Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Dropper.Generic_C.MMI


  • This topic is locked This topic is locked
30 replies to this topic

#1 leslieannmc

leslieannmc

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 31 July 2012 - 09:19 PM

Please note that if you are running a 64-bit version, please do not create a GMER log and instead skip to the next step.

This applies to me. But the requested attachments are attached.

The trojan is not allowing my system to do many things... downloads, open programs, web browsing etc

All appreciated...

Attached Files



BC AdBot (Login to Remove)

 


#2 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 31 July 2012 - 09:54 PM

TDDSKiller download detected no problems. Avg is unable to remove it, AVG has only detected it.

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 02 August 2012 - 06:23 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 05 August 2012 - 03:09 AM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 07 August 2012 - 12:50 PM

So sorry for delay, out of town due to work but back... I will have results of information requested to you this evening...

All very much appreciated, thank you for replying gringo_pr : )

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 07 August 2012 - 03:58 PM

no problem and I will see you later


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 07 August 2012 - 10:00 PM

08/07/2012
Security Check

Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 31
Java™ 7 Update 5
Mozilla Firefox (6.0.2)
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.60
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


Combofix Results

Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 31
Java™ 7 Update 5
Mozilla Firefox (6.0.2)
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.60
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


After this program completed it closed and left detailed log... I was not able to open any browser or reconnect from my other computer by remote desk top. It told me that all was set to be deleted.

I restarted the computer and browser worked (chrome) as well as the remote desk top which allowed me to copy program installs from good computer to the infected computer.

I will run AVG and see what happens...

#8 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 07 August 2012 - 10:18 PM

I do wonder what you do for a living : ) Whatever it is I bet your good at it. I researched and scanned and did this and that and thought we would have to reformat.
I ran AVG scan which did recognize the trojan, and scan came clean 2x. This was a hard one but you sure did make it seem easy...

If there is anything that should be of concern, I will check back for your response. I was helping a friend and I dearly appreciate your expertise. I will see what he is able to donate, and see what I can do :)

Your the best!
Leslie

ps... your in my favorites : )

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 08 August 2012 - 08:48 AM

Greetings

Thank you for that!!


You sent me the security check twice and I need to see the combofix report. the easiest way to get it is to do this.


extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\ComboFix.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 11 August 2012 - 12:35 AM

Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 13 August 2012 - 04:28 PM

ComboFix 12-08-07.04 - Keegan 08/07/2012 22:30:01.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2008.1254 [GMT -4:00]
Running from: c:\users\Keegan\Desktop\New folder\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\I Want This
c:\users\Keegan\AppData\Roaming\Mozilla\Firefox\Profiles\suthpmq1.default\searchplugins\bing-zugo.xml
c:\users\Keegan\Documents\Internet Explorer.lnk
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\L\00000004.@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\L\1afb2d56
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\L\201d3dde
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\U\00000004.@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\U\00000008.@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\U\000000cb.@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\U\80000000.@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\U\80000032.@
c:\windows\Installer\{eecd9c11-7e8a-8bf9-c735-dc108ea988d0}\U\80000064.@
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected
Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))))
.
.
2012-08-08 02:36 . 2012-08-08 02:36 -------- d-----w- c:\users\test\AppData\Local\temp
2012-08-08 02:36 . 2012-08-08 02:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-03 06:08 . 2012-08-03 06:08 -------- d-----w- c:\users\test\AppData\Local\AVG Secure Search
2012-08-03 06:08 . 2012-08-03 06:08 -------- d-----w- c:\users\test\AppData\Roaming\AVG2012
2012-08-02 03:00 . 2012-08-02 03:00 -------- d-----w- c:\users\Keegan\AppData\Roaming\AVG2012
2012-08-02 03:00 . 2012-08-02 03:00 -------- d-----w- c:\users\Keegan\AppData\Local\AVG Secure Search
2012-08-02 03:00 . 2012-08-02 03:00 -------- d-----w- c:\programdata\AVG Secure Search
2012-08-02 03:00 . 2012-08-02 03:00 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-08-02 03:00 . 2012-08-02 03:00 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-08-02 03:00 . 2012-08-02 03:00 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-08-02 02:59 . 2012-08-02 02:59 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-08-02 02:59 . 2012-08-07 22:28 -------- d-----w- c:\windows\system32\drivers\AVG
2012-08-02 02:59 . 2012-08-02 02:59 -------- d-----w- C:\$AVG
2012-08-02 02:14 . 2012-08-02 02:14 -------- d-----w- c:\program files (x86)\Loaris
2012-08-02 01:12 . 2012-08-02 02:06 -------- d-----w- c:\programdata\PC Tools
2012-08-01 20:32 . 2012-08-01 20:32 -------- d-----w- c:\programdata\Downloaded Installations
2012-08-01 20:31 . 2012-08-01 23:31 -------- d-----w- c:\program files (x86)\GFI Software
2012-08-01 19:23 . 2012-08-01 19:23 -------- d-----w- c:\users\Keegan\AppData\Roaming\TeamViewer
2012-08-01 02:04 . 2012-08-01 02:04 -------- d-----w- C:\TDSSKiller_Quarantine
2012-08-01 01:56 . 2012-08-01 01:56 116016 ----a-w- c:\windows\system32\drivers\16479966.sys
2012-08-01 01:42 . 2012-08-01 01:42 -------- d-----w- c:\program files\Defraggler
2012-07-31 20:21 . 2012-07-31 20:23 -------- d-----w- c:\program files\Babylon
2012-07-31 06:10 . 2012-07-31 06:10 -------- d-----w- c:\users\Keegan\AppData\Roaming\DriverCure
2012-07-31 06:10 . 2012-07-31 06:10 -------- d-----w- c:\users\Keegan\AppData\Roaming\PC Utility Kit
2012-07-31 06:10 . 2012-07-31 06:38 -------- d-----w- c:\programdata\PC Utility Kit
2012-07-31 02:48 . 2012-07-31 02:48 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-31 02:47 . 2012-07-31 02:47 -------- d-----w- c:\program files (x86)\Oracle
2012-07-31 02:47 . 2012-07-06 02:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-31 02:46 . 2012-07-31 17:45 -------- d-----w- c:\program files (x86)\Java
2012-07-31 02:42 . 2012-07-31 02:42 -------- d-----w- c:\programdata\McAfee
2012-07-30 18:25 . 2012-07-30 18:55 -------- d-----w- c:\program files (x86)\GridinSoft Trojan Killer
2012-07-30 18:22 . 2012-07-30 18:22 -------- d-----w- c:\users\Keegan\AppData\Roaming\Malwarebytes
2012-07-30 18:22 . 2012-07-31 21:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-30 18:22 . 2012-07-30 18:22 -------- d-----w- c:\programdata\Malwarebytes
2012-07-30 18:22 . 2012-07-03 17:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-30 18:06 . 2012-07-30 18:06 -------- d-----w- c:\users\Keegan\temp
2012-07-30 03:34 . 2012-07-30 03:34 -------- d-----w- c:\users\test\AppData\Local\Diagnostics
2012-07-30 02:53 . 2012-07-30 02:53 -------- d-----w- c:\users\test\temp
2012-07-30 02:53 . 2012-07-30 02:53 -------- d-----w- c:\program files (x86)\TeamViewer
2012-07-20 17:55 . 2012-07-20 17:55 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-17 12:24 . 2012-07-17 12:24 992352 ----a-w- c:\programdata\Microsoft\Windows\DRM\install_flashplayer.exe
2012-07-12 07:06 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 11:20 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 02:21 . 2012-04-10 09:46 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{29533A05-3053-4F12-8880-6DEA0DB968C9}\offreg.dll
2012-07-12 07:02 . 2011-10-28 12:29 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-06 02:06 . 2011-07-08 03:36 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-02 22:19 . 2012-06-22 14:13 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 14:14 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 14:14 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 14:14 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 14:13 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 14:14 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 14:13 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 19:19 . 2012-06-21 13:08 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 19:15 . 2012-06-21 13:08 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-08-02 03:00 2086496 ----a-w- c:\program files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll" [2012-08-02 2086496]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-08-02 1147488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-05-20 36720]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-08 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-08-02 31080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2009-03-03 89600]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-08-02 830048]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-05-09 215552]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-05-20 393728]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-539799574-3999557729-1806216962-1000Core.job
- c:\users\Keegan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 18:00]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-539799574-3999557729-1806216962-1000UA.job
- c:\users\Keegan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-31 18:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-01-18 368640]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-06-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-06-30 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-06-30 365080]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-07-02 3180624]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll
FF - ProfilePath - c:\users\Keegan\AppData\Roaming\Mozilla\Firefox\Profiles\suthpmq1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?affID=17425&tt=3112_6
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=17425&tt=3112_6&babsrc=KW_def&mntrId=1615a5a80000000000001c659d9d3cc6&q=
FF - user.js: extensions.BabylonToolbar_i.id - 1615a5a80000000000001c659d9d3cc6
FF - user.js: extensions.BabylonToolbar_i.hardId - 1615a5a80000000000001c659d9d3cc6
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15404
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:41
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110410
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-HF_G_Jul - c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SBRegRebootCleaner - c:\program files (x86)\GFI Software\VIPRE\SBRC.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2012-08-07 22:43:49 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-08 02:43
.
Pre-Run: 150,628,995,072 bytes free
Post-Run: 150,478,639,104 bytes free
.
- - End Of File - - 9EB8E072532E52C132F5560086805FDA

#12 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 13 August 2012 - 04:34 PM

Once again, Im sorry for delay...

Im on vacation : ), but found time to remote connect to the computer to get the info you need. I will check email this evening for further instruction.

All appreciated Gringo : )

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 13 August 2012 - 07:31 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:35 PM

Posted 13 August 2012 - 07:34 PM

Hello

download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.

[*]First Press the Scan button.
[*]It will make a log (FRST.txt)

[*]Second Type the following in the edit box after "Search:". services.exe
[*]Click the Search button
[*]It will make a log (Search.txt)
[/list]
I want you to poste Both the FRST.txt report and the Search.txt into your reply to me

