Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by Security Sheild 2012


  • Please log in to reply
13 replies to this topic

#1 maddawg313

maddawg313

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 26 July 2012 - 09:58 PM

Hello everyone, today I was affected by the Security Sheild 2012 virus. I am running windows 7 Ultimate 64 bit. Followed instructions on the net to clear the virus, but having a few serious issues. After cleaning, I am now unable to run windows update and tried using peer blocker but it errors out. Is there a fix to get my system back up and running.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 26 July 2012 - 11:06 PM

Lets make sure system is clean before fixing windows update

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 maddawg313

maddawg313
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 27 July 2012 - 07:08 AM

TDSSkiller Log file:

07:39:18.0976 6972 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
07:39:19.0563 6972 ============================================================
07:39:19.0563 6972 Current date / time: 2012/07/27 07:39:19.0563
07:39:19.0563 6972 SystemInfo:
07:39:19.0564 6972
07:39:19.0564 6972 OS Version: 6.1.7601 ServicePack: 1.0
07:39:19.0564 6972 Product type: Workstation
07:39:19.0564 6972 ComputerName: MAINCOMPUTER-PC
07:39:19.0564 6972 UserName: maddawg
07:39:19.0564 6972 Windows directory: C:\Windows
07:39:19.0564 6972 System windows directory: C:\Windows
07:39:19.0564 6972 Running under WOW64
07:39:19.0564 6972 Processor architecture: Intel x64
07:39:19.0564 6972 Number of processors: 4
07:39:19.0564 6972 Page size: 0x1000
07:39:19.0565 6972 Boot type: Normal boot
07:39:19.0565 6972 ============================================================
07:39:20.0934 6972 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:39:20.0952 6972 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:39:20.0952 6972 Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:39:20.0964 6972 Drive \Device\Harddisk3\DR3 - Size: 0x1CD940000 (7.21 Gb), SectorSize: 0x200, Cylinders: 0x3AD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:39:20.0966 6972 ============================================================
07:39:20.0966 6972 \Device\Harddisk0\DR0:
07:39:20.0966 6972 MBR partitions:
07:39:20.0966 6972 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
07:39:20.0966 6972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D4000
07:39:20.0966 6972 \Device\Harddisk1\DR1:
07:39:20.0967 6972 MBR partitions:
07:39:20.0967 6972 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
07:39:20.0967 6972 \Device\Harddisk2\DR2:
07:39:20.0967 6972 MBR partitions:
07:39:20.0967 6972 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x57541401
07:39:20.0967 6972 \Device\Harddisk3\DR3:
07:39:20.0968 6972 MBR partitions:
07:39:20.0968 6972 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE6AA80
07:39:20.0968 6972 ============================================================
07:39:20.0985 6972 C: <-> \Device\Harddisk0\DR0\Partition1
07:39:21.0006 6972 E: <-> \Device\Harddisk1\DR1\Partition0
07:39:21.0031 6972 F: <-> \Device\Harddisk2\DR2\Partition0
07:39:21.0031 6972 ============================================================
07:39:21.0031 6972 Initialize success
07:39:21.0031 6972 ============================================================
07:39:24.0036 6876 ============================================================
07:39:24.0036 6876 Scan started
07:39:24.0036 6876 Mode: Manual;
07:39:24.0036 6876 ============================================================
07:39:25.0117 6876 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:39:25.0122 6876 1394ohci - ok
07:39:25.0191 6876 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
07:39:25.0196 6876 acedrv11 - ok
07:39:25.0244 6876 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:39:25.0257 6876 ACPI - ok
07:39:25.0278 6876 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:39:25.0279 6876 AcpiPmi - ok
07:39:25.0395 6876 AcrSch2Svc (b427f673c544bb52b40b324affe67553) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
07:39:25.0411 6876 AcrSch2Svc - ok
07:39:25.0476 6876 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:39:25.0478 6876 AdobeARMservice - ok
07:39:25.0535 6876 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:39:25.0550 6876 adp94xx - ok
07:39:25.0596 6876 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:39:25.0609 6876 adpahci - ok
07:39:25.0630 6876 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:39:25.0633 6876 adpu320 - ok
07:39:25.0654 6876 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:39:25.0656 6876 AeLookupSvc - ok
07:39:25.0691 6876 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
07:39:25.0695 6876 afcdp - ok
07:39:25.0851 6876 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
07:39:25.0873 6876 afcdpsrv - ok
07:39:25.0941 6876 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:39:25.0960 6876 AFD - ok
07:39:25.0988 6876 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:39:25.0991 6876 agp440 - ok
07:39:26.0028 6876 aksdf (89cd44c10d9b4d87725ff07f18a5702f) C:\Windows\system32\drivers\aksdf.sys
07:39:26.0031 6876 aksdf - ok
07:39:26.0060 6876 aksfridge (ba0b6fd78ae88d39b9d3d984f295a137) C:\Windows\system32\drivers\aksfridge.sys
07:39:26.0064 6876 aksfridge - ok
07:39:26.0094 6876 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:39:26.0097 6876 ALG - ok
07:39:26.0111 6876 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:39:26.0112 6876 aliide - ok
07:39:26.0147 6876 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
07:39:26.0151 6876 AMD External Events Utility - ok
07:39:26.0199 6876 AMD FUEL Service - ok
07:39:26.0216 6876 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:39:26.0217 6876 amdide - ok
07:39:26.0238 6876 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
07:39:26.0240 6876 amdiox64 - ok
07:39:26.0261 6876 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:39:26.0263 6876 AmdK8 - ok
07:39:26.0606 6876 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
07:39:26.0783 6876 amdkmdag - ok
07:39:26.0849 6876 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
07:39:26.0853 6876 amdkmdap - ok
07:39:26.0866 6876 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:39:26.0867 6876 AmdPPM - ok
07:39:26.0894 6876 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:39:26.0895 6876 amdsata - ok
07:39:26.0913 6876 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:39:26.0916 6876 amdsbs - ok
07:39:26.0928 6876 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:39:26.0929 6876 amdxata - ok
07:39:26.0957 6876 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
07:39:26.0959 6876 Andbus - ok
07:39:26.0981 6876 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
07:39:26.0983 6876 AndDiag - ok
07:39:27.0012 6876 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
07:39:27.0014 6876 AndGps - ok
07:39:27.0042 6876 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
07:39:27.0044 6876 ANDModem - ok
07:39:27.0089 6876 andnetadb (ac00b4a1faf27cc2ff99d0961fc9b77c) C:\Windows\system32\Drivers\lgandnetadb.sys
07:39:27.0091 6876 andnetadb - ok
07:39:27.0114 6876 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys
07:39:27.0116 6876 androidusb - ok
07:39:27.0145 6876 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
07:39:27.0148 6876 AODDriver4.1 - ok
07:39:27.0189 6876 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:39:27.0191 6876 AppID - ok
07:39:27.0211 6876 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:39:27.0213 6876 AppIDSvc - ok
07:39:27.0243 6876 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:39:27.0245 6876 Appinfo - ok
07:39:27.0343 6876 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:39:27.0346 6876 Apple Mobile Device - ok
07:39:27.0354 6876 appliandMP - ok
07:39:27.0391 6876 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
07:39:27.0395 6876 AppMgmt - ok
07:39:27.0408 6876 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:39:27.0409 6876 arc - ok
07:39:27.0423 6876 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:39:27.0425 6876 arcsas - ok
07:39:27.0482 6876 arXfrSvc (9149ec69acd3efc97b01d5a1baeb3b57) C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
07:39:27.0488 6876 arXfrSvc - ok
07:39:27.0558 6876 ASPI32 - ok
07:39:27.0632 6876 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:39:27.0634 6876 aspnet_state - ok
07:39:27.0646 6876 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:39:27.0648 6876 AsyncMac - ok
07:39:27.0675 6876 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:39:27.0676 6876 atapi - ok
07:39:27.0714 6876 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
07:39:27.0717 6876 AtiHDAudioService - ok
07:39:27.0781 6876 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:39:27.0794 6876 AudioEndpointBuilder - ok
07:39:27.0803 6876 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:39:27.0809 6876 AudioSrv - ok
07:39:27.0841 6876 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:39:27.0843 6876 AxInstSV - ok
07:39:27.0875 6876 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:39:27.0887 6876 b06bdrv - ok
07:39:27.0920 6876 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:39:27.0923 6876 b57nd60a - ok
07:39:27.0944 6876 BackupReader (7950a5463893475935967dacc387e3a1) C:\Windows\system32\DRIVERS\BackupReader.sys
07:39:27.0945 6876 BackupReader - ok
07:39:27.0963 6876 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:39:27.0965 6876 BDESVC - ok
07:39:27.0975 6876 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:39:27.0976 6876 Beep - ok
07:39:27.0990 6876 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:39:27.0991 6876 blbdrive - ok
07:39:28.0057 6876 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
07:39:28.0064 6876 Bonjour Service - ok
07:39:28.0094 6876 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:39:28.0096 6876 bowser - ok
07:39:28.0109 6876 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:39:28.0110 6876 BrFiltLo - ok
07:39:28.0117 6876 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:39:28.0118 6876 BrFiltUp - ok
07:39:28.0149 6876 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:39:28.0152 6876 Browser - ok
07:39:28.0176 6876 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:39:28.0180 6876 Brserid - ok
07:39:28.0193 6876 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:39:28.0194 6876 BrSerWdm - ok
07:39:28.0204 6876 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:39:28.0206 6876 BrUsbMdm - ok
07:39:28.0217 6876 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:39:28.0218 6876 BrUsbSer - ok
07:39:28.0242 6876 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:39:28.0243 6876 BTHMODEM - ok
07:39:28.0254 6876 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:39:28.0256 6876 bthserv - ok
07:39:28.0263 6876 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:39:28.0265 6876 cdfs - ok
07:39:28.0292 6876 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
07:39:28.0294 6876 cdrom - ok
07:39:28.0320 6876 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:39:28.0322 6876 CertPropSvc - ok
07:39:28.0501 6876 CGVPNCliSrvc (213b6ec3de19e35373a1906397588429) C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
07:39:28.0541 6876 CGVPNCliSrvc - ok
07:39:28.0658 6876 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:39:28.0678 6876 circlass - ok
07:39:28.0789 6876 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:39:28.0799 6876 CLFS - ok
07:39:28.0856 6876 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:39:28.0858 6876 clr_optimization_v2.0.50727_32 - ok
07:39:28.0883 6876 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:39:28.0885 6876 clr_optimization_v2.0.50727_64 - ok
07:39:28.0941 6876 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:39:28.0945 6876 clr_optimization_v4.0.30319_32 - ok
07:39:28.0981 6876 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:39:28.0985 6876 clr_optimization_v4.0.30319_64 - ok
07:39:29.0006 6876 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:39:29.0008 6876 CmBatt - ok
07:39:29.0032 6876 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:39:29.0033 6876 cmdide - ok
07:39:29.0083 6876 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
07:39:29.0100 6876 CNG - ok
07:39:29.0115 6876 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:39:29.0116 6876 Compbatt - ok
07:39:29.0154 6876 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:39:29.0155 6876 CompositeBus - ok
07:39:29.0159 6876 COMSysApp - ok
07:39:29.0175 6876 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:39:29.0176 6876 crcdisk - ok
07:39:29.0217 6876 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
07:39:29.0221 6876 CryptSvc - ok
07:39:29.0264 6876 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
07:39:29.0274 6876 CSC - ok
07:39:29.0328 6876 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
07:39:29.0342 6876 CscService - ok
07:39:29.0378 6876 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:39:29.0384 6876 DcomLaunch - ok
07:39:29.0415 6876 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:39:29.0420 6876 defragsvc - ok
07:39:29.0453 6876 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:39:29.0455 6876 DfsC - ok
07:39:29.0488 6876 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:39:29.0493 6876 Dhcp - ok
07:39:29.0506 6876 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:39:29.0507 6876 discache - ok
07:39:29.0518 6876 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:39:29.0519 6876 Disk - ok
07:39:29.0540 6876 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:39:29.0544 6876 Dnscache - ok
07:39:29.0581 6876 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:39:29.0585 6876 dot3svc - ok
07:39:29.0626 6876 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
07:39:29.0629 6876 Dot4 - ok
07:39:29.0661 6876 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
07:39:29.0662 6876 Dot4Print - ok
07:39:29.0682 6876 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
07:39:29.0683 6876 dot4usb - ok
07:39:29.0717 6876 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:39:29.0721 6876 DPS - ok
07:39:29.0743 6876 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:39:29.0744 6876 drmkaud - ok
07:39:29.0794 6876 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:39:29.0816 6876 DXGKrnl - ok
07:39:29.0837 6876 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:39:29.0840 6876 EapHost - ok
07:39:30.0035 6876 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:39:30.0105 6876 ebdrv - ok
07:39:30.0191 6876 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:39:30.0195 6876 EFS - ok
07:39:30.0260 6876 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:39:30.0278 6876 ehRecvr - ok
07:39:30.0302 6876 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:39:30.0304 6876 ehSched - ok
07:39:30.0340 6876 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:39:30.0357 6876 elxstor - ok
07:39:30.0382 6876 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:39:30.0383 6876 ErrDev - ok
07:39:30.0456 6876 esClient (94b3c06dcf580695eba5304f3c750256) C:\Program Files\Windows Home Server\esClient.exe
07:39:30.0460 6876 esClient - ok
07:39:30.0502 6876 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:39:30.0513 6876 EventSystem - ok
07:39:30.0535 6876 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:39:30.0539 6876 exfat - ok
07:39:30.0562 6876 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:39:30.0565 6876 fastfat - ok
07:39:30.0626 6876 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
07:39:30.0638 6876 Fax - ok
07:39:30.0648 6876 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:39:30.0649 6876 fdc - ok
07:39:30.0661 6876 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:39:30.0663 6876 fdPHost - ok
07:39:30.0676 6876 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:39:30.0678 6876 FDResPub - ok
07:39:30.0690 6876 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:39:30.0691 6876 FileInfo - ok
07:39:30.0697 6876 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:39:30.0698 6876 Filetrace - ok
07:39:30.0825 6876 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
07:39:30.0868 6876 FirebirdServerMAGIXInstance - ok
07:39:30.0908 6876 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:39:30.0909 6876 flpydisk - ok
07:39:30.0943 6876 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:39:30.0947 6876 FltMgr - ok
07:39:31.0019 6876 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:39:31.0038 6876 FontCache - ok
07:39:31.0101 6876 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:39:31.0103 6876 FontCache3.0.0.0 - ok
07:39:31.0122 6876 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:39:31.0123 6876 FsDepends - ok
07:39:31.0143 6876 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
07:39:31.0144 6876 fssfltr - ok
07:39:31.0300 6876 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:39:31.0331 6876 fsssvc - ok
07:39:31.0377 6876 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
07:39:31.0378 6876 Fs_Rec - ok
07:39:31.0409 6876 FTDIBUS (35fd2bb5131714e657b7ab3a78642854) C:\Windows\system32\drivers\ftdibus.sys
07:39:31.0411 6876 FTDIBUS - ok
07:39:31.0430 6876 FTSER2K (196c9bddbef9b6d0973f398bef5b2eee) C:\Windows\system32\drivers\ftser2k.sys
