
16:53:16.0603 7240 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:53:16.0609 7240 WwanSvc - ok
16:53:16.0613 7240 WwanSvc32 - ok
16:53:16.0618 7240 WwanSvc3232 - ok
16:53:16.0762 7240 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
16:53:16.0775 7240 yukonw7 - ok
16:53:16.0796 7240 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:53:20.0663 7240 \Device\Harddisk0\DR0 - ok
16:53:20.0699 7240 Boot (0x1200) (0424df4469f7250b58b29d3109348a45) \Device\Harddisk0\DR0\Partition0
16:53:20.0704 7240 \Device\Harddisk0\DR0\Partition0 - ok
16:53:20.0714 7240 Boot (0x1200) (18f27cf15da3572fa440662000f39bc4) \Device\Harddisk0\DR0\Partition1
16:53:20.0720 7240 \Device\Harddisk0\DR0\Partition1 - ok
16:53:20.0760 7240 Boot (0x1200) (053ab41d1903f5ed8f129e1fc062baeb) \Device\Harddisk0\DR0\Partition2
16:53:20.0765 7240 \Device\Harddisk0\DR0\Partition2 - ok
16:53:20.0766 7240 ============================================================
16:53:20.0766 7240 Scan finished
16:53:20.0766 7240 ============================================================
16:53:20.0777 6240 Detected object count: 0
16:53:20.0777 6240 Actual detected object count: 0
16:54:28.0762 9340 ============================================================
16:54:28.0762 9340 Scan started
16:54:28.0762 9340 Mode: Manual; TDLFS;
16:54:28.0762 9340 ============================================================
16:54:29.0484 9340 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
16:54:29.0486 9340 1394ohci - ok
16:54:29.0555 9340 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:54:29.0558 9340 ACPI - ok
16:54:29.0576 9340 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:54:29.0577 9340 AcpiPmi - ok
16:54:29.0696 9340 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:54:29.0697 9340 AdobeARMservice - ok
16:54:29.0810 9340 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:54:29.0813 9340 AdobeFlashPlayerUpdateSvc - ok
16:54:29.0865 9340 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:54:29.0867 9340 adp94xx - ok
16:54:30.0033 9340 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:54:30.0036 9340 adpahci - ok
16:54:30.0069 9340 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:54:30.0071 9340 adpu320 - ok
16:54:30.0139 9340 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:54:30.0140 9340 AeLookupSvc - ok
16:54:30.0203 9340 AeLookupSvc32 - ok
16:54:30.0208 9340 AeLookupSvc3232 - ok
16:54:30.0657 9340 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:54:30.0661 9340 AFD - ok
16:54:30.0734 9340 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:54:30.0735 9340 agp440 - ok
16:54:30.0806 9340 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:54:30.0808 9340 ALG - ok
16:54:30.0810 9340 ALG3232 - ok
16:54:30.0822 9340 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:54:30.0823 9340 aliide - ok
16:54:31.0079 9340 AMD External Events Utility (9c616ba191b80f5cd1a1b9553e107100) C:\Windows\system32\atiesrxx.exe
16:54:31.0081 9340 AMD External Events Utility - ok
16:54:31.0102 9340 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:54:31.0103 9340 amdide - ok
16:54:31.0169 9340 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:54:31.0170 9340 AmdK8 - ok
16:54:36.0218 9340 amdkmdag (5165e83751b8ff40e5e4925996fcc506) C:\Windows\system32\DRIVERS\atikmdag.sys
16:54:36.0254 9340 amdkmdag - ok
16:54:36.0357 9340 amdkmdap (86ab3cf484260c4318f3a6e8b035f422) C:\Windows\system32\DRIVERS\atikmpag.sys
16:54:36.0360 9340 amdkmdap - ok
16:54:36.0377 9340 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:54:36.0378 9340 AmdPPM - ok
16:54:36.0403 9340 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:54:36.0404 9340 amdsata - ok
16:54:36.0423 9340 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:54:36.0425 9340 amdsbs - ok
16:54:36.0449 9340 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:54:36.0449 9340 amdxata - ok
16:54:36.0455 9340 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:54:36.0456 9340 AppID - ok
16:54:36.0476 9340 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:54:36.0477 9340 AppIDSvc - ok
16:54:36.0489 9340 AppIDSvc32 - ok
16:54:36.0497 9340 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:54:36.0498 9340 Appinfo - ok
16:54:36.0501 9340 Appinfo32 - ok
16:54:36.0505 9340 Appinfo3232 - ok
16:54:36.0509 9340 Appinfo323232 - ok
16:54:36.0521 9340 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:54:36.0522 9340 arc - ok
16:54:36.0534 9340 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:54:36.0535 9340 arcsas - ok
16:54:36.0550 9340 aswFsBlk (f1dbe3d02ffcdee5246f29b0ecebe6e0) C:\Windows\system32\drivers\aswFsBlk.sys
16:54:36.0551 9340 aswFsBlk - ok
16:54:36.0561 9340 aswMonFlt (f3e75dd1bcc358fb4629357ad09e7c84) C:\Windows\system32\drivers\aswMonFlt.sys
16:54:36.0561 9340 aswMonFlt - ok
16:54:36.0567 9340 aswRdr (fccbdc045dc12afd1508205117e7ed11) C:\Windows\system32\drivers\aswRdr.sys
16:54:36.0567 9340 aswRdr - ok
16:54:36.0589 9340 aswSnx (5824dca602a0a30e866bc2ac98c6d970) C:\Windows\system32\drivers\aswSnx.sys
16:54:36.0593 9340 aswSnx - ok
16:54:36.0606 9340 aswSP (af07b4bef920f90205148f3a05e2974c) C:\Windows\system32\drivers\aswSP.sys
16:54:36.0609 9340 aswSP - ok
16:54:36.0619 9340 aswTdi (a3eca5af3b4823a523c285a8df0f9e4f) C:\Windows\system32\drivers\aswTdi.sys
16:54:36.0620 9340 aswTdi - ok
16:54:36.0630 9340 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:54:36.0631 9340 AsyncMac - ok
16:54:36.0645 9340 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:54:36.0645 9340 atapi - ok
16:54:36.0684 9340 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
16:54:36.0685 9340 AtiHDAudioService - ok
16:54:36.0715 9340 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:54:36.0720 9340 AudioEndpointBuilder - ok
16:54:36.0725 9340 AudioEndpointBuilder32 - ok
16:54:36.0729 9340 AudioEndpointBuilder3232 - ok
16:54:36.0733 9340 AudioEndpointBuilder323232 - ok
16:54:36.0737 9340 AudioEndpointBuilder32323232 - ok
16:54:36.0746 9340 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:54:36.0751 9340 AudioSrv - ok
16:54:36.0754 9340 AudioSrv32 - ok
16:54:36.0758 9340 AudioSrv3232 - ok
16:54:36.0763 9340 AudioSrv323232 - ok
16:54:36.0790 9340 avast! Antivirus (7de3ee7dbee14c1f8375cb82466c9321) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:54:36.0791 9340 avast! Antivirus - ok
16:54:36.0794 9340 avast! Antivirus32 - ok
16:54:36.0798 9340 avast! Antivirus3232 - ok
16:54:36.0812 9340 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:54:36.0813 9340 AxInstSV - ok
16:54:36.0816 9340 AxInstSV32 - ok
16:54:36.0820 9340 AxInstSV3232 - ok
16:54:36.0847 9340 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:54:36.0851 9340 b06bdrv - ok
16:54:36.0871 9340 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:54:36.0873 9340 b57nd60a - ok
16:54:36.0904 9340 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:54:36.0906 9340 BBSvc - ok
16:54:36.0934 9340 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:54:36.0937 9340 BBUpdate - ok
16:54:36.0951 9340 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:54:36.0953 9340 BDESVC - ok
16:54:36.0958 9340 BDESVC32 - ok
16:54:36.0962 9340 BDESVC3232 - ok
16:54:36.0966 9340 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:54:36.0967 9340 Beep - ok
16:54:36.0970 9340 BFE32 - ok
16:54:36.0974 9340 BFE3232 - ok
16:54:36.0978 9340 BFE323232 - ok
16:54:37.0015 9340 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:54:37.0020 9340 BITS - ok
16:54:37.0022 9340 BITS32 - ok
16:54:37.0024 9340 BITS3232 - ok
16:54:37.0027 9340 BITS323232 - ok
16:54:37.0029 9340 BITS32323232 - ok
16:54:37.0034 9340 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:54:37.0034 9340 blbdrive - ok
16:54:37.0046 9340 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:54:37.0047 9340 bowser - ok
16:54:37.0061 9340 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:54:37.0061 9340 BrFiltLo - ok
16:54:37.0072 9340 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:54:37.0073 9340 BrFiltUp - ok
16:54:37.0081 9340 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:54:37.0082 9340 Browser - ok
16:54:37.0084 9340 Browser32 - ok
16:54:37.0086 9340 Browser3232 - ok
16:54:37.0101 9340 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:54:37.0103 9340 Brserid - ok
16:54:37.0108 9340 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:54:37.0108 9340 BrSerWdm - ok
16:54:37.0118 9340 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:54:37.0118 9340 BrUsbMdm - ok
16:54:37.0124 9340 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:54:37.0124 9340 BrUsbSer - ok
16:54:37.0134 9340 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:54:37.0135 9340 BTHMODEM - ok
16:54:37.0142 9340 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:54:37.0143 9340 bthserv - ok
16:54:37.0144 9340 bthserv32 - ok
16:54:37.0147 9340 bthserv3232 - ok
16:54:37.0157 9340 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:54:37.0157 9340 cdfs - ok
16:54:37.0166 9340 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:54:37.0167 9340 cdrom - ok
16:54:37.0182 9340 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:54:37.0183 9340 CertPropSvc - ok
16:54:37.0185 9340 CertPropSvc32 - ok
16:54:37.0188 9340 CertPropSvc3232 - ok
16:54:37.0197 9340 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:54:37.0197 9340 circlass - ok
16:54:37.0216 9340 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:54:37.0218 9340 CLFS - ok
16:54:37.0256 9340 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:54:37.0257 9340 clr_optimization_v2.0.50727_32 - ok
16:54:37.0260 9340 clr_optimization_v2.0.50727_3232 - ok
16:54:37.0264 9340 clr_optimization_v2.0.50727_323232 - ok
16:54:37.0267 9340 clr_optimization_v2.0.50727_32323232 - ok
16:54:37.0271 9340 clr_optimization_v2.0.50727_3232323232 - ok
16:54:37.0275 9340 clr_optimization_v2.0.50727_323232323232 - ok
16:54:37.0311 9340 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:54:37.0312 9340 clr_optimization_v2.0.50727_64 - ok
16:54:37.0315 9340 clr_optimization_v2.0.50727_6432 - ok
16:54:37.0318 9340 clr_optimization_v2.0.50727_643232 - ok
16:54:37.0434 9340 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:54:37.0436 9340 clr_optimization_v4.0.30319_32 - ok
16:54:37.0438 9340 clr_optimization_v4.0.30319_3232 - ok
16:54:37.0467 9340 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:54:37.0469 9340 clr_optimization_v4.0.30319_64 - ok
16:54:37.0472 9340 clr_optimization_v4.0.30319_6432 - ok
16:54:37.0476 9340 clr_optimization_v4.0.30319_643232 - ok
16:54:37.0490 9340 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:54:37.0490 9340 CmBatt - ok
16:54:37.0498 9340 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:54:37.0499 9340 cmdide - ok
16:54:37.0538 9340 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:54:37.0543 9340 CNG - ok
16:54:37.0555 9340 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:54:37.0556 9340 Compbatt - ok
16:54:37.0571 9340 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:54:37.0571 9340 CompositeBus - ok
16:54:37.0574 9340 COMSysApp - ok
16:54:37.0577 9340 COMSysApp32 - ok
16:54:37.0602 9340 cpuz135 - ok
16:54:37.0607 9340 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:54:37.0607 9340 crcdisk - ok
16:54:37.0650 9340 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:54:37.0652 9340 CryptSvc - ok
16:54:37.0655 9340 CryptSvc32 - ok
16:54:37.0740 9340 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:54:37.0746 9340 cvhsvc - ok
16:54:37.0778 9340 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:54:37.0785 9340 DcomLaunch - ok
16:54:37.0797 9340 DcomLaunch32 - ok
16:54:37.0817 9340 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:54:37.0820 9340 defragsvc - ok
16:54:37.0823 9340 defragsvc32 - ok
16:54:37.0826 9340 defragsvc3232 - ok
16:54:37.0859 9340 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:54:37.0860 9340 DfsC - ok
16:54:37.0880 9340 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:54:37.0883 9340 Dhcp - ok
16:54:37.0898 9340 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:54:37.0898 9340 discache - ok
16:54:37.0909 9340 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:54:37.0910 9340 Disk - ok
16:54:37.0927 9340 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:54:37.0930 9340 Dnscache - ok
16:54:37.0933 9340 Dnscache32 - ok
16:54:37.0937 9340 Dnscache3232 - ok
16:54:37.0949 9340 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:54:37.0952 9340 dot3svc - ok
16:54:37.0955 9340 dot3svc3232 - ok
16:54:37.0959 9340 dot3svc323232 - ok
16:54:37.0977 9340 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:54:37.0980 9340 DPS - ok
16:54:37.0987 9340 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:54:37.0988 9340 drmkaud - ok
16:54:38.0023 9340 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:54:38.0029 9340 DXGKrnl - ok
16:54:38.0050 9340 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:54:38.0053 9340 EapHost - ok
16:54:38.0057 9340 EapHost32 - ok
16:54:38.0061 9340 EapHost3232 - ok
16:54:38.0065 9340 EapHost323232 - ok
16:54:38.0161 9340 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:54:38.0175 9340 ebdrv - ok
16:54:38.0245 9340 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:54:38.0247 9340 EFS - ok
16:54:38.0252 9340 EFS32 - ok
16:54:38.0256 9340 EFS3232 - ok
16:54:38.0302 9340 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:54:38.0306 9340 ehRecvr - ok
16:54:38.0309 9340 ehRecvr32 - ok
16:54:38.0312 9340 ehRecvr3232 - ok
16:54:38.0316 9340 ehRecvr323232 - ok
16:54:38.0319 9340 ehRecvr32323232 - ok
16:54:38.0345 9340 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:54:38.0347 9340 ehSched - ok
16:54:38.0349 9340 ehSched32 - ok
16:54:38.0352 9340 ehSched3232 - ok
16:54:38.0356 9340 ehSched323232 - ok
16:54:38.0391 9340 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:54:38.0395 9340 elxstor - ok
16:54:38.0409 9340 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:54:38.0409 9340 ErrDev - ok
16:54:38.0415 9340 eventlog32 - ok
16:54:38.0440 9340 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:54:38.0443 9340 EventSystem - ok
16:54:38.0446 9340 EventSystem32 - ok
16:54:38.0450 9340 EventSystem3232 - ok
16:54:38.0468 9340 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:54:38.0469 9340 exfat - ok
