Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keeps locking up and crashing Windows 7


  • This topic is locked This topic is locked
13 replies to this topic

#1 RonaldHamAP2

RonaldHamAP2

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 19 July 2012 - 07:53 PM

Hello

Im running Windows 7 sp1 and i have issues with my pc locking up and crashing very frequently i tried running malwarebytes and it locks up everytime at 32 minutes in some ridiculously long file name here is my HJT log can someone tell me whats wrong?


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:53:13 PM, on 7/19/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Logitech\Z-5 Speakers\Z-5 Speakers.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 74.208.105.171 gs.apple.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Z-5 Speakers] C:\Program Files (x86)\Logitech\Z-5 Speakers\Z-5 Speakers.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ronald Hamilton\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8388 bytes

BC AdBot (Login to Remove)

 


#2 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 21 July 2012 - 02:15 PM

running Microsoft Security Essentials anti virus also included is my tdss killer log

19:32:45.0185 0596 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
19:32:45.0451 0596 ============================================================
19:32:45.0451 0596 Current date / time: 2012/07/03 19:32:45.0451
19:32:45.0451 0596 SystemInfo:
19:32:45.0451 0596
19:32:45.0451 0596 OS Version: 6.1.7601 ServicePack: 1.0
19:32:45.0451 0596 Product type: Workstation
19:32:45.0451 0596 ComputerName: RONALDHAMILTON
19:32:45.0451 0596 UserName: Ronald Hamilton
19:32:45.0451 0596 Windows directory: C:\Windows
19:32:45.0451 0596 System windows directory: C:\Windows
19:32:45.0451 0596 Running under WOW64
19:32:45.0451 0596 Processor architecture: Intel x64
19:32:45.0451 0596 Number of processors: 2
19:32:45.0451 0596 Page size: 0x1000
19:32:45.0451 0596 Boot type: Normal boot
19:32:45.0451 0596 ============================================================
19:32:46.0714 0596 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:32:46.0730 0596 ============================================================
19:32:46.0730 0596 \Device\Harddisk0\DR0:
19:32:46.0730 0596 MBR partitions:
19:32:46.0730 0596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:32:46.0730 0596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x253C9800
19:32:46.0730 0596 ============================================================
19:32:46.0761 0596 C: <-> \Device\Harddisk0\DR0\Partition1
19:32:46.0761 0596 ============================================================
19:32:46.0761 0596 Initialize success
19:32:46.0761 0596 ============================================================
19:33:13.0003 1100 ============================================================
19:33:13.0003 1100 Scan started
19:33:13.0003 1100 Mode: Manual; SigCheck; TDLFS;
19:33:13.0003 1100 ============================================================
19:33:13.0330 1100 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:33:13.0424 1100 !SASCORE - ok
19:33:13.0751 1100 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:33:13.0861 1100 1394ohci - ok
19:33:13.0939 1100 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:33:13.0970 1100 ACPI - ok
19:33:14.0001 1100 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:33:14.0079 1100 AcpiPmi - ok
19:33:14.0188 1100 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:33:14.0219 1100 AdobeARMservice - ok
19:33:14.0453 1100 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:33:14.0500 1100 AdobeFlashPlayerUpdateSvc - ok
19:33:14.0609 1100 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:33:14.0656 1100 adp94xx - ok
19:33:14.0734 1100 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:33:14.0765 1100 adpahci - ok
19:33:14.0797 1100 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:33:14.0843 1100 adpu320 - ok
19:33:14.0875 1100 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:33:14.0953 1100 AeLookupSvc - ok
19:33:15.0046 1100 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:33:15.0140 1100 AFD - ok
19:33:15.0202 1100 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:33:15.0233 1100 agp440 - ok
19:33:15.0280 1100 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:33:15.0327 1100 ALG - ok
19:33:15.0389 1100 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:33:15.0421 1100 aliide - ok
19:33:15.0483 1100 AMD External Events Utility (850f0c8034225fa3f50d551a905fa503) C:\Windows\system32\atiesrxx.exe
19:33:15.0530 1100 AMD External Events Utility - ok
19:33:15.0623 1100 AMD FUEL Service - ok
19:33:15.0670 1100 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:33:15.0701 1100 amdide - ok
19:33:15.0748 1100 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:33:15.0779 1100 amdiox64 - ok
19:33:15.0826 1100 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:33:15.0920 1100 AmdK8 - ok
19:33:16.0762 1100 amdkmdag (7979bf4a66efdadf3d00a052409609b1) C:\Windows\system32\DRIVERS\atikmdag.sys
19:33:17.0105 1100 amdkmdag - ok
19:33:17.0371 1100 amdkmdap (7d5cdb0161e91951d3dd99e55cea4d01) C:\Windows\system32\DRIVERS\atikmpag.sys
19:33:17.0433 1100 amdkmdap - ok
19:33:17.0480 1100 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:33:17.0527 1100 AmdPPM - ok
19:33:17.0573 1100 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:33:17.0589 1100 amdsata - ok
19:33:17.0636 1100 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:33:17.0667 1100 amdsbs - ok
19:33:17.0683 1100 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:33:17.0714 1100 amdxata - ok
19:33:17.0761 1100 amd_sata (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
19:33:17.0792 1100 amd_sata - ok
19:33:17.0807 1100 amd_xata (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
19:33:17.0823 1100 amd_xata - ok
19:33:17.0885 1100 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:33:17.0995 1100 AppID - ok
19:33:18.0026 1100 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:33:18.0104 1100 AppIDSvc - ok
19:33:18.0166 1100 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:33:18.0260 1100 Appinfo - ok
19:33:18.0385 1100 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:33:18.0416 1100 Apple Mobile Device - ok
19:33:18.0463 1100 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:33:18.0525 1100 AppMgmt - ok
19:33:18.0572 1100 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:33:18.0603 1100 arc - ok
19:33:18.0634 1100 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:33:18.0650 1100 arcsas - ok
19:33:18.0681 1100 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:33:18.0759 1100 AsyncMac - ok
19:33:18.0821 1100 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:33:18.0853 1100 atapi - ok
19:33:18.0915 1100 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
19:33:18.0946 1100 AtiHDAudioService - ok
19:33:19.0071 1100 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:33:19.0165 1100 AudioEndpointBuilder - ok
19:33:19.0180 1100 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:33:19.0258 1100 AudioSrv - ok
19:33:19.0336 1100 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:33:19.0383 1100 AxInstSV - ok
19:33:19.0477 1100 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:33:19.0539 1100 b06bdrv - ok
19:33:19.0601 1100 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:33:19.0648 1100 b57nd60a - ok
19:33:19.0726 1100 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:33:19.0757 1100 BDESVC - ok
19:33:19.0789 1100 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:33:19.0851 1100 Beep - ok
19:33:20.0007 1100 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:33:20.0085 1100 BFE - ok
19:33:20.0210 1100 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:33:20.0319 1100 BITS - ok
19:33:20.0397 1100 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:33:20.0475 1100 blbdrive - ok
19:33:20.0615 1100 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:33:20.0647 1100 Bonjour Service - ok
19:33:20.0693 1100 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:33:20.0740 1100 bowser - ok
19:33:20.0771 1100 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:33:20.0881 1100 BrFiltLo - ok
19:33:20.0896 1100 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:33:20.0943 1100 BrFiltUp - ok
19:33:21.0005 1100 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:33:21.0083 1100 Browser - ok
19:33:21.0115 1100 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:33:21.0161 1100 Brserid - ok
19:33:21.0161 1100 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:33:21.0193 1100 BrSerWdm - ok
19:33:21.0224 1100 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:33:21.0286 1100 BrUsbMdm - ok
19:33:21.0286 1100 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:33:21.0349 1100 BrUsbSer - ok
19:33:21.0380 1100 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:33:21.0442 1100 BTHMODEM - ok
19:33:21.0520 1100 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:33:21.0583 1100 bthserv - ok
19:33:21.0645 1100 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:33:21.0723 1100 cdfs - ok
19:33:21.0801 1100 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:33:21.0848 1100 cdrom - ok
19:33:21.0910 1100 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:33:21.0988 1100 CertPropSvc - ok
19:33:22.0035 1100 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:33:22.0082 1100 circlass - ok
19:33:22.0175 1100 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:33:22.0207 1100 CLFS - ok
19:33:22.0300 1100 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:33:22.0331 1100 clr_optimization_v2.0.50727_32 - ok
19:33:22.0378 1100 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:33:22.0409 1100 clr_optimization_v2.0.50727_64 - ok
19:33:22.0487 1100 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:33:22.0519 1100 clr_optimization_v4.0.30319_32 - ok
19:33:22.0597 1100 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:33:22.0612 1100 clr_optimization_v4.0.30319_64 - ok
19:33:22.0659 1100 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:33:22.0690 1100 CmBatt - ok
19:33:22.0721 1100 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:33:22.0737 1100 cmdide - ok
19:33:22.0831 1100 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:33:22.0893 1100 CNG - ok
19:33:22.0940 1100 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:33:22.0971 1100 Compbatt - ok
19:33:23.0002 1100 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:33:23.0065 1100 CompositeBus - ok
19:33:23.0080 1100 COMSysApp - ok
19:33:23.0111 1100 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:33:23.0127 1100 crcdisk - ok
19:33:23.0205 1100 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:33:23.0252 1100 CryptSvc - ok
19:33:23.0345 1100 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:33:23.0423 1100 CSC - ok
19:33:23.0533 1100 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:33:23.0579 1100 CscService - ok
19:33:23.0689 1100 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:33:23.0782 1100 DcomLaunch - ok
19:33:23.0845 1100 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:33:23.0923 1100 defragsvc - ok
19:33:24.0016 1100 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:33:24.0094 1100 DfsC - ok
19:33:24.0188 1100 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:33:24.0266 1100 Dhcp - ok
19:33:24.0297 1100 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:33:24.0391 1100 discache - ok
19:33:24.0437 1100 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:33:24.0469 1100 Disk - ok
19:33:24.0515 1100 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:33:24.0547 1100 Dnscache - ok
19:33:24.0609 1100 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:33:24.0687 1100 dot3svc - ok
19:33:24.0734 1100 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:33:24.0812 1100 DPS - ok
19:33:24.0874 1100 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:33:24.0905 1100 drmkaud - ok
19:33:25.0046 1100 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:33:25.0093 1100 DXGKrnl - ok
19:33:25.0155 1100 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:33:25.0233 1100 EapHost - ok
19:33:25.0545 1100 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:33:25.0701 1100 ebdrv - ok
19:33:25.0888 1100 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:33:25.0935 1100 EFS - ok
19:33:26.0075 1100 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:33:26.0153 1100 ehRecvr - ok
19:33:26.0200 1100 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:33:26.0231 1100 ehSched - ok
19:33:26.0356 1100 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:33:26.0403 1100 elxstor - ok
19:33:26.0434 1100 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:33:26.0481 1100 ErrDev - ok
19:33:26.0559 1100 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:33:26.0637 1100 EventSystem - ok
19:33:26.0699 1100 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:33:26.0762 1100 exfat - ok
19:33:26.0809 1100 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:33:26.0902 1100 fastfat - ok
19:33:27.0043 1100 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:33:27.0089 1100 Fax - ok
19:33:27.0136 1100 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:33:27.0167 1100 fdc - ok
19:33:27.0214 1100 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:33:27.0277 1100 fdPHost - ok
19:33:27.0292 1100 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:33:27.0386 1100 FDResPub - ok
19:33:27.0417 1100 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:33:27.0433 1100 FileInfo - ok
19:33:27.0464 1100 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:33:27.0542 1100 Filetrace - ok
19:33:27.0573 1100 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:33:27.0589 1100 flpydisk - ok
19:33:27.0667 1100 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:33:27.0698 1100 FltMgr - ok
19:33:27.0838 1100 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:33:27.0885 1100 FontCache - ok
19:33:27.0994 1100 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:33:28.0025 1100 FontCache3.0.0.0 - ok
19:33:28.0088 1100 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:33:28.0103 1100 FsDepends - ok
19:33:28.0150 1100 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:33:28.0166 1100 Fs_Rec - ok
19:33:28.0244 1100 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:33:28.0275 1100 fvevol - ok
19:33:28.0322 1100 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:33:28.0353 1100 gagp30kx - ok
19:33:28.0384 1100 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:33:28.0415 1100 GEARAspiWDM - ok
19:33:28.0525 1100 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:33:28.0634 1100 gpsvc - ok
19:33:28.0743 1100 GPU-Z - ok
19:33:28.0805 1100 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:33:28.0883 1100 hcw85cir - ok
19:33:28.0946 1100 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:33:28.0993 1100 HdAudAddService - ok
19:33:29.0039 1100 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:33:29.0086 1100 HDAudBus - ok
19:33:29.0133 1100 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:33:29.0164 1100 HidBatt - ok
19:33:29.0180 1100 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:33:29.0227 1100 HidBth - ok
19:33:29.0227 1100 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:33:29.0289 1100 HidIr - ok
19:33:29.0320 1100 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:33:29.0398 1100 hidserv - ok
19:33:29.0461 1100 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:33:29.0492 1100 HidUsb - ok
19:33:29.0539 1100 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:33:29.0632 1100 hkmsvc - ok
19:33:29.0726 1100 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:33:29.0788 1100 HomeGroupListener - ok
19:33:29.0882 1100 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:33:29.0913 1100 HomeGroupProvider - ok
19:33:29.0991 1100 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:33:30.0007 1100 HpSAMD - ok
19:33:30.0116 1100 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:33:30.0225 1100 HTTP - ok
19:33:30.0272 1100 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:33:30.0287 1100 hwpolicy - ok
19:33:30.0365 1100 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:33:30.0397 1100 i8042prt - ok
19:33:30.0459 1100 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:33:30.0490 1100 iaStorV - ok
19:33:30.0787 1100 IconMan_R (634bcd82fb1ce4b475b3d64935f3d2cc) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:33:30.0865 1100 IconMan_R - ok
19:33:30.0927 1100 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:33:30.0943 1100 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:33:30.0943 1100 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:33:31.0145 1100 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:33:31.0208 1100 idsvc - ok
19:33:31.0364 1100 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:33:31.0411 1100 iirsp - ok
19:33:31.0535 1100 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:33:31.0645 1100 IKEEXT - ok
19:33:31.0707 1100 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:33:31.0738 1100 intelide - ok
19:33:31.0769 1100 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:33:31.0801 1100 intelppm - ok
19:33:31.0832 1100 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:33:31.0910 1100 IPBusEnum - ok
19:33:31.0957 1100 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:33:32.0035 1100 IpFilterDriver - ok
19:33:32.0128 1100 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:33:32.0222 1100 iphlpsvc - ok
19:33:32.0253 1100 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:33:32.0300 1100 IPMIDRV - ok
19:33:32.0362 1100 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:33:32.0440 1100 IPNAT - ok
19:33:32.0627 1100 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:33:32.0705 1100 iPod Service - ok
19:33:32.0752 1100 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:33:32.0846 1100 IRENUM - ok
19:33:32.0893 1100 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:33:32.0908 1100 isapnp - ok
19:33:32.0971 1100 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:33:33.0002 1100 iScsiPrt - ok
19:33:33.0033 1100 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:33:33.0064 1100 kbdclass - ok
19:33:33.0095 1100 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:33:33.0142 1100 kbdhid - ok
19:33:33.0189 1100 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:33:33.0205 1100 KeyIso - ok
19:33:33.0236 1100 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:33:33.0267 1100 KSecDD - ok
19:33:33.0283 1100 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:33:33.0314 1100 KSecPkg - ok
19:33:33.0345 1100 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:33:33.0423 1100 ksthunk - ok
19:33:33.0485 1100 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:33:33.0626 1100 KtmRm - ok
19:33:33.0704 1100 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:33:33.0813 1100 LanmanServer - ok
19:33:33.0860 1100 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:33:33.0938 1100 LanmanWorkstation - ok
19:33:34.0000 1100 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:33:34.0063 1100 lltdio - ok
19:33:34.0125 1100 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:33:34.0234 1100 lltdsvc - ok
19:33:34.0265 1100 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:33:34.0328 1100 lmhosts - ok
19:33:34.0375 1100 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:33:34.0406 1100 LSI_FC - ok
19:33:34.0453 1100 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:33:34.0468 1100 LSI_SAS - ok
19:33:34.0499 1100 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:33:34.0531 1100 LSI_SAS2 - ok
19:33:34.0562 1100 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:33:34.0593 1100 LSI_SCSI - ok
19:33:34.0624 1100 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:33:34.0718 1100 luafv - ok
19:33:34.0780 1100 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:33:34.0796 1100 MBAMProtector - ok
19:33:34.0967 1100 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:33:35.0014 1100 MBAMService - ok
19:33:35.0061 1100 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:33:35.0108 1100 Mcx2Svc - ok
19:33:35.0139 1100 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:33:35.0155 1100 megasas - ok
19:33:35.0217 1100 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:33:35.0248 1100 MegaSR - ok
19:33:35.0295 1100 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:33:35.0389 1100 MMCSS - ok
19:33:35.0404 1100 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:33:35.0482 1100 Modem - ok
19:33:35.0529 1100 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:33:35.0576 1100 monitor - ok
19:33:35.0623 1100 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:33:35.0638 1100 mouclass - ok
19:33:35.0685 1100 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:33:35.0732 1100 mouhid - ok
19:33:35.0794 1100 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:33:35.0825 1100 mountmgr - ok
19:33:35.0919 1100 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:33:35.0950 1100 MpFilter - ok
19:33:35.0997 1100 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:33:36.0028 1100 mpio - ok
19:33:36.0059 1100 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:33:36.0137 1100 mpsdrv - ok
19:33:36.0247 1100 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:33:36.0356 1100 MpsSvc - ok
19:33:36.0403 1100 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:33:36.0434 1100 MRxDAV - ok
19:33:36.0496 1100 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:33:36.0559 1100 mrxsmb - ok
19:33:36.0605 1100 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:33:36.0652 1100 mrxsmb10 - ok
19:33:36.0715 1100 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:33:36.0746 1100 mrxsmb20 - ok
19:33:36.0761 1100 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:33:36.0793 1100 msahci - ok
19:33:36.0839 1100 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:33:36.0855 1100 msdsm - ok
19:33:36.0902 1100 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:33:36.0949 1100 MSDTC - ok
19:33:36.0995 1100 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:33:37.0058 1100 Msfs - ok
19:33:37.0089 1100 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:33:37.0167 1100 mshidkmdf - ok
19:33:37.0198 1100 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:33:37.0214 1100 msisadrv - ok
19:33:37.0261 1100 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:33:37.0354 1100 MSiSCSI - ok
19:33:37.0370 1100 msiserver - ok