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 leslieannmc

leslieannmc
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:06:35 PM

Posted 14 August 2012 - 01:28 AM

02:20:53.0597 3784 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
02:20:55.0628 3784 ============================================================
02:20:55.0628 3784 Current date / time: 2012/08/14 02:20:55.0628
02:20:55.0628 3784 SystemInfo:
02:20:55.0628 3784
02:20:55.0628 3784 OS Version: 6.1.7601 ServicePack: 1.0
02:20:55.0628 3784 Product type: Workstation
02:20:55.0628 3784 ComputerName: MOEJ
02:20:55.0629 3784 UserName: Keegan
02:20:55.0629 3784 Windows directory: C:\Windows
02:20:55.0629 3784 System windows directory: C:\Windows
02:20:55.0629 3784 Running under WOW64
02:20:55.0629 3784 Processor architecture: Intel x64
02:20:55.0629 3784 Number of processors: 2
02:20:55.0629 3784 Page size: 0x1000
02:20:55.0629 3784 Boot type: Normal boot
02:20:55.0629 3784 ============================================================
02:20:56.0245 3784 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:20:56.0257 3784 Drive \Device\Harddisk1\DR12 - Size: 0xE3A00000 (3.56 Gb), SectorSize: 0x200, Cylinders: 0x1D0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
02:20:56.0461 3784 ============================================================
02:20:56.0461 3784 \Device\Harddisk0\DR0:
02:20:56.0474 3784 MBR partitions:
02:20:56.0474 3784 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x43000, BlocksNum 0x18E3000
02:20:56.0474 3784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1926000, BlocksNum 0x23B08000
02:20:56.0474 3784 \Device\Harddisk1\DR12:
02:20:56.0475 3784 MBR partitions:
02:20:56.0475 3784 ============================================================
02:20:56.0498 3784 C: <-> \Device\Harddisk0\DR0\Partition1
02:20:56.0498 3784 ============================================================
02:20:56.0498 3784 Initialize success
02:20:56.0498 3784 ============================================================
02:20:58.0875 3068 ============================================================
02:20:58.0875 3068 Scan started
02:20:58.0875 3068 Mode: Manual;
02:20:58.0875 3068 ============================================================
02:20:59.0388 3068 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:20:59.0395 3068 1394ohci - ok
02:20:59.0452 3068 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:20:59.0455 3068 ACPI - ok
02:20:59.0473 3068 Scan interrupted by user!
02:20:59.0473 3068 Scan interrupted by user!
02:20:59.0473 3068 Scan interrupted by user!
02:20:59.0473 3068 ============================================================
02:20:59.0473 3068 Scan finished
02:20:59.0473 3068 ============================================================
02:20:59.0486 3648 Detected object count: 0
02:20:59.0486 3648 Actual detected object count: 0
02:21:00.0568 5712 ============================================================
02:21:00.0568 5712 Scan started
02:21:00.0568 5712 Mode: Manual;
02:21:00.0568 5712 ============================================================
02:21:00.0653 5712 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
02:21:00.0655 5712 1394ohci - ok
02:21:00.0664 5712 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
02:21:00.0667 5712 ACPI - ok
02:21:00.0694 5712 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
02:21:00.0695 5712 AcpiPmi - ok
02:21:00.0873 5712 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:21:00.0876 5712 AdobeFlashPlayerUpdateSvc - ok
02:21:00.0971 5712 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
02:21:00.0988 5712 adp94xx - ok
02:21:01.0042 5712 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
02:21:01.0057 5712 adpahci - ok
02:21:01.0085 5712 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
02:21:01.0087 5712 adpu320 - ok
02:21:01.0118 5712 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
02:21:01.0119 5712 AeLookupSvc - ok
02:21:01.0245 5712 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
02:21:01.0246 5712 AESTFilters - ok
02:21:01.0336 5712 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
02:21:01.0343 5712 AFD - ok
02:21:01.0379 5712 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
02:21:01.0380 5712 agp440 - ok
02:21:01.0415 5712 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
02:21:01.0416 5712 ALG - ok
02:21:01.0448 5712 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
02:21:01.0449 5712 aliide - ok
02:21:01.0474 5712 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
02:21:01.0475 5712 amdide - ok
02:21:01.0522 5712 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
02:21:01.0524 5712 AmdK8 - ok
02:21:01.0547 5712 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
02:21:01.0548 5712 AmdPPM - ok
02:21:01.0598 5712 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
02:21:01.0599 5712 amdsata - ok
02:21:01.0649 5712 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
02:21:01.0658 5712 amdsbs - ok
02:21:01.0679 5712 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
02:21:01.0680 5712 amdxata - ok
02:21:01.0753 5712 ApfiltrService (9b0b7fde049cb283fabe5877a49f2611) C:\Windows\system32\DRIVERS\Apfiltr.sys
02:21:01.0768 5712 ApfiltrService - ok
02:21:01.0814 5712 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
02:21:01.0815 5712 AppID - ok
02:21:01.0846 5712 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
02:21:01.0846 5712 AppIDSvc - ok
02:21:01.0895 5712 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
02:21:01.0897 5712 Appinfo - ok
02:21:01.0968 5712 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
02:21:01.0970 5712 arc - ok
02:21:01.0998 5712 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
02:21:01.0999 5712 arcsas - ok
02:21:02.0034 5712 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
02:21:02.0035 5712 AsyncMac - ok
02:21:02.0078 5712 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
02:21:02.0079 5712 atapi - ok
02:21:02.0163 5712 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:21:02.0171 5712 AudioEndpointBuilder - ok
02:21:02.0185 5712 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
02:21:02.0190 5712 AudioSrv - ok
02:21:02.0567 5712 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
02:21:02.0602 5712 AVGIDSAgent - ok
02:21:02.0784 5712 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
02:21:02.0786 5712 AVGIDSDriver - ok