16:54:38.0482 9340 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:54:38.0484 9340 fastfat - ok
16:54:38.0508 9340 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:54:38.0513 9340 Fax - ok
16:54:38.0517 9340 Fax32 - ok
16:54:38.0520 9340 Fax3232 - ok
16:54:38.0535 9340 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:54:38.0536 9340 fdc - ok
16:54:38.0544 9340 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:54:38.0546 9340 fdPHost - ok
16:54:38.0548 9340 fdPHost32 - ok
16:54:38.0558 9340 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:54:38.0559 9340 FDResPub - ok
16:54:38.0562 9340 FDResPub32 - ok
16:54:38.0565 9340 FDResPub3232 - ok
16:54:38.0578 9340 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:54:38.0579 9340 FileInfo - ok
16:54:38.0589 9340 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:54:38.0590 9340 Filetrace - ok
16:54:38.0646 9340 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:54:38.0651 9340 FLEXnet Licensing Service - ok
16:54:38.0661 9340 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:54:38.0662 9340 flpydisk - ok
16:54:38.0678 9340 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:54:38.0681 9340 FltMgr - ok
16:54:38.0735 9340 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:54:38.0744 9340 FontCache - ok
16:54:38.0777 9340 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:54:38.0778 9340 FontCache3.0.0.0 - ok
16:54:38.0788 9340 FontCache3.0.0.032 - ok
16:54:38.0792 9340 FontCache3.0.0.03232 - ok
16:54:38.0796 9340 FontCache3.0.0.0323232 - ok
16:54:38.0800 9340 FontCache32 - ok
16:54:38.0804 9340 FontCache3232 - ok
16:54:38.0819 9340 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:54:38.0820 9340 FsDepends - ok
16:54:38.0849 9340 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:54:38.0850 9340 Fs_Rec - ok
16:54:38.0883 9340 Futuremark SystemInfo Service (79b4cde2b69ed8ba4011859780a66a4d) C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
16:54:38.0885 9340 Futuremark SystemInfo Service - ok
16:54:38.0887 9340 Futuremark SystemInfo Service32 - ok
16:54:38.0892 9340 Futuremark SystemInfo Service3232 - ok
16:54:38.0896 9340 Futuremark SystemInfo Service323232 - ok
16:54:38.0900 9340 Futuremark SystemInfo Service32323232 - ok
16:54:38.0904 9340 Futuremark SystemInfo Service3232323232 - ok
16:54:38.0917 9340 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:54:38.0919 9340 fvevol - ok
16:54:38.0925 9340 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:54:38.0926 9340 gagp30kx - ok
16:54:38.0953 9340 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:54:38.0957 9340 gpsvc - ok
16:54:38.0959 9340 gpsvc32 - ok
16:54:38.0961 9340 gpsvc3232 - ok
16:54:38.0963 9340 gpsvc323232 - ok
16:54:39.0025 9340 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:39.0027 9340 gupdate - ok
16:54:39.0030 9340 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:54:39.0032 9340 gupdatem - ok
16:54:39.0042 9340 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:54:39.0043 9340 hcw85cir - ok
16:54:39.0056 9340 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:54:39.0059 9340 HdAudAddService - ok
16:54:39.0073 9340 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:54:39.0075 9340 HDAudBus - ok
16:54:39.0079 9340 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:54:39.0080 9340 HidBatt - ok
16:54:39.0096 9340 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:54:39.0097 9340 HidBth - ok
16:54:39.0103 9340 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:54:39.0104 9340 HidIr - ok
16:54:39.0114 9340 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:54:39.0116 9340 hidserv - ok
16:54:39.0119 9340 hidserv32 - ok
16:54:39.0128 9340 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:54:39.0129 9340 HidUsb - ok
16:54:39.0140 9340 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:54:39.0143 9340 hkmsvc - ok
16:54:39.0145 9340 hkmsvc32 - ok
16:54:39.0149 9340 hkmsvc3232 - ok
16:54:39.0165 9340 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:54:39.0168 9340 HomeGroupListener - ok
16:54:39.0169 9340 HomeGroupListener32 - ok
16:54:39.0172 9340 HomeGroupListener3232 - ok
16:54:39.0175 9340 HomeGroupListener323232 - ok
16:54:39.0178 9340 HomeGroupListener32323232 - ok
16:54:39.0181 9340 HomeGroupListener3232323232 - ok
16:54:39.0204 9340 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:54:39.0208 9340 HomeGroupProvider - ok
16:54:39.0209 9340 HomeGroupProvider32 - ok
16:54:39.0212 9340 HomeGroupProvider3232 - ok
16:54:39.0219 9340 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:54:39.0220 9340 HpSAMD - ok
16:54:39.0243 9340 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:54:39.0247 9340 HTTP - ok
16:54:39.0254 9340 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:54:39.0255 9340 hwpolicy - ok
16:54:39.0262 9340 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:54:39.0263 9340 i8042prt - ok
16:54:39.0302 9340 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:54:39.0305 9340 iaStorV - ok
16:54:39.0388 9340 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:54:39.0394 9340 idsvc - ok
16:54:39.0412 9340 idsvc32 - ok
16:54:39.0416 9340 idsvc3232 - ok
16:54:39.0420 9340 idsvc323232 - ok
16:54:39.0424 9340 idsvc32323232 - ok
16:54:39.0427 9340 idsvc3232323232 - ok
16:54:39.0460 9340 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:54:39.0461 9340 iirsp - ok
16:54:39.0490 9340 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:54:39.0496 9340 IKEEXT - ok
16:54:39.0499 9340 IKEEXT32 - ok
16:54:39.0502 9340 IKEEXT323232 - ok
16:54:39.0506 9340 IKEEXT32323232 - ok
16:54:39.0578 9340 IntcAzAudAddService (a3bcbd0f710580a07d1b929d787d36ce) C:\Windows\system32\drivers\RTKVHD64.sys
16:54:39.0592 9340 IntcAzAudAddService - ok
16:54:39.0658 9340 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:54:39.0659 9340 intelide - ok
16:54:39.0666 9340 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:54:39.0667 9340 intelppm - ok
16:54:39.0677 9340 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:54:39.0680 9340 IPBusEnum - ok
16:54:39.0685 9340 IPBusEnum32 - ok
16:54:39.0694 9340 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:54:39.0694 9340 IpFilterDriver - ok
16:54:39.0696 9340 iphlpsvc32 - ok
16:54:39.0703 9340 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:54:39.0703 9340 IPMIDRV - ok
16:54:39.0711 9340 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:54:39.0712 9340 IPNAT - ok
16:54:39.0718 9340 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:54:39.0719 9340 IRENUM - ok
16:54:39.0722 9340 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:54:39.0723 9340 isapnp - ok
16:54:39.0741 9340 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:54:39.0742 9340 iScsiPrt - ok
16:54:39.0751 9340 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:54:39.0752 9340 kbdclass - ok
16:54:39.0761 9340 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:54:39.0762 9340 kbdhid - ok
16:54:39.0793 9340 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:54:39.0795 9340 KeyIso - ok
16:54:39.0797 9340 KeyIso32 - ok
16:54:39.0799 9340 KeyIso3232 - ok
16:54:39.0830 9340 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:54:39.0831 9340 KSecDD - ok
16:54:39.0847 9340 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:54:39.0848 9340 KSecPkg - ok
16:54:39.0860 9340 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:54:39.0861 9340 ksthunk - ok
16:54:39.0882 9340 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:54:39.0887 9340 KtmRm - ok
16:54:39.0889 9340 KtmRm32 - ok
16:54:39.0912 9340 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:54:39.0917 9340 LanmanServer - ok
16:54:39.0919 9340 LanmanServer32 - ok
16:54:39.0922 9340 LanmanServer3232 - ok
16:54:39.0926 9340 LanmanServer323232 - ok
16:54:39.0930 9340 LanmanServer32323232 - ok
16:54:39.0944 9340 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:54:39.0948 9340 LanmanWorkstation - ok
16:54:39.0951 9340 LanmanWorkstation32 - ok
16:54:39.0954 9340 LanmanWorkstation3232 - ok
16:54:39.0963 9340 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:54:39.0964 9340 lltdio - ok
16:54:39.0978 9340 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:54:39.0982 9340 lltdsvc - ok
16:54:39.0984 9340 lltdsvc32 - ok
16:54:39.0987 9340 lltdsvc3232 - ok
16:54:39.0993 9340 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:54:39.0995 9340 lmhosts - ok
16:54:39.0997 9340 lmhosts32 - ok
16:54:40.0012 9340 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:54:40.0013 9340 LSI_FC - ok
16:54:40.0020 9340 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:54:40.0021 9340 LSI_SAS - ok
16:54:40.0025 9340 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:54:40.0026 9340 LSI_SAS2 - ok
16:54:40.0032 9340 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:54:40.0033 9340 LSI_SCSI - ok
16:54:40.0046 9340 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:54:40.0047 9340 luafv - ok
16:54:40.0082 9340 LVRS64 (ef586b959f747e74c76603ff16ae417b) C:\Windows\system32\DRIVERS\lvrs64.sys
16:54:40.0084 9340 LVRS64 - ok
16:54:40.0201 9340 LVUVC64 (edf73bfa1bd24d74d1d64dc0ed28a7cd) C:\Windows\system32\DRIVERS\lvuvc64.sys
16:54:40.0216 9340 LVUVC64 - ok
16:54:40.0283 9340 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:54:40.0286 9340 Mcx2Svc - ok
16:54:40.0303 9340 Mcx2Svc32 - ok
16:54:40.0307 9340 Mcx2Svc3232 - ok
16:54:40.0311 9340 Mcx2Svc323232 - ok
16:54:40.0315 9340 Mcx2Svc32323232 - ok
16:54:40.0329 9340 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:54:40.0330 9340 megasas - ok
16:54:40.0352 9340 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:54:40.0354 9340 MegaSR - ok
16:54:40.0369 9340 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:54:40.0372 9340 MMCSS - ok
16:54:40.0374 9340 MMCSS32 - ok
16:54:40.0378 9340 MMCSS3232 - ok
16:54:40.0382 9340 MMCSS323232 - ok
16:54:40.0386 9340 MMCSS32323232 - ok
16:54:40.0390 9340 MMCSS3232323232 - ok
16:54:40.0393 9340 MMCSS323232323232 - ok
16:54:40.0410 9340 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:54:40.0410 9340 Modem - ok
16:54:40.0443 9340 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:54:40.0444 9340 monitor - ok
16:54:40.0455 9340 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:54:40.0456 9340 mouclass - ok
16:54:40.0460 9340 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:54:40.0461 9340 mouhid - ok
16:54:40.0468 9340 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:54:40.0470 9340 mountmgr - ok
16:54:40.0498 9340 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:54:40.0498 9340 MozillaMaintenance - ok
16:54:40.0508 9340 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:54:40.0510 9340 mpio - ok
16:54:40.0521 9340 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:54:40.0522 9340 mpsdrv - ok
16:54:40.0525 9340 MpsSvc32 - ok
16:54:40.0529 9340 MpsSvc3232 - ok
16:54:40.0532 9340 MpsSvc323232 - ok
16:54:40.0535 9340 MpsSvc32323232 - ok
16:54:40.0551 9340 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:54:40.0552 9340 MRxDAV - ok
16:54:40.0584 9340 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:54:40.0585 9340 mrxsmb - ok
16:54:40.0620 9340 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:54:40.0623 9340 mrxsmb10 - ok
16:54:40.0639 9340 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:54:40.0641 9340 mrxsmb20 - ok
16:54:40.0650 9340 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:54:40.0651 9340 msahci - ok
16:54:40.0661 9340 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:54:40.0663 9340 msdsm - ok
16:54:40.0675 9340 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:54:40.0679 9340 MSDTC - ok
16:54:40.0684 9340 MSDTC32 - ok
16:54:40.0688 9340 MSDTC3232 - ok
16:54:40.0691 9340 MSDTC323232 - ok
16:54:40.0694 9340 MSDTC32323232 - ok
16:54:40.0697 9340 MSDTC3232323232 - ok
16:54:40.0705 9340 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:54:40.0706 9340 Msfs - ok
16:54:40.0717 9340 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:54:40.0717 9340 mshidkmdf - ok
16:54:40.0725 9340 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:54:40.0726 9340 msisadrv - ok
16:54:40.0739 9340 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:54:40.0741 9340 MSiSCSI - ok
16:54:40.0743 9340 MSiSCSI32 - ok
16:54:40.0745 9340 MSiSCSI3232 - ok
16:54:40.0747 9340 MSiSCSI323232 - ok
16:54:40.0750 9340 msiserver - ok
16:54:40.0753 9340 msiserver32 - ok
16:54:40.0755 9340 msiserver3232 - ok
16:54:40.0765 9340 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:54:40.0765 9340 MSKSSRV - ok
16:54:40.0775 9340 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:54:40.0775 9340 MSPCLOCK - ok
16:54:40.0785 9340 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:54:40.0785 9340 MSPQM - ok
16:54:40.0804 9340 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:54:40.0807 9340 MsRPC - ok
16:54:40.0818 9340 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:54:40.0819 9340 mssmbios - ok
16:54:40.0830 9340 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:54:40.0831 9340 MSTEE - ok
16:54:40.0840 9340 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:54:40.0841 9340 MTConfig - ok
16:54:40.0863 9340 MTsensor (19b006b181e3875fd254f7b67acf1e7c) C:\Windows\system32\DRIVERS\ASACPI.sys
16:54:40.0864 9340 MTsensor - ok
16:54:40.0871 9340 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:54:40.0872 9340 Mup - ok
16:54:40.0887 9340 mv91xx (8db5861a8db19abaf430fcd001ef5e93) C:\Windows\system32\DRIVERS\mv91xx.sys
16:54:40.0890 9340 mv91xx - ok
16:54:40.0920 9340 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:54:40.0926 9340 napagent - ok
16:54:40.0944 9340 napagent32 - ok
16:54:40.0964 9340 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:54:40.0967 9340 NativeWifiP - ok
16:54:41.0007 9340 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:54:41.0014 9340 NDIS - ok
16:54:41.0029 9340 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:54:41.0030 9340 NdisCap - ok
16:54:41.0043 9340 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:54:41.0044 9340 NdisTapi - ok
16:54:41.0054 9340 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:54:41.0055 9340 Ndisuio - ok
16:54:41.0070 9340 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:54:41.0072 9340 NdisWan - ok
16:54:41.0085 9340 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:54:41.0086 9340 NDProxy - ok