19:33:37.0417 1100 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:33:37.0495 1100 MSKSSRV - ok
19:33:37.0588 1100 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:33:37.0619 1100 MsMpSvc - ok
19:33:37.0651 1100 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:33:37.0729 1100 MSPCLOCK - ok
19:33:37.0760 1100 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:33:37.0838 1100 MSPQM - ok
19:33:37.0963 1100 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:33:38.0009 1100 MsRPC - ok
19:33:38.0056 1100 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:33:38.0072 1100 mssmbios - ok
19:33:38.0103 1100 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:33:38.0181 1100 MSTEE - ok
19:33:38.0197 1100 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:33:38.0228 1100 MTConfig - ok
19:33:38.0243 1100 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:33:38.0275 1100 Mup - ok
19:33:38.0368 1100 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:33:38.0446 1100 napagent - ok
19:33:38.0524 1100 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:33:38.0571 1100 NativeWifiP - ok
19:33:38.0680 1100 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:33:38.0743 1100 NDIS - ok
19:33:38.0758 1100 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:33:38.0821 1100 NdisCap - ok
19:33:38.0867 1100 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:33:38.0945 1100 NdisTapi - ok
19:33:39.0023 1100 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:33:39.0086 1100 Ndisuio - ok
19:33:39.0148 1100 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:33:39.0242 1100 NdisWan - ok
19:33:39.0289 1100 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:33:39.0351 1100 NDProxy - ok
19:33:39.0398 1100 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
19:33:39.0601 1100 Netaapl - ok
19:33:39.0710 1100 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:33:39.0813 1100 NetBIOS - ok
19:33:39.0891 1100 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:33:40.0057 1100 NetBT - ok
19:33:40.0121 1100 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:33:40.0178 1100 Netlogon - ok
19:33:40.0298 1100 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:33:40.0508 1100 Netman - ok
19:33:40.0689 1100 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:33:40.0986 1100 netprofm - ok
19:33:41.0254 1100 netr28x (570813483f26b5c8d984bca5bb70b50d) C:\Windows\system32\DRIVERS\netr28x.sys
19:33:41.0321 1100 netr28x - ok
19:33:41.0449 1100 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:33:41.0472 1100 NetTcpPortSharing - ok
19:33:41.0621 1100 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:33:41.0645 1100 nfrd960 - ok
19:33:41.0699 1100 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:33:41.0724 1100 NisDrv - ok
19:33:41.0871 1100 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:33:41.0920 1100 NisSrv - ok
19:33:42.0019 1100 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:33:42.0124 1100 NlaSvc - ok
19:33:42.0163 1100 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:33:42.0232 1100 Npfs - ok
19:33:42.0297 1100 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:33:42.0368 1100 nsi - ok
19:33:42.0445 1100 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:33:42.0513 1100 nsiproxy - ok
19:33:42.0706 1100 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:33:42.0811 1100 Ntfs - ok
19:33:42.0965 1100 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:33:43.0055 1100 Null - ok
19:33:43.0126 1100 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:33:43.0161 1100 nvraid - ok
19:33:43.0204 1100 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:33:43.0241 1100 nvstor - ok
19:33:43.0271 1100 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:33:43.0306 1100 nv_agp - ok
19:33:43.0351 1100 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:33:43.0391 1100 ohci1394 - ok
19:33:43.0454 1100 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:33:43.0502 1100 p2pimsvc - ok
19:33:43.0552 1100 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:33:43.0584 1100 p2psvc - ok
19:33:43.0620 1100 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:33:43.0648 1100 Parport - ok
19:33:43.0704 1100 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:33:43.0727 1100 partmgr - ok
19:33:43.0759 1100 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:33:43.0806 1100 PcaSvc - ok
19:33:43.0854 1100 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:33:43.0882 1100 pci - ok
19:33:43.0905 1100 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:33:43.0930 1100 pciide - ok
19:33:43.0987 1100 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:33:44.0015 1100 pcmcia - ok
19:33:44.0042 1100 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:33:44.0066 1100 pcw - ok
19:33:44.0132 1100 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:33:44.0238 1100 PEAUTH - ok
19:33:44.0379 1100 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:33:44.0457 1100 PeerDistSvc - ok
19:33:44.0561 1100 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:33:44.0603 1100 PerfHost - ok
19:33:44.0849 1100 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:33:44.0982 1100 pla - ok
19:33:45.0065 1100 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:33:45.0107 1100 PlugPlay - ok
19:33:45.0155 1100 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:33:45.0202 1100 PNRPAutoReg - ok
19:33:45.0275 1100 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:33:45.0305 1100 PNRPsvc - ok
19:33:45.0387 1100 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:33:45.0471 1100 PolicyAgent - ok
19:33:45.0526 1100 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:33:45.0602 1100 Power - ok
19:33:45.0692 1100 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:33:45.0774 1100 PptpMiniport - ok
19:33:45.0815 1100 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:33:45.0853 1100 Processor - ok
19:33:45.0960 1100 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:33:45.0988 1100 ProfSvc - ok
19:33:46.0022 1100 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:33:46.0046 1100 ProtectedStorage - ok
19:33:46.0123 1100 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:33:46.0199 1100 Psched - ok
19:33:46.0379 1100 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:33:46.0472 1100 ql2300 - ok
19:33:46.0639 1100 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:33:46.0685 1100 ql40xx - ok
19:33:46.0763 1100 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:33:46.0810 1100 QWAVE - ok
19:33:46.0826 1100 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:33:46.0857 1100 QWAVEdrv - ok
19:33:46.0873 1100 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:33:46.0951 1100 RasAcd - ok
19:33:46.0997 1100 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:33:47.0075 1100 RasAgileVpn - ok
19:33:47.0107 1100 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:33:47.0185 1100 RasAuto - ok
19:33:47.0247 1100 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:33:47.0325 1100 Rasl2tp - ok
19:33:47.0403 1100 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:33:47.0481 1100 RasMan - ok
19:33:47.0528 1100 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:33:47.0606 1100 RasPppoe - ok
19:33:47.0621 1100 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:33:47.0699 1100 RasSstp - ok
19:33:47.0777 1100 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:33:47.0855 1100 rdbss - ok
19:33:47.0902 1100 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:33:47.0933 1100 rdpbus - ok
19:33:47.0933 1100 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:33:48.0011 1100 RDPCDD - ok
19:33:48.0074 1100 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:33:48.0121 1100 RDPDR - ok
19:33:48.0136 1100 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:33:48.0230 1100 RDPENCDD - ok
19:33:48.0261 1100 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:33:48.0323 1100 RDPREFMP - ok
19:33:48.0401 1100 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:33:48.0448 1100 RDPWD - ok
19:33:48.0526 1100 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:33:48.0542 1100 rdyboost - ok
19:33:48.0589 1100 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:33:48.0667 1100 RemoteAccess - ok
19:33:48.0713 1100 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:33:48.0807 1100 RemoteRegistry - ok
19:33:48.0838 1100 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:33:48.0916 1100 RpcEptMapper - ok
19:33:48.0947 1100 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:33:48.0963 1100 RpcLocator - ok
19:33:49.0057 1100 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:33:49.0135 1100 RpcSs - ok
19:33:49.0213 1100 RSPCIESTOR (c897d551ee0dfcd8e638bf78e21d4d7f) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:33:49.0259 1100 RSPCIESTOR - ok
19:33:49.0306 1100 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:33:49.0384 1100 rspndr - ok
19:33:49.0462 1100 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:33:49.0509 1100 RTL8167 - ok
19:33:49.0540 1100 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:33:49.0603 1100 s3cap - ok
19:33:49.0634 1100 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:33:49.0649 1100 SamSs - ok
19:33:49.0805 1100 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:33:49.0837 1100 SASDIFSV - ok
19:33:49.0883 1100 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:33:49.0899 1100 SASKUTIL - ok
19:33:49.0930 1100 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:33:49.0961 1100 sbp2port - ok
19:33:50.0008 1100 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:33:50.0102 1100 SCardSvr - ok
19:33:50.0149 1100 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:33:50.0227 1100 scfilter - ok
19:33:50.0367 1100 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:33:50.0461 1100 Schedule - ok
19:33:50.0523 1100 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:33:50.0585 1100 SCPolicySvc - ok
19:33:50.0617 1100 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:33:50.0679 1100 SDRSVC - ok
19:33:50.0757 1100 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:33:50.0851 1100 secdrv - ok
19:33:50.0897 1100 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:33:50.0975 1100 seclogon - ok
19:33:51.0007 1100 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:33:51.0069 1100 SENS - ok
19:33:51.0085 1100 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:33:51.0163 1100 SensrSvc - ok
19:33:51.0209 1100 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:33:51.0256 1100 Serenum - ok
19:33:51.0287 1100 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:33:51.0319 1100 Serial - ok
19:33:51.0365 1100 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:33:51.0412 1100 sermouse - ok
19:33:51.0490 1100 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:33:51.0568 1100 SessionEnv - ok
19:33:51.0599 1100 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:33:51.0646 1100 sffdisk - ok
19:33:51.0677 1100 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:33:51.0709 1100 sffp_mmc - ok
19:33:51.0740 1100 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:33:51.0787 1100 sffp_sd - ok
19:33:51.0833 1100 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:33:51.0880 1100 sfloppy - ok
19:33:51.0989 1100 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:33:52.0099 1100 SharedAccess - ok
19:33:52.0192 1100 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:33:52.0286 1100 ShellHWDetection - ok
19:33:52.0317 1100 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:33:52.0333 1100 SiSRaid2 - ok
19:33:52.0379 1100 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:33:52.0411 1100 SiSRaid4 - ok
19:33:52.0457 1100 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:33:52.0520 1100 Smb - ok
19:33:52.0567 1100 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:33:52.0613 1100 SNMPTRAP - ok
19:33:52.0645 1100 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:33:52.0676 1100 spldr - ok
19:33:52.0769 1100 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:33:52.0847 1100 Spooler - ok
19:33:53.0191 1100 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:33:53.0347 1100 sppsvc - ok
19:33:53.0503 1100 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:33:53.0596 1100 sppuinotify - ok
19:33:53.0705 1100 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:33:53.0783 1100 srv - ok
19:33:53.0830 1100 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:33:53.0877 1100 srv2 - ok
19:33:53.0939 1100 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:33:54.0033 1100 srvnet - ok
19:33:54.0298 1100 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:33:54.0439 1100 SSDPSRV - ok
19:33:54.0485 1100 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:33:54.0548 1100 SstpSvc - ok
19:33:54.0735 1100 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
19:33:54.0813 1100 STacSV - ok
19:33:54.0907 1100 Steam Client Service - ok
19:33:55.0000 1100 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:33:55.0047 1100 stexstor - ok
19:33:55.0203 1100 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
19:33:55.0250 1100 STHDA - ok
19:33:55.0437 1100 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:33:55.0515 1100 stisvc - ok
19:33:55.0546 1100 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:33:55.0577 1100 storflt - ok
19:33:55.0624 1100 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
19:33:55.0687 1100 StorSvc - ok
19:33:55.0718 1100 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:33:55.0749 1100 storvsc - ok
19:33:55.0765 1100 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:33:55.0796 1100 swenum - ok
19:33:55.0874 1100 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:33:56.0014 1100 swprv - ok
19:33:56.0248 1100 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
19:33:56.0279 1100 SynTP - ok
19:33:56.0529 1100 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:33:56.0638 1100 SysMain - ok
19:33:56.0794 1100 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:33:56.0872 1100 TabletInputService - ok
19:33:56.0966 1100 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:33:57.0091 1100 TapiSrv - ok
19:33:57.0137 1100 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:33:57.0215 1100 TBS - ok
19:33:57.0527 1100 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:33:57.0652 1100 Tcpip - ok
19:33:58.0105 1100 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:33:58.0167 1100 TCPIP6 - ok
19:33:58.0354 1100 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:33:58.0448 1100 tcpipreg - ok
19:33:58.0495 1100 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:33:58.0526 1100 TDPIPE - ok
19:33:58.0573 1100 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:33:58.0619 1100 TDTCP - ok
19:33:58.0682 1100 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:33:58.0744 1100 tdx - ok
19:33:58.0791 1100 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:33:58.0807 1100 TermDD - ok
19:33:58.0885 1100 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:33:58.0978 1100 TermService - ok
19:33:59.0025 1100 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:33:59.0103 1100 Themes - ok
19:33:59.0165 1100 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:33:59.0228 1100 THREADORDER - ok
19:33:59.0259 1100 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:33:59.0337 1100 TrkWks - ok
19:33:59.0431 1100 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:33:59.0540 1100 TrustedInstaller - ok
19:33:59.0587 1100 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:33:59.0649 1100 tssecsrv - ok
19:33:59.0727 1100 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:33:59.0805 1100 TsUsbFlt - ok
19:33:59.0930 1100 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:34:00.0008 1100 tunnel - ok
19:34:00.0055 1100 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:34:00.0086 1100 uagp35 - ok
19:34:00.0164 1100 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:34:00.0242 1100 udfs - ok
19:34:00.0289 1100 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:34:00.0304 1100 UI0Detect - ok
19:34:00.0351 1100 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:34:00.0382 1100 uliagpkx - ok
19:34:00.0429 1100 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:34:00.0476 1100 umbus - ok
19:34:00.0507 1100 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:34:00.0554 1100 UmPass - ok
19:34:00.0601 1100 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:34:00.0632 1100 UmRdpService - ok
19:34:00.0710 1100 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:34:00.0835 1100 upnphost - ok
19:34:00.0897 1100 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:34:00.0959 1100 USBAAPL64 - ok
19:34:01.0022 1100 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:34:01.0053 1100 usbaudio - ok
19:34:01.0100 1100 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:34:01.0147 1100 usbccgp - ok
19:34:01.0193 1100 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:34:01.0225 1100 usbcir - ok
19:34:01.0271 1100 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:34:01.0303 1100 usbehci - ok
19:34:01.0381 1100 usbfilter (b7037444dc5138fc7d3d3968b4de5c4b) C:\Windows\system32\DRIVERS\usbfilter.sys
19:34:01.0396 1100 usbfilter - ok
19:34:01.0459 1100 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:34:01.0505 1100 usbhub - ok
19:34:01.0537 1100 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:34:01.0568 1100 usbohci - ok
19:34:01.0583 1100 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:34:01.0630 1100 usbprint - ok
19:34:01.0661 1100 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:34:01.0693 1100 USBSTOR - ok
19:34:01.0755 1100 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:34:01.0802 1100 usbuhci - ok
19:34:01.0895 1100 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:34:01.0942 1100 usbvideo - ok
19:34:01.0989 1100 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:34:02.0067 1100 UxSms - ok
19:34:02.0145 1100 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:34:02.0161 1100 VaultSvc - ok
19:34:02.0239 1100 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:34:02.0254 1100 vdrvroot - ok
19:34:02.0410 1100 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:34:02.0504 1100 vds - ok
19:34:02.0535 1100 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:34:02.0566 1100 vga - ok
19:34:02.0597 1100 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:34:02.0675 1100 VgaSave - ok
19:34:02.0753 1100 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:34:02.0785 1100 vhdmp - ok
19:34:02.0816 1100 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:34:02.0831 1100 viaide - ok
19:34:02.0863 1100 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:34:02.0894 1100 vmbus - ok
19:34:02.0925 1100 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:34:02.0941 1100 VMBusHID - ok
19:34:02.0972 1100 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:34:02.0987 1100 volmgr - ok
19:34:03.0065 1100 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:34:03.0097 1100 volmgrx - ok
19:34:03.0143 1100 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:34:03.0175 1100 volsnap - ok
19:34:03.0253 1100 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:34:03.0284 1100 vsmraid - ok
19:34:03.0471 1100 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:34:03.0643 1100 VSS - ok
19:34:03.0799 1100 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:34:03.0877 1100 vwifibus - ok
19:34:03.0908 1100 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:34:03.0955 1100 vwififlt - ok
19:34:04.0064 1100 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:34:04.0157 1100 W32Time - ok
19:34:04.0189 1100 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:34:04.0220 1100 WacomPen - ok
19:34:04.0282 1100 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:34:04.0376 1100 WANARP - ok
19:34:04.0376 1100 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:34:04.0454 1100 Wanarpv6 - ok
19:34:04.0625 1100 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:34:04.0688 1100 WatAdminSvc - ok
19:34:04.0891 1100 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:34:05.0031 1100 wbengine - ok
19:34:05.0187 1100 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:34:05.0234 1100 WbioSrvc - ok
19:34:05.0312 1100 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:34:05.0359 1100 wcncsvc - ok
19:34:05.0374 1100 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:34:05.0421 1100 WcsPlugInService - ok
19:34:05.0499 1100 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:34:05.0546 1100 Wd - ok
19:34:05.0624 1100 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:34:05.0671 1100 Wdf01000 - ok
19:34:05.0717 1100 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:34:05.0780 1100 WdiServiceHost - ok
19:34:05.0780 1100 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:34:05.0811 1100 WdiSystemHost - ok
19:34:05.0905 1100 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:34:05.0967 1100 WebClient - ok
19:34:06.0029 1100 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:34:06.0123 1100 Wecsvc - ok
19:34:06.0185 1100 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:34:06.0279 1100 wercplsupport - ok
19:34:06.0326 1100 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:34:06.0404 1100 WerSvc - ok
19:34:06.0482 1100 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:34:06.0575 1100 WfpLwf - ok
19:34:06.0591 1100 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:34:06.0622 1100 WIMMount - ok
19:34:06.0638 1100 WinDefend - ok
19:34:06.0653 1100 WinHttpAutoProxySvc - ok
19:34:06.0747 1100 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:34:06.0841 1100 Winmgmt - ok
19:34:07.0059 1100 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:34:07.0215 1100 WinRM - ok
19:34:07.0433 1100 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:34:07.0465 1100 WinUsb - ok
19:34:07.0605 1100 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:34:07.0667 1100 Wlansvc - ok
19:34:07.0683 1100 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:34:07.0714 1100 WmiAcpi - ok
19:34:07.0808 1100 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:34:07.0855 1100 wmiApSrv - ok
19:34:07.0886 1100 WMPNetworkSvc - ok
19:34:07.0948 1100 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:34:07.0979 1100 WPCSvc - ok
19:34:08.0026 1100 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:34:08.0057 1100 WPDBusEnum - ok
19:34:08.0104 1100 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:34:08.0167 1100 ws2ifsl - ok
19:34:08.0213 1100 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:34:08.0260 1100 wscsvc - ok