07:39:31.0432 6876 FTSER2K - ok
07:39:31.0463 6876 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:39:31.0466 6876 fvevol - ok
07:39:31.0483 6876 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:39:31.0485 6876 gagp30kx - ok
07:39:31.0523 6876 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:39:31.0524 6876 GEARAspiWDM - ok
07:39:31.0587 6876 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:39:31.0606 6876 gpsvc - ok
07:39:31.0660 6876 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:39:31.0663 6876 gusvc - ok
07:39:31.0711 6876 hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
07:39:31.0716 6876 hardlock - ok
07:39:31.0720 6876 hasplms - ok
07:39:31.0737 6876 hcw72ADFilter (f531c096d13a9e12b143db770814de92) C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
07:39:31.0738 6876 hcw72ADFilter - ok
07:39:31.0812 6876 hcw72ATV (0496f2a26a9b45412c5cc096d451aa22) C:\Windows\system32\DRIVERS\hcw72ATV.sys
07:39:31.0836 6876 hcw72ATV - ok
07:39:31.0937 6876 hcw72DTV (13d8e1f19e5f461f99c24e50bc987b58) C:\Windows\system32\DRIVERS\hcw72DTV.sys
07:39:31.0962 6876 hcw72DTV - ok
07:39:31.0996 6876 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:39:31.0997 6876 hcw85cir - ok
07:39:32.0051 6876 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
07:39:32.0063 6876 HdAudAddService - ok
07:39:32.0086 6876 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:39:32.0089 6876 HDAudBus - ok
07:39:32.0102 6876 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:39:32.0104 6876 HidBatt - ok
07:39:32.0118 6876 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:39:32.0120 6876 HidBth - ok
07:39:32.0133 6876 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:39:32.0135 6876 HidIr - ok
07:39:32.0154 6876 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
07:39:32.0156 6876 hidserv - ok
07:39:32.0179 6876 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
07:39:32.0180 6876 HidUsb - ok
07:39:32.0205 6876 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:39:32.0208 6876 hkmsvc - ok
07:39:32.0244 6876 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:39:32.0248 6876 HomeGroupListener - ok
07:39:32.0280 6876 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:39:32.0285 6876 HomeGroupProvider - ok
07:39:32.0303 6876 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:39:32.0305 6876 HpSAMD - ok
07:39:32.0333 6876 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
07:39:32.0334 6876 HTCAND64 - ok
07:39:32.0366 6876 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
07:39:32.0367 6876 htcnprot - ok
07:39:32.0431 6876 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:39:32.0443 6876 HTTP - ok
07:39:32.0465 6876 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:39:32.0466 6876 hwpolicy - ok
07:39:32.0493 6876 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:39:32.0495 6876 i8042prt - ok
07:39:32.0532 6876 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:39:32.0545 6876 iaStorV - ok
07:39:32.0623 6876 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:39:32.0664 6876 idsvc - ok
07:39:32.0687 6876 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:39:32.0688 6876 iirsp - ok
07:39:32.0751 6876 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:39:32.0768 6876 IKEEXT - ok
07:39:32.0786 6876 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:39:32.0787 6876 intelide - ok
07:39:32.0806 6876 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:39:32.0807 6876 intelppm - ok
07:39:32.0825 6876 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:39:32.0827 6876 IPBusEnum - ok
07:39:32.0861 6876 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:39:32.0864 6876 IpFilterDriver - ok
07:39:32.0885 6876 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:39:32.0888 6876 IPMIDRV - ok
07:39:32.0911 6876 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:39:32.0914 6876 IPNAT - ok
07:39:33.0014 6876 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
07:39:33.0056 6876 iPod Service - ok
07:39:33.0075 6876 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:39:33.0076 6876 IRENUM - ok
07:39:33.0088 6876 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:39:33.0089 6876 isapnp - ok
07:39:33.0108 6876 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:39:33.0113 6876 iScsiPrt - ok
07:39:33.0128 6876 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:39:33.0129 6876 kbdclass - ok
07:39:33.0139 6876 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:39:33.0140 6876 kbdhid - ok
07:39:33.0165 6876 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:39:33.0167 6876 KeyIso - ok
07:39:33.0190 6876 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
07:39:33.0192 6876 KSecDD - ok
07:39:33.0217 6876 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
07:39:33.0220 6876 KSecPkg - ok
07:39:33.0229 6876 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:39:33.0230 6876 ksthunk - ok
07:39:33.0258 6876 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:39:33.0272 6876 KtmRm - ok
07:39:33.0315 6876 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
07:39:33.0321 6876 LanmanServer - ok
07:39:33.0338 6876 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:39:33.0343 6876 LanmanWorkstation - ok
07:39:33.0358 6876 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:39:33.0359 6876 lltdio - ok
07:39:33.0383 6876 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:39:33.0387 6876 lltdsvc - ok
07:39:33.0402 6876 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:39:33.0404 6876 lmhosts - ok
07:39:33.0424 6876 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:39:33.0426 6876 LSI_FC - ok
07:39:33.0437 6876 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:39:33.0438 6876 LSI_SAS - ok
07:39:33.0456 6876 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:39:33.0457 6876 LSI_SAS2 - ok
07:39:33.0471 6876 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:39:33.0473 6876 LSI_SCSI - ok
07:39:33.0490 6876 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:39:33.0491 6876 luafv - ok
07:39:33.0520 6876 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
07:39:33.0522 6876 MBAMProtector - ok
07:39:33.0628 6876 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:39:33.0647 6876 MBAMService - ok
07:39:33.0673 6876 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:39:33.0676 6876 Mcx2Svc - ok
07:39:33.0745 6876 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
07:39:33.0759 6876 MDM - ok
07:39:33.0794 6876 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:39:33.0796 6876 megasas - ok
07:39:33.0832 6876 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:39:33.0847 6876 MegaSR - ok
07:39:33.0871 6876 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:39:33.0876 6876 MMCSS - ok
07:39:33.0898 6876 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:39:33.0900 6876 Modem - ok
07:39:33.0931 6876 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:39:33.0932 6876 monitor - ok
07:39:33.0947 6876 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:39:33.0948 6876 mouclass - ok
07:39:33.0954 6876 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:39:33.0956 6876 mouhid - ok
07:39:33.0987 6876 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:39:33.0989 6876 mountmgr - ok
07:39:34.0037 6876 MozillaMaintenance (01eb7c39a57f84e4bc3503af3ad6440e) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:39:34.0040 6876 MozillaMaintenance - ok
07:39:34.0097 6876 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
07:39:34.0103 6876 MpFilter - ok
07:39:34.0123 6876 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:39:34.0126 6876 mpio - ok
07:39:34.0220 6876 MpKslc21a7b69 (0ebb390b7aeec45ec061d9870a34fd42) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E38FC31E-FA70-4908-95C0-B4E78FCC2075}\MpKslc21a7b69.sys
07:39:34.0222 6876 MpKslc21a7b69 - ok
07:39:34.0245 6876 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:39:34.0248 6876 mpsdrv - ok
07:39:34.0278 6876 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:39:34.0283 6876 MRxDAV - ok
07:39:34.0321 6876 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:39:34.0325 6876 mrxsmb - ok
07:39:34.0362 6876 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:39:34.0367 6876 mrxsmb10 - ok
07:39:34.0381 6876 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:39:34.0384 6876 mrxsmb20 - ok
07:39:34.0400 6876 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:39:34.0401 6876 msahci - ok
07:39:34.0418 6876 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:39:34.0421 6876 msdsm - ok
07:39:34.0440 6876 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:39:34.0444 6876 MSDTC - ok
07:39:34.0461 6876 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:39:34.0463 6876 Msfs - ok
07:39:34.0476 6876 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:39:34.0477 6876 mshidkmdf - ok
07:39:34.0485 6876 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:39:34.0486 6876 msisadrv - ok
07:39:34.0513 6876 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:39:34.0517 6876 MSiSCSI - ok
07:39:34.0522 6876 msiserver - ok
07:39:34.0542 6876 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:39:34.0544 6876 MSKSSRV - ok
07:39:34.0622 6876 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:39:34.0623 6876 MsMpSvc - ok
07:39:34.0637 6876 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:39:34.0639 6876 MSPCLOCK - ok
07:39:34.0656 6876 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:39:34.0658 6876 MSPQM - ok
07:39:34.0695 6876 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:39:34.0708 6876 MsRPC - ok
07:39:34.0724 6876 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:39:34.0725 6876 mssmbios - ok
07:39:34.0737 6876 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:39:34.0739 6876 MSTEE - ok
07:39:34.0750 6876 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:39:34.0751 6876 MTConfig - ok
07:39:34.0769 6876 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
07:39:34.0770 6876 MTsensor - ok
07:39:34.0788 6876 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:39:34.0790 6876 Mup - ok
07:39:34.0837 6876 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:39:34.0876 6876 napagent - ok
07:39:34.0934 6876 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:39:34.0947 6876 NativeWifiP - ok
07:39:35.0025 6876 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:39:35.0050 6876 NDIS - ok
07:39:35.0070 6876 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:39:35.0072 6876 NdisCap - ok
07:39:35.0077 6876 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:39:35.0079 6876 NdisTapi - ok
07:39:35.0107 6876 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:39:35.0109 6876 Ndisuio - ok
07:39:35.0146 6876 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:39:35.0149 6876 NdisWan - ok
07:39:35.0173 6876 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:39:35.0175 6876 NDProxy - ok
07:39:35.0224 6876 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
07:39:35.0226 6876 Net Driver HPZ12 - ok
07:39:35.0259 6876 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
07:39:35.0261 6876 Netaapl - ok
07:39:35.0279 6876 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:39:35.0280 6876 NetBIOS - ok
07:39:35.0316 6876 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:39:35.0320 6876 NetBT - ok
07:39:35.0348 6876 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:39:35.0350 6876 Netlogon - ok
07:39:35.0380 6876 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:39:35.0395 6876 Netman - ok
07:39:35.0476 6876 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:39:35.0481 6876 NetMsmqActivator - ok
07:39:35.0495 6876 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:39:35.0498 6876 NetPipeActivator - ok
07:39:35.0528 6876 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:39:35.0540 6876 netprofm - ok
07:39:35.0547 6876 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:39:35.0549 6876 NetTcpActivator - ok
07:39:35.0555 6876 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:39:35.0556 6876 NetTcpPortSharing - ok
07:39:35.0589 6876 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:39:35.0590 6876 nfrd960 - ok
07:39:35.0622 6876 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:39:35.0624 6876 NisDrv - ok
07:39:35.0710 6876 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
07:39:35.0725 6876 NisSrv - ok
07:39:35.0768 6876 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:39:35.0782 6876 NlaSvc - ok
07:39:35.0796 6876 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:39:35.0798 6876 Npfs - ok
07:39:35.0808 6876 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:39:35.0811 6876 nsi - ok
07:39:35.0816 6876 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:39:35.0817 6876 nsiproxy - ok
07:39:35.0898 6876 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:39:35.0922 6876 Ntfs - ok
07:39:35.0972 6876 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:39:35.0972 6876 Null - ok
07:39:36.0005 6876 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:39:36.0007 6876 nvraid - ok
07:39:36.0036 6876 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:39:36.0038 6876 nvstor - ok
07:39:36.0064 6876 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:39:36.0066 6876 nv_agp - ok
07:39:36.0156 6876 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:39:36.0173 6876 odserv - ok
07:39:36.0210 6876 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:39:36.0213 6876 ohci1394 - ok
07:39:36.0243 6876 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:39:36.0247 6876 ose - ok
07:39:36.0290 6876 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:39:36.0305 6876 p2pimsvc - ok
07:39:36.0334 6876 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:39:36.0346 6876 p2psvc - ok
07:39:36.0365 6876 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:39:36.0367 6876 Parport - ok
07:39:36.0400 6876 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
07:39:36.0402 6876 partmgr - ok
07:39:36.0450 6876 PassThru Service (8f873bd8188ed208922cae9b79dd6a35) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
07:39:36.0451 6876 PassThru Service - ok
07:39:36.0496 6876 pbfilter (5418d3d8a2135c533f232e3c2b83f153) C:\Program Files\PeerBlock\pbfilter.sys
07:39:36.0497 6876 pbfilter - ok
07:39:36.0524 6876 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:39:36.0532 6876 PcaSvc - ok
07:39:36.0554 6876 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:39:36.0557 6876 pci - ok
07:39:36.0568 6876 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:39:36.0569 6876 pciide - ok
07:39:36.0589 6876 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:39:36.0593 6876 pcmcia - ok
07:39:36.0608 6876 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:39:36.0609 6876 pcw - ok
07:39:36.0650 6876 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:39:36.0664 6876 PEAUTH - ok
07:39:36.0742 6876 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
07:39:36.0771 6876 PeerDistSvc - ok
07:39:36.0838 6876 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:39:36.0840 6876 PerfHost - ok
07:39:36.0984 6876 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:39:37.0019 6876 pla - ok
07:39:37.0062 6876 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:39:37.0074 6876 PlugPlay - ok
07:39:37.0109 6876 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
07:39:37.0111 6876 Pml Driver HPZ12 - ok
07:39:37.0124 6876 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:39:37.0127 6876 PNRPAutoReg - ok
07:39:37.0144 6876 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:39:37.0148 6876 PNRPsvc - ok
07:39:37.0183 6876 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:39:37.0193 6876 PolicyAgent - ok
07:39:37.0219 6876 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:39:37.0224 6876 Power - ok
07:39:37.0266 6876 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:39:37.0268 6876 PptpMiniport - ok
07:39:37.0286 6876 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:39:37.0288 6876 Processor - ok
07:39:37.0317 6876 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
07:39:37.0322 6876 ProfSvc - ok
07:39:37.0348 6876 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:39:37.0350 6876 ProtectedStorage - ok
07:39:37.0379 6876 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:39:37.0382 6876 Psched - ok
07:39:37.0459 6876 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:39:37.0481 6876 ql2300 - ok
07:39:37.0541 6876 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:39:37.0542 6876 ql40xx - ok
07:39:37.0563 6876 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:39:37.0567 6876 QWAVE - ok
07:39:37.0574 6876 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:39:37.0575 6876 QWAVEdrv - ok
07:39:37.0587 6876 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:39:37.0588 6876 RasAcd - ok
07:39:37.0593 6876 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:39:37.0594 6876 RasAgileVpn - ok
07:39:37.0613 6876 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:39:37.0615 6876 RasAuto - ok
07:39:37.0639 6876 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:39:37.0640 6876 Rasl2tp - ok
07:39:37.0662 6876 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:39:37.0667 6876 RasMan - ok
07:39:37.0704 6876 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:39:37.0705 6876 RasPppoe - ok