16:54:41.0097 9340 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:54:41.0098 9340 NetBIOS - ok
16:54:41.0113 9340 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:54:41.0116 9340 NetBT - ok
16:54:41.0142 9340 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:54:41.0144 9340 Netlogon - ok
16:54:41.0165 9340 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:54:41.0170 9340 Netman - ok
16:54:41.0176 9340 Netman32 - ok
16:54:41.0200 9340 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:54:41.0205 9340 netprofm - ok
16:54:41.0208 9340 netprofm32 - ok
16:54:41.0243 9340 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\Windows\system32\DRIVERS\netr28x.sys
16:54:41.0247 9340 netr28x - ok
16:54:41.0303 9340 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:54:41.0305 9340 NetTcpPortSharing - ok
16:54:41.0308 9340 NetTcpPortSharing32 - ok
16:54:41.0320 9340 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:54:41.0321 9340 nfrd960 - ok
16:54:41.0339 9340 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:54:41.0344 9340 NlaSvc - ok
16:54:41.0346 9340 NlaSvc32 - ok
16:54:41.0353 9340 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:54:41.0354 9340 Npfs - ok
16:54:41.0365 9340 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:54:41.0368 9340 nsi - ok
16:54:41.0370 9340 nsi32 - ok
16:54:41.0374 9340 nsi3232 - ok
16:54:41.0377 9340 nsi323232 - ok
16:54:41.0383 9340 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:54:41.0384 9340 nsiproxy - ok
16:54:41.0454 9340 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:54:41.0464 9340 Ntfs - ok
16:54:41.0503 9340 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:54:41.0503 9340 Null - ok
16:54:41.0518 9340 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:54:41.0519 9340 nusb3hub - ok
16:54:41.0536 9340 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:54:41.0538 9340 nusb3xhc - ok
16:54:41.0839 9340 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:54:41.0880 9340 nvlddmkm - ok
16:54:41.0936 9340 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:54:41.0938 9340 nvraid - ok
16:54:41.0964 9340 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:54:41.0966 9340 nvstor - ok
16:54:41.0979 9340 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:54:41.0980 9340 nv_agp - ok
16:54:41.0989 9340 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:54:41.0989 9340 ohci1394 - ok
16:54:42.0030 9340 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:54:42.0032 9340 ose - ok
16:54:42.0043 9340 ose32 - ok
16:54:42.0046 9340 ose3232 - ok
16:54:42.0049 9340 ose323232 - ok
16:54:42.0203 9340 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:54:42.0223 9340 osppsvc - ok
16:54:42.0230 9340 osppsvc32 - ok
16:54:42.0288 9340 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:54:42.0294 9340 p2pimsvc - ok
16:54:42.0296 9340 p2pimsvc32 - ok
16:54:42.0300 9340 p2pimsvc3232 - ok
16:54:42.0304 9340 p2pimsvc323232 - ok
16:54:42.0309 9340 p2pimsvc32323232 - ok
16:54:42.0313 9340 p2pimsvc3232323232 - ok
16:54:42.0346 9340 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:54:42.0352 9340 p2psvc - ok
16:54:42.0355 9340 p2psvc32 - ok
16:54:42.0359 9340 p2psvc3232 - ok
16:54:42.0363 9340 p2psvc323232 - ok
16:54:42.0367 9340 p2psvc32323232 - ok
16:54:42.0371 9340 p2psvc3232323232 - ok
16:54:42.0384 9340 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:54:42.0385 9340 Parport - ok
16:54:42.0409 9340 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:54:42.0410 9340 partmgr - ok
16:54:42.0518 9340 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:54:42.0522 9340 PcaSvc - ok
16:54:42.0525 9340 PcaSvc32 - ok
16:54:42.0554 9340 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:54:42.0556 9340 pci - ok
16:54:42.0564 9340 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:54:42.0565 9340 pciide - ok
16:54:42.0583 9340 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:54:42.0585 9340 pcmcia - ok
16:54:42.0597 9340 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:54:42.0598 9340 pcw - ok
16:54:42.0628 9340 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:54:42.0633 9340 PEAUTH - ok
16:54:42.0673 9340 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:54:42.0675 9340 PerfHost - ok
16:54:42.0681 9340 PerfHost32 - ok
16:54:42.0685 9340 PerfHost3232 - ok
16:54:42.0736 9340 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:54:42.0748 9340 pla - ok
16:54:42.0754 9340 pla32 - ok
16:54:42.0756 9340 pla3232 - ok
16:54:42.0758 9340 pla323232 - ok
16:54:42.0835 9340 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:54:42.0842 9340 PlugPlay - ok
16:54:42.0850 9340 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:54:42.0854 9340 PNRPAutoReg - ok
16:54:42.0871 9340 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:54:42.0876 9340 PNRPsvc - ok
16:54:42.0879 9340 PNRPsvc32 - ok
16:54:42.0883 9340 PNRPsvc3232 - ok
16:54:42.0887 9340 PNRPsvc323232 - ok
16:54:42.0911 9340 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:54:42.0916 9340 PolicyAgent - ok
16:54:42.0919 9340 PolicyAgent32 - ok
16:54:42.0923 9340 PolicyAgent3232 - ok
16:54:42.0927 9340 PolicyAgent323232 - ok
16:54:42.0931 9340 PolicyAgent32323232 - ok
16:54:42.0935 9340 PolicyAgent3232323232 - ok
16:54:42.0939 9340 PolicyAgent323232323232 - ok
16:54:42.0960 9340 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:54:42.0965 9340 Power - ok
16:54:42.0992 9340 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:54:42.0993 9340 PptpMiniport - ok
16:54:43.0009 9340 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:54:43.0010 9340 Processor - ok
16:54:43.0047 9340 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:54:43.0051 9340 ProfSvc - ok
16:54:43.0054 9340 ProfSvc32 - ok
16:54:43.0058 9340 ProfSvc3232 - ok
16:54:43.0061 9340 ProfSvc323232 - ok
16:54:43.0090 9340 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:54:43.0092 9340 ProtectedStorage - ok
16:54:43.0104 9340 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:54:43.0105 9340 Psched - ok
16:54:43.0163 9340 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:54:43.0174 9340 ql2300 - ok
16:54:43.0223 9340 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:54:43.0225 9340 ql40xx - ok
16:54:43.0243 9340 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:54:43.0248 9340 QWAVE - ok
16:54:43.0257 9340 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:54:43.0258 9340 QWAVEdrv - ok
16:54:43.0269 9340 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:54:43.0270 9340 RasAcd - ok
16:54:43.0280 9340 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:54:43.0281 9340 RasAgileVpn - ok
16:54:43.0296 9340 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:54:43.0300 9340 RasAuto - ok
16:54:43.0308 9340 RasAuto32 - ok
16:54:43.0320 9340 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:54:43.0322 9340 Rasl2tp - ok
16:54:43.0338 9340 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:54:43.0343 9340 RasMan - ok
16:54:43.0346 9340 RasMan32 - ok
16:54:43.0350 9340 RasMan3232 - ok
16:54:43.0361 9340 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:54:43.0363 9340 RasPppoe - ok
16:54:43.0373 9340 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:54:43.0374 9340 RasSstp - ok
16:54:43.0390 9340 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:54:43.0392 9340 rdbss - ok
16:54:43.0405 9340 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:54:43.0405 9340 rdpbus - ok
16:54:43.0418 9340 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:54:43.0419 9340 RDPCDD - ok
16:54:43.0433 9340 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:54:43.0434 9340 RDPENCDD - ok
16:54:43.0444 9340 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:54:43.0445 9340 RDPREFMP - ok
16:54:43.0482 9340 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:54:43.0483 9340 RDPWD - ok
16:54:43.0502 9340 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:54:43.0504 9340 rdyboost - ok
16:54:43.0513 9340 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:54:43.0516 9340 RemoteAccess - ok
16:54:43.0519 9340 RemoteAccess32 - ok
16:54:43.0523 9340 RemoteAccess3232 - ok
16:54:43.0527 9340 RemoteAccess323232 - ok
16:54:43.0539 9340 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:54:43.0542 9340 RemoteRegistry - ok
16:54:43.0543 9340 RemoteRegistry3232 - ok
16:54:43.0545 9340 RemoteRegistry323232 - ok
16:54:43.0548 9340 RemoteRegistry32323232 - ok
16:54:43.0563 9340 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:54:43.0565 9340 RpcEptMapper - ok
16:54:43.0567 9340 RpcEptMapper32 - ok
16:54:43.0573 9340 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:54:43.0575 9340 RpcLocator - ok
16:54:43.0596 9340 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:54:43.0600 9340 RpcSs - ok
16:54:43.0602 9340 RpcSs32 - ok
16:54:43.0604 9340 RpcSs3232 - ok
16:54:43.0606 9340 RpcSs323232 - ok
16:54:43.0608 9340 RpcSs32323232 - ok
16:54:43.0615 9340 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:54:43.0616 9340 rspndr - ok
16:54:43.0632 9340 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:54:43.0634 9340 RTL8167 - ok
16:54:43.0664 9340 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:54:43.0667 9340 SamSs - ok
16:54:43.0670 9340 SamSs32 - ok
16:54:43.0680 9340 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:54:43.0681 9340 sbp2port - ok
16:54:43.0694 9340 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:54:43.0699 9340 SCardSvr - ok
16:54:43.0702 9340 SCardSvr32 - ok
16:54:43.0712 9340 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:54:43.0713 9340 scfilter - ok
16:54:43.0749 9340 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:54:43.0760 9340 Schedule - ok
16:54:43.0763 9340 Schedule32 - ok
16:54:43.0777 9340 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:54:43.0778 9340 SCPolicySvc - ok
16:54:43.0779 9340 SCPolicySvc32 - ok
16:54:43.0796 9340 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:54:43.0798 9340 SDRSVC - ok
16:54:43.0800 9340 SeaPort32 - ok
16:54:43.0826 9340 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:54:43.0827 9340 secdrv - ok
16:54:43.0833 9340 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:54:43.0835 9340 seclogon - ok
16:54:43.0837 9340 seclogon32 - ok
16:54:43.0842 9340 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:54:43.0844 9340 SENS - ok
16:54:43.0846 9340 SENS32 - ok
16:54:43.0848 9340 SENS3232 - ok
16:54:43.0851 9340 SENS323232 - ok
16:54:43.0853 9340 SENS32323232 - ok
16:54:43.0862 9340 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:54:43.0864 9340 SensrSvc - ok
16:54:43.0866 9340 SensrSvc32 - ok
16:54:43.0868 9340 SensrSvc3232 - ok
16:54:43.0870 9340 SensrSvc323232 - ok
16:54:43.0881 9340 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:54:43.0882 9340 Serenum - ok
16:54:43.0894 9340 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:54:43.0895 9340 Serial - ok
16:54:43.0907 9340 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:54:43.0908 9340 sermouse - ok
16:54:43.0919 9340 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:54:43.0922 9340 SessionEnv - ok
16:54:43.0923 9340 SessionEnv32 - ok
16:54:43.0926 9340 SessionEnv3232 - ok
16:54:43.0950 9340 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:54:43.0951 9340 sffdisk - ok
16:54:43.0961 9340 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:54:43.0961 9340 sffp_mmc - ok
16:54:43.0968 9340 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:54:43.0968 9340 sffp_sd - ok
16:54:43.0971 9340 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:54:43.0972 9340 sfloppy - ok
16:54:44.0010 9340 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:54:44.0014 9340 Sftfs - ok
16:54:44.0103 9340 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:54:44.0106 9340 sftlist - ok
16:54:44.0116 9340 sftlist32 - ok
16:54:44.0171 9340 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:54:44.0174 9340 Sftplay - ok
16:54:44.0181 9340 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:54:44.0182 9340 Sftredir - ok
16:54:44.0190 9340 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:54:44.0191 9340 Sftvol - ok
16:54:44.0203 9340 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:54:44.0205 9340 sftvsa - ok
16:54:44.0208 9340 sftvsa32 - ok
16:54:44.0212 9340 sftvsa3232 - ok
16:54:44.0240 9340 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:54:44.0246 9340 ShellHWDetection - ok
16:54:44.0249 9340 ShellHWDetection32 - ok
16:54:44.0254 9340 ShellHWDetection3232 - ok
16:54:44.0258 9340 ShellHWDetection323232 - ok
16:54:44.0262 9340 ShellHWDetection32323232 - ok
16:54:44.0288 9340 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:54:44.0289 9340 SiSRaid2 - ok
16:54:44.0301 9340 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:54:44.0302 9340 SiSRaid4 - ok
16:54:44.0309 9340 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:54:44.0309 9340 Smb - ok
16:54:44.0321 9340 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:54:44.0324 9340 SNMPTRAP - ok
16:54:44.0327 9340 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:54:44.0328 9340 spldr - ok
16:54:44.0351 9340 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:54:44.0355 9340 Spooler - ok
16:54:44.0357 9340 Spooler32 - ok
16:54:44.0360 9340 Spooler3232 - ok
16:54:44.0362 9340 Spooler323232 - ok
16:54:44.0365 9340 Spooler32323232 - ok
16:54:44.0367 9340 Spooler3232323232 - ok
16:54:44.0485 9340 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:54:44.0502 9340 sppsvc - ok
16:54:44.0506 9340 sppsvc32 - ok
16:54:44.0509 9340 sppsvc3232 - ok
16:54:44.0511 9340 sppsvc323232 - ok
16:54:44.0513 9340 sppsvc32323232 - ok
16:54:44.0557 9340 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:54:44.0561 9340 sppuinotify - ok
16:54:44.0564 9340 sppuinotify32 - ok
16:54:44.0615 9340 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:54:44.0619 9340 srv - ok
16:54:44.0640 9340 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:54:44.0643 9340 srv2 - ok
16:54:44.0660 9340 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:54:44.0662 9340 srvnet - ok
16:54:44.0673 9340 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:54:44.0678 9340 SSDPSRV - ok
16:54:44.0690 9340 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:54:44.0694 9340 SstpSvc - ok
16:54:44.0700 9340 SstpSvc32 - ok
16:54:44.0704 9340 SstpSvc3232 - ok