19:34:08.0260 1100 WSearch - ok
19:34:08.0541 1100 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:34:08.0635 1100 wuauserv - ok
19:34:08.0822 1100 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:34:08.0900 1100 WudfPf - ok
19:34:08.0978 1100 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:34:09.0071 1100 WUDFRd - ok
19:34:09.0134 1100 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:34:09.0196 1100 wudfsvc - ok
19:34:09.0243 1100 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:34:09.0305 1100 WwanSvc - ok
19:34:09.0337 1100 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:34:09.0851 1100 \Device\Harddisk0\DR0 - ok
19:34:09.0867 1100 Boot (0x1200) (8ba113d8135104f0e8e22197450a1070) \Device\Harddisk0\DR0\Partition0
19:34:09.0867 1100 \Device\Harddisk0\DR0\Partition0 - ok
19:34:09.0914 1100 Boot (0x1200) (2f6043b3a5185e9eb77ee9f8aa14da90) \Device\Harddisk0\DR0\Partition1
19:34:09.0914 1100 \Device\Harddisk0\DR0\Partition1 - ok
19:34:09.0914 1100 ============================================================
19:34:09.0914 1100 Scan finished
19:34:09.0914 1100 ============================================================
19:34:09.0945 4008 Detected object count: 1
19:34:09.0945 4008 Actual detected object count: 1
19:35:54.0061 4008 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:35:54.0061 4008 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:36:30.0031 3492 ============================================================
19:36:30.0031 3492 Scan started
19:36:30.0031 3492 Mode: Manual; SigCheck; TDLFS;
19:36:30.0031 3492 ============================================================
19:36:30.0327 3492 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:36:30.0374 3492 !SASCORE - ok
19:36:30.0499 3492 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:36:30.0546 3492 1394ohci - ok
19:36:30.0608 3492 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:36:30.0639 3492 ACPI - ok
19:36:30.0671 3492 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:36:30.0702 3492 AcpiPmi - ok
19:36:30.0780 3492 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:36:30.0811 3492 AdobeARMservice - ok
19:36:30.0983 3492 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:36:31.0014 3492 AdobeFlashPlayerUpdateSvc - ok
19:36:31.0092 3492 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:36:31.0123 3492 adp94xx - ok
19:36:31.0185 3492 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:36:31.0217 3492 adpahci - ok
19:36:31.0248 3492 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:36:31.0263 3492 adpu320 - ok
19:36:31.0310 3492 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:36:31.0373 3492 AeLookupSvc - ok
19:36:31.0466 3492 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:36:31.0497 3492 AFD - ok
19:36:31.0544 3492 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:36:31.0560 3492 agp440 - ok
19:36:31.0591 3492 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:36:31.0622 3492 ALG - ok
19:36:31.0638 3492 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:36:31.0669 3492 aliide - ok
19:36:31.0716 3492 AMD External Events Utility (850f0c8034225fa3f50d551a905fa503) C:\Windows\system32\atiesrxx.exe
19:36:31.0747 3492 AMD External Events Utility - ok
19:36:31.0841 3492 AMD FUEL Service - ok
19:36:31.0872 3492 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:36:31.0903 3492 amdide - ok
19:36:31.0950 3492 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:36:31.0981 3492 amdiox64 - ok
19:36:32.0028 3492 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:36:32.0043 3492 AmdK8 - ok
19:36:32.0839 3492 amdkmdag (7979bf4a66efdadf3d00a052409609b1) C:\Windows\system32\DRIVERS\atikmdag.sys
19:36:33.0042 3492 amdkmdag - ok
19:36:33.0245 3492 amdkmdap (7d5cdb0161e91951d3dd99e55cea4d01) C:\Windows\system32\DRIVERS\atikmpag.sys
19:36:33.0291 3492 amdkmdap - ok
19:36:33.0323 3492 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:36:33.0338 3492 AmdPPM - ok
19:36:33.0385 3492 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:36:33.0401 3492 amdsata - ok
19:36:33.0447 3492 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:36:33.0479 3492 amdsbs - ok
19:36:33.0494 3492 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:36:33.0525 3492 amdxata - ok
19:36:33.0557 3492 amd_sata (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
19:36:33.0588 3492 amd_sata - ok
19:36:33.0603 3492 amd_xata (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
19:36:33.0635 3492 amd_xata - ok
19:36:33.0681 3492 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:36:33.0744 3492 AppID - ok
19:36:33.0775 3492 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:36:33.0837 3492 AppIDSvc - ok
19:36:33.0884 3492 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:36:33.0947 3492 Appinfo - ok
19:36:34.0056 3492 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:36:34.0071 3492 Apple Mobile Device - ok
19:36:34.0134 3492 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:36:34.0165 3492 AppMgmt - ok
19:36:34.0196 3492 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:36:34.0227 3492 arc - ok
19:36:34.0259 3492 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:36:34.0274 3492 arcsas - ok
19:36:34.0290 3492 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:36:34.0368 3492 AsyncMac - ok
19:36:34.0399 3492 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:36:34.0415 3492 atapi - ok
19:36:34.0461 3492 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
19:36:34.0493 3492 AtiHDAudioService - ok
19:36:34.0649 3492 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:36:34.0742 3492 AudioEndpointBuilder - ok
19:36:34.0758 3492 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:36:34.0820 3492 AudioSrv - ok
19:36:34.0883 3492 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:36:34.0914 3492 AxInstSV - ok
19:36:34.0992 3492 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:36:35.0039 3492 b06bdrv - ok
19:36:35.0070 3492 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:36:35.0101 3492 b57nd60a - ok
19:36:35.0148 3492 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:36:35.0163 3492 BDESVC - ok
19:36:35.0179 3492 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:36:35.0241 3492 Beep - ok
19:36:35.0335 3492 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:36:35.0413 3492 BFE - ok
19:36:35.0538 3492 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:36:35.0631 3492 BITS - ok
19:36:35.0709 3492 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:36:35.0725 3492 blbdrive - ok
19:36:35.0850 3492 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:36:35.0881 3492 Bonjour Service - ok
19:36:35.0928 3492 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:36:35.0959 3492 bowser - ok
19:36:35.0990 3492 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:36:36.0021 3492 BrFiltLo - ok
19:36:36.0021 3492 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:36:36.0053 3492 BrFiltUp - ok
19:36:36.0115 3492 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:36:36.0177 3492 Browser - ok
19:36:36.0209 3492 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:36:36.0240 3492 Brserid - ok
19:36:36.0255 3492 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:36:36.0287 3492 BrSerWdm - ok
19:36:36.0287 3492 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:36:36.0318 3492 BrUsbMdm - ok
19:36:36.0333 3492 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:36:36.0349 3492 BrUsbSer - ok
19:36:36.0365 3492 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:36:36.0396 3492 BTHMODEM - ok
19:36:36.0443 3492 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:36:36.0521 3492 bthserv - ok
19:36:36.0536 3492 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:36:36.0614 3492 cdfs - ok
19:36:36.0645 3492 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:36:36.0677 3492 cdrom - ok
19:36:36.0739 3492 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:36:36.0801 3492 CertPropSvc - ok
19:36:36.0817 3492 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:36:36.0848 3492 circlass - ok
19:36:36.0911 3492 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:36:36.0942 3492 CLFS - ok
19:36:37.0035 3492 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:36:37.0051 3492 clr_optimization_v2.0.50727_32 - ok
19:36:37.0113 3492 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:36:37.0129 3492 clr_optimization_v2.0.50727_64 - ok
19:36:37.0223 3492 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:36:37.0238 3492 clr_optimization_v4.0.30319_32 - ok
19:36:37.0301 3492 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:36:37.0332 3492 clr_optimization_v4.0.30319_64 - ok
19:36:37.0347 3492 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:36:37.0363 3492 CmBatt - ok
19:36:37.0394 3492 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:36:37.0410 3492 cmdide - ok
19:36:37.0488 3492 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:36:37.0550 3492 CNG - ok
19:36:37.0597 3492 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:36:37.0613 3492 Compbatt - ok
19:36:37.0659 3492 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:36:37.0675 3492 CompositeBus - ok
19:36:37.0691 3492 COMSysApp - ok
19:36:37.0706 3492 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:36:37.0737 3492 crcdisk - ok
19:36:37.0800 3492 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:36:37.0831 3492 CryptSvc - ok
19:36:37.0925 3492 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:36:37.0956 3492 CSC - ok
19:36:38.0081 3492 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:36:38.0112 3492 CscService - ok
19:36:38.0190 3492 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:36:38.0268 3492 DcomLaunch - ok
19:36:38.0330 3492 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:36:38.0408 3492 defragsvc - ok
19:36:38.0486 3492 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:36:38.0564 3492 DfsC - ok
19:36:38.0642 3492 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:36:38.0720 3492 Dhcp - ok
19:36:38.0751 3492 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:36:38.0814 3492 discache - ok
19:36:38.0845 3492 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:36:38.0876 3492 Disk - ok
19:36:38.0923 3492 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:36:38.0939 3492 Dnscache - ok
19:36:39.0017 3492 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:36:39.0079 3492 dot3svc - ok
19:36:39.0141 3492 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:36:39.0204 3492 DPS - ok
19:36:39.0235 3492 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:36:39.0266 3492 drmkaud - ok
19:36:39.0407 3492 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:36:39.0453 3492 DXGKrnl - ok
19:36:39.0500 3492 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:36:39.0563 3492 EapHost - ok
19:36:39.0875 3492 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:36:39.0953 3492 ebdrv - ok
19:36:40.0109 3492 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:36:40.0140 3492 EFS - ok
19:36:40.0296 3492 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:36:40.0343 3492 ehRecvr - ok
19:36:40.0389 3492 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:36:40.0421 3492 ehSched - ok
19:36:40.0545 3492 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:36:40.0577 3492 elxstor - ok
19:36:40.0608 3492 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:36:40.0639 3492 ErrDev - ok
19:36:40.0717 3492 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:36:40.0811 3492 EventSystem - ok
19:36:40.0842 3492 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:36:40.0904 3492 exfat - ok
19:36:40.0951 3492 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:36:41.0013 3492 fastfat - ok
19:36:41.0123 3492 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:36:41.0169 3492 Fax - ok
19:36:41.0185 3492 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:36:41.0201 3492 fdc - ok
19:36:41.0247 3492 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:36:41.0310 3492 fdPHost - ok
19:36:41.0325 3492 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:36:41.0388 3492 FDResPub - ok
19:36:41.0419 3492 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:36:41.0435 3492 FileInfo - ok
19:36:41.0466 3492 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:36:41.0528 3492 Filetrace - ok
19:36:41.0544 3492 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:36:41.0575 3492 flpydisk - ok
19:36:41.0637 3492 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:36:41.0669 3492 FltMgr - ok
19:36:41.0825 3492 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:36:41.0871 3492 FontCache - ok
19:36:41.0981 3492 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:36:42.0027 3492 FontCache3.0.0.0 - ok
19:36:42.0090 3492 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:36:42.0105 3492 FsDepends - ok
19:36:42.0152 3492 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:36:42.0168 3492 Fs_Rec - ok
19:36:42.0230 3492 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:36:42.0261 3492 fvevol - ok
19:36:42.0293 3492 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:36:42.0308 3492 gagp30kx - ok
19:36:42.0355 3492 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:36:42.0371 3492 GEARAspiWDM - ok
19:36:42.0495 3492 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:36:42.0573 3492 gpsvc - ok
19:36:42.0714 3492 GPU-Z - ok
19:36:42.0761 3492 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:36:42.0792 3492 hcw85cir - ok
19:36:42.0870 3492 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:36:42.0901 3492 HdAudAddService - ok
19:36:42.0932 3492 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:36:42.0963 3492 HDAudBus - ok
19:36:42.0979 3492 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:36:42.0995 3492 HidBatt - ok
19:36:43.0010 3492 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:36:43.0041 3492 HidBth - ok
19:36:43.0057 3492 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:36:43.0088 3492 HidIr - ok
19:36:43.0119 3492 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:36:43.0182 3492 hidserv - ok
19:36:43.0213 3492 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:36:43.0229 3492 HidUsb - ok
19:36:43.0275 3492 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:36:43.0353 3492 hkmsvc - ok
19:36:43.0431 3492 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:36:43.0447 3492 HomeGroupListener - ok
19:36:43.0509 3492 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:36:43.0541 3492 HomeGroupProvider - ok
19:36:43.0572 3492 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:36:43.0603 3492 HpSAMD - ok
19:36:43.0712 3492 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:36:43.0790 3492 HTTP - ok
19:36:43.0853 3492 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:36:43.0884 3492 hwpolicy - ok
19:36:43.0899 3492 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:36:43.0931 3492 i8042prt - ok
19:36:43.0993 3492 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:36:44.0024 3492 iaStorV - ok
19:36:44.0367 3492 IconMan_R (634bcd82fb1ce4b475b3d64935f3d2cc) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:36:44.0445 3492 IconMan_R - ok
19:36:44.0508 3492 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:36:44.0523 3492 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:36:44.0523 3492 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:36:44.0726 3492 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:36:44.0789 3492 idsvc - ok
19:36:44.0913 3492 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:36:44.0945 3492 iirsp - ok
19:36:45.0069 3492 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:36:45.0147 3492 IKEEXT - ok
19:36:45.0194 3492 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:36:45.0210 3492 intelide - ok
19:36:45.0241 3492 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:36:45.0257 3492 intelppm - ok
19:36:45.0303 3492 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:36:45.0366 3492 IPBusEnum - ok
19:36:45.0413 3492 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:36:45.0475 3492 IpFilterDriver - ok
19:36:45.0569 3492 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:36:45.0647 3492 iphlpsvc - ok
19:36:45.0678 3492 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:36:45.0709 3492 IPMIDRV - ok
19:36:45.0740 3492 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:36:45.0818 3492 IPNAT - ok
19:36:45.0990 3492 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:36:46.0037 3492 iPod Service - ok
19:36:46.0068 3492 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:36:46.0099 3492 IRENUM - ok
19:36:46.0130 3492 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:36:46.0146 3492 isapnp - ok
19:36:46.0208 3492 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:36:46.0239 3492 iScsiPrt - ok
19:36:46.0255 3492 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:36:46.0271 3492 kbdclass - ok
19:36:46.0317 3492 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:36:46.0349 3492 kbdhid - ok
19:36:46.0395 3492 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:46.0411 3492 KeyIso - ok
19:36:46.0442 3492 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:36:46.0473 3492 KSecDD - ok
19:36:46.0505 3492 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:36:46.0536 3492 KSecPkg - ok
19:36:46.0567 3492 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:36:46.0645 3492 ksthunk - ok
19:36:46.0707 3492 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:36:46.0785 3492 KtmRm - ok
19:36:46.0848 3492 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:36:46.0910 3492 LanmanServer - ok
19:36:46.0973 3492 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:36:47.0051 3492 LanmanWorkstation - ok
19:36:47.0066 3492 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:36:47.0144 3492 lltdio - ok
19:36:47.0207 3492 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:36:47.0285 3492 lltdsvc - ok
19:36:47.0300 3492 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:36:47.0378 3492 lmhosts - ok
19:36:47.0409 3492 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:36:47.0425 3492 LSI_FC - ok
19:36:47.0472 3492 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:36:47.0503 3492 LSI_SAS - ok
19:36:47.0519 3492 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:36:47.0550 3492 LSI_SAS2 - ok
19:36:47.0581 3492 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:36:47.0612 3492 LSI_SCSI - ok
19:36:47.0643 3492 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:36:47.0706 3492 luafv - ok
19:36:47.0737 3492 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
19:36:47.0768 3492 MBAMProtector - ok
19:36:47.0909 3492 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:36:47.0955 3492 MBAMService - ok
19:36:48.0002 3492 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:36:48.0018 3492 Mcx2Svc - ok
19:36:48.0065 3492 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:36:48.0080 3492 megasas - ok
19:36:48.0127 3492 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:36:48.0158 3492 MegaSR - ok
19:36:48.0221 3492 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:36:48.0283 3492 MMCSS - ok
19:36:48.0314 3492 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:36:48.0377 3492 Modem - ok
19:36:48.0408 3492 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:36:48.0423 3492 monitor - ok
19:36:48.0470 3492 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:36:48.0486 3492 mouclass - ok
19:36:48.0517 3492 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:36:48.0548 3492 mouhid - ok
19:36:48.0595 3492 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:36:48.0611 3492 mountmgr - ok
19:36:48.0673 3492 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:36:48.0704 3492 MpFilter - ok
19:36:48.0735 3492 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:36:48.0767 3492 mpio - ok
19:36:48.0798 3492 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:36:48.0860 3492 mpsdrv - ok
19:36:49.0001 3492 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:36:49.0079 3492 MpsSvc - ok
19:36:49.0141 3492 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:36:49.0188 3492 MRxDAV - ok
19:36:49.0235 3492 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:36:49.0250 3492 mrxsmb - ok
19:36:49.0297 3492 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:36:49.0328 3492 mrxsmb10 - ok
19:36:49.0375 3492 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:36:49.0406 3492 mrxsmb20 - ok
19:36:49.0437 3492 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:36:49.0453 3492 msahci - ok
19:36:49.0484 3492 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:36:49.0515 3492 msdsm - ok
19:36:49.0562 3492 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:36:49.0578 3492 MSDTC - ok
19:36:49.0625 3492 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:36:49.0687 3492 Msfs - ok
19:36:49.0703 3492 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:36:49.0765 3492 mshidkmdf - ok
19:36:49.0812 3492 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:36:49.0827 3492 msisadrv - ok
19:36:49.0874 3492 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:36:49.0952 3492 MSiSCSI - ok
19:36:49.0952 3492 msiserver - ok
19:36:49.0999 3492 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:36:50.0061 3492 MSKSSRV - ok
19:36:50.0139 3492 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:36:50.0171 3492 MsMpSvc - ok
19:36:50.0186 3492 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:36:50.0264 3492 MSPCLOCK - ok
19:36:50.0295 3492 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:36:50.0358 3492 MSPQM - ok
19:36:50.0436 3492 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:36:50.0467 3492 MsRPC - ok
19:36:50.0514 3492 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:36:50.0529 3492 mssmbios - ok
19:36:50.0545 3492 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:36:50.0607 3492 MSTEE - ok
19:36:50.0639 3492 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:36:50.0654 3492 MTConfig - ok
19:36:50.0748 3492 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:36:50.0763 3492 Mup - ok
19:36:50.0857 3492 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:36:50.0935 3492 napagent - ok
19:36:50.0997 3492 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:36:51.0029 3492 NativeWifiP - ok
19:36:51.0138 3492 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:36:51.0200 3492 NDIS - ok
19:36:51.0216 3492 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:36:51.0278 3492 NdisCap - ok
19:36:51.0309 3492 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:36:51.0372 3492 NdisTapi - ok