07:39:37.0715 6876 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:39:37.0716 6876 RasSstp - ok
07:39:37.0741 6876 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:39:37.0745 6876 rdbss - ok
07:39:37.0749 6876 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:39:37.0749 6876 rdpbus - ok
07:39:37.0772 6876 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:39:37.0773 6876 RDPCDD - ok
07:39:37.0800 6876 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
07:39:37.0802 6876 RDPDR - ok
07:39:37.0819 6876 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:39:37.0819 6876 RDPENCDD - ok
07:39:37.0829 6876 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:39:37.0830 6876 RDPREFMP - ok
07:39:37.0870 6876 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
07:39:37.0873 6876 RdpVideoMiniport - ok
07:39:37.0906 6876 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
07:39:37.0911 6876 RDPWD - ok
07:39:37.0952 6876 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:39:37.0958 6876 rdyboost - ok
07:39:37.0992 6876 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:39:37.0995 6876 RemoteAccess - ok
07:39:38.0014 6876 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:39:38.0018 6876 RemoteRegistry - ok
07:39:38.0040 6876 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:39:38.0043 6876 RpcEptMapper - ok
07:39:38.0064 6876 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:39:38.0066 6876 RpcLocator - ok
07:39:38.0110 6876 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:39:38.0117 6876 RpcSs - ok
07:39:38.0125 6876 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:39:38.0127 6876 rspndr - ok
07:39:38.0194 6876 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
07:39:38.0204 6876 RTL8167 - ok
07:39:38.0231 6876 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
07:39:38.0232 6876 s3cap - ok
07:39:38.0256 6876 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:39:38.0258 6876 SamSs - ok
07:39:38.0287 6876 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:39:38.0289 6876 sbp2port - ok
07:39:38.0312 6876 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:39:38.0317 6876 SCardSvr - ok
07:39:38.0331 6876 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:39:38.0332 6876 scfilter - ok
07:39:38.0394 6876 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:39:38.0414 6876 Schedule - ok
07:39:38.0428 6876 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:39:38.0429 6876 SCPolicySvc - ok
07:39:38.0460 6876 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:39:38.0464 6876 SDRSVC - ok
07:39:38.0530 6876 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
07:39:38.0534 6876 SeaPort - ok
07:39:38.0563 6876 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:39:38.0566 6876 secdrv - ok
07:39:38.0580 6876 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:39:38.0586 6876 seclogon - ok
07:39:38.0603 6876 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
07:39:38.0609 6876 SENS - ok
07:39:38.0627 6876 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:39:38.0631 6876 SensrSvc - ok
07:39:38.0641 6876 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:39:38.0642 6876 Serenum - ok
07:39:38.0654 6876 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:39:38.0657 6876 Serial - ok
07:39:38.0672 6876 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:39:38.0674 6876 sermouse - ok
07:39:38.0702 6876 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:39:38.0706 6876 SessionEnv - ok
07:39:38.0731 6876 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:39:38.0732 6876 sffdisk - ok
07:39:38.0739 6876 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:39:38.0740 6876 sffp_mmc - ok
07:39:38.0752 6876 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:39:38.0753 6876 sffp_sd - ok
07:39:38.0762 6876 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:39:38.0763 6876 sfloppy - ok
07:39:38.0806 6876 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:39:38.0819 6876 ShellHWDetection - ok
07:39:38.0839 6876 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:39:38.0840 6876 SiSRaid2 - ok
07:39:38.0848 6876 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:39:38.0850 6876 SiSRaid4 - ok
07:39:38.0875 6876 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:39:38.0877 6876 Smb - ok
07:39:38.0924 6876 snapman (10450f432811d7fda60a97fcc674d7b2) C:\Windows\system32\DRIVERS\snapman.sys
07:39:38.0931 6876 snapman - ok
07:39:38.0942 6876 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:39:38.0947 6876 SNMPTRAP - ok
07:39:38.0972 6876 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:39:38.0973 6876 spldr - ok
07:39:39.0006 6876 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:39:39.0022 6876 Spooler - ok
07:39:39.0176 6876 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:39:39.0228 6876 sppsvc - ok
07:39:39.0297 6876 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:39:39.0300 6876 sppuinotify - ok
07:39:39.0381 6876 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
07:39:39.0382 6876 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
07:39:39.0387 6876 sptd ( LockedFile.Multi.Generic ) - warning
07:39:39.0387 6876 sptd - detected LockedFile.Multi.Generic (1)
07:39:39.0440 6876 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:39:39.0451 6876 srv - ok
07:39:39.0480 6876 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:39:39.0486 6876 srv2 - ok
07:39:39.0502 6876 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:39:39.0505 6876 srvnet - ok
07:39:39.0527 6876 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:39:39.0532 6876 SSDPSRV - ok
07:39:39.0545 6876 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:39:39.0548 6876 SstpSvc - ok
07:39:39.0559 6876 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:39:39.0560 6876 stexstor - ok
07:39:39.0603 6876 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:39:39.0611 6876 stisvc - ok
07:39:39.0634 6876 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
07:39:39.0635 6876 storflt - ok
07:39:39.0646 6876 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
07:39:39.0647 6876 storvsc - ok
07:39:39.0655 6876 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:39:39.0655 6876 swenum - ok
07:39:39.0688 6876 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:39:39.0698 6876 swprv - ok
07:39:39.0708 6876 Synth3dVsc - ok
07:39:39.0831 6876 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:39:39.0863 6876 SysMain - ok
07:39:39.0907 6876 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:39:39.0911 6876 TabletInputService - ok
07:39:39.0942 6876 tap0901 (f9be29d5e097f03f81d3cd12b794cb66) C:\Windows\system32\DRIVERS\tap0901.sys
07:39:39.0944 6876 tap0901 - ok
07:39:39.0968 6876 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:39:39.0975 6876 TapiSrv - ok
07:39:39.0988 6876 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:39:39.0991 6876 TBS - ok
07:39:40.0094 6876 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
07:39:40.0124 6876 Tcpip - ok
07:39:40.0234 6876 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
07:39:40.0244 6876 TCPIP6 - ok
07:39:40.0292 6876 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:39:40.0293 6876 tcpipreg - ok
07:39:40.0303 6876 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:39:40.0304 6876 TDPIPE - ok
07:39:40.0396 6876 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
07:39:40.0424 6876 tdrpman273 - ok
07:39:40.0449 6876 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:39:40.0450 6876 TDTCP - ok
07:39:40.0476 6876 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:39:40.0478 6876 tdx - ok
07:39:40.0672 6876 TeamViewer6 (b357451a6958e2b7b506fb1d08271be6) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
07:39:40.0726 6876 TeamViewer6 - ok
07:39:40.0893 6876 TeamViewer7 (641500967e5e87cf026df0193ab84ea7) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
07:39:40.0961 6876 TeamViewer7 - ok
07:39:40.0997 6876 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:39:40.0998 6876 TermDD - ok
07:39:41.0040 6876 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:39:41.0046 6876 TermService - ok
07:39:41.0056 6876 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:39:41.0059 6876 Themes - ok
07:39:41.0078 6876 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:39:41.0080 6876 THREADORDER - ok
07:39:41.0128 6876 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\Windows\system32\DRIVERS\timntr.sys
07:39:41.0143 6876 timounter - ok
07:39:41.0160 6876 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:39:41.0163 6876 TrkWks - ok
07:39:41.0193 6876 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:39:41.0195 6876 TrustedInstaller - ok
07:39:41.0212 6876 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:39:41.0214 6876 tssecsrv - ok
07:39:41.0239 6876 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:39:41.0241 6876 TsUsbFlt - ok
07:39:41.0260 6876 tsusbhub - ok
07:39:41.0300 6876 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:39:41.0304 6876 tunnel - ok
07:39:41.0326 6876 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:39:41.0328 6876 uagp35 - ok
07:39:41.0356 6876 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:39:41.0362 6876 udfs - ok
07:39:41.0381 6876 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:39:41.0384 6876 UI0Detect - ok
07:39:41.0415 6876 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:39:41.0417 6876 uliagpkx - ok
07:39:41.0453 6876 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
07:39:41.0454 6876 umbus - ok
07:39:41.0462 6876 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:39:41.0463 6876 UmPass - ok
07:39:41.0484 6876 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
07:39:41.0490 6876 UmRdpService - ok
07:39:41.0518 6876 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:39:41.0533 6876 upnphost - ok
07:39:41.0553 6876 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
07:39:41.0554 6876 USBAAPL64 - ok
07:39:41.0584 6876 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
07:39:41.0586 6876 usbaudio - ok
07:39:41.0618 6876 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:39:41.0620 6876 usbccgp - ok
07:39:41.0653 6876 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:39:41.0656 6876 usbcir - ok
07:39:41.0682 6876 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
07:39:41.0684 6876 usbehci - ok
07:39:41.0731 6876 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:39:41.0746 6876 usbhub - ok
07:39:41.0771 6876 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
07:39:41.0773 6876 usbohci - ok
07:39:41.0790 6876 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:39:41.0791 6876 usbprint - ok
07:39:41.0819 6876 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:39:41.0821 6876 usbscan - ok
07:39:41.0834 6876 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:39:41.0836 6876 USBSTOR - ok
07:39:41.0854 6876 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
07:39:41.0855 6876 usbuhci - ok
07:39:41.0872 6876 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:39:41.0876 6876 UxSms - ok
07:39:41.0906 6876 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:39:41.0908 6876 VaultSvc - ok
07:39:41.0919 6876 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:39:41.0920 6876 vdrvroot - ok
07:39:41.0957 6876 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:39:41.0974 6876 vds - ok
07:39:41.0986 6876 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:39:41.0988 6876 vga - ok
07:39:41.0994 6876 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:39:41.0995 6876 VgaSave - ok
07:39:42.0000 6876 VGPU - ok
07:39:42.0025 6876 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:39:42.0028 6876 vhdmp - ok
07:39:42.0039 6876 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:39:42.0040 6876 viaide - ok
07:39:42.0060 6876 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
07:39:42.0062 6876 vmbus - ok
07:39:42.0074 6876 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
07:39:42.0075 6876 VMBusHID - ok
07:39:42.0086 6876 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:39:42.0088 6876 volmgr - ok
07:39:42.0125 6876 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:39:42.0130 6876 volmgrx - ok
07:39:42.0152 6876 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:39:42.0153 6876 volsnap - ok
07:39:42.0181 6876 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:39:42.0183 6876 vsmraid - ok
07:39:42.0256 6876 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:39:42.0281 6876 VSS - ok
07:39:42.0372 6876 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
07:39:42.0374 6876 vwifibus - ok
07:39:42.0414 6876 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:39:42.0426 6876 W32Time - ok
07:39:42.0443 6876 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:39:42.0444 6876 WacomPen - ok
07:39:42.0472 6876 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:39:42.0474 6876 WANARP - ok
07:39:42.0478 6876 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:39:42.0479 6876 Wanarpv6 - ok
07:39:42.0582 6876 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
07:39:42.0615 6876 WatAdminSvc - ok
07:39:42.0705 6876 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:39:42.0730 6876 wbengine - ok
07:39:42.0780 6876 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:39:42.0784 6876 WbioSrvc - ok
07:39:42.0826 6876 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:39:42.0873 6876 wcncsvc - ok
07:39:42.0897 6876 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:39:42.0903 6876 WcsPlugInService - ok
07:39:42.0924 6876 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:39:42.0926 6876 Wd - ok
07:39:42.0977 6876 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:39:42.0996 6876 Wdf01000 - ok
07:39:43.0006 6876 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:39:43.0010 6876 WdiServiceHost - ok
07:39:43.0014 6876 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:39:43.0017 6876 WdiSystemHost - ok
07:39:43.0053 6876 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:39:43.0058 6876 WebClient - ok
07:39:43.0069 6876 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:39:43.0073 6876 Wecsvc - ok
07:39:43.0086 6876 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:39:43.0089 6876 wercplsupport - ok
07:39:43.0110 6876 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:39:43.0112 6876 WerSvc - ok
07:39:43.0119 6876 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:39:43.0120 6876 WfpLwf - ok
07:39:43.0201 6876 WHSConnector (1ef54b3220ebf3794439eb072b350f3e) C:\Program Files\Windows Home Server\WHSConnector.exe
07:39:43.0216 6876 WHSConnector - ok
07:39:43.0237 6876 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:39:43.0239 6876 WIMMount - ok
07:39:43.0248 6876 WinHttpAutoProxySvc - ok
07:39:43.0304 6876 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:39:43.0311 6876 Winmgmt - ok
07:39:43.0411 6876 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:39:43.0441 6876 WinRM - ok
07:39:43.0505 6876 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
07:39:43.0506 6876 WinUSB - ok
07:39:43.0551 6876 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:39:43.0567 6876 Wlansvc - ok
07:39:43.0631 6876 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:39:43.0633 6876 wlcrasvc - ok
07:39:43.0802 6876 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:39:43.0840 6876 wlidsvc - ok
07:39:43.0881 6876 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:39:43.0882 6876 WmiAcpi - ok
07:39:43.0911 6876 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:39:43.0913 6876 wmiApSrv - ok
07:39:43.0932 6876 WMPNetworkSvc - ok
07:39:44.0007 6876 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
07:39:44.0022 6876 WMZuneComm - ok
07:39:44.0044 6876 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:39:44.0050 6876 WPCSvc - ok
07:39:44.0088 6876 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:39:44.0093 6876 WPDBusEnum - ok
07:39:44.0108 6876 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:39:44.0110 6876 ws2ifsl - ok
07:39:44.0114 6876 WSearch - ok
07:39:44.0142 6876 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:39:44.0144 6876 WudfPf - ok
07:39:44.0162 6876 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:39:44.0165 6876 WUDFRd - ok
07:39:44.0200 6876 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:39:44.0204 6876 wudfsvc - ok
07:39:44.0232 6876 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:39:44.0238 6876 WwanSvc - ok
07:39:44.0518 6876 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
07:39:44.0651 6876 ZuneNetworkSvc - ok
07:39:44.0729 6876 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
07:39:44.0743 6876 ZuneWlanCfgSvc - ok
07:39:44.0767 6876 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:39:44.0944 6876 \Device\Harddisk0\DR0 - ok
07:39:44.0958 6876 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
07:39:45.0023 6876 \Device\Harddisk1\DR1 - ok
07:39:45.0030 6876 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
07:39:45.0035 6876 \Device\Harddisk2\DR2 - ok
07:39:45.0045 6876 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
07:39:47.0113 6876 \Device\Harddisk3\DR3 - ok
07:39:47.0116 6876 Boot (0x1200) (cb74ab9acd64b1266c347bc379f407bd) \Device\Harddisk0\DR0\Partition0