02:21:02.0825 5712 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
02:21:02.0826 5712 AVGIDSFilter - ok
02:21:02.0860 5712 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
02:21:02.0861 5712 AVGIDSHA - ok
02:21:02.0933 5712 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
02:21:02.0935 5712 Avgldx64 - ok
02:21:02.0974 5712 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
02:21:02.0975 5712 Avgmfx64 - ok
02:21:03.0018 5712 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
02:21:03.0019 5712 Avgrkx64 - ok
02:21:03.0087 5712 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
02:21:03.0106 5712 Avgtdia - ok
02:21:03.0148 5712 avgtp (e1b8ec60c85a266cb604cd46921606b4) C:\Windows\system32\drivers\avgtpx64.sys
02:21:03.0150 5712 avgtp - ok
02:21:03.0251 5712 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
02:21:03.0253 5712 avgwd - ok
02:21:03.0329 5712 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
02:21:03.0331 5712 AxInstSV - ok
02:21:03.0408 5712 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
02:21:03.0426 5712 b06bdrv - ok
02:21:03.0500 5712 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
02:21:03.0516 5712 b57nd60a - ok
02:21:03.0570 5712 BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
02:21:03.0572 5712 BCM42RLY - ok
02:21:03.0792 5712 BCM43XX (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
02:21:03.0819 5712 BCM43XX - ok
02:21:04.0008 5712 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
02:21:04.0010 5712 BDESVC - ok
02:21:04.0080 5712 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
02:21:04.0081 5712 Beep - ok
02:21:04.0189 5712 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
02:21:04.0202 5712 BFE - ok
02:21:04.0272 5712 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
02:21:04.0274 5712 blbdrive - ok
02:21:04.0410 5712 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
02:21:04.0414 5712 Bonjour Service - ok
02:21:04.0478 5712 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
02:21:04.0480 5712 bowser - ok
02:21:04.0514 5712 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
02:21:04.0516 5712 BrFiltLo - ok
02:21:04.0540 5712 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
02:21:04.0541 5712 BrFiltUp - ok
02:21:04.0591 5712 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
02:21:04.0593 5712 BridgeMP - ok
02:21:04.0637 5712 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
02:21:04.0640 5712 Browser - ok
02:21:04.0694 5712 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
02:21:04.0710 5712 Brserid - ok
02:21:04.0732 5712 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
02:21:04.0733 5712 BrSerWdm - ok
02:21:04.0770 5712 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
02:21:04.0770 5712 BrUsbMdm - ok
02:21:04.0777 5712 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
02:21:04.0778 5712 BrUsbSer - ok
02:21:04.0818 5712 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
02:21:04.0819 5712 BTHMODEM - ok
02:21:04.0867 5712 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
02:21:04.0869 5712 bthserv - ok
02:21:04.0902 5712 catchme - ok
02:21:04.0952 5712 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
02:21:04.0954 5712 cdfs - ok
02:21:05.0006 5712 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
02:21:05.0008 5712 cdrom - ok
02:21:05.0062 5712 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:21:05.0065 5712 CertPropSvc - ok
02:21:05.0109 5712 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
02:21:05.0111 5712 circlass - ok
02:21:05.0182 5712 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
02:21:05.0191 5712 CLFS - ok
02:21:05.0292 5712 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:21:05.0294 5712 clr_optimization_v2.0.50727_32 - ok
02:21:05.0345 5712 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:21:05.0346 5712 clr_optimization_v2.0.50727_64 - ok
02:21:05.0414 5712 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:21:05.0416 5712 clr_optimization_v4.0.30319_32 - ok
02:21:05.0488 5712 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:21:05.0490 5712 clr_optimization_v4.0.30319_64 - ok
02:21:05.0541 5712 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
02:21:05.0542 5712 CmBatt - ok
02:21:05.0569 5712 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
02:21:05.0571 5712 cmdide - ok
02:21:05.0642 5712 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
02:21:05.0650 5712 CNG - ok
02:21:05.0690 5712 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
02:21:05.0691 5712 Compbatt - ok
02:21:05.0758 5712 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
02:21:05.0760 5712 CompositeBus - ok
02:21:05.0779 5712 COMSysApp - ok
02:21:05.0831 5712 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
02:21:05.0832 5712 crcdisk - ok
02:21:05.0884 5712 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
02:21:05.0887 5712 CryptSvc - ok
02:21:05.0954 5712 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
02:21:05.0963 5712 DcomLaunch - ok
02:21:06.0012 5712 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
02:21:06.0019 5712 defragsvc - ok
02:21:06.0064 5712 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
02:21:06.0066 5712 DfsC - ok
02:21:06.0126 5712 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
02:21:06.0131 5712 Dhcp - ok
02:21:06.0178 5712 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
02:21:06.0179 5712 discache - ok
02:21:06.0236 5712 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
02:21:06.0237 5712 Disk - ok
02:21:06.0305 5712 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
02:21:06.0307 5712 Dnscache - ok
02:21:06.0366 5712 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
02:21:06.0396 5712 dot3svc - ok
02:21:06.0448 5712 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
02:21:06.0451 5712 DPS - ok
02:21:06.0489 5712 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
02:21:06.0490 5712 drmkaud - ok
02:21:06.0604 5712 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
02:21:06.0625 5712 DXGKrnl - ok
02:21:06.0676 5712 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
02:21:06.0677 5712 EapHost - ok
02:21:06.0919 5712 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
02:21:06.0948 5712 ebdrv - ok
02:21:07.0109 5712 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
02:21:07.0112 5712 EFS - ok
02:21:07.0220 5712 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
02:21:07.0235 5712 ehRecvr - ok