19:36:51.0419 3492 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:36:51.0481 3492 Ndisuio - ok
19:36:51.0543 3492 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:36:51.0606 3492 NdisWan - ok
19:36:51.0668 3492 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:36:51.0732 3492 NDProxy - ok
19:36:51.0763 3492 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
19:36:51.0778 3492 Netaapl - ok
19:36:51.0810 3492 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:36:51.0888 3492 NetBIOS - ok
19:36:51.0950 3492 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:36:52.0028 3492 NetBT - ok
19:36:52.0059 3492 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:52.0090 3492 Netlogon - ok
19:36:52.0153 3492 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:36:52.0231 3492 Netman - ok
19:36:52.0293 3492 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:36:52.0371 3492 netprofm - ok
19:36:52.0543 3492 netr28x (570813483f26b5c8d984bca5bb70b50d) C:\Windows\system32\DRIVERS\netr28x.sys
19:36:52.0605 3492 netr28x - ok
19:36:52.0715 3492 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:36:52.0747 3492 NetTcpPortSharing - ok
19:36:52.0903 3492 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:36:52.0949 3492 nfrd960 - ok
19:36:52.0981 3492 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:36:53.0012 3492 NisDrv - ok
19:36:53.0105 3492 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:36:53.0137 3492 NisSrv - ok
19:36:53.0215 3492 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:36:53.0293 3492 NlaSvc - ok
19:36:53.0308 3492 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:36:53.0386 3492 Npfs - ok
19:36:53.0417 3492 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:36:53.0480 3492 nsi - ok
19:36:53.0511 3492 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:36:53.0589 3492 nsiproxy - ok
19:36:53.0808 3492 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:36:53.0871 3492 Ntfs - ok
19:36:54.0042 3492 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:36:54.0120 3492 Null - ok
19:36:54.0183 3492 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:36:54.0198 3492 nvraid - ok
19:36:54.0245 3492 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:36:54.0276 3492 nvstor - ok
19:36:54.0308 3492 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:36:54.0339 3492 nv_agp - ok
19:36:54.0370 3492 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:36:54.0401 3492 ohci1394 - ok
19:36:54.0495 3492 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:36:54.0526 3492 p2pimsvc - ok
19:36:54.0604 3492 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:36:54.0635 3492 p2psvc - ok
19:36:54.0666 3492 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:36:54.0698 3492 Parport - ok
19:36:54.0760 3492 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:36:54.0776 3492 partmgr - ok
19:36:54.0807 3492 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:36:54.0854 3492 PcaSvc - ok
19:36:54.0900 3492 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:36:54.0932 3492 pci - ok
19:36:54.0963 3492 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:36:54.0978 3492 pciide - ok
19:36:55.0041 3492 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:36:55.0056 3492 pcmcia - ok
19:36:55.0088 3492 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:36:55.0119 3492 pcw - ok
19:36:55.0197 3492 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:36:55.0275 3492 PEAUTH - ok
19:36:55.0446 3492 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:36:55.0493 3492 PeerDistSvc - ok
19:36:55.0618 3492 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:36:55.0665 3492 PerfHost - ok
19:36:55.0961 3492 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:36:56.0055 3492 pla - ok
19:36:56.0133 3492 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:36:56.0164 3492 PlugPlay - ok
19:36:56.0211 3492 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:36:56.0226 3492 PNRPAutoReg - ok
19:36:56.0289 3492 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:36:56.0320 3492 PNRPsvc - ok
19:36:56.0398 3492 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:36:56.0476 3492 PolicyAgent - ok
19:36:56.0538 3492 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:36:56.0601 3492 Power - ok
19:36:56.0694 3492 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:36:56.0772 3492 PptpMiniport - ok
19:36:56.0804 3492 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:36:56.0835 3492 Processor - ok
19:36:56.0897 3492 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:36:56.0928 3492 ProfSvc - ok
19:36:56.0960 3492 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:36:56.0991 3492 ProtectedStorage - ok
19:36:57.0038 3492 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:36:57.0100 3492 Psched - ok
19:36:57.0272 3492 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:36:57.0334 3492 ql2300 - ok
19:36:57.0521 3492 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:36:57.0568 3492 ql40xx - ok
19:36:57.0630 3492 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:36:57.0677 3492 QWAVE - ok
19:36:57.0708 3492 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:36:57.0740 3492 QWAVEdrv - ok
19:36:57.0755 3492 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:36:57.0818 3492 RasAcd - ok
19:36:57.0864 3492 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:36:57.0927 3492 RasAgileVpn - ok
19:36:57.0974 3492 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:36:58.0036 3492 RasAuto - ok
19:36:58.0098 3492 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:36:58.0161 3492 Rasl2tp - ok
19:36:58.0239 3492 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:36:58.0317 3492 RasMan - ok
19:36:58.0348 3492 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:36:58.0426 3492 RasPppoe - ok
19:36:58.0442 3492 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:36:58.0520 3492 RasSstp - ok
19:36:58.0582 3492 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:36:58.0660 3492 rdbss - ok
19:36:58.0676 3492 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:36:58.0707 3492 rdpbus - ok
19:36:58.0722 3492 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:36:58.0800 3492 RDPCDD - ok
19:36:58.0863 3492 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:36:58.0894 3492 RDPDR - ok
19:36:58.0910 3492 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:36:58.0972 3492 RDPENCDD - ok
19:36:58.0988 3492 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:36:59.0050 3492 RDPREFMP - ok
19:36:59.0112 3492 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:36:59.0144 3492 RDPWD - ok
19:36:59.0206 3492 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:36:59.0237 3492 rdyboost - ok
19:36:59.0284 3492 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:36:59.0362 3492 RemoteAccess - ok
19:36:59.0424 3492 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:36:59.0487 3492 RemoteRegistry - ok
19:36:59.0518 3492 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:36:59.0580 3492 RpcEptMapper - ok
19:36:59.0612 3492 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:36:59.0643 3492 RpcLocator - ok
19:36:59.0736 3492 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:36:59.0799 3492 RpcSs - ok
19:36:59.0877 3492 RSPCIESTOR (c897d551ee0dfcd8e638bf78e21d4d7f) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:36:59.0908 3492 RSPCIESTOR - ok
19:36:59.0970 3492 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:37:00.0048 3492 rspndr - ok
19:37:00.0111 3492 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:37:00.0142 3492 RTL8167 - ok
19:37:00.0173 3492 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:37:00.0204 3492 s3cap - ok
19:37:00.0236 3492 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:37:00.0267 3492 SamSs - ok
19:37:00.0392 3492 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:37:00.0423 3492 SASDIFSV - ok
19:37:00.0438 3492 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:37:00.0454 3492 SASKUTIL - ok
19:37:00.0501 3492 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:37:00.0516 3492 sbp2port - ok
19:37:00.0579 3492 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:37:00.0657 3492 SCardSvr - ok
19:37:00.0704 3492 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:37:00.0766 3492 scfilter - ok
19:37:00.0922 3492 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:37:01.0016 3492 Schedule - ok
19:37:01.0062 3492 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:37:01.0140 3492 SCPolicySvc - ok
19:37:01.0187 3492 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:37:01.0218 3492 SDRSVC - ok
19:37:01.0281 3492 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:37:01.0359 3492 secdrv - ok
19:37:01.0406 3492 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:37:01.0468 3492 seclogon - ok
19:37:01.0499 3492 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:37:01.0562 3492 SENS - ok
19:37:01.0593 3492 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:37:01.0608 3492 SensrSvc - ok
19:37:01.0640 3492 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:37:01.0655 3492 Serenum - ok
19:37:01.0702 3492 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:37:01.0733 3492 Serial - ok
19:37:01.0764 3492 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:37:01.0796 3492 sermouse - ok
19:37:01.0858 3492 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:37:01.0936 3492 SessionEnv - ok
19:37:01.0967 3492 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:37:01.0998 3492 sffdisk - ok
19:37:02.0030 3492 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:37:02.0045 3492 sffp_mmc - ok
19:37:02.0061 3492 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:37:02.0092 3492 sffp_sd - ok
19:37:02.0123 3492 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:37:02.0154 3492 sfloppy - ok
19:37:02.0232 3492 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:37:02.0310 3492 SharedAccess - ok
19:37:02.0388 3492 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:37:02.0466 3492 ShellHWDetection - ok
19:37:02.0498 3492 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:37:02.0513 3492 SiSRaid2 - ok
19:37:02.0560 3492 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:37:02.0591 3492 SiSRaid4 - ok
19:37:02.0622 3492 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:37:02.0685 3492 Smb - ok
19:37:02.0732 3492 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:37:02.0763 3492 SNMPTRAP - ok
19:37:02.0763 3492 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:37:02.0794 3492 spldr - ok
19:37:02.0888 3492 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:37:02.0966 3492 Spooler - ok
19:37:03.0324 3492 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:37:03.0449 3492 sppsvc - ok
19:37:03.0605 3492 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:37:03.0683 3492 sppuinotify - ok
19:37:03.0792 3492 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:37:03.0824 3492 srv - ok
19:37:03.0886 3492 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:37:03.0917 3492 srv2 - ok
19:37:03.0948 3492 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:37:03.0980 3492 srvnet - ok
19:37:04.0026 3492 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:37:04.0089 3492 SSDPSRV - ok
19:37:04.0120 3492 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:37:04.0182 3492 SstpSvc - ok
19:37:04.0323 3492 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
19:37:04.0385 3492 STacSV - ok
19:37:04.0416 3492 Steam Client Service - ok
19:37:04.0463 3492 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:37:04.0494 3492 stexstor - ok
19:37:04.0588 3492 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
19:37:04.0619 3492 STHDA - ok
19:37:04.0728 3492 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:37:04.0775 3492 stisvc - ok
19:37:04.0822 3492 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:37:04.0853 3492 storflt - ok
19:37:04.0884 3492 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
19:37:04.0916 3492 StorSvc - ok
19:37:04.0947 3492 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:37:04.0962 3492 storvsc - ok
19:37:04.0994 3492 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:37:05.0009 3492 swenum - ok
19:37:05.0103 3492 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:37:05.0181 3492 swprv - ok
19:37:05.0259 3492 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
19:37:05.0290 3492 SynTP - ok
19:37:05.0508 3492 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:37:05.0571 3492 SysMain - ok
19:37:05.0742 3492 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:37:05.0774 3492 TabletInputService - ok
19:37:05.0852 3492 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:37:05.0930 3492 TapiSrv - ok
19:37:05.0976 3492 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:37:06.0054 3492 TBS - ok
19:37:06.0288 3492 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:37:06.0366 3492 Tcpip - ok
19:37:06.0725 3492 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:37:06.0803 3492 TCPIP6 - ok
19:37:07.0038 3492 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:37:07.0116 3492 tcpipreg - ok
19:37:07.0163 3492 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:37:07.0179 3492 TDPIPE - ok
19:37:07.0225 3492 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:37:07.0257 3492 TDTCP - ok
19:37:07.0303 3492 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:37:07.0366 3492 tdx - ok
19:37:07.0413 3492 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:37:07.0428 3492 TermDD - ok
19:37:07.0506 3492 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:37:07.0600 3492 TermService - ok
19:37:07.0631 3492 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:37:07.0662 3492 Themes - ok
19:37:07.0709 3492 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:37:07.0771 3492 THREADORDER - ok
19:37:07.0803 3492 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:37:07.0865 3492 TrkWks - ok
19:37:07.0943 3492 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:37:08.0021 3492 TrustedInstaller - ok
19:37:08.0068 3492 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:37:08.0130 3492 tssecsrv - ok
19:37:08.0193 3492 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:37:08.0208 3492 TsUsbFlt - ok
19:37:08.0255 3492 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:37:08.0317 3492 tunnel - ok
19:37:08.0364 3492 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:37:08.0380 3492 uagp35 - ok
19:37:08.0458 3492 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:37:08.0536 3492 udfs - ok
19:37:08.0583 3492 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:37:08.0614 3492 UI0Detect - ok
19:37:08.0661 3492 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:37:08.0692 3492 uliagpkx - ok
19:37:08.0723 3492 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:37:08.0754 3492 umbus - ok
19:37:08.0770 3492 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:37:08.0801 3492 UmPass - ok
19:37:08.0863 3492 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:37:08.0895 3492 UmRdpService - ok
19:37:08.0957 3492 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:37:09.0035 3492 upnphost - ok
19:37:09.0066 3492 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:37:09.0082 3492 USBAAPL64 - ok
19:37:09.0129 3492 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:37:09.0160 3492 usbaudio - ok
19:37:09.0207 3492 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:37:09.0238 3492 usbccgp - ok
19:37:09.0269 3492 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:37:09.0300 3492 usbcir - ok
19:37:09.0331 3492 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:37:09.0363 3492 usbehci - ok
19:37:09.0378 3492 usbfilter (b7037444dc5138fc7d3d3968b4de5c4b) C:\Windows\system32\DRIVERS\usbfilter.sys
19:37:09.0409 3492 usbfilter - ok
19:37:09.0456 3492 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:37:09.0487 3492 usbhub - ok
19:37:09.0503 3492 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:37:09.0519 3492 usbohci - ok
19:37:09.0550 3492 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:37:09.0581 3492 usbprint - ok
19:37:09.0612 3492 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:37:09.0643 3492 USBSTOR - ok
19:37:09.0659 3492 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:37:09.0675 3492 usbuhci - ok
19:37:09.0737 3492 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:37:09.0768 3492 usbvideo - ok
19:37:09.0815 3492 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:37:09.0877 3492 UxSms - ok
19:37:09.0909 3492 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:37:09.0940 3492 VaultSvc - ok
19:37:09.0971 3492 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:37:09.0987 3492 vdrvroot - ok
19:37:10.0080 3492 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:37:10.0158 3492 vds - ok
19:37:10.0189 3492 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:37:10.0221 3492 vga - ok
19:37:10.0236 3492 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:37:10.0314 3492 VgaSave - ok
19:37:10.0361 3492 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:37:10.0392 3492 vhdmp - ok
19:37:10.0392 3492 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:37:10.0423 3492 viaide - ok
19:37:10.0455 3492 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:37:10.0486 3492 vmbus - ok
19:37:10.0501 3492 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:37:10.0533 3492 VMBusHID - ok
19:37:10.0564 3492 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:37:10.0579 3492 volmgr - ok
19:37:10.0657 3492 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:37:10.0689 3492 volmgrx - ok
19:37:10.0735 3492 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:37:10.0782 3492 volsnap - ok
19:37:10.0829 3492 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:37:10.0845 3492 vsmraid - ok
19:37:11.0047 3492 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:37:11.0141 3492 VSS - ok
19:37:11.0297 3492 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:37:11.0344 3492 vwifibus - ok
19:37:11.0359 3492 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:37:11.0391 3492 vwififlt - ok
19:37:11.0453 3492 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:37:11.0531 3492 W32Time - ok
19:37:11.0578 3492 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:37:11.0593 3492 WacomPen - ok
19:37:11.0671 3492 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:37:11.0749 3492 WANARP - ok
19:37:11.0749 3492 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:37:11.0812 3492 Wanarpv6 - ok
19:37:11.0999 3492 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:37:12.0061 3492 WatAdminSvc - ok
19:37:12.0249 3492 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:37:12.0311 3492 wbengine - ok
19:37:12.0483 3492 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:37:12.0529 3492 WbioSrvc - ok
19:37:12.0607 3492 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:37:12.0639 3492 wcncsvc - ok
19:37:12.0670 3492 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:37:12.0685 3492 WcsPlugInService - ok
19:37:12.0748 3492 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:37:12.0779 3492 Wd - ok
19:37:12.0873 3492 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:37:12.0904 3492 Wdf01000 - ok
19:37:12.0951 3492 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:37:12.0982 3492 WdiServiceHost - ok
19:37:12.0982 3492 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:37:13.0029 3492 WdiSystemHost - ok
19:37:13.0107 3492 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:37:13.0153 3492 WebClient - ok
19:37:13.0200 3492 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:37:13.0278 3492 Wecsvc - ok
19:37:13.0294 3492 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:37:13.0372 3492 wercplsupport - ok
19:37:13.0403 3492 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:37:13.0465 3492 WerSvc - ok
19:37:13.0559 3492 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:37:13.0637 3492 WfpLwf - ok
19:37:13.0668 3492 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:37:13.0684 3492 WIMMount - ok
19:37:13.0699 3492 WinDefend - ok
19:37:13.0715 3492 WinHttpAutoProxySvc - ok
19:37:13.0809 3492 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:37:13.0887 3492 Winmgmt - ok
19:37:14.0121 3492 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:37:14.0230 3492 WinRM - ok
19:37:14.0402 3492 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:37:14.0433 3492 WinUsb - ok
19:37:14.0573 3492 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:37:14.0636 3492 Wlansvc - ok
19:37:14.0651 3492 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:37:14.0667 3492 WmiAcpi - ok
19:37:14.0792 3492 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:37:14.0823 3492 wmiApSrv - ok
19:37:14.0854 3492 WMPNetworkSvc - ok
19:37:14.0948 3492 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:37:14.0994 3492 WPCSvc - ok
19:37:15.0041 3492 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:37:15.0072 3492 WPDBusEnum - ok
19:37:15.0119 3492 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:37:15.0182 3492 ws2ifsl - ok
19:37:15.0213 3492 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:37:15.0260 3492 wscsvc - ok
19:37:15.0260 3492 WSearch - ok
19:37:15.0540 3492 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:37:15.0618 3492 wuauserv - ok
19:37:15.0806 3492 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:37:15.0884 3492 WudfPf - ok
19:37:15.0930 3492 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:37:15.0993 3492 WUDFRd - ok
19:37:16.0055 3492 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:37:16.0118 3492 wudfsvc - ok
19:37:16.0164 3492 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:37:16.0211 3492 WwanSvc - ok
19:37:16.0242 3492 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:37:16.0742 3492 \Device\Harddisk0\DR0 - ok
19:37:16.0757 3492 Boot (0x1200) (8ba113d8135104f0e8e22197450a1070) \Device\Harddisk0\DR0\Partition0
19:37:16.0773 3492 \Device\Harddisk0\DR0\Partition0 - ok
19:37:16.0820 3492 Boot (0x1200) (2f6043b3a5185e9eb77ee9f8aa14da90) \Device\Harddisk0\DR0\Partition1
19:37:16.0820 3492 \Device\Harddisk0\DR0\Partition1 - ok
19:37:16.0820 3492 ============================================================
19:37:16.0820 3492 Scan finished
19:37:16.0820 3492 ============================================================
19:37:16.0882 3484 Detected object count: 1
19:37:16.0882 3484 Actual detected object count: 1
19:45:00.0299 3484 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:45:00.0299 3484 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:51:01.0127 3628 Deinitialize success