07:39:47.0117 6876 \Device\Harddisk0\DR0\Partition0 - ok
07:39:47.0120 6876 Boot (0x1200) (21132a467415c738e8d36de60b325b21) \Device\Harddisk0\DR0\Partition1
07:39:47.0122 6876 \Device\Harddisk0\DR0\Partition1 - ok
07:39:47.0125 6876 Boot (0x1200) (a824b1c16e74efe347b96b29352d7e11) \Device\Harddisk1\DR1\Partition0
07:39:47.0126 6876 \Device\Harddisk1\DR1\Partition0 - ok
07:39:47.0129 6876 Boot (0x1200) (8e8d3d9a4326fc50833cf1b551a3e470) \Device\Harddisk2\DR2\Partition0
07:39:47.0137 6876 \Device\Harddisk2\DR2\Partition0 - ok
07:39:47.0141 6876 Boot (0x1200) (3aecc616f7e90ed15d1473edc40f133e) \Device\Harddisk3\DR3\Partition0
07:39:47.0142 6876 \Device\Harddisk3\DR3\Partition0 - ok
07:39:47.0143 6876 ============================================================
07:39:47.0143 6876 Scan finished
07:39:47.0143 6876 ============================================================
07:39:47.0153 2600 Detected object count: 1
07:39:47.0153 2600 Actual detected object count: 1
07:46:51.0535 2600 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
07:46:51.0601 2600 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
07:47:53.0063 4856 ============================================================
07:47:53.0064 4856 Scan started
07:47:53.0064 4856 Mode: Manual; TDLFS;
07:47:53.0064 4856 ============================================================
07:47:53.0951 4856 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
07:47:53.0953 4856 1394ohci - ok
07:47:53.0980 4856 acedrv11 (a3769020f7e8a70fd3e824c050f33306) C:\Windows\system32\drivers\acedrv11.sys
07:47:53.0981 4856 acedrv11 - ok
07:47:54.0023 4856 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
07:47:54.0024 4856 ACPI - ok
07:47:54.0046 4856 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
07:47:54.0046 4856 AcpiPmi - ok
07:47:54.0179 4856 AcrSch2Svc (b427f673c544bb52b40b324affe67553) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
07:47:54.0191 4856 AcrSch2Svc - ok
07:47:54.0252 4856 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:47:54.0253 4856 AdobeARMservice - ok
07:47:54.0311 4856 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
07:47:54.0318 4856 adp94xx - ok
07:47:54.0355 4856 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
07:47:54.0361 4856 adpahci - ok
07:47:54.0379 4856 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
07:47:54.0381 4856 adpu320 - ok
07:47:54.0405 4856 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
07:47:54.0406 4856 AeLookupSvc - ok
07:47:54.0433 4856 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
07:47:54.0436 4856 afcdp - ok
07:47:54.0582 4856 afcdpsrv (af44f7e027037628f1fac3c13cde73e6) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
07:47:54.0597 4856 afcdpsrv - ok
07:47:54.0728 4856 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
07:47:54.0736 4856 AFD - ok
07:47:54.0772 4856 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
07:47:54.0774 4856 agp440 - ok
07:47:54.0804 4856 aksdf (89cd44c10d9b4d87725ff07f18a5702f) C:\Windows\system32\drivers\aksdf.sys
07:47:54.0806 4856 aksdf - ok
07:47:54.0825 4856 aksfridge (ba0b6fd78ae88d39b9d3d984f295a137) C:\Windows\system32\drivers\aksfridge.sys
07:47:54.0827 4856 aksfridge - ok
07:47:54.0861 4856 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
07:47:54.0862 4856 ALG - ok
07:47:54.0870 4856 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
07:47:54.0871 4856 aliide - ok
07:47:54.0907 4856 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
07:47:54.0909 4856 AMD External Events Utility - ok
07:47:54.0958 4856 AMD FUEL Service - ok
07:47:54.0975 4856 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
07:47:54.0976 4856 amdide - ok
07:47:54.0997 4856 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
07:47:54.0998 4856 amdiox64 - ok
07:47:55.0012 4856 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
07:47:55.0013 4856 AmdK8 - ok
07:47:55.0350 4856 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
07:47:55.0402 4856 amdkmdag - ok
07:47:55.0475 4856 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
07:47:55.0477 4856 amdkmdap - ok
07:47:55.0492 4856 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
07:47:55.0493 4856 AmdPPM - ok
07:47:55.0520 4856 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
07:47:55.0521 4856 amdsata - ok
07:47:55.0539 4856 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
07:47:55.0540 4856 amdsbs - ok
07:47:55.0554 4856 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
07:47:55.0555 4856 amdxata - ok
07:47:55.0582 4856 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
07:47:55.0582 4856 Andbus - ok
07:47:55.0599 4856 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
07:47:55.0599 4856 AndDiag - ok
07:47:55.0621 4856 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
07:47:55.0621 4856 AndGps - ok
07:47:55.0642 4856 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
07:47:55.0643 4856 ANDModem - ok
07:47:55.0673 4856 andnetadb (ac00b4a1faf27cc2ff99d0961fc9b77c) C:\Windows\system32\Drivers\lgandnetadb.sys
07:47:55.0675 4856 andnetadb - ok
07:47:55.0699 4856 androidusb (9c1751b2e733471ae07561028b7d2a9b) C:\Windows\system32\Drivers\lgandadb.sys
07:47:55.0700 4856 androidusb - ok
07:47:55.0730 4856 AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
07:47:55.0731 4856 AODDriver4.1 - ok
07:47:55.0765 4856 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
07:47:55.0767 4856 AppID - ok
07:47:55.0786 4856 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
07:47:55.0787 4856 AppIDSvc - ok
07:47:55.0819 4856 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
07:47:55.0820 4856 Appinfo - ok
07:47:55.0902 4856 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:47:55.0905 4856 Apple Mobile Device - ok
07:47:55.0912 4856 appliandMP - ok
07:47:55.0944 4856 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
07:47:55.0948 4856 AppMgmt - ok
07:47:55.0968 4856 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
07:47:55.0970 4856 arc - ok
07:47:55.0992 4856 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
07:47:55.0994 4856 arcsas - ok
07:47:56.0059 4856 arXfrSvc (9149ec69acd3efc97b01d5a1baeb3b57) C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
07:47:56.0063 4856 arXfrSvc - ok
07:47:56.0080 4856 ASPI32 - ok
07:47:56.0149 4856 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:47:56.0151 4856 aspnet_state - ok
07:47:56.0164 4856 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
07:47:56.0165 4856 AsyncMac - ok
07:47:56.0175 4856 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
07:47:56.0176 4856 atapi - ok
07:47:56.0206 4856 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
07:47:56.0207 4856 AtiHDAudioService - ok
07:47:56.0256 4856 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:47:56.0262 4856 AudioEndpointBuilder - ok
07:47:56.0271 4856 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
07:47:56.0277 4856 AudioSrv - ok
07:47:56.0310 4856 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
07:47:56.0311 4856 AxInstSV - ok
07:47:56.0345 4856 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
07:47:56.0349 4856 b06bdrv - ok
07:47:56.0372 4856 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
07:47:56.0375 4856 b57nd60a - ok
07:47:56.0395 4856 BackupReader (7950a5463893475935967dacc387e3a1) C:\Windows\system32\DRIVERS\BackupReader.sys
07:47:56.0396 4856 BackupReader - ok
07:47:56.0415 4856 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
07:47:56.0416 4856 BDESVC - ok
07:47:56.0426 4856 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
07:47:56.0427 4856 Beep - ok
07:47:56.0441 4856 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
07:47:56.0442 4856 blbdrive - ok
07:47:56.0477 4856 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
07:47:56.0481 4856 Bonjour Service - ok
07:47:56.0512 4856 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
07:47:56.0513 4856 bowser - ok
07:47:56.0526 4856 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
07:47:56.0527 4856 BrFiltLo - ok
07:47:56.0535 4856 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
07:47:56.0536 4856 BrFiltUp - ok
07:47:56.0567 4856 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
07:47:56.0569 4856 Browser - ok
07:47:56.0593 4856 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
07:47:56.0596 4856 Brserid - ok
07:47:56.0610 4856 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
07:47:56.0611 4856 BrSerWdm - ok
07:47:56.0622 4856 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
07:47:56.0623 4856 BrUsbMdm - ok
07:47:56.0635 4856 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
07:47:56.0635 4856 BrUsbSer - ok
07:47:56.0651 4856 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
07:47:56.0652 4856 BTHMODEM - ok
07:47:56.0663 4856 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
07:47:56.0664 4856 bthserv - ok
07:47:56.0672 4856 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
07:47:56.0673 4856 cdfs - ok
07:47:56.0701 4856 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
07:47:56.0702 4856 cdrom - ok
07:47:56.0731 4856 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:47:56.0734 4856 CertPropSvc - ok
07:47:56.0895 4856 CGVPNCliSrvc (213b6ec3de19e35373a1906397588429) C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
07:47:56.0914 4856 CGVPNCliSrvc - ok
07:47:57.0013 4856 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
07:47:57.0014 4856 circlass - ok
07:47:57.0051 4856 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
07:47:57.0055 4856 CLFS - ok
07:47:57.0089 4856 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:47:57.0090 4856 clr_optimization_v2.0.50727_32 - ok
07:47:57.0109 4856 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:47:57.0110 4856 clr_optimization_v2.0.50727_64 - ok
07:47:57.0167 4856 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:47:57.0170 4856 clr_optimization_v4.0.30319_32 - ok
07:47:57.0207 4856 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:47:57.0210 4856 clr_optimization_v4.0.30319_64 - ok
07:47:57.0224 4856 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
07:47:57.0225 4856 CmBatt - ok
07:47:57.0249 4856 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
07:47:57.0250 4856 cmdide - ok
07:47:57.0295 4856 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
07:47:57.0299 4856 CNG - ok
07:47:57.0307 4856 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
07:47:57.0308 4856 Compbatt - ok
07:47:57.0330 4856 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
07:47:57.0331 4856 CompositeBus - ok
07:47:57.0335 4856 COMSysApp - ok
07:47:57.0351 4856 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
07:47:57.0352 4856 crcdisk - ok
07:47:57.0393 4856 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
07:47:57.0395 4856 CryptSvc - ok
07:47:57.0440 4856 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
07:47:57.0445 4856 CSC - ok
07:47:57.0495 4856 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
07:47:57.0501 4856 CscService - ok
07:47:57.0537 4856 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:47:57.0544 4856 DcomLaunch - ok
07:47:57.0574 4856 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
07:47:57.0578 4856 defragsvc - ok
07:47:57.0612 4856 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
07:47:57.0614 4856 DfsC - ok
07:47:57.0639 4856 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
07:47:57.0642 4856 Dhcp - ok
07:47:57.0657 4856 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
07:47:57.0658 4856 discache - ok
07:47:57.0668 4856 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
07:47:57.0669 4856 Disk - ok
07:47:57.0682 4856 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
07:47:57.0684 4856 Dnscache - ok
07:47:57.0714 4856 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
07:47:57.0716 4856 dot3svc - ok
07:47:57.0736 4856 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
07:47:57.0737 4856 Dot4 - ok
07:47:57.0753 4856 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
07:47:57.0754 4856 Dot4Print - ok
07:47:57.0775 4856 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
07:47:57.0775 4856 dot4usb - ok
07:47:57.0812 4856 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
07:47:57.0817 4856 DPS - ok
07:47:57.0835 4856 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
07:47:57.0836 4856 drmkaud - ok
07:47:57.0895 4856 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
07:47:57.0903 4856 DXGKrnl - ok
07:47:57.0920 4856 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
07:47:57.0922 4856 EapHost - ok
07:47:58.0041 4856 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
07:47:58.0057 4856 ebdrv - ok
07:47:58.0134 4856 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
07:47:58.0137 4856 EFS - ok
07:47:58.0203 4856 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
07:47:58.0211 4856 ehRecvr - ok
07:47:58.0236 4856 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
07:47:58.0237 4856 ehSched - ok
07:47:58.0274 4856 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
07:47:58.0278 4856 elxstor - ok
07:47:58.0308 4856 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
07:47:58.0309 4856 ErrDev - ok
07:47:58.0374 4856 esClient (94b3c06dcf580695eba5304f3c750256) C:\Program Files\Windows Home Server\esClient.exe
07:47:58.0376 4856 esClient - ok
07:47:58.0420 4856 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
07:47:58.0425 4856 EventSystem - ok
07:47:58.0444 4856 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
07:47:58.0446 4856 exfat - ok
07:47:58.0462 4856 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
07:47:58.0463 4856 fastfat - ok
07:47:58.0507 4856 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
07:47:58.0511 4856 Fax - ok
07:47:58.0523 4856 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
07:47:58.0524 4856 fdc - ok
07:47:58.0537 4856 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
07:47:58.0538 4856 fdPHost - ok
07:47:58.0542 4856 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
07:47:58.0543 4856 FDResPub - ok
07:47:58.0557 4856 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
07:47:58.0557 4856 FileInfo - ok
07:47:58.0561 4856 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
07:47:58.0562 4856 Filetrace - ok
07:47:58.0688 4856 FirebirdServerMAGIXInstance (167d24a045499ebef438f231976158df) C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
07:47:58.0700 4856 FirebirdServerMAGIXInstance - ok
07:47:58.0734 4856 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
07:47:58.0734 4856 flpydisk - ok
07:47:58.0767 4856 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
07:47:58.0769 4856 FltMgr - ok
07:47:58.0832 4856 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
07:47:58.0839 4856 FontCache - ok
07:47:58.0902 4856 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:47:58.0903 4856 FontCache3.0.0.0 - ok
07:47:58.0923 4856 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
07:47:58.0925 4856 FsDepends - ok
07:47:58.0953 4856 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
07:47:58.0954 4856 fssfltr - ok
07:47:59.0093 4856 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:47:59.0105 4856 fsssvc - ok
07:47:59.0153 4856 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
07:47:59.0153 4856 Fs_Rec - ok
07:47:59.0177 4856 FTDIBUS (35fd2bb5131714e657b7ab3a78642854) C:\Windows\system32\drivers\ftdibus.sys
07:47:59.0177 4856 FTDIBUS - ok
07:47:59.0189 4856 FTSER2K (196c9bddbef9b6d0973f398bef5b2eee) C:\Windows\system32\drivers\ftser2k.sys
07:47:59.0190 4856 FTSER2K - ok
07:47:59.0221 4856 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
07:47:59.0223 4856 fvevol - ok
07:47:59.0234 4856 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
07:47:59.0235 4856 gagp30kx - ok
07:47:59.0257 4856 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:47:59.0259 4856 GEARAspiWDM - ok
07:47:59.0332 4856 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
07:47:59.0345 4856 gpsvc - ok
07:47:59.0388 4856 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:47:59.0391 4856 gusvc - ok
07:47:59.0433 4856 hardlock (78fad9117e4527f2ca82259da10f40bd) C:\Windows\system32\drivers\hardlock.sys
07:47:59.0439 4856 hardlock - ok
07:47:59.0446 4856 hasplms - ok
07:47:59.0472 4856 hcw72ADFilter (f531c096d13a9e12b143db770814de92) C:\Windows\system32\DRIVERS\hcw72ADFilter.sys
07:47:59.0474 4856 hcw72ADFilter - ok
07:47:59.0584 4856 hcw72ATV (0496f2a26a9b45412c5cc096d451aa22) C:\Windows\system32\DRIVERS\hcw72ATV.sys
07:47:59.0598 4856 hcw72ATV - ok
07:47:59.0734 4856 hcw72DTV (13d8e1f19e5f461f99c24e50bc987b58) C:\Windows\system32\DRIVERS\hcw72DTV.sys
07:47:59.0746 4856 hcw72DTV - ok
07:47:59.0781 4856 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
07:47:59.0782 4856 hcw85cir - ok
07:47:59.0822 4856 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
07:47:59.0824 4856 HdAudAddService - ok
07:47:59.0837 4856 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:47:59.0838 4856 HDAudBus - ok
07:47:59.0853 4856 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
07:47:59.0854 4856 HidBatt - ok
07:47:59.0869 4856 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
07:47:59.0870 4856 HidBth - ok
07:47:59.0884 4856 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
07:47:59.0885 4856 HidIr - ok
07:47:59.0905 4856 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