02:21:07.0274 5712 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
02:21:07.0277 5712 ehSched - ok
02:21:07.0410 5712 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
02:21:07.0427 5712 elxstor - ok
02:21:07.0504 5712 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
02:21:07.0505 5712 ErrDev - ok
02:21:07.0573 5712 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
02:21:07.0576 5712 EventSystem - ok
02:21:07.0595 5712 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
02:21:07.0597 5712 exfat - ok
02:21:07.0629 5712 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
02:21:07.0631 5712 fastfat - ok
02:21:07.0725 5712 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
02:21:07.0740 5712 Fax - ok
02:21:07.0767 5712 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
02:21:07.0769 5712 fdc - ok
02:21:07.0792 5712 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
02:21:07.0794 5712 fdPHost - ok
02:21:07.0814 5712 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
02:21:07.0816 5712 FDResPub - ok
02:21:07.0844 5712 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
02:21:07.0845 5712 FileInfo - ok
02:21:07.0863 5712 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
02:21:07.0865 5712 Filetrace - ok
02:21:07.0886 5712 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
02:21:07.0886 5712 flpydisk - ok
02:21:07.0938 5712 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
02:21:07.0944 5712 FltMgr - ok
02:21:08.0046 5712 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
02:21:08.0070 5712 FontCache - ok
02:21:08.0159 5712 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:21:08.0161 5712 FontCache3.0.0.0 - ok
02:21:08.0211 5712 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
02:21:08.0212 5712 FsDepends - ok
02:21:08.0246 5712 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
02:21:08.0247 5712 Fs_Rec - ok
02:21:08.0310 5712 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
02:21:08.0313 5712 fvevol - ok
02:21:08.0382 5712 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
02:21:08.0383 5712 gagp30kx - ok
02:21:08.0427 5712 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
02:21:08.0428 5712 GEARAspiWDM - ok
02:21:08.0513 5712 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
02:21:08.0549 5712 gpsvc - ok
02:21:08.0588 5712 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
02:21:08.0589 5712 hcw85cir - ok
02:21:08.0640 5712 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
02:21:08.0642 5712 HDAudBus - ok
02:21:08.0651 5712 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
02:21:08.0651 5712 HidBatt - ok
02:21:08.0667 5712 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
02:21:08.0668 5712 HidBth - ok
02:21:08.0679 5712 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
02:21:08.0680 5712 HidIr - ok
02:21:08.0707 5712 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
02:21:08.0710 5712 hidserv - ok
02:21:08.0749 5712 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
02:21:08.0750 5712 HidUsb - ok
02:21:08.0787 5712 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
02:21:08.0791 5712 hkmsvc - ok
02:21:08.0853 5712 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
02:21:08.0856 5712 HomeGroupListener - ok
02:21:08.0899 5712 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
02:21:08.0911 5712 HomeGroupProvider - ok
02:21:08.0972 5712 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
02:21:08.0974 5712 HpSAMD - ok
02:21:09.0070 5712 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
02:21:09.0081 5712 HTTP - ok
02:21:09.0107 5712 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
02:21:09.0108 5712 hwpolicy - ok
02:21:09.0143 5712 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
02:21:09.0146 5712 i8042prt - ok
02:21:09.0242 5712 IAANTMON (7548066df68a8a1a56b043359f915f37) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
02:21:09.0255 5712 IAANTMON - ok
02:21:09.0357 5712 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
02:21:09.0359 5712 iaStor - ok
02:21:09.0425 5712 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
02:21:09.0431 5712 iaStorV - ok
02:21:09.0583 5712 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:21:09.0599 5712 idsvc - ok
02:21:10.0048 5712 igfx (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
02:21:10.0243 5712 igfx - ok
02:21:10.0425 5712 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
02:21:10.0426 5712 iirsp - ok
02:21:10.0526 5712 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
02:21:10.0547 5712 IKEEXT - ok
02:21:10.0578 5712 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
02:21:10.0580 5712 intelide - ok
02:21:10.0638 5712 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
02:21:10.0640 5712 intelppm - ok
02:21:10.0667 5712 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
02:21:10.0670 5712 IPBusEnum - ok
02:21:10.0706 5712 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:21:10.0707 5712 IpFilterDriver - ok
02:21:10.0795 5712 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
02:21:10.0802 5712 iphlpsvc - ok
02:21:10.0838 5712 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
02:21:10.0839 5712 IPMIDRV - ok
02:21:10.0887 5712 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
02:21:10.0888 5712 IPNAT - ok
02:21:10.0920 5712 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
02:21:10.0921 5712 IRENUM - ok
02:21:10.0939 5712 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
02:21:10.0940 5712 isapnp - ok
02:21:10.0982 5712 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
02:21:10.0999 5712 iScsiPrt - ok
02:21:11.0044 5712 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
02:21:11.0045 5712 kbdclass - ok
02:21:11.0068 5712 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
02:21:11.0069 5712 kbdhid - ok
02:21:11.0108 5712 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:21:11.0111 5712 KeyIso - ok
02:21:11.0157 5712 KMWDFILTER (07071c1e3cd8f0f9114aac8b072ca1e5) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
02:21:11.0158 5712 KMWDFILTER - ok
02:21:11.0212 5712 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
02:21:11.0213 5712 KSecDD - ok
02:21:11.0237 5712 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
02:21:11.0240 5712 KSecPkg - ok
02:21:11.0295 5712 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
02:21:11.0296 5712 ksthunk - ok
02:21:11.0371 5712 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