Edited by RonaldHamAP2, 21 July 2012 - 02:44 PM.


#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:18 AM

Posted 24 July 2012 - 07:37 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#4 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 24 July 2012 - 08:09 PM

I am here lets begin! awaiting your instructions... :tipwink: :thumbsup: :busy:

#5 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:18 AM

Posted 25 July 2012 - 05:01 PM

Please run TDSSKiller and aswMBR first

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\


And

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Posted Image
m0le is a proud member of UNITE

#6 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 25 July 2012 - 07:18 PM

ok TDSS Killer Comes First

19:18:34.0843 4384 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:18:35.0201 4384 ============================================================
19:18:35.0201 4384 Current date / time: 2012/07/25 19:18:35.0201
19:18:35.0201 4384 SystemInfo:
19:18:35.0201 4384
19:18:35.0201 4384 OS Version: 6.1.7601 ServicePack: 1.0
19:18:35.0201 4384 Product type: Workstation
19:18:35.0201 4384 ComputerName: RONALDHAMILTON
19:18:35.0201 4384 UserName: Ronald Hamilton
19:18:35.0201 4384 Windows directory: C:\Windows
19:18:35.0201 4384 System windows directory: C:\Windows
19:18:35.0201 4384 Running under WOW64
19:18:35.0201 4384 Processor architecture: Intel x64
19:18:35.0201 4384 Number of processors: 2
19:18:35.0201 4384 Page size: 0x1000
19:18:35.0201 4384 Boot type: Normal boot
19:18:35.0201 4384 ============================================================
19:18:36.0449 4384 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:36.0465 4384 ============================================================
19:18:36.0465 4384 \Device\Harddisk0\DR0:
19:18:36.0465 4384 MBR partitions:
19:18:36.0465 4384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
19:18:36.0465 4384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x253C9800
19:18:36.0465 4384 ============================================================
19:18:36.0481 4384 C: <-> \Device\Harddisk0\DR0\Partition1
19:18:36.0481 4384 ============================================================
19:18:36.0481 4384 Initialize success
19:18:36.0481 4384 ============================================================
19:18:40.0193 4620 ============================================================
19:18:40.0193 4620 Scan started
19:18:40.0193 4620 Mode: Manual;
19:18:40.0193 4620 ============================================================
19:18:40.0564 4620 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:18:40.0584 4620 1394ohci - ok
19:18:40.0662 4620 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:18:40.0670 4620 ACPI - ok
19:18:40.0706 4620 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:18:40.0708 4620 AcpiPmi - ok
19:18:40.0822 4620 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:18:40.0824 4620 AdobeARMservice - ok
19:18:41.0020 4620 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:18:41.0037 4620 AdobeFlashPlayerUpdateSvc - ok
19:18:41.0121 4620 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:18:41.0147 4620 adp94xx - ok
19:18:41.0229 4620 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:18:41.0248 4620 adpahci - ok
19:18:41.0312 4620 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:18:41.0321 4620 adpu320 - ok
19:18:41.0369 4620 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:18:41.0371 4620 AeLookupSvc - ok
19:18:41.0459 4620 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:18:41.0470 4620 AFD - ok
19:18:41.0529 4620 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:18:41.0531 4620 agp440 - ok
19:18:41.0572 4620 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:18:41.0575 4620 ALG - ok
19:18:41.0611 4620 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:18:41.0613 4620 aliide - ok
19:18:41.0681 4620 AMD External Events Utility (850f0c8034225fa3f50d551a905fa503) C:\Windows\system32\atiesrxx.exe
19:18:41.0685 4620 AMD External Events Utility - ok
19:18:41.0772 4620 AMD FUEL Service - ok
19:18:41.0813 4620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:18:41.0815 4620 amdide - ok
19:18:41.0845 4620 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
19:18:41.0847 4620 amdiox64 - ok
19:18:41.0891 4620 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:18:41.0894 4620 AmdK8 - ok
19:18:42.0488 4620 amdkmdag (7979bf4a66efdadf3d00a052409609b1) C:\Windows\system32\DRIVERS\atikmdag.sys
19:18:42.0736 4620 amdkmdag - ok
19:18:42.0948 4620 amdkmdap (7d5cdb0161e91951d3dd99e55cea4d01) C:\Windows\system32\DRIVERS\atikmpag.sys
19:18:42.0948 4620 amdkmdap - ok
19:18:43.0010 4620 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:18:43.0010 4620 AmdPPM - ok
19:18:43.0057 4620 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:18:43.0057 4620 amdsata - ok
19:18:43.0104 4620 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:18:43.0135 4620 amdsbs - ok
19:18:43.0213 4620 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:18:43.0213 4620 amdxata - ok
19:18:43.0260 4620 amd_sata (bb4fe7889db9cbbe61a308e99697f53c) C:\Windows\system32\DRIVERS\amd_sata.sys
19:18:43.0260 4620 amd_sata - ok
19:18:43.0275 4620 amd_xata (5631cba53f1cbea3f9e88348e6723391) C:\Windows\system32\DRIVERS\amd_xata.sys
19:18:43.0338 4620 amd_xata - ok
19:18:43.0400 4620 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:18:43.0416 4620 AppID - ok
19:18:43.0463 4620 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:18:43.0463 4620 AppIDSvc - ok
19:18:43.0525 4620 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:18:43.0525 4620 Appinfo - ok
19:18:43.0634 4620 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:18:43.0634 4620 Apple Mobile Device - ok
19:18:43.0712 4620 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
19:18:43.0728 4620 AppMgmt - ok
19:18:43.0790 4620 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:18:43.0790 4620 arc - ok
19:18:43.0821 4620 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:18:43.0821 4620 arcsas - ok
19:18:43.0868 4620 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:18:43.0868 4620 AsyncMac - ok
19:18:43.0962 4620 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:18:43.0962 4620 atapi - ok
19:18:44.0055 4620 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
19:18:44.0055 4620 AtiHDAudioService - ok
19:18:44.0165 4620 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:18:44.0196 4620 AudioEndpointBuilder - ok
19:18:44.0211 4620 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:18:44.0211 4620 AudioSrv - ok
19:18:44.0321 4620 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:18:44.0321 4620 AxInstSV - ok
19:18:44.0414 4620 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:18:44.0430 4620 b06bdrv - ok
19:18:44.0508 4620 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:18:44.0539 4620 b57nd60a - ok
19:18:44.0601 4620 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:18:44.0601 4620 BDESVC - ok
19:18:44.0617 4620 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:18:44.0648 4620 Beep - ok
19:18:44.0820 4620 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:18:44.0835 4620 BFE - ok
19:18:44.0929 4620 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:18:45.0007 4620 BITS - ok
19:18:45.0101 4620 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:18:45.0101 4620 blbdrive - ok
19:18:45.0241 4620 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:18:45.0257 4620 Bonjour Service - ok
19:18:45.0303 4620 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:18:45.0303 4620 bowser - ok
19:18:45.0335 4620 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:18:45.0350 4620 BrFiltLo - ok
19:18:45.0367 4620 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:18:45.0369 4620 BrFiltUp - ok
19:18:45.0425 4620 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:18:45.0439 4620 Browser - ok
19:18:45.0470 4620 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:18:45.0476 4620 Brserid - ok
19:18:45.0489 4620 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:18:45.0498 4620 BrSerWdm - ok
19:18:45.0511 4620 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:18:45.0513 4620 BrUsbMdm - ok
19:18:45.0524 4620 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:18:45.0527 4620 BrUsbSer - ok
19:18:45.0554 4620 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:18:45.0557 4620 BTHMODEM - ok
19:18:45.0601 4620 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:18:45.0601 4620 bthserv - ok
19:18:45.0694 4620 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:18:45.0710 4620 cdfs - ok
19:18:45.0772 4620 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:18:45.0772 4620 cdrom - ok
19:18:45.0850 4620 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:18:45.0850 4620 CertPropSvc - ok
19:18:45.0897 4620 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:18:45.0913 4620 circlass - ok
19:18:45.0975 4620 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:18:45.0975 4620 CLFS - ok
19:18:46.0069 4620 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:18:46.0069 4620 clr_optimization_v2.0.50727_32 - ok
19:18:46.0116 4620 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:18:46.0116 4620 clr_optimization_v2.0.50727_64 - ok
19:18:46.0209 4620 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:18:46.0225 4620 clr_optimization_v4.0.30319_32 - ok
19:18:46.0287 4620 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:18:46.0303 4620 clr_optimization_v4.0.30319_64 - ok
19:18:46.0350 4620 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:18:46.0350 4620 CmBatt - ok
19:18:46.0381 4620 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:18:46.0381 4620 cmdide - ok
19:18:46.0474 4620 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
19:18:46.0490 4620 CNG - ok
19:18:46.0599 4620 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:18:46.0599 4620 Compbatt - ok
19:18:46.0646 4620 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:18:46.0646 4620 CompositeBus - ok
19:18:46.0662 4620 COMSysApp - ok
19:18:46.0693 4620 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:18:46.0708 4620 crcdisk - ok
19:18:46.0771 4620 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
19:18:46.0786 4620 CryptSvc - ok
19:18:46.0880 4620 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:18:46.0896 4620 CSC - ok
19:18:47.0005 4620 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
19:18:47.0020 4620 CscService - ok
19:18:47.0098 4620 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:18:47.0114 4620 DcomLaunch - ok
19:18:47.0176 4620 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:18:47.0176 4620 defragsvc - ok
19:18:47.0254 4620 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:18:47.0270 4620 DfsC - ok
19:18:47.0348 4620 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:18:47.0364 4620 Dhcp - ok
19:18:47.0395 4620 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:18:47.0395 4620 discache - ok
19:18:47.0442 4620 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:18:47.0442 4620 Disk - ok
19:18:47.0504 4620 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:18:47.0504 4620 Dnscache - ok
19:18:47.0598 4620 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:18:47.0613 4620 dot3svc - ok
19:18:47.0660 4620 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:18:47.0660 4620 DPS - ok
19:18:47.0707 4620 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:18:47.0707 4620 drmkaud - ok
19:18:47.0863 4620 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:18:47.0878 4620 DXGKrnl - ok
19:18:47.0956 4620 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:18:47.0972 4620 EapHost - ok
19:18:48.0300 4620 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:18:48.0362 4620 ebdrv - ok
19:18:48.0534 4620 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:18:48.0549 4620 EFS - ok
19:18:48.0690 4620 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:18:48.0705 4620 ehRecvr - ok
19:18:48.0752 4620 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:18:48.0768 4620 ehSched - ok
19:18:48.0908 4620 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:18:48.0908 4620 elxstor - ok
19:18:48.0939 4620 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:18:48.0955 4620 ErrDev - ok
19:18:49.0048 4620 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:18:49.0048 4620 EventSystem - ok
19:18:49.0095 4620 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:18:49.0111 4620 exfat - ok
19:18:49.0158 4620 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:18:49.0158 4620 fastfat - ok
19:18:49.0298 4620 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:18:49.0314 4620 Fax - ok
19:18:49.0314 4620 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:18:49.0314 4620 fdc - ok
19:18:49.0360 4620 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:18:49.0360 4620 fdPHost - ok
19:18:49.0376 4620 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:18:49.0392 4620 FDResPub - ok
19:18:49.0407 4620 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:18:49.0407 4620 FileInfo - ok
19:18:49.0438 4620 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:18:49.0438 4620 Filetrace - ok
19:18:49.0454 4620 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:18:49.0454 4620 flpydisk - ok
19:18:49.0532 4620 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:18:49.0532 4620 FltMgr - ok
19:18:49.0688 4620 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:18:49.0704 4620 FontCache - ok
19:18:49.0828 4620 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:18:49.0828 4620 FontCache3.0.0.0 - ok
19:18:49.0891 4620 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:18:49.0891 4620 FsDepends - ok
19:18:49.0922 4620 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:18:49.0922 4620 Fs_Rec - ok
19:18:50.0000 4620 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:18:50.0016 4620 fvevol - ok
19:18:50.0094 4620 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:18:50.0094 4620 gagp30kx - ok
19:18:50.0140 4620 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:18:50.0140 4620 GEARAspiWDM - ok
19:18:50.0281 4620 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:18:50.0296 4620 gpsvc - ok
19:18:50.0390 4620 GPU-Z - ok
19:18:50.0437 4620 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:18:50.0437 4620 hcw85cir - ok
19:18:50.0515 4620 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:18:50.0530 4620 HdAudAddService - ok
19:18:50.0593 4620 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:18:50.0593 4620 HDAudBus - ok
19:18:50.0624 4620 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:18:50.0624 4620 HidBatt - ok
19:18:50.0640 4620 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:18:50.0655 4620 HidBth - ok
19:18:50.0655 4620 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:18:50.0655 4620 HidIr - ok
19:18:50.0686 4620 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:18:50.0702 4620 hidserv - ok
19:18:50.0733 4620 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:18:50.0749 4620 HidUsb - ok
19:18:50.0796 4620 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:18:50.0796 4620 hkmsvc - ok
19:18:50.0874 4620 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:18:50.0889 4620 HomeGroupListener - ok
19:18:50.0936 4620 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:18:50.0936 4620 HomeGroupProvider - ok
19:18:50.0998 4620 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:18:50.0998 4620 HpSAMD - ok
19:18:51.0123 4620 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:18:51.0123 4620 HTTP - ok
19:18:51.0186 4620 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:18:51.0186 4620 hwpolicy - ok
19:18:51.0217 4620 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:18:51.0217 4620 i8042prt - ok
19:18:51.0295 4620 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:18:51.0310 4620 iaStorV - ok
19:18:51.0607 4620 IconMan_R (634bcd82fb1ce4b475b3d64935f3d2cc) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:18:51.0685 4620 IconMan_R - ok
19:18:51.0763 4620 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:18:51.0778 4620 IDriverT - ok
19:18:52.0044 4620 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:18:52.0059 4620 idsvc - ok
19:18:52.0262 4620 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:18:52.0262 4620 iirsp - ok
19:18:52.0418 4620 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:18:52.0434 4620 IKEEXT - ok
19:18:52.0480 4620 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:18:52.0480 4620 intelide - ok
19:18:52.0527 4620 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:18:52.0543 4620 intelppm - ok
19:18:52.0574 4620 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:18:52.0590 4620 IPBusEnum - ok
19:18:52.0636 4620 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:18:52.0636 4620 IpFilterDriver - ok
19:18:52.0730 4620 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:18:52.0746 4620 iphlpsvc - ok
19:18:52.0777 4620 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:18:52.0777 4620 IPMIDRV - ok
19:18:52.0824 4620 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:18:52.0824 4620 IPNAT - ok
19:18:53.0026 4620 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
19:18:53.0042 4620 iPod Service - ok
19:18:53.0089 4620 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:18:53.0089 4620 IRENUM - ok
19:18:53.0120 4620 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:18:53.0136 4620 isapnp - ok
19:18:53.0182 4620 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:18:53.0182 4620 iScsiPrt - ok
19:18:53.0229 4620 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:18:53.0229 4620 kbdclass - ok
19:18:53.0292 4620 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:18:53.0292 4620 kbdhid - ok
19:18:53.0323 4620 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:18:53.0323 4620 KeyIso - ok
19:18:53.0385 4620 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
19:18:53.0385 4620 KSecDD - ok
19:18:53.0416 4620 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
19:18:53.0432 4620 KSecPkg - ok
19:18:53.0463 4620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:18:53.0479 4620 ksthunk - ok
19:18:53.0541 4620 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:18:53.0557 4620 KtmRm - ok
19:18:53.0619 4620 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:18:53.0635 4620 LanmanServer - ok
19:18:53.0713 4620 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:18:53.0713 4620 LanmanWorkstation - ok
19:18:53.0775 4620 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:18:53.0791 4620 lltdio - ok
19:18:53.0853 4620 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:18:53.0853 4620 lltdsvc - ok
19:18:53.0884 4620 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:18:53.0900 4620 lmhosts - ok
19:18:53.0962 4620 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:18:53.0962 4620 LSI_FC - ok
19:18:54.0025 4620 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:18:54.0040 4620 LSI_SAS - ok
19:18:54.0087 4620 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:18:54.0087 4620 LSI_SAS2 - ok
19:18:54.0134 4620 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:18:54.0134 4620 LSI_SCSI - ok
19:18:54.0181 4620 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:18:54.0181 4620 luafv - ok
19:18:54.0243 4620 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:18:54.0243 4620 Mcx2Svc - ok
19:18:54.0259 4620 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:18:54.0259 4620 megasas - ok
19:18:54.0306 4620 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:18:54.0321 4620 MegaSR - ok
19:18:54.0368 4620 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:18:54.0368 4620 MMCSS - ok
19:18:54.0399 4620 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:18:54.0399 4620 Modem - ok
19:18:54.0446 4620 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:18:54.0446 4620 monitor - ok
19:18:54.0493 4620 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:18:54.0493 4620 mouclass - ok
19:18:54.0508 4620 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:18:54.0508 4620 mouhid - ok
19:18:54.0555 4620 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:18:54.0555 4620 mountmgr - ok
19:18:54.0649 4620 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:18:54.0649 4620 MpFilter - ok
19:18:54.0711 4620 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:18:54.0711 4620 mpio - ok
19:18:54.0758 4620 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:18:54.0758 4620 mpsdrv - ok
19:18:54.0898 4620 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:18:54.0914 4620 MpsSvc - ok
19:18:54.0976 4620 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:18:54.0976 4620 MRxDAV - ok
19:18:55.0039 4620 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:18:55.0039 4620 mrxsmb - ok
19:18:55.0086 4620 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:18:55.0101 4620 mrxsmb10 - ok
19:18:55.0148 4620 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:18:55.0148 4620 mrxsmb20 - ok
19:18:55.0195 4620 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:18:55.0195 4620 msahci - ok
19:18:55.0242 4620 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:18:55.0242 4620 msdsm - ok
19:18:55.0288 4620 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:18:55.0288 4620 MSDTC - ok
19:18:55.0351 4620 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:18:55.0351 4620 Msfs - ok
19:18:55.0382 4620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:18:55.0382 4620 mshidkmdf - ok
19:18:55.0413 4620 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:18:55.0413 4620 msisadrv - ok
19:18:55.0476 4620 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:18:55.0476 4620 MSiSCSI - ok
19:18:55.0476 4620 msiserver - ok
19:18:55.0522 4620 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:18:55.0522 4620 MSKSSRV - ok
19:18:55.0632 4620 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:18:55.0632 4620 MsMpSvc - ok
19:18:55.0663 4620 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:18:55.0663 4620 MSPCLOCK - ok
19:18:55.0710 4620 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:18:55.0710 4620 MSPQM - ok
19:18:55.0772 4620 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:18:55.0788 4620 MsRPC - ok
19:18:55.0834 4620 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:18:55.0834 4620 mssmbios - ok
19:18:55.0850 4620 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:18:55.0850 4620 MSTEE - ok
19:18:55.0866 4620 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:18:55.0866 4620 MTConfig - ok
19:18:55.0912 4620 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:18:55.0912 4620 Mup - ok
19:18:56.0006 4620 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:18:56.0022 4620 napagent - ok