07:47:59.0906 4856 hidserv - ok
07:47:59.0913 4856 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
07:47:59.0913 4856 HidUsb - ok
07:47:59.0939 4856 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
07:47:59.0941 4856 hkmsvc - ok
07:47:59.0973 4856 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
07:47:59.0979 4856 HomeGroupListener - ok
07:48:00.0017 4856 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
07:48:00.0024 4856 HomeGroupProvider - ok
07:48:00.0046 4856 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
07:48:00.0047 4856 HpSAMD - ok
07:48:00.0067 4856 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
07:48:00.0068 4856 HTCAND64 - ok
07:48:00.0092 4856 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
07:48:00.0093 4856 htcnprot - ok
07:48:00.0155 4856 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
07:48:00.0163 4856 HTTP - ok
07:48:00.0191 4856 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
07:48:00.0191 4856 hwpolicy - ok
07:48:00.0219 4856 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
07:48:00.0220 4856 i8042prt - ok
07:48:00.0258 4856 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
07:48:00.0262 4856 iaStorV - ok
07:48:00.0341 4856 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:48:00.0348 4856 idsvc - ok
07:48:00.0363 4856 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
07:48:00.0363 4856 iirsp - ok
07:48:00.0407 4856 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
07:48:00.0412 4856 IKEEXT - ok
07:48:00.0428 4856 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
07:48:00.0429 4856 intelide - ok
07:48:00.0439 4856 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
07:48:00.0440 4856 intelppm - ok
07:48:00.0451 4856 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
07:48:00.0453 4856 IPBusEnum - ok
07:48:00.0469 4856 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:48:00.0470 4856 IpFilterDriver - ok
07:48:00.0484 4856 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
07:48:00.0485 4856 IPMIDRV - ok
07:48:00.0502 4856 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
07:48:00.0502 4856 IPNAT - ok
07:48:00.0580 4856 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
07:48:00.0594 4856 iPod Service - ok
07:48:00.0609 4856 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
07:48:00.0610 4856 IRENUM - ok
07:48:00.0630 4856 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
07:48:00.0631 4856 isapnp - ok
07:48:00.0650 4856 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
07:48:00.0653 4856 iScsiPrt - ok
07:48:00.0662 4856 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
07:48:00.0663 4856 kbdclass - ok
07:48:00.0673 4856 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
07:48:00.0674 4856 kbdhid - ok
07:48:00.0699 4856 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:48:00.0701 4856 KeyIso - ok
07:48:00.0724 4856 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
07:48:00.0725 4856 KSecDD - ok
07:48:00.0752 4856 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
07:48:00.0753 4856 KSecPkg - ok
07:48:00.0763 4856 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
07:48:00.0764 4856 ksthunk - ok
07:48:00.0792 4856 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
07:48:00.0796 4856 KtmRm - ok
07:48:00.0824 4856 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
07:48:00.0828 4856 LanmanServer - ok
07:48:00.0855 4856 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
07:48:00.0858 4856 LanmanWorkstation - ok
07:48:00.0875 4856 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
07:48:00.0876 4856 lltdio - ok
07:48:00.0901 4856 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
07:48:00.0904 4856 lltdsvc - ok
07:48:00.0920 4856 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
07:48:00.0922 4856 lmhosts - ok
07:48:00.0967 4856 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
07:48:00.0970 4856 LSI_FC - ok
07:48:00.0990 4856 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
07:48:00.0992 4856 LSI_SAS - ok
07:48:01.0007 4856 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
07:48:01.0008 4856 LSI_SAS2 - ok
07:48:01.0023 4856 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
07:48:01.0024 4856 LSI_SCSI - ok
07:48:01.0041 4856 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
07:48:01.0043 4856 luafv - ok
07:48:01.0062 4856 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
07:48:01.0063 4856 MBAMProtector - ok
07:48:01.0146 4856 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
07:48:01.0151 4856 MBAMService - ok
07:48:01.0174 4856 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
07:48:01.0177 4856 Mcx2Svc - ok
07:48:01.0246 4856 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
07:48:01.0252 4856 MDM - ok
07:48:01.0261 4856 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
07:48:01.0263 4856 megasas - ok
07:48:01.0287 4856 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
07:48:01.0290 4856 MegaSR - ok
07:48:01.0305 4856 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:48:01.0307 4856 MMCSS - ok
07:48:01.0324 4856 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
07:48:01.0325 4856 Modem - ok
07:48:01.0348 4856 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
07:48:01.0349 4856 monitor - ok
07:48:01.0356 4856 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
07:48:01.0357 4856 mouclass - ok
07:48:01.0360 4856 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
07:48:01.0361 4856 mouhid - ok
07:48:01.0387 4856 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
07:48:01.0388 4856 mountmgr - ok
07:48:01.0410 4856 MozillaMaintenance (01eb7c39a57f84e4bc3503af3ad6440e) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:48:01.0410 4856 MozillaMaintenance - ok
07:48:01.0436 4856 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
07:48:01.0438 4856 MpFilter - ok
07:48:01.0456 4856 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
07:48:01.0458 4856 mpio - ok
07:48:01.0546 4856 MpKslc21a7b69 (0ebb390b7aeec45ec061d9870a34fd42) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E38FC31E-FA70-4908-95C0-B4E78FCC2075}\MpKslc21a7b69.sys
07:48:01.0548 4856 MpKslc21a7b69 - ok
07:48:01.0563 4856 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
07:48:01.0565 4856 mpsdrv - ok
07:48:01.0594 4856 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
07:48:01.0596 4856 MRxDAV - ok
07:48:01.0628 4856 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:48:01.0630 4856 mrxsmb - ok
07:48:01.0663 4856 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:48:01.0666 4856 mrxsmb10 - ok
07:48:01.0683 4856 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:48:01.0684 4856 mrxsmb20 - ok
07:48:01.0709 4856 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
07:48:01.0710 4856 msahci - ok
07:48:01.0727 4856 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
07:48:01.0729 4856 msdsm - ok
07:48:01.0749 4856 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
07:48:01.0752 4856 MSDTC - ok
07:48:01.0771 4856 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
07:48:01.0772 4856 Msfs - ok
07:48:01.0786 4856 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
07:48:01.0787 4856 mshidkmdf - ok
07:48:01.0795 4856 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
07:48:01.0795 4856 msisadrv - ok
07:48:01.0814 4856 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
07:48:01.0817 4856 MSiSCSI - ok
07:48:01.0824 4856 msiserver - ok
07:48:01.0835 4856 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
07:48:01.0836 4856 MSKSSRV - ok
07:48:01.0898 4856 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:48:01.0899 4856 MsMpSvc - ok
07:48:01.0913 4856 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
07:48:01.0914 4856 MSPCLOCK - ok
07:48:01.0932 4856 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
07:48:01.0932 4856 MSPQM - ok
07:48:01.0970 4856 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
07:48:01.0972 4856 MsRPC - ok
07:48:02.0000 4856 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
07:48:02.0001 4856 mssmbios - ok
07:48:02.0013 4856 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
07:48:02.0014 4856 MSTEE - ok
07:48:02.0026 4856 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
07:48:02.0026 4856 MTConfig - ok
07:48:02.0045 4856 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
07:48:02.0046 4856 MTsensor - ok
07:48:02.0055 4856 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
07:48:02.0056 4856 Mup - ok
07:48:02.0095 4856 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
07:48:02.0100 4856 napagent - ok
07:48:02.0122 4856 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
07:48:02.0124 4856 NativeWifiP - ok
07:48:02.0170 4856 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
07:48:02.0176 4856 NDIS - ok
07:48:02.0188 4856 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
07:48:02.0189 4856 NdisCap - ok
07:48:02.0193 4856 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
07:48:02.0194 4856 NdisTapi - ok
07:48:02.0216 4856 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
07:48:02.0217 4856 Ndisuio - ok
07:48:02.0247 4856 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
07:48:02.0248 4856 NdisWan - ok
07:48:02.0275 4856 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
07:48:02.0277 4856 NDProxy - ok
07:48:02.0309 4856 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
07:48:02.0313 4856 Net Driver HPZ12 - ok
07:48:02.0344 4856 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
07:48:02.0346 4856 Netaapl - ok
07:48:02.0364 4856 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
07:48:02.0366 4856 NetBIOS - ok
07:48:02.0412 4856 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
07:48:02.0416 4856 NetBT - ok
07:48:02.0450 4856 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:48:02.0453 4856 Netlogon - ok
07:48:02.0486 4856 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
07:48:02.0494 4856 Netman - ok
07:48:02.0561 4856 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:02.0564 4856 NetMsmqActivator - ok
07:48:02.0572 4856 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:02.0575 4856 NetPipeActivator - ok
07:48:02.0613 4856 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
07:48:02.0618 4856 netprofm - ok
07:48:02.0623 4856 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:02.0625 4856 NetTcpActivator - ok
07:48:02.0630 4856 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:48:02.0632 4856 NetTcpPortSharing - ok
07:48:02.0665 4856 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
07:48:02.0665 4856 nfrd960 - ok
07:48:02.0698 4856 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:48:02.0699 4856 NisDrv - ok
07:48:02.0737 4856 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
07:48:02.0742 4856 NisSrv - ok
07:48:02.0782 4856 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
07:48:02.0786 4856 NlaSvc - ok
07:48:02.0796 4856 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
07:48:02.0797 4856 Npfs - ok
07:48:02.0809 4856 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
07:48:02.0811 4856 nsi - ok
07:48:02.0818 4856 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
07:48:02.0819 4856 nsiproxy - ok
07:48:02.0907 4856 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
07:48:02.0920 4856 Ntfs - ok
07:48:03.0006 4856 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
07:48:03.0007 4856 Null - ok
07:48:03.0042 4856 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
07:48:03.0045 4856 nvraid - ok
07:48:03.0082 4856 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
07:48:03.0085 4856 nvstor - ok
07:48:03.0116 4856 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
07:48:03.0118 4856 nv_agp - ok
07:48:03.0215 4856 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:48:03.0222 4856 odserv - ok
07:48:03.0253 4856 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
07:48:03.0255 4856 ohci1394 - ok
07:48:03.0286 4856 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:48:03.0288 4856 ose - ok
07:48:03.0329 4856 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:48:03.0338 4856 p2pimsvc - ok
07:48:03.0369 4856 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
07:48:03.0374 4856 p2psvc - ok
07:48:03.0391 4856 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
07:48:03.0392 4856 Parport - ok
07:48:03.0418 4856 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
07:48:03.0419 4856 partmgr - ok
07:48:03.0460 4856 PassThru Service (8f873bd8188ed208922cae9b79dd6a35) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
07:48:03.0462 4856 PassThru Service - ok
07:48:03.0497 4856 pbfilter (5418d3d8a2135c533f232e3c2b83f153) C:\Program Files\PeerBlock\pbfilter.sys
07:48:03.0498 4856 pbfilter - ok
07:48:03.0523 4856 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
07:48:03.0526 4856 PcaSvc - ok
07:48:03.0546 4856 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
07:48:03.0548 4856 pci - ok
07:48:03.0553 4856 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
07:48:03.0553 4856 pciide - ok
07:48:03.0574 4856 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
07:48:03.0576 4856 pcmcia - ok
07:48:03.0592 4856 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
07:48:03.0593 4856 pcw - ok
07:48:03.0634 4856 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
07:48:03.0640 4856 PEAUTH - ok
07:48:03.0718 4856 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
07:48:03.0730 4856 PeerDistSvc - ok
07:48:03.0798 4856 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
07:48:03.0801 4856 PerfHost - ok
07:48:03.0951 4856 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
07:48:03.0971 4856 pla - ok
07:48:04.0012 4856 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
07:48:04.0016 4856 PlugPlay - ok
07:48:04.0045 4856 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
07:48:04.0046 4856 Pml Driver HPZ12 - ok
07:48:04.0058 4856 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
07:48:04.0060 4856 PNRPAutoReg - ok
07:48:04.0079 4856 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
07:48:04.0083 4856 PNRPsvc - ok
07:48:04.0116 4856 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
07:48:04.0120 4856 PolicyAgent - ok
07:48:04.0145 4856 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
07:48:04.0148 4856 Power - ok
07:48:04.0183 4856 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
07:48:04.0184 4856 PptpMiniport - ok
07:48:04.0196 4856 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
07:48:04.0197 4856 Processor - ok
07:48:04.0226 4856 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
07:48:04.0229 4856 ProfSvc - ok
07:48:04.0257 4856 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:48:04.0259 4856 ProtectedStorage - ok
07:48:04.0288 4856 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
07:48:04.0290 4856 Psched - ok
07:48:04.0356 4856 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
07:48:04.0365 4856 ql2300 - ok
07:48:04.0425 4856 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
07:48:04.0427 4856 ql40xx - ok
07:48:04.0449 4856 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
07:48:04.0453 4856 QWAVE - ok
07:48:04.0467 4856 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
07:48:04.0467 4856 QWAVEdrv - ok
07:48:04.0480 4856 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
07:48:04.0480 4856 RasAcd - ok
07:48:04.0486 4856 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
07:48:04.0487 4856 RasAgileVpn - ok
07:48:04.0505 4856 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
07:48:04.0508 4856 RasAuto - ok
07:48:04.0532 4856 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
07:48:04.0533 4856 Rasl2tp - ok
07:48:04.0555 4856 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
07:48:04.0559 4856 RasMan - ok
07:48:04.0572 4856 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
07:48:04.0573 4856 RasPppoe - ok
07:48:04.0583 4856 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
07:48:04.0584 4856 RasSstp - ok
07:48:04.0609 4856 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
07:48:04.0611 4856 rdbss - ok
07:48:04.0616 4856 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
07:48:04.0616 4856 rdpbus - ok
07:48:04.0623 4856 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:48:04.0624 4856 RDPCDD - ok
07:48:04.0651 4856 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
07:48:04.0653 4856 RDPDR - ok
07:48:04.0661 4856 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
07:48:04.0662 4856 RDPENCDD - ok
07:48:04.0672 4856 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
07:48:04.0672 4856 RDPREFMP - ok
07:48:04.0704 4856 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
07:48:04.0705 4856 RdpVideoMiniport - ok
07:48:04.0741 4856 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
07:48:04.0745 4856 RDPWD - ok
07:48:04.0787 4856 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
07:48:04.0791 4856 rdyboost - ok
07:48:04.0818 4856 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
07:48:04.0821 4856 RemoteAccess - ok
07:48:04.0840 4856 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
07:48:04.0843 4856 RemoteRegistry - ok
07:48:04.0858 4856 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
07:48:04.0861 4856 RpcEptMapper - ok
07:48:04.0882 4856 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