16:54:44.0730 9340 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:54:44.0731 9340 stexstor - ok
16:54:44.0762 9340 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:54:44.0769 9340 stisvc - ok
16:54:44.0782 9340 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:54:44.0783 9340 swenum - ok
16:54:44.0858 9340 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:54:44.0862 9340 SwitchBoard - ok
16:54:44.0882 9340 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:54:44.0890 9340 swprv - ok
16:54:44.0896 9340 swprv32 - ok
16:54:44.0900 9340 swprv3232 - ok
16:54:44.0953 9340 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:54:44.0967 9340 SysMain - ok
16:54:44.0973 9340 SysMain32 - ok
16:54:44.0975 9340 SysMain3232 - ok
16:54:44.0978 9340 SysMain323232 - ok
16:54:45.0017 9340 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:54:45.0020 9340 TabletInputService - ok
16:54:45.0021 9340 TabletInputService32 - ok
16:54:45.0024 9340 TabletInputService3232 - ok
16:54:45.0026 9340 TabletInputService323232 - ok
16:54:45.0200 9340 TabletServicePen (b5b736216ff7c71d320bf493825752a1) C:\Windows\system32\Pen_Tablet.exe
16:54:45.0225 9340 TabletServicePen - ok
16:54:45.0284 9340 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:54:45.0291 9340 TapiSrv - ok
16:54:45.0297 9340 TapiSrv32 - ok
16:54:45.0307 9340 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:54:45.0311 9340 TBS - ok
16:54:45.0401 9340 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:54:45.0414 9340 Tcpip - ok
16:54:45.0509 9340 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:54:45.0522 9340 TCPIP6 - ok
16:54:45.0566 9340 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:54:45.0567 9340 tcpipreg - ok
16:54:45.0584 9340 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:54:45.0585 9340 TDPIPE - ok
16:54:45.0611 9340 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:54:45.0613 9340 TDTCP - ok
16:54:45.0631 9340 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:54:45.0633 9340 tdx - ok
16:54:45.0640 9340 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
16:54:45.0641 9340 TermDD - ok
16:54:45.0672 9340 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:54:45.0681 9340 TermService - ok
16:54:45.0687 9340 TermService32 - ok
16:54:45.0702 9340 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:54:45.0705 9340 Themes - ok
16:54:45.0707 9340 Themes32 - ok
16:54:45.0709 9340 Themes3232 - ok
16:54:45.0712 9340 Themes323232 - ok
16:54:45.0724 9340 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:54:45.0726 9340 THREADORDER - ok
16:54:45.0728 9340 THREADORDER32 - ok
16:54:45.0753 9340 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:54:45.0756 9340 TrkWks - ok
16:54:45.0758 9340 TrkWks32 - ok
16:54:45.0787 9340 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:54:45.0789 9340 TrustedInstaller - ok
16:54:45.0790 9340 TrustedInstaller32 - ok
16:54:45.0793 9340 TrustedInstaller3232 - ok
16:54:45.0803 9340 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:54:45.0804 9340 tssecsrv - ok
16:54:45.0814 9340 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:54:45.0815 9340 TsUsbFlt - ok
16:54:45.0828 9340 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:54:45.0828 9340 TsUsbGD - ok
16:54:45.0843 9340 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:54:45.0844 9340 tunnel - ok
16:54:45.0858 9340 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:54:45.0859 9340 uagp35 - ok
16:54:45.0872 9340 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:54:45.0874 9340 udfs - ok
16:54:45.0887 9340 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:54:45.0890 9340 UI0Detect - ok
16:54:45.0892 9340 UI0Detect32 - ok
16:54:45.0895 9340 UI0Detect3232 - ok
16:54:45.0906 9340 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:54:45.0907 9340 uliagpkx - ok
16:54:45.0916 9340 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:54:45.0916 9340 umbus - ok
16:54:45.0924 9340 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:54:45.0925 9340 UmPass - ok
16:54:45.0973 9340 UMVPFSrv (8b802b483cbde06f62dbc04dc7afaf8e) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:54:45.0977 9340 UMVPFSrv - ok
16:54:45.0980 9340 UMVPFSrv32 - ok
16:54:45.0984 9340 UMVPFSrv3232 - ok
16:54:46.0004 9340 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:54:46.0009 9340 upnphost - ok
16:54:46.0011 9340 upnphost32 - ok
16:54:46.0030 9340 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:54:46.0032 9340 usbaudio - ok
16:54:46.0059 9340 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:54:46.0060 9340 usbccgp - ok
16:54:46.0075 9340 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:54:46.0076 9340 usbcir - ok
16:54:46.0107 9340 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:54:46.0108 9340 usbehci - ok
16:54:46.0125 9340 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:54:46.0128 9340 usbhub - ok
16:54:46.0142 9340 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:54:46.0143 9340 usbohci - ok
16:54:46.0158 9340 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:54:46.0159 9340 usbprint - ok
16:54:46.0177 9340 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:54:46.0179 9340 USBSTOR - ok
16:54:46.0190 9340 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
16:54:46.0191 9340 usbuhci - ok
16:54:46.0203 9340 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:54:46.0207 9340 UxSms - ok
16:54:46.0210 9340 UxSms32 - ok
16:54:46.0214 9340 UxSms3232 - ok
16:54:46.0219 9340 UxSms323232 - ok
16:54:46.0254 9340 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:54:46.0256 9340 VaultSvc - ok
16:54:46.0259 9340 VaultSvc32 - ok
16:54:46.0264 9340 VaultSvc3232 - ok
16:54:46.0279 9340 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:54:46.0281 9340 vdrvroot - ok
16:54:46.0308 9340 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:54:46.0313 9340 vds - ok
16:54:46.0315 9340 vds32 - ok
16:54:46.0318 9340 vds3232 - ok
16:54:46.0321 9340 vds323232 - ok
16:54:46.0341 9340 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:54:46.0342 9340 vga - ok
16:54:46.0346 9340 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:54:46.0347 9340 VgaSave - ok
16:54:46.0359 9340 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:54:46.0361 9340 vhdmp - ok
16:54:46.0373 9340 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:54:46.0373 9340 viaide - ok
16:54:46.0386 9340 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:54:46.0387 9340 volmgr - ok
16:54:46.0408 9340 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:54:46.0410 9340 volmgrx - ok
16:54:46.0422 9340 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:54:46.0424 9340 volsnap - ok
16:54:46.0438 9340 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:54:46.0439 9340 vsmraid - ok
16:54:46.0491 9340 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:54:46.0503 9340 VSS - ok
16:54:46.0522 9340 VSS32 - ok
16:54:46.0524 9340 VSS3232 - ok
16:54:46.0571 9340 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:54:46.0572 9340 vwifibus - ok
16:54:46.0586 9340 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:54:46.0587 9340 vwififlt - ok
16:54:46.0599 9340 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:54:46.0600 9340 vwifimp - ok
16:54:46.0621 9340 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:54:46.0628 9340 W32Time - ok
16:54:46.0632 9340 W32Time32 - ok
16:54:46.0636 9340 W32Time3232 - ok
16:54:46.0664 9340 wacmoumonitor (37e4600e2cdad3c1a3613a25b97d457c) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
16:54:46.0665 9340 wacmoumonitor - ok
16:54:46.0680 9340 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
16:54:46.0681 9340 wacommousefilter - ok
16:54:46.0695 9340 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:54:46.0696 9340 WacomPen - ok
16:54:46.0737 9340 wacomvhid (26b430e7c5f598fe7353e3bc4b261321) C:\Windows\system32\DRIVERS\wacomvhid.sys
16:54:46.0738 9340 wacomvhid - ok
16:54:46.0747 9340 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:54:46.0749 9340 WANARP - ok
16:54:46.0753 9340 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:54:46.0754 9340 Wanarpv6 - ok
16:54:46.0810 9340 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:54:46.0818 9340 WatAdminSvc - ok
16:54:46.0876 9340 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:54:46.0889 9340 wbengine - ok
16:54:46.0931 9340 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:54:46.0937 9340 WbioSrvc - ok
16:54:46.0943 9340 WbioSrvc32 - ok
16:54:46.0948 9340 WbioSrvc3232 - ok
16:54:46.0952 9340 WbioSrvc323232 - ok
16:54:46.0957 9340 WbioSrvc32323232 - ok
16:54:46.0962 9340 WbioSrvc3232323232 - ok
16:54:46.0966 9340 WbioSrvc323232323232 - ok
16:54:46.0990 9340 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:54:46.0996 9340 wcncsvc - ok
16:54:47.0000 9340 wcncsvc32 - ok
16:54:47.0005 9340 wcncsvc3232 - ok
16:54:47.0019 9340 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:54:47.0022 9340 WcsPlugInService - ok
16:54:47.0023 9340 WcsPlugInService32 - ok
16:54:47.0026 9340 WcsPlugInService3232 - ok
16:54:47.0029 9340 WcsPlugInService323232 - ok
16:54:47.0039 9340 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:54:47.0040 9340 Wd - ok
16:54:47.0073 9340 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
16:54:47.0074 9340 WDC_SAM - ok
16:54:47.0100 9340 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:54:47.0106 9340 Wdf01000 - ok
16:54:47.0122 9340 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:54:47.0127 9340 WdiServiceHost - ok
16:54:47.0130 9340 WdiServiceHost32 - ok
16:54:47.0135 9340 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:54:47.0139 9340 WdiSystemHost - ok
16:54:47.0142 9340 WdiSystemHost32 - ok
16:54:47.0145 9340 WdiSystemHost3232 - ok
16:54:47.0149 9340 WdiSystemHost323232 - ok
16:54:47.0170 9340 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:54:47.0175 9340 WebClient - ok
16:54:47.0177 9340 WebClient32 - ok
16:54:47.0191 9340 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:54:47.0195 9340 Wecsvc - ok
16:54:47.0203 9340 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:54:47.0207 9340 wercplsupport - ok
16:54:47.0209 9340 wercplsupport32 - ok
16:54:47.0213 9340 wercplsupport3232 - ok
16:54:47.0217 9340 wercplsupport323232 - ok
16:54:47.0227 9340 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:54:47.0229 9340 WerSvc - ok
16:54:47.0231 9340 WerSvc32 - ok
16:54:47.0233 9340 WerSvc3232 - ok
16:54:47.0244 9340 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:54:47.0244 9340 WfpLwf - ok
16:54:47.0258 9340 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:54:47.0258 9340 WIMMount - ok
16:54:47.0260 9340 WinDefend32 - ok
16:54:47.0263 9340 WinDefend3232 - ok
16:54:47.0265 9340 WinDefend323232 - ok
16:54:47.0269 9340 WinHttpAutoProxySvc - ok
16:54:47.0272 9340 WinHttpAutoProxySvc32 - ok
16:54:47.0275 9340 WinHttpAutoProxySvc3232 - ok
16:54:47.0277 9340 WinHttpAutoProxySvc323232 - ok
16:54:47.0315 9340 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:54:47.0317 9340 Winmgmt - ok
16:54:47.0321 9340 Winmgmt32 - ok
16:54:47.0325 9340 Winmgmt3232 - ok
16:54:47.0390 9340 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:54:47.0405 9340 WinRM - ok
16:54:47.0468 9340 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:54:47.0469 9340 WinUsb - ok
16:54:47.0502 9340 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:54:47.0512 9340 Wlansvc - ok
16:54:47.0522 9340 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:54:47.0523 9340 WmiAcpi - ok
16:54:47.0538 9340 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:54:47.0540 9340 wmiApSrv - ok
16:54:47.0546 9340 wmiApSrv32 - ok
16:54:47.0549 9340 wmiApSrv3232 - ok
16:54:47.0561 9340 WMPNetworkSvc - ok
16:54:47.0564 9340 WMPNetworkSvc32 - ok
16:54:47.0577 9340 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:54:47.0580 9340 WPCSvc - ok
16:54:47.0582 9340 WPCSvc32 - ok
16:54:47.0585 9340 WPCSvc3232 - ok
16:54:47.0588 9340 WPCSvc323232 - ok
16:54:47.0591 9340 WPCSvc32323232 - ok
16:54:47.0607 9340 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:54:47.0611 9340 WPDBusEnum - ok
16:54:47.0613 9340 WPDBusEnum32 - ok
16:54:47.0616 9340 WPDBusEnum3232 - ok
16:54:47.0619 9340 WPDBusEnum323232 - ok
16:54:47.0632 9340 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:54:47.0632 9340 ws2ifsl - ok
16:54:47.0635 9340 wscsvc32 - ok
16:54:47.0638 9340 wscsvc3232 - ok
16:54:47.0641 9340 wscsvc323232 - ok
16:54:47.0644 9340 WSearch - ok
16:54:47.0646 9340 WSearch32 - ok
16:54:47.0694 9340 WTouchService (a2cc9a9bc30c6141ff99d85a4e26d7a7) C:\Program Files\WTouch\WTouchService.exe
16:54:47.0694 9340 WTouchService - ok
16:54:47.0790 9340 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:54:47.0810 9340 wuauserv - ok
16:54:47.0817 9340 wuauserv3232 - ok
16:54:47.0821 9340 wuauserv323232 - ok
16:54:47.0866 9340 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:54:47.0867 9340 WudfPf - ok
16:54:47.0879 9340 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:54:47.0881 9340 WUDFRd - ok
16:54:47.0892 9340 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:54:47.0896 9340 wudfsvc - ok
16:54:47.0913 9340 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:54:47.0919 9340 WwanSvc - ok
16:54:47.0922 9340 WwanSvc32 - ok
16:54:47.0926 9340 WwanSvc3232 - ok
16:54:47.0964 9340 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
16:54:47.0967 9340 yukonw7 - ok
16:54:47.0978 9340 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:54:48.0207 9340 \Device\Harddisk0\DR0 - ok
16:54:48.0243 9340 Boot (0x1200) (0424df4469f7250b58b29d3109348a45) \Device\Harddisk0\DR0\Partition0
16:54:48.0245 9340 \Device\Harddisk0\DR0\Partition0 - ok
16:54:48.0250 9340 Boot (0x1200) (18f27cf15da3572fa440662000f39bc4) \Device\Harddisk0\DR0\Partition1
16:54:48.0252 9340 \Device\Harddisk0\DR0\Partition1 - ok
16:54:48.0279 9340 Boot (0x1200) (053ab41d1903f5ed8f129e1fc062baeb) \Device\Harddisk0\DR0\Partition2
16:54:48.0281 9340 \Device\Harddisk0\DR0\Partition2 - ok
16:54:48.0281 9340 ============================================================
16:54:48.0281 9340 Scan finished
16:54:48.0281 9340 ============================================================
16:54:48.0290 8772 Detected object count: 0
16:54:48.0290 8772 Actual detected object count: 0
16:55:14.0027 8016 Deinitialize success