02:21:11.0382 5712 KtmRm - ok
02:21:11.0462 5712 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
02:21:11.0481 5712 LanmanServer - ok
02:21:11.0522 5712 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
02:21:11.0528 5712 LanmanWorkstation - ok
02:21:11.0584 5712 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
02:21:11.0585 5712 lltdio - ok
02:21:11.0666 5712 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
02:21:11.0680 5712 lltdsvc - ok
02:21:11.0699 5712 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
02:21:11.0701 5712 lmhosts - ok
02:21:11.0788 5712 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
02:21:11.0789 5712 LSI_FC - ok
02:21:11.0816 5712 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
02:21:11.0817 5712 LSI_SAS - ok
02:21:11.0842 5712 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
02:21:11.0843 5712 LSI_SAS2 - ok
02:21:11.0856 5712 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
02:21:11.0857 5712 LSI_SCSI - ok
02:21:11.0884 5712 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
02:21:11.0886 5712 luafv - ok
02:21:11.0910 5712 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
02:21:11.0912 5712 Mcx2Svc - ok
02:21:11.0920 5712 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
02:21:11.0922 5712 megasas - ok
02:21:11.0943 5712 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
02:21:11.0946 5712 MegaSR - ok
02:21:11.0969 5712 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:21:11.0972 5712 MMCSS - ok
02:21:11.0983 5712 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
02:21:11.0984 5712 Modem - ok
02:21:12.0004 5712 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
02:21:12.0005 5712 monitor - ok
02:21:12.0045 5712 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
02:21:12.0046 5712 mouclass - ok
02:21:12.0100 5712 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
02:21:12.0104 5712 mouhid - ok
02:21:12.0151 5712 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
02:21:12.0152 5712 mountmgr - ok
02:21:12.0185 5712 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
02:21:12.0188 5712 mpio - ok
02:21:12.0226 5712 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
02:21:12.0229 5712 mpsdrv - ok
02:21:12.0344 5712 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
02:21:12.0374 5712 MpsSvc - ok
02:21:12.0412 5712 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
02:21:12.0414 5712 MRxDAV - ok
02:21:12.0465 5712 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:21:12.0468 5712 mrxsmb - ok
02:21:12.0512 5712 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:21:12.0517 5712 mrxsmb10 - ok
02:21:12.0546 5712 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:21:12.0547 5712 mrxsmb20 - ok
02:21:12.0579 5712 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
02:21:12.0580 5712 msahci - ok
02:21:12.0620 5712 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
02:21:12.0623 5712 msdsm - ok
02:21:12.0668 5712 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
02:21:12.0682 5712 MSDTC - ok
02:21:12.0726 5712 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
02:21:12.0727 5712 Msfs - ok
02:21:12.0753 5712 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
02:21:12.0754 5712 mshidkmdf - ok
02:21:12.0806 5712 MSHUSBVideo (55218f924e55fd2786ed40edf4ed79c3) C:\Windows\system32\Drivers\nx6000.sys
02:21:12.0808 5712 MSHUSBVideo - ok
02:21:12.0841 5712 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
02:21:12.0843 5712 msisadrv - ok
02:21:12.0887 5712 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
02:21:12.0890 5712 MSiSCSI - ok
02:21:12.0899 5712 msiserver - ok
02:21:12.0953 5712 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
02:21:12.0953 5712 MSKSSRV - ok
02:21:12.0970 5712 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
02:21:12.0971 5712 MSPCLOCK - ok
02:21:12.0996 5712 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
02:21:12.0996 5712 MSPQM - ok
02:21:13.0059 5712 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
02:21:13.0065 5712 MsRPC - ok
02:21:13.0107 5712 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
02:21:13.0108 5712 mssmbios - ok
02:21:13.0140 5712 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
02:21:13.0141 5712 MSTEE - ok
02:21:13.0165 5712 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
02:21:13.0166 5712 MTConfig - ok
02:21:13.0202 5712 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
02:21:13.0204 5712 Mup - ok
02:21:13.0268 5712 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
02:21:13.0287 5712 napagent - ok
02:21:13.0361 5712 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
02:21:13.0376 5712 NativeWifiP - ok
02:21:13.0480 5712 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
02:21:13.0497 5712 NDIS - ok
02:21:13.0540 5712 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
02:21:13.0541 5712 NdisCap - ok
02:21:13.0568 5712 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
02:21:13.0569 5712 NdisTapi - ok
02:21:13.0617 5712 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
02:21:13.0619 5712 Ndisuio - ok
02:21:13.0665 5712 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
02:21:13.0676 5712 NdisWan - ok
02:21:13.0711 5712 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
02:21:13.0714 5712 NDProxy - ok
02:21:13.0754 5712 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
02:21:13.0755 5712 NetBIOS - ok
02:21:13.0814 5712 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
02:21:13.0817 5712 NetBT - ok
02:21:13.0840 5712 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:21:13.0842 5712 Netlogon - ok
02:21:13.0911 5712 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
02:21:13.0914 5712 Netman - ok
02:21:13.0959 5712 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
02:21:13.0977 5712 netprofm - ok
02:21:14.0084 5712 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:21:14.0104 5712 NetTcpPortSharing - ok
02:21:14.0172 5712 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
02:21:14.0193 5712 nfrd960 - ok
02:21:14.0269 5712 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
02:21:14.0306 5712 NlaSvc - ok
02:21:14.0334 5712 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
02:21:14.0336 5712 Npfs - ok
02:21:14.0378 5712 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
02:21:14.0379 5712 nsi - ok