07:48:04.0883 4856 RpcLocator - ok
07:48:04.0928 4856 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
07:48:04.0935 4856 RpcSs - ok
07:48:04.0943 4856 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
07:48:04.0944 4856 rspndr - ok
07:48:04.0997 4856 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
07:48:05.0002 4856 RTL8167 - ok
07:48:05.0032 4856 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
07:48:05.0032 4856 s3cap - ok
07:48:05.0058 4856 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:48:05.0060 4856 SamSs - ok
07:48:05.0088 4856 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
07:48:05.0090 4856 sbp2port - ok
07:48:05.0113 4856 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
07:48:05.0117 4856 SCardSvr - ok
07:48:05.0132 4856 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
07:48:05.0133 4856 scfilter - ok
07:48:05.0195 4856 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
07:48:05.0206 4856 Schedule - ok
07:48:05.0237 4856 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
07:48:05.0239 4856 SCPolicySvc - ok
07:48:05.0271 4856 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
07:48:05.0274 4856 SDRSVC - ok
07:48:05.0364 4856 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
07:48:05.0369 4856 SeaPort - ok
07:48:05.0397 4856 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
07:48:05.0398 4856 secdrv - ok
07:48:05.0406 4856 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
07:48:05.0409 4856 seclogon - ok
07:48:05.0416 4856 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
07:48:05.0419 4856 SENS - ok
07:48:05.0425 4856 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
07:48:05.0428 4856 SensrSvc - ok
07:48:05.0442 4856 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
07:48:05.0442 4856 Serenum - ok
07:48:05.0455 4856 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
07:48:05.0456 4856 Serial - ok
07:48:05.0465 4856 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
07:48:05.0466 4856 sermouse - ok
07:48:05.0485 4856 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
07:48:05.0487 4856 SessionEnv - ok
07:48:05.0507 4856 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
07:48:05.0507 4856 sffdisk - ok
07:48:05.0515 4856 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
07:48:05.0516 4856 sffp_mmc - ok
07:48:05.0528 4856 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
07:48:05.0528 4856 sffp_sd - ok
07:48:05.0538 4856 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
07:48:05.0538 4856 sfloppy - ok
07:48:05.0581 4856 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
07:48:05.0584 4856 ShellHWDetection - ok
07:48:05.0599 4856 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
07:48:05.0599 4856 SiSRaid2 - ok
07:48:05.0608 4856 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
07:48:05.0609 4856 SiSRaid4 - ok
07:48:05.0626 4856 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
07:48:05.0627 4856 Smb - ok
07:48:05.0664 4856 snapman (10450f432811d7fda60a97fcc674d7b2) C:\Windows\system32\DRIVERS\snapman.sys
07:48:05.0666 4856 snapman - ok
07:48:05.0669 4856 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
07:48:05.0671 4856 SNMPTRAP - ok
07:48:05.0681 4856 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
07:48:05.0682 4856 spldr - ok
07:48:05.0714 4856 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
07:48:05.0718 4856 Spooler - ok
07:48:05.0859 4856 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
07:48:05.0878 4856 sppsvc - ok
07:48:05.0941 4856 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
07:48:05.0947 4856 sppuinotify - ok
07:48:06.0023 4856 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
07:48:06.0024 4856 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
07:48:06.0028 4856 sptd ( LockedFile.Multi.Generic ) - warning
07:48:06.0028 4856 sptd - detected LockedFile.Multi.Generic (1)
07:48:06.0087 4856 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
07:48:06.0095 4856 srv - ok
07:48:06.0122 4856 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
07:48:06.0126 4856 srv2 - ok
07:48:06.0145 4856 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
07:48:06.0147 4856 srvnet - ok
07:48:06.0159 4856 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
07:48:06.0163 4856 SSDPSRV - ok
07:48:06.0179 4856 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
07:48:06.0182 4856 SstpSvc - ok
07:48:06.0194 4856 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
07:48:06.0195 4856 stexstor - ok
07:48:06.0248 4856 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
07:48:06.0255 4856 stisvc - ok
07:48:06.0277 4856 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
07:48:06.0278 4856 storflt - ok
07:48:06.0289 4856 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
07:48:06.0289 4856 storvsc - ok
07:48:06.0306 4856 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
07:48:06.0307 4856 swenum - ok
07:48:06.0341 4856 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
07:48:06.0347 4856 swprv - ok
07:48:06.0352 4856 Synth3dVsc - ok
07:48:06.0453 4856 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
07:48:06.0465 4856 SysMain - ok
07:48:06.0526 4856 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
07:48:06.0532 4856 TabletInputService - ok
07:48:06.0561 4856 tap0901 (f9be29d5e097f03f81d3cd12b794cb66) C:\Windows\system32\DRIVERS\tap0901.sys
07:48:06.0562 4856 tap0901 - ok
07:48:06.0613 4856 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
07:48:06.0618 4856 TapiSrv - ok
07:48:06.0639 4856 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
07:48:06.0642 4856 TBS - ok
07:48:06.0745 4856 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
07:48:06.0759 4856 Tcpip - ok
07:48:06.0858 4856 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
07:48:06.0868 4856 TCPIP6 - ok
07:48:06.0918 4856 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
07:48:06.0918 4856 tcpipreg - ok
07:48:06.0929 4856 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
07:48:06.0930 4856 TDPIPE - ok
07:48:06.0992 4856 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
07:48:06.0999 4856 tdrpman273 - ok
07:48:07.0017 4856 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
07:48:07.0017 4856 TDTCP - ok
07:48:07.0043 4856 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
07:48:07.0044 4856 tdx - ok
07:48:07.0211 4856 TeamViewer6 (b357451a6958e2b7b506fb1d08271be6) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
07:48:07.0230 4856 TeamViewer6 - ok
07:48:07.0421 4856 TeamViewer7 (641500967e5e87cf026df0193ab84ea7) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
07:48:07.0445 4856 TeamViewer7 - ok
07:48:07.0481 4856 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
07:48:07.0482 4856 TermDD - ok
07:48:07.0515 4856 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
07:48:07.0519 4856 TermService - ok
07:48:07.0532 4856 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
07:48:07.0534 4856 Themes - ok
07:48:07.0554 4856 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
07:48:07.0555 4856 THREADORDER - ok
07:48:07.0603 4856 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\Windows\system32\DRIVERS\timntr.sys
07:48:07.0608 4856 timounter - ok
07:48:07.0619 4856 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
07:48:07.0621 4856 TrkWks - ok
07:48:07.0659 4856 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
07:48:07.0662 4856 TrustedInstaller - ok
07:48:07.0698 4856 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
07:48:07.0700 4856 tssecsrv - ok
07:48:07.0716 4856 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
07:48:07.0718 4856 TsUsbFlt - ok
07:48:07.0723 4856 tsusbhub - ok
07:48:07.0750 4856 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
07:48:07.0752 4856 tunnel - ok
07:48:07.0769 4856 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
07:48:07.0770 4856 uagp35 - ok
07:48:07.0819 4856 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
07:48:07.0825 4856 udfs - ok
07:48:07.0849 4856 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
07:48:07.0852 4856 UI0Detect - ok
07:48:07.0867 4856 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
07:48:07.0868 4856 uliagpkx - ok
07:48:07.0887 4856 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
07:48:07.0887 4856 umbus - ok
07:48:07.0896 4856 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
07:48:07.0897 4856 UmPass - ok
07:48:07.0918 4856 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
07:48:07.0921 4856 UmRdpService - ok
07:48:07.0943 4856 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
07:48:07.0946 4856 upnphost - ok
07:48:07.0961 4856 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
07:48:07.0962 4856 USBAAPL64 - ok
07:48:07.0976 4856 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
07:48:07.0977 4856 usbaudio - ok
07:48:08.0011 4856 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
07:48:08.0012 4856 usbccgp - ok
07:48:08.0039 4856 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
07:48:08.0042 4856 usbcir - ok
07:48:08.0068 4856 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
07:48:08.0070 4856 usbehci - ok
07:48:08.0117 4856 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
07:48:08.0120 4856 usbhub - ok
07:48:08.0148 4856 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
07:48:08.0149 4856 usbohci - ok
07:48:08.0154 4856 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
07:48:08.0155 4856 usbprint - ok
07:48:08.0187 4856 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
07:48:08.0188 4856 usbscan - ok
07:48:08.0202 4856 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:48:08.0203 4856 USBSTOR - ok
07:48:08.0213 4856 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
07:48:08.0214 4856 usbuhci - ok
07:48:08.0232 4856 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
07:48:08.0235 4856 UxSms - ok
07:48:08.0265 4856 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
07:48:08.0267 4856 VaultSvc - ok
07:48:08.0278 4856 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
07:48:08.0279 4856 vdrvroot - ok
07:48:08.0338 4856 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
07:48:08.0349 4856 vds - ok
07:48:08.0362 4856 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
07:48:08.0363 4856 vga - ok
07:48:08.0370 4856 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
07:48:08.0371 4856 VgaSave - ok
07:48:08.0375 4856 VGPU - ok
07:48:08.0399 4856 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
07:48:08.0401 4856 vhdmp - ok
07:48:08.0415 4856 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
07:48:08.0415 4856 viaide - ok
07:48:08.0436 4856 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
07:48:08.0437 4856 vmbus - ok
07:48:08.0449 4856 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
07:48:08.0449 4856 VMBusHID - ok
07:48:08.0461 4856 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
07:48:08.0462 4856 volmgr - ok
07:48:08.0504 4856 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
07:48:08.0511 4856 volmgrx - ok
07:48:08.0545 4856 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
07:48:08.0548 4856 volsnap - ok
07:48:08.0565 4856 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
07:48:08.0567 4856 vsmraid - ok
07:48:08.0655 4856 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
07:48:08.0670 4856 VSS - ok
07:48:08.0755 4856 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
07:48:08.0757 4856 vwifibus - ok
07:48:08.0802 4856 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
07:48:08.0812 4856 W32Time - ok
07:48:08.0851 4856 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
07:48:08.0852 4856 WacomPen - ok
07:48:08.0863 4856 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:48:08.0865 4856 WANARP - ok
07:48:08.0868 4856 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
07:48:08.0869 4856 Wanarpv6 - ok
07:48:08.0946 4856 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
07:48:08.0954 4856 WatAdminSvc - ok
07:48:09.0070 4856 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
07:48:09.0085 4856 wbengine - ok
07:48:09.0140 4856 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
07:48:09.0142 4856 WbioSrvc - ok
07:48:09.0181 4856 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
07:48:09.0185 4856 wcncsvc - ok
07:48:09.0197 4856 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
07:48:09.0199 4856 WcsPlugInService - ok
07:48:09.0216 4856 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
07:48:09.0217 4856 Wd - ok
07:48:09.0251 4856 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
07:48:09.0255 4856 Wdf01000 - ok
07:48:09.0261 4856 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:48:09.0263 4856 WdiServiceHost - ok
07:48:09.0266 4856 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
07:48:09.0269 4856 WdiSystemHost - ok
07:48:09.0305 4856 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
07:48:09.0308 4856 WebClient - ok
07:48:09.0319 4856 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
07:48:09.0322 4856 Wecsvc - ok
07:48:09.0338 4856 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
07:48:09.0340 4856 wercplsupport - ok
07:48:09.0353 4856 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
07:48:09.0355 4856 WerSvc - ok
07:48:09.0360 4856 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
07:48:09.0361 4856 WfpLwf - ok
07:48:09.0435 4856 WHSConnector (1ef54b3220ebf3794439eb072b350f3e) C:\Program Files\Windows Home Server\WHSConnector.exe
07:48:09.0443 4856 WHSConnector - ok
07:48:09.0463 4856 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
07:48:09.0464 4856 WIMMount - ok
07:48:09.0473 4856 WinHttpAutoProxySvc - ok
07:48:09.0531 4856 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
07:48:09.0536 4856 Winmgmt - ok
07:48:09.0636 4856 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
07:48:09.0648 4856 WinRM - ok
07:48:09.0681 4856 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
07:48:09.0682 4856 WinUSB - ok
07:48:09.0725 4856 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
07:48:09.0731 4856 Wlansvc - ok
07:48:09.0790 4856 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:48:09.0792 4856 wlcrasvc - ok
07:48:09.0973 4856 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:48:09.0991 4856 wlidsvc - ok
07:48:10.0024 4856 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
07:48:10.0024 4856 WmiAcpi - ok
07:48:10.0054 4856 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
07:48:10.0055 4856 wmiApSrv - ok
07:48:10.0067 4856 WMPNetworkSvc - ok
07:48:10.0103 4856 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
07:48:10.0105 4856 WMZuneComm - ok
07:48:10.0120 4856 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
07:48:10.0122 4856 WPCSvc - ok
07:48:10.0139 4856 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
07:48:10.0141 4856 WPDBusEnum - ok
07:48:10.0176 4856 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
07:48:10.0177 4856 ws2ifsl - ok
07:48:10.0184 4856 WSearch - ok
07:48:10.0220 4856 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
07:48:10.0223 4856 WudfPf - ok
07:48:10.0248 4856 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:48:10.0252 4856 WUDFRd - ok
07:48:10.0286 4856 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
07:48:10.0292 4856 wudfsvc - ok
07:48:10.0327 4856 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
07:48:10.0336 4856 WwanSvc - ok
07:48:10.0619 4856 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
07:48:10.0658 4856 ZuneNetworkSvc - ok
07:48:10.0715 4856 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
07:48:10.0719 4856 ZuneWlanCfgSvc - ok
07:48:10.0734 4856 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
07:48:10.0989 4856 \Device\Harddisk0\DR0 - ok
07:48:11.0012 4856 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
07:48:11.0140 4856 \Device\Harddisk1\DR1 - ok
07:48:11.0164 4856 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
07:48:11.0222 4856 \Device\Harddisk2\DR2 - ok
07:48:11.0232 4856 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
07:48:13.0471 4856 \Device\Harddisk3\DR3 - ok
07:48:13.0494 4856 Boot (0x1200) (cb74ab9acd64b1266c347bc379f407bd) \Device\Harddisk0\DR0\Partition0
07:48:13.0495 4856 \Device\Harddisk0\DR0\Partition0 - ok
07:48:13.0507 4856 Boot (0x1200) (21132a467415c738e8d36de60b325b21) \Device\Harddisk0\DR0\Partition1
07:48:13.0509 4856 \Device\Harddisk0\DR0\Partition1 - ok
07:48:13.0516 4856 Boot (0x1200) (a824b1c16e74efe347b96b29352d7e11) \Device\Harddisk1\DR1\Partition0
07:48:13.0519 4856 \Device\Harddisk1\DR1\Partition0 - ok
07:48:13.0527 4856 Boot (0x1200) (8e8d3d9a4326fc50833cf1b551a3e470) \Device\Harddisk2\DR2\Partition0
07:48:13.0548 4856 \Device\Harddisk2\DR2\Partition0 - ok
07:48:13.0556 4856 Boot (0x1200) (3aecc616f7e90ed15d1473edc40f133e) \Device\Harddisk3\DR3\Partition0
07:48:13.0559 4856 \Device\Harddisk3\DR3\Partition0 - ok
07:48:13.0560 4856 ============================================================
07:48:13.0561 4856 Scan finished
07:48:13.0561 4856 ============================================================
07:48:13.0575 4348 Detected object count: 1
07:48:13.0575 4348 Actual detected object count: 1
07:48:23.0486 4348 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
07:48:23.0531 4348 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine


aswMBR LOG

swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-27 07:53:24
-----------------------------
07:53:24.853 OS Version: Windows x64 6.1.7601 Service Pack 1
07:53:24.853 Number of processors: 4 586 0x502
07:53:24.854 ComputerName: MAINCOMPUTER-PC UserName: maddawg
07:53:27.123 Initialize success
07:54:13.701 AVAST engine defs: 12072700
07:54:53.296 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:54:53.299 Disk 0 Vendor: WDC_WD1002FAEX-00Z3A0 05.01D05 Size: 953869MB BusType: 3
07:54:53.302 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-2
07:54:53.305 Disk 1 Vendor: ST3250823AS 3.02 Size: 238475MB BusType: 3
07:54:53.309 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-1
07:54:53.312 Disk 2 Vendor: SAMSUNG_HD753LJ 1AA01107 Size: 715404MB BusType: 3
07:54:53.341 Disk 0 MBR read successfully
07:54:53.343 Disk 0 MBR scan
07:54:53.425 Disk 0 Windows 7 default MBR code
07:54:53.427 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
07:54:53.463 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953768 MB offset 206848
07:54:53.516 Disk 0 scanning C:\Windows\system32\drivers
07:55:11.294 Service scanning
07:55:29.504 Service MpKslc21a7b69 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E38FC31E-FA70-4908-95C0-B4E78FCC2075}\MpKslc21a7b69.sys **LOCKED** 32
07:55:46.172 Modules scanning
07:55:46.186 Disk 0 trace - called modules:
07:55:46.205 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa800a7712c0]<<spbt.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
07:55:46.212 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800ac25060]
07:55:46.218 3 CLASSPNP.SYS[fffff880017c643f] -> nt!IofCallDriver -> [0xfffffa800a8f4580]
07:55:46.224 5 ACPI.sys[fffff8800103a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800a8f6060]
07:55:46.231 \Driver\atapi[0xfffffa800a8de060] -> IRP_MJ_CREATE -> 0xfffffa800a7712c0
07:55:49.073 AVAST engine scan C:\Windows
07:55:53.278 AVAST engine scan C:\Windows\system32
08:00:32.593 AVAST engine scan C:\Windows\system32\drivers
08:01:13.966 AVAST engine scan C:\Users\maddawg
08:04:54.662 Disk 0 MBR has been saved successfully to "C:\Users\maddawg\Desktop\MBR.dat"
08:04:54.717 The log file has been saved successfully to "C:\Users\maddawg\Desktop\aswMBR.txt"


ESET LOG:


C:\Users\maddawg\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\O3B2U3SZ\38484-new-ewf-minlogon-cf-instructions-21[1].html HTML/Iframe.B.Gen virus deleted - quarantined
F:\System Backup\bev maddawg\Old\JLSVIPRQ.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined
F:\System Backup\clients\bev maddawg\Old\JLSVIPRQ.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined
F:\System Backup\Desktop\clients\bev maddawg\Old\JLSVIPRQ.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined
F:\System Backup\desktop 2\Desktop\bev maddawg\Old\JLSVIPRQ.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined
F:\System Backup\desktop 2\Desktop\clients\bev maddawg\Old\JLSVIPRQ.exe a variant of Win32/Packed.Themida application cleaned by deleting - quarantined

Edited by maddawg313, 27 July 2012 - 12:35 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 27 July 2012 - 09:47 AM

ESET log?