#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 20 July 2012 - 03:59 PM

Hi,

Please run the following

Refer to the ComboFix User's Guide

  • Download ComboFix from the following location:

    Link

    * IMPORTANT !!! Place ComboFix.exe on your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
    You can get help on disabling your protection programs here
  • Double click on ComboFix.exe & follow the prompts.
  • Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  • When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


    ---------------------------------------------------------------------------------------------
  • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

    ---------------------------------------------------------------------------------------------

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 04:46 PM

Ran combofix as per the instruction manual. It extracted the files and forced my computer to reboot (don't even think it ran). Went to the screen where I choose if I want Windows 7 or Ubuntu, chose windows and now it's at a black screen with my mouse cursor. What do I do now?

#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 20 July 2012 - 04:56 PM

reboot and tap F8 on boot up until an option menu appears > Select "Repair your computer" and press Enter. > Select your keyboard language preferences and click on Next > Select your user name and type in the password, and then click on OK. (if there is no password just press enter)> Select which operating system you want to restore and the click on Next > Select the system recovery option you want to do > choose system restore > choose the restore point that was made by ComboFix prior to running it > your computer should now restore to it's state prior to running ComboFix.


We will have to take a different approach to cleaning this computer, so please run the following:


download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to the disclaimer.
[*]Place a check next to List Drivers MD5 as well as the default check marks that are already there
[*]Press Scan button.
[*]FRST will let you know when the scan is complete and has written the FRST.txt to file, close out this message, then type the following into the search box:
services.exe
[*]now press the search button
[*]when the search is complete, search.txt will also be written to your USB
[*]type exit and reboot the computer normally
[*]please copy and paste both logs in your reply.(FRST.txt and Search.txt)[/list]

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 05:02 PM

Weird. I'm looking at the restore points. Doesn't seem ComboFix even made a restore points. Nearest one is 7/12 when Windows updated.

#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 20 July 2012 - 05:08 PM

give that a try,

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 05:18 PM

Just did the restore. Still black screen.

#10 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 20 July 2012 - 06:09 PM

ok, try the directions for FRST

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#11 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 06:44 PM

Scan result of Farbar Recovery Scan Tool Version: 20-07-2012 01
Ran by SYSTEM at 20-07-2012 19:38:57
Running from D:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10038304 2010-01-28] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [3459712 2011-05-10] (AVAST Software)
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-03-22] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml [10752 2012-01-31] ()
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [296056 2012-05-25] (RealNetworks, Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [641704 2012-06-11] (Advanced Micro Devices, Inc.)
HKU\user\...\Run: [Diagnostics] rundll32.exe "C:\Users\user\AppData\Local\Temp\",CreateInstance [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 167.206.245.129 167.206.245.130
Startup: C:\Users\user\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) ======