02:21:14.0397 5712 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
02:21:14.0398 5712 nsiproxy - ok
02:21:14.0537 5712 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
02:21:14.0547 5712 Ntfs - ok
02:21:14.0710 5712 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
02:21:14.0710 5712 Null - ok
02:21:14.0756 5712 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
02:21:14.0768 5712 nvraid - ok
02:21:14.0798 5712 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
02:21:14.0810 5712 nvstor - ok
02:21:14.0850 5712 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
02:21:14.0852 5712 nv_agp - ok
02:21:14.0890 5712 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
02:21:14.0892 5712 ohci1394 - ok
02:21:14.0940 5712 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:21:14.0946 5712 p2pimsvc - ok
02:21:15.0003 5712 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
02:21:15.0009 5712 p2psvc - ok
02:21:15.0043 5712 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
02:21:15.0046 5712 Parport - ok
02:21:15.0079 5712 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
02:21:15.0081 5712 partmgr - ok
02:21:15.0113 5712 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
02:21:15.0124 5712 PcaSvc - ok
02:21:15.0180 5712 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
02:21:15.0184 5712 pci - ok
02:21:15.0207 5712 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
02:21:15.0208 5712 pciide - ok
02:21:15.0253 5712 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
02:21:15.0264 5712 pcmcia - ok
02:21:15.0282 5712 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
02:21:15.0284 5712 pcw - ok
02:21:15.0355 5712 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
02:21:15.0376 5712 PEAUTH - ok
02:21:15.0464 5712 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
02:21:15.0467 5712 PerfHost - ok
02:21:15.0615 5712 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
02:21:15.0658 5712 pla - ok
02:21:15.0744 5712 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
02:21:15.0765 5712 PlugPlay - ok
02:21:15.0795 5712 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
02:21:15.0799 5712 PNRPAutoReg - ok
02:21:15.0842 5712 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
02:21:15.0846 5712 PNRPsvc - ok
02:21:15.0922 5712 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
02:21:15.0937 5712 PolicyAgent - ok
02:21:15.0977 5712 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
02:21:15.0981 5712 Power - ok
02:21:16.0082 5712 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
02:21:16.0084 5712 PptpMiniport - ok
02:21:16.0123 5712 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
02:21:16.0126 5712 Processor - ok
02:21:16.0180 5712 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
02:21:16.0190 5712 ProfSvc - ok
02:21:16.0218 5712 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:21:16.0221 5712 ProtectedStorage - ok
02:21:16.0273 5712 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
02:21:16.0275 5712 Psched - ok
02:21:16.0419 5712 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
02:21:16.0470 5712 ql2300 - ok
02:21:16.0640 5712 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
02:21:16.0643 5712 ql40xx - ok
02:21:16.0689 5712 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
02:21:16.0706 5712 QWAVE - ok
02:21:16.0727 5712 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
02:21:16.0729 5712 QWAVEdrv - ok
02:21:16.0745 5712 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
02:21:16.0747 5712 RasAcd - ok
02:21:16.0793 5712 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
02:21:16.0794 5712 RasAgileVpn - ok
02:21:16.0835 5712 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
02:21:16.0838 5712 RasAuto - ok
02:21:16.0882 5712 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:21:16.0884 5712 Rasl2tp - ok
02:21:16.0944 5712 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
02:21:16.0958 5712 RasMan - ok
02:21:16.0999 5712 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
02:21:17.0001 5712 RasPppoe - ok
02:21:17.0030 5712 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
02:21:17.0033 5712 RasSstp - ok
02:21:17.0098 5712 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
02:21:17.0113 5712 rdbss - ok
02:21:17.0146 5712 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
02:21:17.0168 5712 rdpbus - ok
02:21:17.0186 5712 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:21:17.0187 5712 RDPCDD - ok
02:21:17.0222 5712 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
02:21:17.0223 5712 RDPENCDD - ok
02:21:17.0240 5712 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
02:21:17.0242 5712 RDPREFMP - ok
02:21:17.0280 5712 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
02:21:17.0283 5712 RDPWD - ok
02:21:17.0348 5712 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
02:21:17.0358 5712 rdyboost - ok
02:21:17.0435 5712 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
02:21:17.0439 5712 RemoteAccess - ok
02:21:17.0477 5712 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
02:21:17.0480 5712 RemoteRegistry - ok
02:21:17.0495 5712 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
02:21:17.0498 5712 RpcEptMapper - ok
02:21:17.0526 5712 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
02:21:17.0528 5712 RpcLocator - ok
02:21:17.0603 5712 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
02:21:17.0611 5712 RpcSs - ok
02:21:17.0663 5712 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
02:21:17.0667 5712 rspndr - ok
02:21:17.0708 5712 RSUSBSTOR (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
02:21:17.0718 5712 RSUSBSTOR - ok
02:21:17.0752 5712 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:21:17.0755 5712 SamSs - ok
02:21:17.0795 5712 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
02:21:17.0797 5712 sbp2port - ok
02:21:17.0849 5712 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
02:21:17.0860 5712 SCardSvr - ok
02:21:17.0890 5712 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
02:21:17.0891 5712 scfilter - ok
02:21:17.0999 5712 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
02:21:18.0013 5712 Schedule - ok
02:21:18.0060 5712 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
02:21:18.0061 5712 SCPolicySvc - ok
02:21:18.0089 5712 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
02:21:18.0094 5712 SDRSVC - ok
02:21:18.0182 5712 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