19:18:56.0131 4620 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:18:56.0146 4620 NativeWifiP - ok
19:18:56.0271 4620 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:18:56.0287 4620 NDIS - ok
19:18:56.0334 4620 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:18:56.0334 4620 NdisCap - ok
19:18:56.0365 4620 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:18:56.0365 4620 NdisTapi - ok
19:18:56.0412 4620 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:18:56.0412 4620 Ndisuio - ok
19:18:56.0474 4620 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:18:56.0474 4620 NdisWan - ok
19:18:56.0536 4620 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:18:56.0536 4620 NDProxy - ok
19:18:56.0583 4620 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
19:18:56.0583 4620 Netaapl - ok
19:18:56.0630 4620 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:18:56.0630 4620 NetBIOS - ok
19:18:56.0708 4620 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:18:56.0708 4620 NetBT - ok
19:18:56.0755 4620 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:18:56.0755 4620 Netlogon - ok
19:18:56.0833 4620 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:18:56.0848 4620 Netman - ok
19:18:56.0911 4620 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:18:56.0926 4620 netprofm - ok
19:18:57.0129 4620 netr28x (570813483f26b5c8d984bca5bb70b50d) C:\Windows\system32\DRIVERS\netr28x.sys
19:18:57.0145 4620 netr28x - ok
19:18:57.0301 4620 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:18:57.0301 4620 NetTcpPortSharing - ok
19:18:57.0472 4620 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:18:57.0472 4620 nfrd960 - ok
19:18:57.0519 4620 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:18:57.0519 4620 NisDrv - ok
19:18:57.0660 4620 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:18:57.0660 4620 NisSrv - ok
19:18:57.0753 4620 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:18:57.0769 4620 NlaSvc - ok
19:18:57.0800 4620 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:18:57.0800 4620 Npfs - ok
19:18:57.0831 4620 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:18:57.0831 4620 nsi - ok
19:18:57.0878 4620 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:18:57.0878 4620 nsiproxy - ok
19:18:58.0112 4620 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:18:58.0174 4620 Ntfs - ok
19:18:58.0362 4620 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:18:58.0362 4620 Null - ok
19:18:58.0408 4620 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:18:58.0424 4620 nvraid - ok
19:18:58.0471 4620 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:18:58.0471 4620 nvstor - ok
19:18:58.0518 4620 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:18:58.0518 4620 nv_agp - ok
19:18:58.0549 4620 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:18:58.0564 4620 ohci1394 - ok
19:18:58.0627 4620 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:18:58.0642 4620 p2pimsvc - ok
19:18:58.0705 4620 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:18:58.0720 4620 p2psvc - ok
19:18:58.0752 4620 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:18:58.0767 4620 Parport - ok
19:18:58.0814 4620 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:18:58.0814 4620 partmgr - ok
19:18:58.0845 4620 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:18:58.0845 4620 PcaSvc - ok
19:18:58.0908 4620 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:18:58.0908 4620 pci - ok
19:18:58.0923 4620 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:18:58.0939 4620 pciide - ok
19:18:58.0986 4620 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:18:59.0001 4620 pcmcia - ok
19:18:59.0017 4620 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:18:59.0032 4620 pcw - ok
19:18:59.0110 4620 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:18:59.0110 4620 PEAUTH - ok
19:18:59.0282 4620 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
19:18:59.0329 4620 PeerDistSvc - ok
19:18:59.0469 4620 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:18:59.0469 4620 PerfHost - ok
19:18:59.0766 4620 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:18:59.0812 4620 pla - ok
19:18:59.0890 4620 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:18:59.0906 4620 PlugPlay - ok
19:18:59.0922 4620 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:18:59.0937 4620 PNRPAutoReg - ok
19:18:59.0984 4620 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:19:00.0000 4620 PNRPsvc - ok
19:19:00.0109 4620 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:19:00.0140 4620 PolicyAgent - ok
19:19:00.0202 4620 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:19:00.0202 4620 Power - ok
19:19:00.0312 4620 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:19:00.0327 4620 PptpMiniport - ok
19:19:00.0358 4620 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:19:00.0374 4620 Processor - ok
19:19:00.0421 4620 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
19:19:00.0436 4620 ProfSvc - ok
19:19:00.0483 4620 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:00.0483 4620 ProtectedStorage - ok
19:19:00.0546 4620 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:19:00.0546 4620 Psched - ok
19:19:00.0733 4620 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:19:00.0780 4620 ql2300 - ok
19:19:00.0951 4620 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:19:00.0967 4620 ql40xx - ok
19:19:01.0045 4620 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:19:01.0045 4620 QWAVE - ok
19:19:01.0076 4620 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:19:01.0076 4620 QWAVEdrv - ok
19:19:01.0092 4620 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:19:01.0107 4620 RasAcd - ok
19:19:01.0154 4620 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:19:01.0154 4620 RasAgileVpn - ok
19:19:01.0201 4620 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:19:01.0216 4620 RasAuto - ok
19:19:01.0279 4620 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:01.0279 4620 Rasl2tp - ok
19:19:01.0357 4620 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:19:01.0372 4620 RasMan - ok
19:19:01.0419 4620 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:01.0419 4620 RasPppoe - ok
19:19:01.0435 4620 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:19:01.0450 4620 RasSstp - ok
19:19:01.0528 4620 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:19:01.0544 4620 rdbss - ok
19:19:01.0575 4620 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:19:01.0575 4620 rdpbus - ok
19:19:01.0591 4620 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:01.0591 4620 RDPCDD - ok
19:19:01.0669 4620 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:19:01.0669 4620 RDPDR - ok
19:19:01.0700 4620 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:19:01.0700 4620 RDPENCDD - ok
19:19:01.0700 4620 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:19:01.0716 4620 RDPREFMP - ok
19:19:01.0762 4620 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:19:01.0778 4620 RDPWD - ok
19:19:01.0856 4620 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:19:01.0856 4620 rdyboost - ok
19:19:01.0903 4620 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:19:01.0918 4620 RemoteAccess - ok
19:19:01.0981 4620 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:19:01.0996 4620 RemoteRegistry - ok
19:19:02.0012 4620 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:19:02.0028 4620 RpcEptMapper - ok
19:19:02.0043 4620 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:19:02.0059 4620 RpcLocator - ok
19:19:02.0137 4620 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:19:02.0152 4620 RpcSs - ok
19:19:02.0230 4620 RSPCIESTOR (c897d551ee0dfcd8e638bf78e21d4d7f) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:19:02.0230 4620 RSPCIESTOR - ok
19:19:02.0277 4620 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:19:02.0293 4620 rspndr - ok
19:19:02.0371 4620 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:19:02.0386 4620 RTL8167 - ok
19:19:02.0418 4620 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:19:02.0418 4620 s3cap - ok
19:19:02.0464 4620 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:02.0464 4620 SamSs - ok
19:19:02.0480 4620 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:19:02.0496 4620 sbp2port - ok
19:19:02.0527 4620 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:19:02.0542 4620 SCardSvr - ok
19:19:02.0589 4620 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:19:02.0589 4620 scfilter - ok
19:19:02.0745 4620 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:19:02.0792 4620 Schedule - ok
19:19:02.0839 4620 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:19:02.0839 4620 SCPolicySvc - ok
19:19:02.0917 4620 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:19:02.0917 4620 SDRSVC - ok
19:19:02.0995 4620 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:19:02.0995 4620 secdrv - ok
19:19:03.0042 4620 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:19:03.0057 4620 seclogon - ok
19:19:03.0120 4620 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:19:03.0135 4620 SENS - ok
19:19:03.0151 4620 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:19:03.0151 4620 SensrSvc - ok
19:19:03.0182 4620 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:19:03.0182 4620 Serenum - ok
19:19:03.0213 4620 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:19:03.0213 4620 Serial - ok
19:19:03.0244 4620 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:19:03.0244 4620 sermouse - ok
19:19:03.0322 4620 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:19:03.0322 4620 SessionEnv - ok
19:19:03.0369 4620 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:19:03.0369 4620 sffdisk - ok
19:19:03.0400 4620 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:19:03.0400 4620 sffp_mmc - ok
19:19:03.0432 4620 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:19:03.0432 4620 sffp_sd - ok
19:19:03.0478 4620 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:19:03.0478 4620 sfloppy - ok
19:19:03.0572 4620 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:19:03.0588 4620 SharedAccess - ok
19:19:03.0666 4620 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:19:03.0681 4620 ShellHWDetection - ok
19:19:03.0712 4620 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:19:03.0712 4620 SiSRaid2 - ok
19:19:03.0759 4620 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:19:03.0759 4620 SiSRaid4 - ok
19:19:03.0806 4620 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:19:03.0806 4620 Smb - ok
19:19:03.0868 4620 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:19:03.0868 4620 SNMPTRAP - ok
19:19:03.0900 4620 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:19:03.0900 4620 spldr - ok
19:19:03.0993 4620 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:19:04.0009 4620 Spooler - ok
19:19:04.0383 4620 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:19:04.0477 4620 sppsvc - ok
19:19:04.0633 4620 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:19:04.0648 4620 sppuinotify - ok
19:19:04.0758 4620 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:19:04.0773 4620 srv - ok
19:19:04.0836 4620 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:19:04.0851 4620 srv2 - ok
19:19:04.0898 4620 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:19:04.0898 4620 srvnet - ok
19:19:04.0976 4620 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:19:04.0992 4620 SSDPSRV - ok
19:19:05.0007 4620 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:19:05.0023 4620 SstpSvc - ok
19:19:05.0194 4620 STacSV (7bf818b11c1fedc3e76d233124470a30) C:\Program Files\IDT\WDM\STacSV64.exe
19:19:05.0194 4620 STacSV - ok
19:19:05.0272 4620 Steam Client Service - ok
19:19:05.0304 4620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:19:05.0319 4620 stexstor - ok
19:19:05.0428 4620 STHDA (ebc1a5e076a9be314d3d9e8ed19abb0a) C:\Windows\system32\DRIVERS\stwrt64.sys
19:19:05.0428 4620 STHDA - ok
19:19:05.0553 4620 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:19:05.0569 4620 stisvc - ok
19:19:05.0616 4620 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:19:05.0616 4620 storflt - ok
19:19:05.0647 4620 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
19:19:05.0647 4620 StorSvc - ok
19:19:05.0678 4620 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:19:05.0678 4620 storvsc - ok
19:19:05.0694 4620 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:19:05.0694 4620 swenum - ok
19:19:05.0787 4620 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:19:05.0803 4620 swprv - ok
19:19:05.0912 4620 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
19:19:05.0912 4620 SynTP - ok
19:19:06.0146 4620 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:19:06.0208 4620 SysMain - ok
19:19:06.0380 4620 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:19:06.0380 4620 TabletInputService - ok
19:19:06.0458 4620 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:19:06.0458 4620 TapiSrv - ok
19:19:06.0505 4620 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:19:06.0505 4620 TBS - ok
19:19:06.0786 4620 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:19:06.0832 4620 Tcpip - ok
19:19:07.0238 4620 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:19:07.0269 4620 TCPIP6 - ok
19:19:07.0394 4620 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:19:07.0394 4620 tcpipreg - ok
19:19:07.0441 4620 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:19:07.0441 4620 TDPIPE - ok
19:19:07.0488 4620 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:19:07.0488 4620 TDTCP - ok
19:19:07.0534 4620 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:19:07.0534 4620 tdx - ok
19:19:07.0581 4620 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:19:07.0581 4620 TermDD - ok
19:19:07.0675 4620 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:19:07.0690 4620 TermService - ok
19:19:07.0737 4620 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:19:07.0753 4620 Themes - ok
19:19:07.0784 4620 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:19:07.0784 4620 THREADORDER - ok
19:19:07.0815 4620 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:19:07.0815 4620 TrkWks - ok
19:19:07.0909 4620 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:19:07.0909 4620 TrustedInstaller - ok
19:19:07.0987 4620 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:07.0987 4620 tssecsrv - ok
19:19:08.0049 4620 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:19:08.0049 4620 TsUsbFlt - ok
19:19:08.0127 4620 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:19:08.0127 4620 tunnel - ok
19:19:08.0174 4620 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:19:08.0174 4620 uagp35 - ok
19:19:08.0252 4620 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:19:08.0268 4620 udfs - ok
19:19:08.0330 4620 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:19:08.0346 4620 UI0Detect - ok
19:19:08.0392 4620 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:19:08.0392 4620 uliagpkx - ok
19:19:08.0455 4620 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:19:08.0455 4620 umbus - ok
19:19:08.0470 4620 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:19:08.0486 4620 UmPass - ok
19:19:08.0548 4620 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
19:19:08.0564 4620 UmRdpService - ok
19:19:08.0642 4620 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:19:08.0658 4620 upnphost - ok
19:19:08.0689 4620 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:19:08.0704 4620 USBAAPL64 - ok
19:19:08.0751 4620 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:19:08.0751 4620 usbaudio - ok
19:19:08.0798 4620 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:08.0798 4620 usbccgp - ok
19:19:08.0845 4620 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:19:08.0860 4620 usbcir - ok
19:19:08.0876 4620 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:19:08.0892 4620 usbehci - ok
19:19:08.0938 4620 usbfilter (b7037444dc5138fc7d3d3968b4de5c4b) C:\Windows\system32\DRIVERS\usbfilter.sys
19:19:08.0938 4620 usbfilter - ok
19:19:09.0001 4620 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:19:09.0001 4620 usbhub - ok
19:19:09.0032 4620 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
19:19:09.0032 4620 usbohci - ok
19:19:09.0063 4620 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:19:09.0063 4620 usbprint - ok
19:19:09.0079 4620 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:09.0094 4620 USBSTOR - ok
19:19:09.0110 4620 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:19:09.0110 4620 usbuhci - ok
19:19:09.0188 4620 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:19:09.0188 4620 usbvideo - ok
19:19:09.0235 4620 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:19:09.0250 4620 UxSms - ok
19:19:09.0297 4620 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:09.0297 4620 VaultSvc - ok
19:19:09.0344 4620 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:19:09.0344 4620 vdrvroot - ok
19:19:09.0453 4620 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:19:09.0469 4620 vds - ok
19:19:09.0500 4620 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:09.0500 4620 vga - ok
19:19:09.0531 4620 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:19:09.0531 4620 VgaSave - ok
19:19:09.0578 4620 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:19:09.0578 4620 vhdmp - ok
19:19:09.0594 4620 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:19:09.0594 4620 viaide - ok
19:19:09.0640 4620 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:19:09.0640 4620 vmbus - ok
19:19:09.0656 4620 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:19:09.0656 4620 VMBusHID - ok
19:19:09.0687 4620 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:19:09.0687 4620 volmgr - ok
19:19:09.0781 4620 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:19:09.0781 4620 volmgrx - ok
19:19:09.0828 4620 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:19:09.0843 4620 volsnap - ok
19:19:09.0906 4620 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:19:09.0906 4620 vsmraid - ok
19:19:10.0124 4620 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:19:10.0186 4620 VSS - ok
19:19:10.0358 4620 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:19:10.0358 4620 vwifibus - ok
19:19:10.0389 4620 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:19:10.0405 4620 vwififlt - ok
19:19:10.0467 4620 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:19:10.0498 4620 W32Time - ok
19:19:10.0530 4620 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:19:10.0545 4620 WacomPen - ok
19:19:10.0592 4620 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:10.0592 4620 WANARP - ok
19:19:10.0623 4620 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:10.0623 4620 Wanarpv6 - ok
19:19:10.0810 4620 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:19:10.0842 4620 WatAdminSvc - ok
19:19:11.0044 4620 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:19:11.0091 4620 wbengine - ok
19:19:11.0263 4620 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:19:11.0278 4620 WbioSrvc - ok
19:19:11.0372 4620 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:19:11.0388 4620 wcncsvc - ok
19:19:11.0419 4620 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:19:11.0419 4620 WcsPlugInService - ok
19:19:11.0466 4620 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:19:11.0481 4620 Wd - ok
19:19:11.0559 4620 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:19:11.0575 4620 Wdf01000 - ok
19:19:11.0606 4620 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:19:11.0622 4620 WdiServiceHost - ok
19:19:11.0622 4620 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:19:11.0622 4620 WdiSystemHost - ok
19:19:11.0700 4620 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:19:11.0700 4620 WebClient - ok
19:19:11.0762 4620 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:19:11.0778 4620 Wecsvc - ok
19:19:11.0793 4620 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:19:11.0809 4620 wercplsupport - ok
19:19:11.0856 4620 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:19:11.0856 4620 WerSvc - ok
19:19:11.0965 4620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:19:11.0965 4620 WfpLwf - ok
19:19:12.0012 4620 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:19:12.0012 4620 WIMMount - ok
19:19:12.0043 4620 WinDefend - ok
19:19:12.0058 4620 WinHttpAutoProxySvc - ok
19:19:12.0214 4620 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:19:12.0214 4620 Winmgmt - ok
19:19:12.0464 4620 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:19:12.0542 4620 WinRM - ok
19:19:12.0760 4620 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:19:12.0776 4620 WinUsb - ok
19:19:12.0901 4620 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:19:12.0916 4620 Wlansvc - ok
19:19:12.0932 4620 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:19:12.0932 4620 WmiAcpi - ok
19:19:13.0026 4620 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:19:13.0026 4620 wmiApSrv - ok
19:19:13.0057 4620 WMPNetworkSvc - ok
19:19:13.0104 4620 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:19:13.0104 4620 WPCSvc - ok
19:19:13.0166 4620 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:19:13.0166 4620 WPDBusEnum - ok
19:19:13.0213 4620 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:19:13.0213 4620 ws2ifsl - ok
19:19:13.0244 4620 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:19:13.0244 4620 wscsvc - ok
19:19:13.0244 4620 WSearch - ok
19:19:13.0525 4620 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:19:13.0587 4620 wuauserv - ok
19:19:13.0759 4620 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:19:13.0774 4620 WudfPf - ok
19:19:13.0837 4620 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:13.0852 4620 WUDFRd - ok
19:19:13.0915 4620 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:19:13.0915 4620 wudfsvc - ok
19:19:13.0993 4620 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:19:13.0993 4620 WwanSvc - ok
19:19:14.0024 4620 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:19:14.0430 4620 \Device\Harddisk0\DR0 - ok
19:19:14.0445 4620 Boot (0x1200) (8ba113d8135104f0e8e22197450a1070) \Device\Harddisk0\DR0\Partition0
19:19:14.0445 4620 \Device\Harddisk0\DR0\Partition0 - ok
19:19:14.0461 4620 Boot (0x1200) (2f6043b3a5185e9eb77ee9f8aa14da90) \Device\Harddisk0\DR0\Partition1
19:19:14.0476 4620 \Device\Harddisk0\DR0\Partition1 - ok
19:19:14.0476 4620 ============================================================
19:19:14.0476 4620 Scan finished
19:19:14.0476 4620 ============================================================
19:19:14.0492 4344 Detected object count: 0
19:19:14.0492 4344 Actual detected object count: 0
19:21:40.0235 4380 Deinitialize success