2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [42184 2011-05-10] (AVAST Software)
3 Futuremark SystemInfo Service; "C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe" [130976 2011-03-01] (Futuremark Corporation)
2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-23] (Wacom Technology, Corp.)
2 AeLookupSvc32; C:\programdata\display32.exe [x]
2 AeLookupSvc3232; C:\programdata\iphlpapi32.exe [x]
2 ALG3232; C:\programdata\kbdlk41a32.exe [x]
2 AppIDSvc32; C:\programdata\wmpdxm32.exe [x]
2 Appinfo32; C:\programdata\uiribbon32.exe [x]
2 Appinfo3232; C:\programdata\w32topl32.exe [x]
2 Appinfo323232; C:\programdata\smbhelperclass32.exe [x]
2 AudioEndpointBuilder32; C:\programdata\cmicryptinstall32.exe [x]
2 AudioEndpointBuilder3232; C:\programdata\sechost32.exe [x]
2 AudioEndpointBuilder323232; C:\programdata\msclmd32.exe [x]
2 AudioEndpointBuilder32323232; C:\programdata\storagecontexthandler32.exe [x]
2 AudioSrv32; C:\programdata\advpack32.exe [x]
2 AudioSrv3232; C:\programdata\msrdpwebaccess32.exe [x]
2 AudioSrv323232; C:\programdata\odfox3232.exe [x]
2 avast! Antivirus32; C:\programdata\wmi32.exe [x]
2 avast! Antivirus3232; C:\programdata\dsauth32.exe [x]
2 AxInstSV32; C:\programdata\msrepl4032.exe [x]
2 AxInstSV3232; C:\programdata\nlsdata000a32.exe [x]
2 BDESVC32; C:\programdata\oddbse3232.exe [x]
2 BDESVC3232; C:\programdata\secproc_ssp32.exe [x]
2 BFE32; C:\programdata\difxapi32.exe [x]
2 BFE3232; C:\programdata\lvui2rc32.exe [x]
2 BFE323232; C:\programdata\kbdwol32.exe [x]
2 BITS32; C:\programdata\elscore32.exe [x]
2 BITS3232; C:\programdata\p2pgraph32.exe [x]
2 BITS323232; C:\programdata\ntshrui32.exe [x]
2 BITS32323232; C:\programdata\certpoleng32.exe [x]
2 Browser32; C:\programdata\api-ms-win-core-processthreads-l1-1-032.exe [x]
2 Browser3232; C:\programdata\fxscom32.exe [x]
2 bthserv32; C:\programdata\virtdisk32.exe [x]
2 bthserv3232; C:\programdata\occache32.exe [x]
2 CertPropSvc32; C:\programdata\cngprovider32.exe [x]
2 CertPropSvc3232; C:\programdata\dhcpcore32.exe [x]
2 clr_optimization_v2.0.50727_3232; C:\programdata\autoplay32.exe [x]
2 clr_optimization_v2.0.50727_323232; C:\programdata\mfvdsp32.exe [x]
2 clr_optimization_v2.0.50727_32323232; C:\programdata\clusapi32.exe [x]
2 clr_optimization_v2.0.50727_3232323232; C:\programdata\kbdtiprc32.exe [x]
2 clr_optimization_v2.0.50727_323232323232; C:\programdata\usbperf32.exe [x]
2 clr_optimization_v2.0.50727_6432; C:\programdata\iepeers32.exe [x]
2 clr_optimization_v2.0.50727_643232; C:\programdata\mf321632.exe [x]
2 clr_optimization_v4.0.30319_3232; C:\programdata\sensapi32.exe [x]
2 clr_optimization_v4.0.30319_6432; C:\programdata\ir50_qcx32.exe [x]
2 clr_optimization_v4.0.30319_643232; C:\programdata\kbdth032.exe [x]
2 COMSysApp32; C:\programdata\kbdmlt4732.exe [x]
2 CryptSvc32; C:\programdata\winsyncproviders32.exe [x]
2 DcomLaunch32; C:\programdata\fde32.exe [x]
2 defragsvc32; C:\programdata\appidapi32.exe [x]
2 defragsvc3232; C:\programdata\provsvc32.exe [x]
2 Dnscache32; C:\programdata\syssetup32.exe [x]
2 Dnscache3232; C:\programdata\apphelp32.exe [x]
2 dot3svc3232; C:\programdata\kbdno132.exe [x]
2 dot3svc323232; C:\programdata\cmstplua32.exe [x]
2 EapHost32; C:\programdata\wmdmlog32.exe [x]
2 EapHost3232; C:\programdata\msvcrt32.exe [x]
2 EapHost323232; C:\programdata\pcaui32.exe [x]
2 EFS32; C:\programdata\wmerror32.exe [x]
2 EFS3232; C:\programdata\usp1032.exe [x]
2 ehRecvr32; C:\programdata\fundisc32.exe [x]
2 ehRecvr3232; C:\programdata\kbdbgph132.exe [x]
2 ehRecvr323232; C:\programdata\umdmxfrm32.exe [x]
2 ehRecvr32323232; C:\programdata\mmcshext32.exe [x]
2 ehSched32; C:\programdata\logidpp32.exe [x]
2 ehSched3232; C:\programdata\radardt32.exe [x]
2 ehSched323232; C:\programdata\sppcommdlg32.exe [x]
2 eventlog32; C:\programdata\samcli32.exe [x]
2 EventSystem32; C:\programdata\nlslexicons000232.exe [x]
2 EventSystem3232; C:\programdata\atiadlxy32.exe [x]
2 Fax32; C:\programdata\nlmgp32.exe [x]
2 Fax3232; C:\programdata\iepeers32.exe [x]
2 fdPHost32; C:\programdata\query32.exe [x]
2 FDResPub32; C:\programdata\dpx32.exe [x]
2 FDResPub3232; C:\programdata\api-ms-win-core-console-l1-1-032.exe [x]
2 FontCache3.0.0.032; C:\programdata\prncache32.exe [x]
2 FontCache3.0.0.03232; C:\programdata\nlsdata081632.exe [x]
2 FontCache3.0.0.0323232; C:\programdata\console32.exe [x]
2 FontCache32; C:\programdata\chsbrkr32.exe [x]
2 FontCache3232; C:\programdata\msjet4032.exe [x]
2 Futuremark SystemInfo Service32; C:\programdata\iprtprio32.exe [x]
2 Futuremark SystemInfo Service3232; C:\programdata\wwanapi32.exe [x]
2 Futuremark SystemInfo Service323232; C:\programdata\mspbde4032.exe [x]
2 Futuremark SystemInfo Service32323232; C:\programdata\msimg3232.exe [x]
2 Futuremark SystemInfo Service3232323232; C:\programdata\mmcico32.exe [x]
2 gpsvc32; C:\programdata\uxinit32.exe [x]
2 gpsvc3232; C:\programdata\cliconfg32.exe [x]
2 gpsvc323232; C:\programdata\acledit32.exe [x]
2 hidserv32; C:\programdata\rgb9rast32.exe [x]
2 hkmsvc32; C:\programdata\netmsg32.exe [x]
2 hkmsvc3232; C:\programdata\ncsi32.exe [x]
2 HomeGroupListener32; C:\programdata\kbdhau32.exe [x]
2 HomeGroupListener3232; C:\programdata\amxread32.exe [x]
2 HomeGroupListener323232; C:\programdata\d3dx11_4332.exe [x]
2 HomeGroupListener32323232; C:\programdata\dbnetlib32.exe [x]
2 HomeGroupListener3232323232; C:\programdata\apds32.exe [x]
2 HomeGroupProvider32; C:\programdata\kbda132.exe [x]
2 HomeGroupProvider3232; C:\programdata\untfs32.exe [x]
2 idsvc32; C:\programdata\d3dx9_4232.exe [x]
2 idsvc3232; C:\programdata\adtschema32.exe [x]
2 idsvc323232; C:\programdata\storagecontexthandler32.exe [x]
2 idsvc32323232; C:\programdata\kbdarme32.exe [x]
2 idsvc3232323232; C:\programdata\eappcfg32.exe [x]
2 IKEEXT32; C:\programdata\xwtpdui32.exe [x]
2 IKEEXT323232; C:\programdata\kbdbr32.exe [x]
2 IKEEXT32323232; C:\programdata\dui7032.exe [x]
2 IPBusEnum32; C:\programdata\kbdlv132.exe [x]
2 iphlpsvc32; C:\programdata\ntlanman32.exe [x]
2 KeyIso32; C:\programdata\dsauth32.exe [x]
2 KeyIso3232; C:\programdata\onexui32.exe [x]
2 KtmRm32; C:\programdata\icardie32.exe [x]
2 LanmanServer32; C:\programdata\resutils32.exe [x]
2 LanmanServer3232; C:\programdata\advapi3232.exe [x]
2 LanmanServer323232; C:\programdata\ieui32.exe [x]
2 LanmanServer32323232; C:\programdata\kbdinmar32.exe [x]
2 LanmanWorkstation32; C:\programdata\mp4sdecd32.exe [x]
2 LanmanWorkstation3232; C:\programdata\uudf32.exe [x]
2 lltdsvc32; C:\programdata\hlink32.exe [x]
2 lltdsvc3232; C:\programdata\kbdth132.exe [x]
2 lmhosts32; C:\programdata\kbdgeoqw32.exe [x]
2 Mcx2Svc32; C:\programdata\esentprf32.exe [x]
2 Mcx2Svc3232; C:\programdata\explorerframe32.exe [x]
2 Mcx2Svc323232; C:\programdata\wiashext32.exe [x]
2 Mcx2Svc32323232; C:\programdata\comcat32.exe [x]
2 MMCSS32; C:\programdata\nlslexicons041632.exe [x]
2 MMCSS3232; C:\programdata\mmcshext32.exe [x]
2 MMCSS323232; C:\programdata\dbnmpntw32.exe [x]
2 MMCSS32323232; C:\programdata\kbdbe32.exe [x]
2 MMCSS3232323232; C:\programdata\msvfw3232.exe [x]
2 MMCSS323232323232; C:\programdata\mpr32.exe [x]
2 MpsSvc32; C:\programdata\kbdgkl32.exe [x]
2 MpsSvc3232; C:\programdata\atigktxx32.exe [x]
2 MpsSvc323232; C:\programdata\pku2u32.exe [x]
2 MpsSvc32323232; C:\programdata\kbdhela332.exe [x]
2 MSDTC32; C:\programdata\dxptaskringtone32.exe [x]
2 MSDTC3232; C:\programdata\audiokse32.exe [x]
2 MSDTC323232; C:\programdata\wpdwcn32.exe [x]
2 MSDTC32323232; C:\programdata\odbccr3232.exe [x]
2 MSDTC3232323232; C:\programdata\winusb32.exe [x]
2 MSiSCSI32; C:\programdata\amxread32.exe [x]
2 MSiSCSI3232; C:\programdata\odbc32gt32.exe [x]
2 MSiSCSI323232; C:\programdata\ieakeng32.exe [x]
2 msiserver32; C:\programdata\kbdur32.exe [x]
2 msiserver3232; C:\programdata\msac3enc32.exe [x]
2 napagent32; C:\programdata\rasppp32.exe [x]
2 Netman32; C:\programdata\spwizres32.exe [x]
2 netprofm32; C:\programdata\portabledevicetypes32.exe [x]
2 NetTcpPortSharing32; C:\programdata\wecapi32.exe [x]
2 NlaSvc32; C:\programdata\nsi32.exe [x]
2 nsi32; C:\programdata\vidreszr32.exe [x]
2 nsi3232; C:\programdata\apphelp32.exe [x]
2 nsi323232; C:\programdata\dot3gpui32.exe [x]
2 ose32; C:\programdata\bitsprx632.exe [x]
2 ose3232; C:\programdata\oddbse3232.exe [x]
2 ose323232; C:\programdata\amdocl32.exe [x]
2 osppsvc32; C:\programdata\wmdrmnet32.exe [x]
2 p2pimsvc32; C:\programdata\psbase32.exe [x]
2 p2pimsvc3232; C:\programdata\msvcr100_clr040032.exe [x]
2 p2pimsvc323232; C:\programdata\msrdpwebaccess32.exe [x]
2 p2pimsvc32323232; C:\programdata\adprovider32.exe [x]
2 p2pimsvc3232323232; C:\programdata\ws2help32.exe [x]
2 p2psvc32; C:\programdata\trapi32.exe [x]
2 p2psvc3232; C:\programdata\msoert232.exe [x]
2 p2psvc323232; C:\programdata\msafd32.exe [x]
2 p2psvc32323232; C:\programdata\rgb9rast32.exe [x]
2 p2psvc3232323232; C:\programdata\msdtcvsp1res32.exe [x]
2 PcaSvc32; C:\programdata\nlslexicons001332.exe [x]
2 PerfHost32; C:\programdata\kbdsl132.exe [x]
2 PerfHost3232; C:\programdata\dot3dlg32.exe [x]
2 pla32; C:\programdata\kbdinmar32.exe [x]
2 pla3232; C:\programdata\wmpsrcwp32.exe [x]
2 pla323232; C:\programdata\mssitlb32.exe [x]
2 PNRPsvc32; C:\programdata\fdwcn32.exe [x]
2 PNRPsvc3232; C:\programdata\appidapi32.exe [x]
2 PNRPsvc323232; C:\programdata\ole232.exe [x]
2 PolicyAgent32; C:\programdata\api-ms-win-core-localregistry-l1-1-032.exe [x]
2 PolicyAgent3232; C:\programdata\nlsdata004732.exe [x]
2 PolicyAgent323232; C:\programdata\cmicryptinstall32.exe [x]
2 PolicyAgent32323232; C:\programdata\nlmsprep32.exe [x]
2 PolicyAgent3232323232; C:\programdata\msexch4032.exe [x]
2 PolicyAgent323232323232; C:\programdata\shunimpl32.exe [x]
2 ProfSvc32; C:\programdata\msrle3232.exe [x]
2 ProfSvc3232; C:\programdata\msfeeds32.exe [x]
2 ProfSvc323232; C:\programdata\msdelta32.exe [x]
2 RasAuto32; C:\programdata\mp4sdecd32.exe [x]
2 RasMan32; C:\programdata\authui32.exe [x]
2 RasMan3232; C:\programdata\qedwipes32.exe [x]
2 RemoteAccess32; C:\programdata\mfvdsp32.exe [x]
2 RemoteAccess3232; C:\programdata\wcspluginservice32.exe [x]
2 RemoteAccess323232; C:\programdata\wsmwmipl32.exe [x]
2 RemoteRegistry3232; C:\programdata\bitsprx232.exe [x]
2 RemoteRegistry323232; C:\programdata\kbdycc32.exe [x]
2 RemoteRegistry32323232; C:\programdata\remotepg32.exe [x]
2 RpcEptMapper32; C:\programdata\avifil3232.exe [x]
2 RpcSs32; C:\programdata\dpapiprovider32.exe [x]
2 RpcSs3232; C:\programdata\mscoree32.exe [x]
2 RpcSs323232; C:\programdata\msrd3x4032.exe [x]
2 RpcSs32323232; C:\programdata\msxml632.exe [x]
2 SamSs32; C:\programdata\mscorier32.exe [x]
2 SCardSvr32; C:\programdata\kbdhu32.exe [x]
2 Schedule32; C:\programdata\wmvencod32.exe [x]
2 SCPolicySvc32; C:\programdata\kbdsl132.exe [x]
2 SeaPort32; C:\programdata\d3d1132.exe [x]
2 seclogon32; C:\programdata\kbdcz132.exe [x]
2 SENS32; C:\programdata\wlandlg32.exe [x]
2 SENS3232; C:\programdata\imgutil32.exe [x]
2 SENS323232; C:\programdata\hnetcfg32.exe [x]
2 SENS32323232; C:\programdata\ws2_3232.exe [x]
2 SensrSvc32; C:\programdata\gameuxlegacygdfs32.exe [x]
2 SensrSvc3232; C:\programdata\eapphost32.exe [x]
2 SensrSvc323232; C:\programdata\negoexts32.exe [x]
2 SessionEnv32; C:\programdata\msi32.exe [x]
2 SessionEnv3232; C:\programdata\mtxdm32.exe [x]
2 sftlist32; C:\programdata\dwmapi32.exe [x]
2 sftvsa32; C:\programdata\loghours32.exe [x]
2 sftvsa3232; C:\programdata\kbdsn132.exe [x]
2 ShellHWDetection32; C:\programdata\msxml332.exe [x]
2 ShellHWDetection3232; C:\programdata\credui32.exe [x]
2 ShellHWDetection323232; C:\programdata\hid32.exe [x]
2 ShellHWDetection32323232; C:\programdata\actioncentercpl32.exe [x]
2 Spooler32; C:\programdata\msisip32.exe [x]
2 Spooler3232; C:\programdata\elstrans32.exe [x]
2 Spooler323232; C:\programdata\kbdlt232.exe [x]
2 Spooler32323232; C:\programdata\pwrshplugin32.exe [x]
2 Spooler3232323232; C:\programdata\sirenacm32.exe [x]
2 sppsvc32; C:\programdata\tdh32.exe [x]
2 sppsvc3232; C:\programdata\tvratings32.exe [x]
2 sppsvc323232; C:\programdata\ir50_qc32.exe [x]
2 sppsvc32323232; C:\programdata\naphlpr32.exe [x]
2 sppuinotify32; C:\programdata\resampledmo32.exe [x]
2 SstpSvc32; C:\programdata\prnfldr32.exe [x]
2 SstpSvc3232; C:\programdata\syncreg32.exe [x]
2 swprv32; C:\programdata\api-ms-win-core-util-l1-1-032.exe [x]
2 swprv3232; C:\programdata\oleacc32.exe [x]
2 SysMain32; C:\programdata\objsel32.exe [x]
2 SysMain3232; C:\programdata\ir50_qc32.exe [x]
2 SysMain323232; C:\programdata\elstrans32.exe [x]
2 TabletInputService32; C:\programdata\mciwave32.exe [x]
2 TabletInputService3232; C:\programdata\bitsprx432.exe [x]
2 TabletInputService323232; C:\programdata\ctl3d3232.exe [x]
2 TapiSrv32; C:\programdata\iepeers32.exe [x]
2 TermService32; C:\programdata\sqlcese3032.exe [x]
2 Themes32; C:\programdata\kbdru132.exe [x]
2 Themes3232; C:\programdata\pstorec32.exe [x]
2 Themes323232; C:\programdata\iasrecst32.exe [x]
2 THREADORDER32; C:\programdata\audioses32.exe [x]
2 TrkWks32; C:\programdata\windowscodecs32.exe [x]
2 TrustedInstaller32; C:\programdata\ir50_3232.exe [x]
2 TrustedInstaller3232; C:\programdata\onlineidcpl32.exe [x]
2 UI0Detect32; C:\programdata\mssprxy32.exe [x]
2 UI0Detect3232; C:\programdata\wfapigp32.exe [x]
2 UMVPFSrv32; C:\programdata\sxsstore32.exe [x]
2 UMVPFSrv3232; C:\programdata\polstore32.exe [x]
2 upnphost32; C:\programdata\portabledevicetypes32.exe [x]
2 UxSms32; C:\programdata\nlslexicons001932.exe [x]
2 UxSms3232; C:\programdata\printui32.exe [x]
2 UxSms323232; C:\programdata\kbdinguj32.exe [x]
2 VaultSvc32; C:\programdata\kbdlt132.exe [x]
2 VaultSvc3232; C:\programdata\kbdjpn32.exe [x]
2 vds32; C:\programdata\admparse32.exe [x]
2 vds3232; C:\programdata\wmvxencd32.exe [x]
2 vds323232; C:\programdata\serwvdrv32.exe [x]
2 VSS32; C:\programdata\fxscom32.exe [x]
2 VSS3232; C:\programdata\api-ms-win-core-io-l1-1-032.exe [x]
2 W32Time32; C:\programdata\kbdsmsno32.exe [x]
2 W32Time3232; C:\programdata\fwremotesvr32.exe [x]
2 WbioSrvc32; C:\programdata\uxinit32.exe [x]
2 WbioSrvc3232; C:\programdata\api-ms-win-core-localregistry-l1-1-032.exe [x]
2 WbioSrvc323232; C:\programdata\tcpipcfg32.exe [x]
2 WbioSrvc32323232; C:\programdata\idndl32.exe [x]
2 WbioSrvc3232323232; C:\programdata\nlsdata041632.exe [x]
2 WbioSrvc323232323232; C:\programdata\reagent32.exe [x]
2 wcncsvc32; C:\programdata\iepeers32.exe [x]
2 wcncsvc3232; C:\programdata\apss32.exe [x]
2 WcsPlugInService32; C:\programdata\kernel3232.exe [x]
2 WcsPlugInService3232; C:\programdata\secproc32.exe [x]
2 WcsPlugInService323232; C:\programdata\dot3api32.exe [x]
2 WdiServiceHost32; C:\programdata\chtbrkr32.exe [x]
2 WdiSystemHost32; C:\programdata\wininet32.exe [x]
2 WdiSystemHost3232; C:\programdata\kbdinori32.exe [x]
2 WdiSystemHost323232; C:\programdata\vss_ps32.exe [x]
2 WebClient32; C:\programdata\dxgi32.exe [x]
2 wercplsupport32; C:\programdata\nlslexicons002a32.exe [x]
2 wercplsupport3232; C:\programdata\wmpdui32.exe [x]
2 wercplsupport323232; C:\programdata\onex32.exe [x]
2 WerSvc32; C:\programdata\samlib32.exe [x]
2 WerSvc3232; C:\programdata\kbdgeo32.exe [x]
2 WinDefend32; C:\programdata\clb32.exe [x]
2 WinDefend3232; C:\programdata\mfaacenc32.exe [x]
2 WinDefend323232; C:\programdata\sscore32.exe [x]
2 WinHttpAutoProxySvc32; C:\programdata\nlaapi32.exe [x]
2 WinHttpAutoProxySvc3232; C:\programdata\uicom32.exe [x]
2 WinHttpAutoProxySvc323232; C:\programdata\xwizards32.exe [x]
2 Winmgmt32; C:\programdata\imm3232.exe [x]
2 Winmgmt3232; C:\programdata\wsnmp3232.exe [x]
2 wmiApSrv32; C:\programdata\netjoin32.exe [x]
2 wmiApSrv3232; C:\programdata\kbdax232.exe [x]
2 WMPNetworkSvc32; C:\programdata\p2p32.exe [x]
2 WPCSvc32; C:\programdata\mfps32.exe [x]
2 WPCSvc3232; C:\programdata\cabinet32.exe [x]
2 WPCSvc323232; C:\programdata\alttab32.exe [x]
2 WPCSvc32323232; C:\programdata\dpnhupnp32.exe [x]
2 WPDBusEnum32; C:\programdata\drmmgrtn32.exe [x]
2 WPDBusEnum3232; C:\programdata\atiu9pag32.exe [x]
2 WPDBusEnum323232; C:\programdata\xwreg32.exe [x]
2 wscsvc32; C:\windows\system32\atl32.exe [x]
2 wscsvc3232; C:\programdata\c_is202232.exe [x]
2 wscsvc323232; C:\programdata\racpldlg32.exe [x]
2 WSearch32; C:\programdata\url32.exe [x]
2 wuauserv3232; C:\programdata\azroles32.exe [x]
2 wuauserv323232; C:\programdata\webclnt32.exe [x]
2 WwanSvc32; C:\programdata\uianimation32.exe [x]
2 WwanSvc3232; C:\programdata\imgutil32.exe [x]