#5 maddawg313

maddawg313
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 27 July 2012 - 12:36 PM

Sorry about, eset scan took a while. Log poseted.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 27 July 2012 - 12:38 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 maddawg313

maddawg313
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 27 July 2012 - 07:58 PM

Anti-Malware scan:
alwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.27.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
maddawg :: MAINCOMPUTER-PC [administrator]

Protection: Enabled

7/27/2012 7:34:35 PM
mbam-log-2012-07-27 (19-34-35).txt

Scan type: Full scan (C:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 632989
Time elapsed: 1 hour(s), 14 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox Scan:


MiniToolBox by Farbar Version: 23-07-2012
Ran by maddawg (administrator) on 27-07-2012 at 20:53:21
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.1.1 publish=Yes
add address name="Local Area Connection" address=192.168.1.4 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : maincomputer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-A0-EF-88-96
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 20-CF-30-9E-7D-69
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1d87:caf4:2eb1:6955%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 244377274
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-24-3C-4E-90-E6-BA-CD-15-EC
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{4A99847B-46D4-4A6A-B398-F4E45A6C9621}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.norsegods.info:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A0EF8896-D687-4A4A-A213-1042E7FE1426}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Basement
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:801::1000
74.125.228.41
74.125.228.37
74.125.228.34
74.125.228.35
74.125.228.33
74.125.228.46
74.125.228.36
74.125.228.39
74.125.228.40
74.125.228.32
74.125.228.38


Pinging google.com [74.125.228.38] with 32 bytes of data:
Reply from 74.125.228.38: bytes=32 time=39ms TTL=53
Reply from 74.125.228.38: bytes=32 time=39ms TTL=53

Ping statistics for 74.125.228.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 39ms, Average = 39ms
Server: Basement
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=55ms TTL=51
Reply from 209.191.122.70: bytes=32 time=56ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 55ms, Maximum = 56ms, Average = 55ms
Server: Basement
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...00 ff a0 ef 88 96 ......TAP-Win32 Adapter V9
10...20 cf 30 9e 7d 69 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 266
192.168.1.4 255.255.255.255 On-link 192.168.1.4 266
192.168.1.255 255.255.255.255 On-link 192.168.1.4 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 266
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::1d87:caf4:2eb1:6955/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/27/2012 08:49:18 AM) (Source: Application Error) (User: )
Description: Faulting application name: BayGenie.exe, version: 3.3.5.8, time stamp: 0x4e5605c2
Faulting module name: BayGenie.exe, version: 3.3.5.8, time stamp: 0x4e5605c2
Exception code: 0xc0000005
Fault offset: 0x0001d747
Faulting process id: 0xc14
Faulting application start time: 0xBayGenie.exe0
Faulting application path: BayGenie.exe1
Faulting module path: BayGenie.exe2
Report Id: BayGenie.exe3

Error: (07/27/2012 08:47:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:47:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:47:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:47:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:47:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:47:13 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:47:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:06:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/27/2012 08:06:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/27/2012 07:38:44 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.131.765.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/27/2012 08:48:21 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/27/2012 08:48:21 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/27/2012 08:44:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32

Error: (07/27/2012 08:44:18 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (07/27/2012 08:44:18 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error:
%%1075

Error: (07/27/2012 08:44:18 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.

Error: (07/27/2012 08:44:18 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (07/27/2012 08:44:18 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/27/2012 08:44:11 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.2.1)
64 Bit HP CIO Components Installer (Version: 7.2.8)
abgx360 v1.0.6
Acronis True Image Home 2011 (Version: 14.0.6597)
Adobe AIR (Version: 2.6.0.19120)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.1)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0611.1251.21046)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
AMD VISION Engine Control Center (Version: 2012.0611.1251.21046)
Android SDK Tools (Version: 0.7)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 2010 Advanced (Version: 9.2.4)
ATI Catalyst Registration (Version: 3.00.0000)
BayGenie eBay Auction Sniper Pro Edition 3.3.5.8 (Version: 3.3.5.8)
BinChecker
Bonjour (Version: 3.0.0.10)
calibre (Version: 0.8.12)
Call of Duty: Black Ops
Canon MF Toolbox 4.9.1.1.mf09 (Version: 3.2.0)
Canon MF4320-4350
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0611.1251.21046)
Catalyst Control Center InstallProxy (Version: 2012.0611.1251.21046)
Catalyst Control Center Localization All (Version: 2012.0611.1251.21046)
ccc-utility64 (Version: 2012.0611.1251.21046)
CCC Help Chinese Standard (Version: 2012.0611.1250.21046)
CCC Help Chinese Traditional (Version: 2012.0611.1250.21046)
CCC Help Czech (Version: 2012.0611.1250.21046)
CCC Help Danish (Version: 2012.0611.1250.21046)
CCC Help Dutch (Version: 2012.0611.1250.21046)
CCC Help English (Version: 2012.0611.1250.21046)
CCC Help Finnish (Version: 2012.0611.1250.21046)
CCC Help French (Version: 2012.0611.1250.21046)
CCC Help German (Version: 2012.0611.1250.21046)
CCC Help Greek (Version: 2012.0611.1250.21046)
CCC Help Hungarian (Version: 2012.0611.1250.21046)
CCC Help Italian (Version: 2012.0611.1250.21046)
CCC Help Japanese (Version: 2012.0611.1250.21046)
CCC Help Korean (Version: 2012.0611.1250.21046)
CCC Help Norwegian (Version: 2012.0611.1250.21046)
CCC Help Polish (Version: 2012.0611.1250.21046)
CCC Help Portuguese (Version: 2012.0611.1250.21046)
CCC Help Russian (Version: 2012.0611.1250.21046)
CCC Help Spanish (Version: 2012.0611.1250.21046)
CCC Help Swedish (Version: 2012.0611.1250.21046)
CCC Help Thai (Version: 2012.0611.1250.21046)
CCC Help Turkish (Version: 2012.0611.1250.21046)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ConvertXtoDVD 4.1.1.334 (Version: 4.1.1.334)
CutePDF Writer 2.8
CyberGhost VPN Patch 4.7.19
D3DX10 (Version: 15.4.2368.0902)
Deus Ex - Human Revolution version 1.0 (Version: 1.0)
DreamBoxEdit -- The one and only settings editor for your Dreambox
Emergency Ambulance Simulator
ESET Online Scanner v3
FileZilla Client 3.4.0 (Version: 3.4.0)
Firebird SQL Server - MAGIX Edition (Version: 2.0.1.13)
FNC 11 Installer (Version: 11.06.0000)
Google Talk Plugin (Version: 3.3.2.8436)
GrabIt 1.7.2 Beta 6 (build 1008)
HandBrake 0.9.6 (Version: 0.9.6)
HPDiagnosticAlert (Version: 1.00.0000)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.008)
iCloud (Version: 1.1.0.40)
iFunbox (v1.98.948.666), iFunbox DevTeam (Version: v1.98.948.666)
ImgBurn (Version: 2.5.6.0)
iPhone Configuration Utility (Version: 3.5.0.289)
iTunes (Version: 10.6.3.25)
iTunes DB Cloner (Version: 0.9.1.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ SE Development Kit 6 Update 25 (Version: 1.6.0.250)
JDownloader
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 6.4.0 (Full) (Version: 6.4.0)
KProbe 2.5.2
LG United Mobile Driver (Version: 3.2.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Media Player Classic - Home Cinema 1.6.0.4014 (Version: 1.6.0.4014)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
nLite 1.4.9.1 (Version: 1.4.9.1)
NVIDIA PhysX (Version: 9.10.0513)
OpenSSL 1.0.0e Light (32-bit)
PeerBlock 1.0+ (r484) (Version: 1.0.0.484)
Picasa 3 (Version: 3.8)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Presto! PageManager 7.15.35 (Version: 7.15.35)
ProtectDisc Driver, Version 11 (Version: 11.0.0.14)
Python 2.7 (Version: 2.7.150)
Python 2.7 pycrypto-2.1.0
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.72.80.56)
RarmaRadio 2.66.3
Replay Media Catcher 4 (Version: 4.0.12)
SABnzbd 0.7.2 (Version: 0.7.2)
Safari (Version: 5.34.57.2)
SD Formatter (Version: 2.9.5)
SimpLite-MSN 2.5 (Version: 02.05.0003)
TeamViewer 6 (Version: 6.0.11052)
TeamViewer 7 (Version: 7.0.12189)
TeraCopy 2.12
The Lord of the Rings FREE Trial (Version: 1.00.0000)
Total Commander (Remove or Repair) (Version: 7.57a)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.1 (Version: 2.0.1)
WBFS Manager 3.0 (Version: 3.0)
Windows Home Server Connector (Version: 6.0.3436.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Updater Component (Version: 04.07.1404.00)
WinRAR archiver
WinSCP 4.3.3 (Version: 4.3.3)
Yahoo! Detect
Zune (Version: 04.07.1404.00)
Zune Language Pack (DEU) (Version: 04.07.1404.00)
Zune Language Pack (ESP) (Version: 04.07.1404.00)
Zune Language Pack (FRA) (Version: 04.07.1404.00)
Zune Language Pack (ITA) (Version: 04.07.1404.00)
Zune Language Pack (NLD) (Version: 04.07.1404.00)
Zune Language Pack (PTB) (Version: 04.07.1404.00)
Zune Language Pack (PTG) (Version: 04.07.1404.00)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 12286.18 MB
Available physical RAM: 6943.4 MB
Total Pagefile: 24570.55 MB
Available Pagefile: 19236.01 MB
Total Virtual: 4095.88 MB
Available Virtual: 3953.41 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:715.32 GB) NTFS
3 Drive e: (Media Downloads) (Fixed) (Total:232.88 GB) (Free:71.56 GB) NTFS
4 Drive f: (DATA) (Fixed) (Total:698.63 GB) (Free:59.97 GB) NTFS

========================= Users: ========================================

User accounts for \\MAINCOMPUTER-PC

Administrator Guest maddawg


**** End of log ****

FSS Scan:

Farbar Service Scanner Version: 26-07-2012
Ran by maddawg (administrator) on 27-07-2012 at 20:56:04
Running from "C:\Users\maddawg\Downloads"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile. The key does not exist.
ATTENTION!=====> Unable to open HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile. The key does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Adware cleaner Scan:


# AdwCleaner v1.703 - Logfile created 07/27/2012 at 20:58:06
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : maddawg - MAINCOMPUTER-PC
# Running from : C:\Users\maddawg\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\maddawg\AppData\Local\Temp\AskSearch

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\DT Soft

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\maddawg\AppData\Roaming\Mozilla\Firefox\Profiles\o4fqjolm.default\prefs.js

Deleted : user_pref("extensions.hxxps_everywhere.Blekko", true);
Deleted : user_pref("extensions.hxxps_everywhere.FeedMyInbox", true);

*************************

AdwCleaner[R1].txt - [1628 octets] - [27/07/2012 20:57:46]
AdwCleaner[S1].txt - [1456 octets] - [27/07/2012 20:58:06]

########## EOF - C:\AdwCleaner[S1].txt - [1584 octets] ##########

Edited by maddawg313, 27 July 2012 - 08:04 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 28 July 2012 - 12:11 AM

Create a restore point before trying this

Download

MpsSvc
BFE
wscsvc
defender
Sharedaccess
BITS
wuauserv


Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#9 maddawg313

maddawg313
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 28 July 2012 - 07:58 AM

New FSS Scan:


Farbar Service Scanner Version: 26-07-2012
Ran by maddawg (administrator) on 28-07-2012 at 08:57:06
Running from "C:\Users\maddawg\Desktop\Windows Repair"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 28 July 2012 - 08:09 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 maddawg313

maddawg313
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 28 July 2012 - 09:05 AM

Have one question, do I need windows defender running?

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Based on the log, the service is not running.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 28 July 2012 - 09:12 AM

Nope,not needed ,as you have microsoft security essentials installed :thumbup2:

#13 maddawg313

maddawg313
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:20 AM

Posted 28 July 2012 - 10:00 AM

Thanks for all your help. I had no clue this website existed until that trojan almost killed my system. Its a great website with very knowledgeable people. Again, thanks for your help.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:20 AM

Posted 28 July 2012 - 11:50 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users