And here is aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-25 20:09:50
-----------------------------
20:09:50.351 OS Version: Windows x64 6.1.7601 Service Pack 1
20:09:50.351 Number of processors: 2 586 0x200
20:09:50.351 ComputerName: RONALDHAMILTON UserName:
20:10:09.034 Initialize success
20:10:26.758 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000065
20:10:26.765 Disk 0 Vendor: WDC_WD32 02.0 Size: 305245MB BusType: 11
20:10:26.789 Disk 0 MBR read successfully
20:10:26.798 Disk 0 MBR scan
20:10:26.807 Disk 0 Windows 7 default MBR code
20:10:26.817 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
20:10:26.834 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305043 MB offset 409600
20:10:26.860 Disk 0 scanning C:\Windows\system32\drivers
20:10:35.007 Service scanning
20:11:19.629 Modules scanning
20:11:19.644 Disk 0 trace - called modules:
20:11:19.675 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
20:11:19.675 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80071cd060]
20:11:19.691 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8006c75040]
20:11:19.707 5 amd_xata.sys[fffff880010a0b3f] -> nt!IofCallDriver -> \Device\00000065[0xfffffa8006c71060]
20:11:19.707 Scan finished successfully
20:16:58.995 Disk 0 MBR has been saved successfully to "C:\Users\Ronald Hamilton\Desktop\MBR.dat"
20:16:59.011 The log file has been saved successfully to "C:\Users\Ronald Hamilton\Desktop\aswMBR.txt"



your move sir or madam...

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:18 AM

Posted 25 July 2012 - 08:05 PM

Let's have a look at an OTL scan.

We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Posted Image
m0le is a proud member of UNITE

#8 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 26 July 2012 - 04:09 PM

otl locked up during scan causing pc to lock up as well had to force reboot...

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:18 AM

Posted 26 July 2012 - 07:34 PM

A longer program scan locks the PC then. That's looking very much like a system issue. Try running this shorter command for OTL

  • Open OTL
  • Click the NONE button
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Extras log
    
  • Then click the Run Scan button at the top
  • Let the program run unhindered.
  • A report will open. Copy and Paste that report in your next reply.

Posted Image
m0le is a proud member of UNITE

#10 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 27 July 2012 - 08:36 PM

OK i finally got this to work it required turning off the WIFI and then running the scan with no internet access! once the scan finished dont know how long it took i started it then went to work,i turned on the WIFI and it locked up again and windows stopped responding so forced restart again! now with an luck i can post my problems and see what happens

OTL first
OTL logfile created on: 7/26/2012 6:20:20 PM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Ronald Hamilton\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.61 Gb Total Physical Memory | 6.25 Gb Available Physical Memory | 82.17% Memory free
15.21 Gb Paging File | 13.71 Gb Available in Paging File | 90.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.89 Gb Total Space | 206.09 Gb Free Space | 69.18% Space Free | Partition Type: NTFS

Computer Name: RONALDHAMILTON | User Name: Ronald Hamilton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/07/25 21:35:04 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Ronald Hamilton\Downloads\OTL.exe
PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/01/28 22:28:30 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2008/05/30 16:36:40 | 000,550,160 | ---- | M] (Logitech©) -- C:\Program Files (x86)\Logitech\Z-5 Speakers\Z-5 Speakers.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/21 13:50:43 | 020,313,384 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2012/06/21 13:50:34 | 000,895,312 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll
MOD - [2012/06/21 13:50:33 | 001,099,576 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012/06/21 13:50:33 | 000,190,776 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012/06/21 13:50:33 | 000,123,192 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/05/30 16:36:38 | 000,144,656 | ---- | M] () -- C:\Program Files (x86)\Logitech\Z-5 Speakers\LMPMdllExport.dll
MOD - [2008/04/24 11:35:32 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Logitech\Z-5 Speakers\wxmsw28u_skin_vc_custom.dll
MOD - [2008/04/24 11:35:20 | 002,428,928 | ---- | M] () -- C:\Program Files (x86)\Logitech\Z-5 Speakers\wxmsw28u_core_vc_custom.dll
MOD - [2008/04/24 11:35:12 | 000,618,496 | ---- | M] () -- C:\Program Files (x86)\Logitech\Z-5 Speakers\wxmsw28u_adv_vc_custom.dll
MOD - [2008/04/24 11:33:32 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Logitech\Z-5 Speakers\wxbase28u_xml_vc_custom.dll
MOD - [2008/04/24 11:33:30 | 000,958,464 | ---- | M] () -- C:\Program Files (x86)\Logitech\Z-5 Speakers\wxbase28u_vc_custom.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/09/28 19:12:18 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/09/28 07:19:38 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/09/08 06:42:28 | 000,305,152 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/07/11 20:43:54 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/29 11:02:22 | 002,424,424 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/09/28 19:52:48 | 010,210,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/09/28 18:34:54 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/09/08 06:42:28 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/08/29 11:02:28 | 000,339,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/08/18 05:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/08/11 12:19:50 | 001,582,144 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2011/08/02 18:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/06/17 04:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/06/17 04:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/06/10 15:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/30 15:46:46 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 5F 24 EC 0F C4 CC 01 [binary data]
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\..\SearchScopes,DefaultScope = {4F2349CF-57F4-47B8-B6E5-31DFBEDA2E87}
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\..\SearchScopes\{4F2349CF-57F4-47B8-B6E5-31DFBEDA2E87}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&ilc=12&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Ronald Hamilton\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Ronald Hamilton\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/07/01 16:20:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/07/01 16:20:24 | 000,000,000 | ---D | M]

[2011/12/26 16:59:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ronald Hamilton\AppData\Roaming\Mozilla\Extensions
[2012/04/27 20:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ronald Hamilton\AppData\Roaming\Mozilla\Firefox\Profiles\f0iat8ka.default\extensions
[2012/04/27 20:10:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ronald Hamilton\AppData\Roaming\Mozilla\Firefox\Profiles\f0iat8ka.default\extensions\staged
[2012/01/07 19:59:24 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\RONALD HAMILTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F0IAT8KA.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/03/13 12:29:03 | 000,709,293 | ---- | M] () (No name found) -- C:\USERS\RONALD HAMILTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F0IAT8KA.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012/04/10 07:46:04 | 000,170,609 | ---- | M] () (No name found) -- C:\USERS\RONALD HAMILTON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F0IAT8KA.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Ronald Hamilton\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google Search = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Flash Video Downloader = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggkfikfcbnpfoicfjammigpnakpogebh\2.1.0_0\
CHR - Extension: Media file downloader = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\khbkckdkhakengfjmejmiabaakdlhaab\2.0_0\
CHR - Extension: YouTube Ads Block, Skip, Remove by ScrewAds = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc\2.1.4.2_0\
CHR - Extension: Gmail = C:\Users\Ronald Hamilton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/01/13 10:04:44 | 000,000,862 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 74.208.105.171 gs.apple.com
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Z-5 Speakers] C:\Program Files (x86)\Logitech\Z-5 Speakers\Z-5 Speakers.exe (Logitech©)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-835903281-4073869442-1421746598-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-835903281-4073869442-1421746598-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-835903281-4073869442-1421746598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5431CA9C-2AE3-4DD5-8AC6-F424D6D9CCB3}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74E5DDB5-BA74-4670-A1AB-2DC9277C389E}: DhcpNameServer = 192.168.33.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5E500E2-7189-466F-AEB9-C969978FAB09}: DhcpNameServer = 172.26.38.1 172.26.38.2
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/07/26 18:12:31 | 000,000,000 | ---D | C] -- C:\Users\Ronald Hamilton\AppData\Local\Adobe
[2012/07/24 13:22:36 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ronald Hamilton\Desktop\TDSSKiller.exe
[2012/07/21 10:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/21 10:14:39 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2012/07/21 10:14:39 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2012/07/21 10:14:39 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012/07/21 10:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/21 10:10:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/21 10:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/07/21 10:03:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2012/07/19 20:46:49 | 000,000,000 | ---D | C] -- C:\Users\Ronald Hamilton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/07/19 20:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/07/12 12:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/07/12 12:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/12 12:20:08 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/12 12:19:57 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/07/12 12:19:57 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/07/12 12:12:32 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/12 12:12:29 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/12 12:12:18 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/12 12:12:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/12 12:12:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/12 12:10:36 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012/07/12 12:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/07/03 19:47:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012/07/01 16:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/07/01 16:19:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