========================== Drivers (Whitelisted) =============

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [22360 2011-05-10] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [64344 2011-05-10] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [31064 2011-05-10] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [600920 2011-05-10] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [287576 2011-05-10] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [53592 2011-05-10] (AVAST Software)
3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] ()
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-07-20 19:37 - 2012-07-20 19:38 - 00000000 ____D C:\FRST
2012-07-20 13:32 - 2012-07-20 13:32 - 00000000 ___SD C:\32788R22FWJFW
2012-07-20 13:32 - 2012-07-20 13:32 - 00000000 ____D C:\Windows\erdnt
2012-07-20 13:32 - 2012-07-20 13:32 - 00000000 ____D C:\Qoobox
2012-07-20 13:28 - 2012-07-20 13:28 - 04582461 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2012-07-20 12:48 - 2012-07-20 12:48 - 02117152 ____A C:\Users\user\Desktop\tdsskiller.zip
2012-07-20 12:46 - 2012-07-20 12:46 - 00002040 ____A C:\Users\user\Desktop\aswMBR.txt
2012-07-20 12:46 - 2012-07-20 12:46 - 00000571 ____A C:\Users\user\Desktop\MBR.zip
2012-07-20 12:46 - 2012-07-20 12:46 - 00000512 ____A C:\Users\user\Desktop\MBR.dat
2012-07-20 12:39 - 2012-07-20 12:39 - 04731392 ____A (AVAST Software) C:\Users\user\Desktop\aswMBR.exe
2012-07-19 06:06 - 2012-07-19 06:06 - 00002361 ____A C:\Users\user\Desktop\Attach.zip
2012-07-19 06:05 - 2012-07-19 06:05 - 00061319 ____A C:\Users\user\Desktop\DDS.txt
2012-07-19 06:05 - 2012-07-19 06:05 - 00006004 ____A C:\Users\user\Desktop\Attach.txt
2012-07-18 13:16 - 2012-07-18 13:17 - 00607260 ____R (Swearware) C:\Users\user\Desktop\dds.scr
2012-07-18 07:18 - 2012-07-18 07:18 - 00001111 ____A C:\Users\Public\Desktop\DriveImage XML.lnk
2012-07-18 07:18 - 2012-07-18 07:18 - 00000000 ____D C:\Program Files (x86)\Runtime Software
2012-07-18 07:12 - 2012-07-18 07:12 - 02013115 ____A C:\Users\user\Downloads\dixmlsetup.exe
2012-07-16 18:11 - 2012-07-20 12:49 - 02136664 ____A (Kaspersky Lab ZAO) C:\Users\user\Desktop\TDSSKiller.exe
2012-07-16 08:02 - 2012-07-20 13:18 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-07-13 21:45 - 2012-07-13 21:45 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2012-07-13 17:31 - 2012-07-13 17:31 - 00000000 ____D C:\Users\All Users\ATI
2012-07-13 17:31 - 2012-07-13 17:31 - 00000000 ____D C:\Program Files (x86)\AMD APP
2012-07-12 23:02 - 2012-06-11 19:08 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-07-12 23:00 - 2012-06-02 04:49 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-07-12 23:00 - 2012-06-02 04:17 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-07-12 23:00 - 2012-06-02 04:12 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-07-12 23:00 - 2012-06-02 04:05 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-07-12 23:00 - 2012-06-02 04:05 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-07-12 23:00 - 2012-06-02 04:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-07-12 23:00 - 2012-06-02 04:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-07-12 23:00 - 2012-06-02 04:03 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-07-12 23:00 - 2012-06-02 04:01 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-07-12 23:00 - 2012-06-02 04:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-07-12 23:00 - 2012-06-02 03:59 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-07-12 23:00 - 2012-06-02 03:57 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-07-12 23:00 - 2012-06-02 03:57 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-07-12 23:00 - 2012-06-02 03:54 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-07-12 23:00 - 2012-06-02 01:07 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-07-12 23:00 - 2012-06-02 00:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-07-12 23:00 - 2012-06-02 00:33 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-07-12 23:00 - 2012-06-02 00:26 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-07-12 23:00 - 2012-06-02 00:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-07-12 23:00 - 2012-06-02 00:25 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-07-12 23:00 - 2012-06-02 00:23 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-07-12 23:00 - 2012-06-02 00:21 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-07-12 23:00 - 2012-06-02 00:20 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-07-12 23:00 - 2012-06-02 00:19 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-07-12 23:00 - 2012-06-02 00:19 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-07-12 23:00 - 2012-06-02 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-07-12 23:00 - 2012-06-02 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-07-12 23:00 - 2012-06-02 00:14 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-07-12 06:32 - 2012-06-05 22:06 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-07-12 06:32 - 2012-06-05 22:06 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-07-12 06:32 - 2012-06-05 21:05 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-07-12 06:32 - 2012-06-05 21:05 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-07-12 06:32 - 2010-06-25 19:55 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2012-07-12 06:32 - 2010-06-25 19:24 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2012-07-12 06:12 - 2012-06-08 21:43 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-07-12 06:12 - 2012-06-08 20:41 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-07-12 06:12 - 2012-06-05 22:02 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-07-12 06:12 - 2012-06-05 21:03 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-07-12 06:12 - 2012-06-01 21:50 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-07-12 06:12 - 2012-06-01 21:48 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-07-12 06:12 - 2012-06-01 21:48 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-07-12 06:12 - 2012-06-01 21:45 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-07-12 06:12 - 2012-06-01 21:44 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-07-12 06:12 - 2012-06-01 20:40 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-07-12 06:12 - 2012-06-01 20:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-07-12 06:12 - 2012-06-01 20:39 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-07-12 06:12 - 2012-06-01 20:34 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-07-09 06:13 - 2012-07-16 08:18 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-07 18:25 - 2012-07-07 18:25 - 00000000 ____D C:\Users\user\Desktop\me3 soundtrack
2012-07-07 18:22 - 2012-07-07 18:24 - 177164651 ____A C:\Users\user\Downloads\ME3ECSoundtrack.zip
2012-07-07 17:58 - 2012-07-16 08:18 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-07 17:58 - 2012-07-07 17:58 - 03092640 ____A (Adobe Systems, Inc.) C:\Users\user\Downloads\install_flash_player_10_plugin.exe
2012-07-07 17:57 - 2012-07-07 17:57 - 00686792 ____A (Adobe Systems Incorporated) C:\Users\user\Downloads\uninstall_flash_player.exe
2012-06-27 12:45 - 2012-06-27 12:45 - 00001131 ____A C:\Users\user\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-24 04:55 - 2012-06-24 04:55 - 00000000 ____D C:\Users\user\AppData\Local\Macromedia
2012-06-22 06:22 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-22 06:22 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-22 06:22 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-22 06:22 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-22 06:22 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-22 06:22 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-22 06:22 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-22 06:22 - 2012-06-02 11:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-22 06:22 - 2012-06-02 11:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe

============ 3 Months Modified Files ========================

2012-07-20 14:16 - 2011-02-11 15:35 - 00043098 ____A C:\Windows\setupact.log
2012-07-20 14:16 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-20 13:33 - 2011-05-10 11:27 - 01243159 ____A C:\Windows\WindowsUpdate.log
2012-07-20 13:28 - 2012-07-20 13:28 - 04582461 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2012-07-20 13:18 - 2012-07-16 08:02 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-07-20 12:49 - 2012-07-16 18:11 - 02136664 ____A (Kaspersky Lab ZAO) C:\Users\user\Desktop\TDSSKiller.exe
2012-07-20 12:48 - 2012-07-20 12:48 - 02117152 ____A C:\Users\user\Desktop\tdsskiller.zip
2012-07-20 12:46 - 2012-07-20 12:46 - 00002040 ____A C:\Users\user\Desktop\aswMBR.txt
2012-07-20 12:46 - 2012-07-20 12:46 - 00000571 ____A C:\Users\user\Desktop\MBR.zip
2012-07-20 12:46 - 2012-07-20 12:46 - 00000512 ____A C:\Users\user\Desktop\MBR.dat
2012-07-20 12:40 - 2011-08-22 19:32 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-20 12:39 - 2012-07-20 12:39 - 04731392 ____A (AVAST Software) C:\Users\user\Desktop\aswMBR.exe
2012-07-20 04:03 - 2011-08-22 19:32 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-19 06:06 - 2012-07-19 06:06 - 00002361 ____A C:\Users\user\Desktop\Attach.zip
2012-07-19 06:05 - 2012-07-19 06:05 - 00061319 ____A C:\Users\user\Desktop\DDS.txt
2012-07-19 06:05 - 2012-07-19 06:05 - 00006004 ____A C:\Users\user\Desktop\Attach.txt
2012-07-18 15:55 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-07-18 15:55 - 2009-07-13 20:45 - 00021888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-07-18 15:50 - 2009-07-13 21:13 - 00727334 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-18 13:17 - 2012-07-18 13:16 - 00607260 ____R (Swearware) C:\Users\user\Desktop\dds.scr
2012-07-18 07:18 - 2012-07-18 07:18 - 00001111 ____A C:\Users\Public\Desktop\DriveImage XML.lnk
2012-07-18 07:12 - 2012-07-18 07:12 - 02013115 ____A C:\Users\user\Downloads\dixmlsetup.exe
2012-07-16 08:18 - 2012-07-09 06:13 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-07-16 08:18 - 2012-07-07 17:58 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-07-16 08:00 - 2010-11-20 19:47 - 00037380 ____A C:\Windows\PFRO.log
2012-07-12 23:20 - 2009-07-13 20:45 - 04991912 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-12 23:01 - 2011-05-10 09:24 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-12 11:30 - 2011-08-22 19:32 - 00002344 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-07-07 18:24 - 2012-07-07 18:22 - 177164651 ____A C:\Users\user\Downloads\ME3ECSoundtrack.zip
2012-07-07 17:58 - 2012-07-07 17:58 - 03092640 ____A (Adobe Systems, Inc.) C:\Users\user\Downloads\install_flash_player_10_plugin.exe
2012-07-07 17:57 - 2012-07-07 17:57 - 00686792 ____A (Adobe Systems Incorporated) C:\Users\user\Downloads\uninstall_flash_player.exe
2012-07-03 09:46 - 2011-05-25 07:52 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-27 12:45 - 2012-06-27 12:45 - 00001131 ____A C:\Users\user\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-11 19:08 - 2012-07-12 23:02 - 03148800 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-11 10:59 - 2012-06-11 10:59 - 10248192 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2012-06-11 10:35 - 2012-06-11 10:35 - 00070144 ____A (AMD) C:\Windows\System32\coinst_8.98.dll
2012-06-11 10:29 - 2012-06-11 10:29 - 24826368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2012-06-11 10:00 - 2012-06-11 10:00 - 20467712 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2012-06-11 09:50 - 2012-06-11 09:50 - 16457728 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\amdocl64.dll
2012-06-11 09:50 - 2012-06-11 09:50 - 00187392 ____A C:\Windows\System32\clinfo.exe
2012-06-11 09:50 - 2012-06-11 09:50 - 00075264 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\OpenVideo64.dll
2012-06-11 09:50 - 2012-06-11 09:50 - 00065024 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2012-06-11 09:50 - 2012-06-11 09:50 - 00063488 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\OVDecode64.dll
2012-06-11 09:50 - 2012-06-11 09:50 - 00056320 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2012-06-11 09:49 - 2012-06-11 09:49 - 13008896 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2012-06-11 09:26 - 2012-06-11 09:26 - 00263840 ____A C:\Windows\SysWOW64\atiapfxx.blb
2012-06-11 09:26 - 2012-06-11 09:26 - 00263840 ____A C:\Windows\System32\atiapfxx.blb
2012-06-11 09:25 - 2012-06-11 09:25 - 00163840 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2012-06-11 09:24 - 2011-11-09 19:16 - 00924160 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2012-06-11 09:23 - 2011-04-05 18:02 - 01090560 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\aticfx64.dll
2012-06-11 09:20 - 2012-06-11 09:20 - 00442368 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2012-06-11 09:19 - 2012-06-11 09:19 - 00532992 ____A (AMD) C:\Windows\System32\atieclxx.exe
2012-06-11 09:19 - 2012-06-11 09:19 - 00239616 ____A (AMD) C:\Windows\System32\atiesrxx.exe
2012-06-11 09:17 - 2012-06-11 09:17 - 00120320 ____A (AMD) C:\Windows\System32\atitmm64.dll
2012-06-11 09:17 - 2012-06-11 09:17 - 00059392 ____A (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2012-06-11 09:17 - 2012-06-11 09:17 - 00043520 ____A (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2012-06-11 09:17 - 2012-06-11 09:17 - 00021504 ____A (AMD) C:\Windows\System32\atimuixx.dll
2012-06-11 09:16 - 2011-11-09 19:06 - 06301696 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2012-06-11 09:01 - 2011-04-05 17:44 - 06914560 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atidxx64.dll
2012-06-11 08:51 - 2011-04-19 17:40 - 04246528 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd6a.dll
2012-06-11 08:50 - 2012-06-11 08:50 - 02936864 ____A C:\Windows\System32\atiumd6a.cap
2012-06-11 08:45 - 2012-06-11 08:45 - 15703040 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2012-06-11 08:45 - 2012-06-11 08:45 - 05480448 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2012-06-11 08:45 - 2012-06-11 08:45 - 00051200 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2012-06-11 08:45 - 2012-06-11 08:45 - 00046080 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2012-06-11 08:45 - 2012-06-11 08:45 - 00044544 ____A (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2012-06-11 08:45 - 2012-06-11 08:45 - 00044032 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2012-06-11 08:43 - 2012-06-11 08:43 - 04729344 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2012-06-11 08:41 - 2012-06-11 08:41 - 02971136 ____A C:\Windows\SysWOW64\atiumdva.cap
2012-06-11 08:40 - 2012-06-11 08:40 - 13277696 ____A (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2012-06-11 08:36 - 2011-04-19 17:31 - 06605824 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiumd64.dll
2012-06-11 08:27 - 2012-06-11 08:27 - 00539136 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2012-06-11 08:26 - 2012-06-11 08:26 - 00368640 ____A (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2012-06-11 08:26 - 2012-06-11 08:26 - 00367616 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2012-06-11 08:26 - 2012-06-11 08:26 - 00041984 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2012-06-11 08:26 - 2012-06-11 08:26 - 00033280 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2012-06-11 08:26 - 2012-06-11 08:26 - 00017920 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2012-06-11 08:26 - 2012-06-11 08:26 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2012-06-11 08:26 - 2012-06-11 08:26 - 00014848 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2012-06-11 08:25 - 2011-11-09 18:11 - 00042496 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2012-06-11 08:25 - 2011-04-19 17:21 - 00045056 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2012-06-11 08:25 - 2011-04-05 17:20 - 00054784 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2012-06-11 08:24 - 2012-06-11 08:24 - 00053248 ____A (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2012-06-11 08:24 - 2012-06-11 08:24 - 00032768 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2012-06-11 08:23 - 2012-06-11 08:23 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2012-06-11 08:23 - 2012-06-11 08:23 - 00056832 ____A (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2012-06-11 08:23 - 2012-06-11 08:23 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2012-06-11 08:23 - 2012-06-11 08:23 - 00056320 ____A (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2012-06-08 21:43 - 2012-07-12 06:12 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 20:41 - 2012-07-12 06:12 - 12873728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-05 22:06 - 2012-07-12 06:32 - 02004480 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-05 22:06 - 2012-07-12 06:32 - 01881600 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-05 22:02 - 2012-07-12 06:12 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\cdosys.dll
2012-06-05 21:05 - 2012-07-12 06:32 - 01390080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-05 21:05 - 2012-07-12 06:32 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-05 21:03 - 2012-07-12 06:12 - 00805376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2012-06-02 14:19 - 2012-06-22 06:22 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-22 06:22 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-22 06:22 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-22 06:22 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-22 06:22 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-22 06:22 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-22 06:22 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 11:19 - 2012-06-22 06:22 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 11:15 - 2012-06-22 06:22 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 04:49 - 2012-07-12 23:00 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 04:17 - 2012-07-12 23:00 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 04:12 - 2012-07-12 23:00 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 04:05 - 2012-07-12 23:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 04:05 - 2012-07-12 23:00 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 04:04 - 2012-07-12 23:00 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 04:04 - 2012-07-12 23:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 04:03 - 2012-07-12 23:00 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 04:01 - 2012-07-12 23:00 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 04:00 - 2012-07-12 23:00 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 03:59 - 2012-07-12 23:00 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 03:57 - 2012-07-12 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 03:57 - 2012-07-12 23:00 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 03:54 - 2012-07-12 23:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 01:07 - 2012-07-12 23:00 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 00:43 - 2012-07-12 23:00 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 00:33 - 2012-07-12 23:00 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 00:26 - 2012-07-12 23:00 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 00:25 - 2012-07-12 23:00 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 00:25 - 2012-07-12 23:00 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 00:23 - 2012-07-12 23:00 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 00:21 - 2012-07-12 23:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 00:20 - 2012-07-12 23:00 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 00:19 - 2012-07-12 23:00 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 00:19 - 2012-07-12 23:00 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 00:17 - 2012-07-12 23:00 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 00:16 - 2012-07-12 23:00 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 00:14 - 2012-07-12 23:00 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-01 21:50 - 2012-07-12 06:12 - 00458704 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-01 21:48 - 2012-07-12 06:12 - 00151920 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-01 21:48 - 2012-07-12 06:12 - 00095600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-01 21:45 - 2012-07-12 06:12 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-01 21:44 - 2012-07-12 06:12 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 20:40 - 2012-07-12 06:12 - 00225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 20:40 - 2012-07-12 06:12 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 20:39 - 2012-07-12 06:12 - 00219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 20:34 - 2012-07-12 06:12 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-06-01 10:02 - 2012-06-01 10:02 - 00135675 ____A C:\wubildr
2012-06-01 10:02 - 2012-06-01 10:02 - 00008192 ____A C:\wubildr.mbr
2012-06-01 09:51 - 2012-06-01 09:51 - 02504112 ____A C:\Users\user\Downloads\wubi.exe
2012-05-25 05:38 - 2012-05-25 05:38 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2012-05-25 05:38 - 2012-05-25 05:38 - 00348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2012-05-25 05:38 - 2012-05-25 05:38 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2012-05-25 05:38 - 2012-05-25 05:38 - 00198832 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2012-05-25 05:38 - 2012-05-25 05:38 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
2012-05-25 05:38 - 2012-05-25 05:38 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
2012-05-13 17:13 - 2012-05-13 17:12 - 00287048 ____A C:\Windows\msxml4-KB973688-enu.LOG
2012-05-12 07:26 - 2012-05-12 07:26 - 00294050 ____A C:\Windows\msxml4-KB954430-enu.LOG
2012-05-08 17:31 - 2011-05-10 09:15 - 00117192 ____A C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-04 03:06 - 2012-06-13 10:04 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-04 02:03 - 2012-06-13 10:04 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-04 02:03 - 2012-06-13 10:04 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-04-30 21:40 - 2012-06-13 10:04 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2012-04-27 19:55 - 2012-06-13 10:04 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-04-25 21:41 - 2012-06-13 10:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-04-25 21:41 - 2012-06-13 10:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-04-25 21:34 - 2012-06-13 10:04 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-04-23 21:37 - 2012-06-13 10:04 - 01462272 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-04-23 21:37 - 2012-06-13 10:04 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-04-23 21:37 - 2012-06-13 10:04 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-04-23 20:36 - 2012-06-13 10:04 - 01158656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-04-23 20:36 - 2012-06-13 10:04 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-04-23 20:36 - 2012-06-13 10:04 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll


ZeroAccess:
C:\Windows\Installer\{feb73443-5a28-5488-7ad6-378a0371ac07}
C:\Windows\Installer\{feb73443-5a28-5488-7ad6-378a0371ac07}\L
C:\Windows\Installer\{feb73443-5a28-5488-7ad6-378a0371ac07}\U

ZeroAccess:
C:\Users\user\AppData\Local\{feb73443-5a28-5488-7ad6-378a0371ac07}
C:\Users\user\AppData\Local\{feb73443-5a28-5488-7ad6-378a0371ac07}\@
C:\Users\user\AppData\Local\{feb73443-5a28-5488-7ad6-378a0371ac07}\L
C:\Users\user\AppData\Local\{feb73443-5a28-5488-7ad6-378a0371ac07}\U

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 8%
Total physical RAM: 12279.11 MB
Available physical RAM: 11280.39 MB
Total Pagefile: 12277.31 MB
Available Pagefile: 11266.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:1667.6 GB) (Free:1484.01 GB) NTFS
2 Drive d: () (Removable) (Total:0.12 GB) (Free:0.11 GB) FAT
3 Drive f: (Ubuntu) (Fixed) (Total:195.31 GB) (Free:191.62 GB) NTFS
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
10 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 1863 GB 1024 KB
Disk 1 Online 119 MB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 1667 GB 101 MB
Partition 3 Primary 195 GB 1667 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

==================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 1667 GB Healthy

==================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F Ubuntu NTFS Partition 195 GB Healthy

==================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 118 MB 16 KB

==================================================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 D FAT Removable 118 MB Healthy

==================================================================================

==========================================================

Last Boot: 2012-07-18 11:58

======================= End Of Log ==========================

Farbar Recovery Scan Tool Version: 20-07-2012 01
Ran by SYSTEM at 2012-07-20 19:40:34
Running from D:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

====== End Of Search ======

#12 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 06:50 PM

Rebooted after FRST and I still have the black screen.

#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 20 July 2012 - 06:55 PM

yes, I need to give you a fix with FRST to correct that, I'm just going over the logs, I will get back to you as soon as I can

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#14 adrianbeaky

adrianbeaky
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:11 AM

Posted 20 July 2012 - 06:59 PM

Haha, Ok. My bad. Look forward to hearing from you.

#15 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:05:11 AM

Posted 20 July 2012 - 09:36 PM

sorry I haven't gotten back to you yet, but I want to consult with an expert colleague to ensure I give you the right fix as there is more going on with your machine than first appears, there is an issue with bad services as well, so as soon as I hear back, I'll be back in touch, so please bear with me

thanks

in the mean time, please don't try anything else with the machine so we don't change the present environment, I'm sure this can be rescued, I just want to be cautious. Thanks for your understanding.

Edited by CatByte, 21 July 2012 - 04:15 PM.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users