========== Files - Modified Within 30 Days ==========

[2012/07/26 18:34:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835903281-4073869442-1421746598-1000UA.job
[2012/07/26 18:07:49 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/26 18:07:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/26 17:14:57 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/26 17:14:57 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/26 17:04:52 | 1830,084,607 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/26 17:01:47 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835903281-4073869442-1421746598-1000Core.job
[2012/07/25 20:16:59 | 000,000,512 | ---- | M] () -- C:\Users\Ronald Hamilton\Desktop\MBR.dat
[2012/07/25 19:18:16 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Ronald Hamilton\Desktop\TDSSKiller.exe
[2012/07/21 10:16:00 | 000,028,672 | ---- | M] () -- C:\Users\Ronald Hamilton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/21 10:14:46 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/19 20:46:49 | 000,003,019 | ---- | M] () -- C:\Users\Ronald Hamilton\Desktop\HiJackThis.lnk
[2012/07/18 18:37:13 | 000,000,048 | ---- | M] () -- C:\Windows\WININIT.INI
[2012/07/12 12:30:58 | 000,292,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/12 12:19:27 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/07/12 12:19:27 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/07/11 20:43:53 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/11 20:43:53 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012/07/25 20:16:58 | 000,000,512 | ---- | C] () -- C:\Users\Ronald Hamilton\Desktop\MBR.dat
[2012/07/21 10:14:46 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/19 20:46:49 | 000,003,019 | ---- | C] () -- C:\Users\Ronald Hamilton\Desktop\HiJackThis.lnk
[2012/07/18 18:37:13 | 000,000,048 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/07/14 08:04:39 | 000,004,711 | ---- | C] () -- C:\Windows\SysNative\dmouse.vxd
[2011/12/27 20:57:37 | 000,028,672 | ---- | C] () -- C:\Users\Ronald Hamilton\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/26 20:42:58 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/12/26 20:42:47 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/12/26 20:42:47 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/12/26 20:42:46 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/12/26 17:46:04 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/12/26 17:25:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/26 16:48:23 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011/09/28 07:49:36 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/03/18 02:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

< End of report >


Extras last

OTL Extras logfile created on: 7/26/2012 6:20:20 PM - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = C:\Users\Ronald Hamilton\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.61 Gb Total Physical Memory | 6.25 Gb Available Physical Memory | 82.17% Memory free
15.21 Gb Paging File | 13.71 Gb Available in Paging File | 90.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297.89 Gb Total Space | 206.09 Gb Free Space | 69.18% Space Free | Partition Type: NTFS

Computer Name: RONALDHAMILTON | User Name: Ronald Hamilton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-835903281-4073869442-1421746598-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D4316FC-5833-4FE6-AC87-28CB0AE19DF7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0D5E6FE4-DCD0-4439-B5C2-D822F02A2096}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E37DF6C-E9A6-4F46-B8DF-F5B20BB7BDBE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0FF33E37-F8CC-45E4-91E8-81B0B4AED976}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{118DC6D7-A1D3-497D-BE02-811E0EFE631A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16190CB2-F12D-45A7-B59A-976AEB90F530}" = rport=2869 | protocol=6 | dir=out | app=system |
"{1AD466D1-C92B-482A-A9B4-E91F31838EE9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1DEBEEC7-9F7C-4600-90FD-1BD6C10B65DB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2348FB86-B9F5-4069-BAD6-2A405A5F6A0F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{25856D83-C98D-4EA0-98E7-D78BD717F31E}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{269031EA-8EE4-4A0F-A154-82A615E3CEF1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2731C098-AADF-49EA-9671-7DCCD3FED1F3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2837EF62-A983-430D-9A80-E9A82135E105}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{2A01E714-835F-4BEF-A1C5-BC8C589327D2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2EBBF008-53C0-4962-A9BC-B7C91F5077CD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3884FA82-03EA-455B-9F56-E43F850C2484}" = lport=137 | protocol=17 | dir=in | app=system |
"{3A55028A-8AE6-4F17-954A-E6303B70C7EC}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3D969CE6-0936-45B4-82AB-8457E8A8F1C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44445013-F32A-4456-8F6B-94BA1E903A80}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4F434279-AD87-4BD2-94D8-75FDB450966E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{50573061-5DCB-495D-97C5-9273DF33D9AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A3EF9B7-0B3A-4817-A7D2-D57D8876D039}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5B582221-96F4-466B-BD59-8B78F2C13E29}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E1D1557-529F-442B-8A83-85CF7794DC51}" = lport=445 | protocol=6 | dir=in | app=system |
"{7002455A-179A-4A02-90ED-DAF050C77D95}" = rport=138 | protocol=17 | dir=out | app=system |
"{70AA5D66-5A80-47E9-A1D4-DA0D833C94EF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{76131FFF-EB32-473A-B0AF-E2BCCC8596F1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7A7FBC09-34E8-4BA8-BE9B-8C4D6DFA135A}" = rport=445 | protocol=6 | dir=out | app=system |
"{7CDD0F7F-F37D-4F35-B9E1-35C64A08536B}" = rport=137 | protocol=17 | dir=out | app=system |
"{81A791D4-1725-4B91-9EF0-502232C1C142}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8213CF06-A33D-452A-BB53-96FE8AA61CBE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8257349E-C370-4C38-BFD0-1D73D7044DD4}" = rport=139 | protocol=6 | dir=out | app=system |
"{84B53225-9683-4595-9333-14B8EBAE6478}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9D4A1052-5B48-4421-9E19-C942701ABE8B}" = lport=139 | protocol=6 | dir=in | app=system |
"{A1C9DC9C-343F-498F-96E7-0B202516579F}" = lport=138 | protocol=17 | dir=in | app=system |
"{C6675FEE-7DE1-487D-A959-0DED31DF40AF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DADACE78-376A-41CC-962A-FDA921D4FBBD}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E17DFADC-8B76-4147-B011-F90794DA7AAB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ED11728C-626A-4A45-B8E2-1D072D6C996E}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F48B2B3C-F276-44BF-82A1-FCBA012E70F7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04E06A5A-5D80-4F16-A79C-11E2A2230B8B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{14B0C300-6B07-4712-BEA6-447F2565E3F4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{18FE02C3-8435-4E66-B885-D55DB8904793}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2AE521AE-9835-4968-910D-CF6E5E7EE0B2}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2BEFA86B-D16A-4A21-B919-AB30826C8605}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{329B5607-857A-4673-B553-8EBA11167F89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{420FD34A-B085-4599-96E5-E61A8A07E139}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A5D0DEA-EB9F-490D-B9CB-F889642307AE}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{5BD138CA-56A4-4677-B131-E2716498B61B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{613A78E3-61A4-4698-AD4F-126943B40C60}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{65B579C6-43C2-4A5D-8748-E7E233308683}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{81B83528-5950-46DC-B149-0ABFBD44F94F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81E6726A-89FE-4C54-8A66-66513B884C7C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{83D468CF-9651-40A6-AF78-9B70DC0DDD17}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85EC6351-6B69-4504-A7C1-C1FB36A5B1FC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89230296-7A7B-4325-8B45-A52A0C573F7E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8A8374A5-A6C9-4049-B919-5F0BB4C91792}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A918EBA-CECA-4AD8-B012-97D5254731C2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{8B3DBA78-90B9-4943-8BD9-086269827ED9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8F726B7E-4BB9-4616-907D-F29F3ADC8094}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{934DE0BB-43CB-408E-8A06-5AB645EFC8D4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{97CCA7F0-065C-4D77-AC8D-801E49D25BB8}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{9E3E2413-25D3-455A-BB31-C8544ED00FCC}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{B1E25050-8076-4CD2-A418-0B7981C0CBB1}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{B4378D25-3654-4F95-B061-8F7FFDE3AF44}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{B9850C3E-4B88-4299-874E-4C358F76FA1D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BA7339C8-7764-40F2-AA99-4E401B84524E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2D0ABBC-CA51-44F5-8EBD-A0A7299763DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{C4832F9D-731B-4D91-807F-C00FF91F74BB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C56AA330-0CDB-4BA7-A2A0-DEAF8D7DF077}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C74AD7F0-8AE0-4138-BF2F-A8A984C6ED8E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{CDBC84AF-9E45-4A01-B214-267B28D4EAA4}" = protocol=6 | dir=out | app=system |
"{CDF87F4F-05FB-4D0A-9104-1F8DDF426CF2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"{D1905EA8-09FA-497F-A47C-0DF20FF54BF2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DAC13EFB-49EF-4826-A29D-176884539BD7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DD0CFC0D-D056-46E9-9262-BB1BA75FF5E1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E4689F5F-E27E-4B6C-9604-8D3EA8A83BB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EC870FA4-AF9F-4C03-93CB-071EAF877B21}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ECC18119-9AFD-4C70-9A45-3166EECB612B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FB461E56-EE27-4907-B600-D0B96C56B29A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FE4351C3-4DF9-4664-8B9B-D2A8AE4C6630}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"TCP Query User{ABF569B1-5FB5-48AF-BF36-55F325A057DE}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"TCP Query User{B02451D1-0D09-4152-9CA5-289494BCFB33}C:\users\ronald hamilton\desktop\jailbreak tools\pwnage\redsn0w_win_0.9.10b3\redsn0w.exe" = protocol=6 | dir=in | app=c:\users\ronald hamilton\desktop\jailbreak tools\pwnage\redsn0w_win_0.9.10b3\redsn0w.exe |
"TCP Query User{F36FDD78-7E90-479D-BED4-FE7FD594C919}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"UDP Query User{24DA7C7A-DD6C-4AE7-A25A-704A5CAC2709}C:\program files (x86)\starcraft ii\starcraft ii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"UDP Query User{44A6B358-47D5-42B6-A335-AEFA5CFAA4F5}C:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe |
"UDP Query User{C1771B56-E3B3-4FF8-9A37-32120B4F1C25}C:\users\ronald hamilton\desktop\jailbreak tools\pwnage\redsn0w_win_0.9.10b3\redsn0w.exe" = protocol=17 | dir=in | app=c:\users\ronald hamilton\desktop\jailbreak tools\pwnage\redsn0w_win_0.9.10b3\redsn0w.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2FD3DC87-EC8D-78D2-1D3A-F4D6E7531BAF}" = AMD Fuel
"{45726347-6D97-4613-9F89-A9635ACBD34D}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{ACD449FA-9DF3-779D-DA68-11D486963225}" = AMD Catalyst Install Manager
"{BF92729B-1505-55D8-DAD4-4727CDB02FF6}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"KLiteCodecPack64_is1" = K-Lite Codec Pack 5.5.0 (64-bit)
"Logitech Unifying" = Logitech Unifying Software 2.00
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics TouchPad Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0535D679-6FFB-2CAB-F7FF-7B05D6D6CAB5}" = CCC Help Chinese Standard
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{16F1B95A-F813-7600-EFA5-A97CB11222BC}" = CCC Help French
"{17A5CB1F-712A-41D2-FBBB-4A881EBA9B17}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20DBF540-DF10-0A5C-7443-F139A84CC1F5}" = CCC Help Dutch
"{21CC6030-B1EA-3E53-DF36-38054A1596B4}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{29819186-C15B-D50E-AB2E-8C24E2619273}" = CCC Help Portuguese
"{314F8264-25FB-C833-1017-3A0E0846112C}" = CCC Help Hungarian
"{3167966F-9811-30EF-6093-B7B95E2F19B7}" = Catalyst Control Center Graphics Previews Common
"{346DAD45-38D4-B63C-C372-1E2BC136DE69}" = CCC Help Finnish
"{3A83B36C-17B9-4832-445A-7A9DF377BB12}" = CCC Help Swedish
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{58A2F6F8-6009-CC35-2A83-DB5F922003DE}" = CCC Help Czech
"{5E21F3A1-9E84-DC22-1C62-0DB056EC7344}" = CCC Help Japanese
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81C9D048-B677-3CDD-7E20-3AF8DBFC4A0A}" = Catalyst Control Center Localization All
"{870163D1-4D3A-198C-5414-889F1F4347AE}" = CCC Help Korean
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT5390 802.11b/g/n WiFi Adapter
"{93335AAC-9F8B-54DF-7DB5-2C98D0DC2111}" = CCC Help Chinese Traditional
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AD0AAA4D-9A81-8B10-EB28-3C1372987DE7}" = CCC Help Italian
"{B4F17D6A-12A3-5403-6050-32A5B4A31F31}" = Catalyst Control Center InstallProxy
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C314AD4A-1715-40DD-9C20-04EF3D22598B}" = Logitech Z-5
"{C55C2A19-BAD2-287A-1D7A-9D5FF5FD526E}" = AMD VISION Engine Control Center
"{D46914D5-CA39-1A40-3CEC-9368E9C28568}" = CCC Help Greek
"{DEA477E5-F916-973D-E1AB-3CDC735FDB58}" = CCC Help Norwegian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{EA0E4DD2-7CD7-9583-0BE6-AFF3DF09E3E4}" = CCC Help Thai
"{F0A76517-2D1D-8DE3-F3B7-121B6A1990E8}" = CCC Help English
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F35C5FE9-57EC-9936-5738-D7EB3EA73B28}" = CCC Help Spanish
"{F4708461-A1E0-0657-1FC6-FACFEEA55CBE}" = CCC Help Russian
"{F4EB5AE1-0065-0752-FF11-1E45ABCD443A}" = CCC Help Danish
"{FC2150C5-A1AF-6238-9632-E5BB8739C0BC}" = CCC Help German
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BOSS" = BOSS
"DTGDesktop" = Documents To Go Desktop for iPhone
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.0.0
"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)
"StarCraft II" = StarCraft II
"Steam App 202480" = Creation Kit
"Steam App 72850" = The Elder Scrolls V: Skyrim

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-835903281-4073869442-1421746598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/26/2012 4:28:54 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 30202

Error - 7/26/2012 4:28:54 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 30202

Error - 7/26/2012 4:28:57 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/26/2012 4:28:57 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 32760

Error - 7/26/2012 4:28:57 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 32760

Error - 7/26/2012 4:29:12 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/26/2012 4:29:12 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 48391

Error - 7/26/2012 4:29:12 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 48391

Error - 7/26/2012 10:29:34 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/26/2012 10:29:34 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4711

Error - 7/26/2012 10:29:34 AM | Computer Name = RonaldHamilton | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4711

[ System Events ]
Error - 7/26/2012 4:27:08 AM | Computer Name = RonaldHamilton | Source = ipnathlp | ID = 31004
Description =

Error - 7/26/2012 4:28:21 AM | Computer Name = RonaldHamilton | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
Error Reporting Service service to connect.

Error - 7/26/2012 4:28:51 AM | Computer Name = RonaldHamilton | Source = ipnathlp | ID = 31004
Description =

Error - 7/26/2012 4:29:14 AM | Computer Name = RonaldHamilton | Source = DCOM | ID = 10010
Description =

Error - 7/26/2012 10:29:37 AM | Computer Name = RonaldHamilton | Source = ipnathlp | ID = 30013
Description =

Error - 7/26/2012 5:01:28 PM | Computer Name = RonaldHamilton | Source = bowser | ID = 8003
Description =

Error - 7/26/2012 5:05:19 PM | Computer Name = RonaldHamilton | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:03:14 PM on ?7/?26/?2012 was unexpected.

Error - 7/26/2012 5:05:38 PM | Computer Name = RonaldHamilton | Source = ipnathlp | ID = 34001
Description =

Error - 7/26/2012 5:05:38 PM | Computer Name = RonaldHamilton | Source = ipnathlp | ID = 30013
Description =

Error - 7/26/2012 6:08:01 PM | Computer Name = RonaldHamilton | Source = ipnathlp | ID = 31004
Description =


< End of report >

#11 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 27 July 2012 - 08:40 PM

also what is the info for this web page on tapatalk iphone forum app. that way i can notify you if my computer craps out completely and i cannot post using it

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:18 AM

Posted 27 July 2012 - 08:50 PM

Now I know this is a network issue. Connecting to WiFi and crashing or locking usually means a network card problem.

Post a topic in the Network forum so the members and staff can help you diagnose the problem.

I will keep this open for five days, PM me after that if you need to.
Posted Image
m0le is a proud member of UNITE

#13 RonaldHamAP2

RonaldHamAP2
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 27 July 2012 - 09:03 PM

Now I know this is a network issue. Connecting to WiFi and crashing or locking usually means a network card problem.

Post a topic in the Network forum so the members and staff can help you diagnose the problem.

I will keep this open for five days, PM me after that if you need to.

I believe it to be more than just a network issue as it crashes no matter what even in safe mode...
I will post in network forum just in case as it can't hurt to have more than one option

Edited by RonaldHamAP2, 27 July 2012 - 09:04 PM.


#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:18 AM

Posted 01 August 2012 - 08:18 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users