02:21:18.0184 5712 secdrv - ok
02:21:18.0222 5712 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
02:21:18.0225 5712 seclogon - ok
02:21:18.0270 5712 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
02:21:18.0274 5712 SENS - ok
02:21:18.0287 5712 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
02:21:18.0291 5712 SensrSvc - ok
02:21:18.0312 5712 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
02:21:18.0313 5712 Serenum - ok
02:21:18.0372 5712 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
02:21:18.0376 5712 Serial - ok
02:21:18.0413 5712 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
02:21:18.0415 5712 sermouse - ok
02:21:18.0484 5712 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
02:21:18.0489 5712 SessionEnv - ok
02:21:18.0519 5712 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
02:21:18.0520 5712 sffdisk - ok
02:21:18.0535 5712 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
02:21:18.0537 5712 sffp_mmc - ok
02:21:18.0555 5712 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
02:21:18.0556 5712 sffp_sd - ok
02:21:18.0591 5712 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
02:21:18.0592 5712 sfloppy - ok
02:21:18.0671 5712 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
02:21:18.0683 5712 SharedAccess - ok
02:21:18.0741 5712 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
02:21:18.0753 5712 ShellHWDetection - ok
02:21:18.0812 5712 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
02:21:18.0815 5712 SiSRaid2 - ok
02:21:18.0837 5712 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
02:21:18.0840 5712 SiSRaid4 - ok
02:21:18.0877 5712 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
02:21:18.0880 5712 Smb - ok
02:21:18.0937 5712 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
02:21:18.0941 5712 SNMPTRAP - ok
02:21:18.0958 5712 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
02:21:18.0960 5712 spldr - ok
02:21:19.0029 5712 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
02:21:19.0043 5712 Spooler - ok
02:21:19.0285 5712 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
02:21:19.0373 5712 sppsvc - ok
02:21:19.0494 5712 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
02:21:19.0498 5712 sppuinotify - ok
02:21:19.0593 5712 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
02:21:19.0614 5712 srv - ok
02:21:19.0667 5712 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
02:21:19.0680 5712 srv2 - ok
02:21:19.0711 5712 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
02:21:19.0721 5712 srvnet - ok
02:21:19.0774 5712 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
02:21:19.0779 5712 SSDPSRV - ok
02:21:19.0800 5712 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
02:21:19.0803 5712 SstpSvc - ok
02:21:19.0947 5712 STacSV (5697fb5dcf36ada09c153378e88ae6ad) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
02:21:19.0955 5712 STacSV - ok
02:21:19.0983 5712 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
02:21:19.0985 5712 stexstor - ok
02:21:20.0068 5712 STHDA (f3f6c17f70eba268cdbe4f9704e3eac5) C:\Windows\system32\DRIVERS\stwrt64.sys
02:21:20.0080 5712 STHDA - ok
02:21:20.0145 5712 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
02:21:20.0168 5712 stisvc - ok
02:21:20.0221 5712 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
02:21:20.0223 5712 swenum - ok
02:21:20.0298 5712 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
02:21:20.0336 5712 swprv - ok
02:21:20.0487 5712 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
02:21:20.0547 5712 SysMain - ok
02:21:20.0673 5712 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
02:21:20.0678 5712 TabletInputService - ok
02:21:20.0720 5712 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
02:21:20.0727 5712 TapiSrv - ok
02:21:20.0765 5712 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
02:21:20.0767 5712 TBS - ok
02:21:20.0981 5712 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
02:21:21.0046 5712 Tcpip - ok
02:21:21.0347 5712 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
02:21:21.0361 5712 TCPIP6 - ok
02:21:21.0491 5712 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
02:21:21.0493 5712 tcpipreg - ok
02:21:21.0531 5712 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
02:21:21.0533 5712 TDPIPE - ok
02:21:21.0570 5712 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
02:21:21.0572 5712 TDTCP - ok
02:21:21.0616 5712 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
02:21:21.0619 5712 tdx - ok
02:21:21.0891 5712 TeamViewer7 (2bbb318ea9f34fdc508cea4aab98d770) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
02:21:21.0970 5712 TeamViewer7 - ok
02:21:22.0107 5712 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
02:21:22.0110 5712 TermDD - ok
02:21:22.0189 5712 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
02:21:22.0198 5712 TermService - ok
02:21:22.0228 5712 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
02:21:22.0231 5712 Themes - ok
02:21:22.0266 5712 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
02:21:22.0267 5712 THREADORDER - ok
02:21:22.0284 5712 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
02:21:22.0288 5712 TrkWks - ok
02:21:22.0347 5712 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
02:21:22.0358 5712 TrustedInstaller - ok
02:21:22.0406 5712 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:21:22.0408 5712 tssecsrv - ok
02:21:22.0449 5712 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
02:21:22.0451 5712 TsUsbFlt - ok
02:21:22.0522 5712 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
02:21:22.0526 5712 tunnel - ok
02:21:22.0557 5712 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
02:21:22.0559 5712 uagp35 - ok
02:21:22.0611 5712 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
02:21:22.0628 5712 udfs - ok
02:21:22.0683 5712 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
02:21:22.0687 5712 UI0Detect - ok
02:21:22.0724 5712 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
02:21:22.0726 5712 uliagpkx - ok
02:21:22.0774 5712 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
02:21:22.0778 5712 umbus - ok
02:21:22.0805 5712 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
02:21:22.0807 5712 UmPass - ok
02:21:22.0866 5712 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
02:21:22.0877 5712 upnphost - ok
02:21:22.0930 5712 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
02:21:22.0931 5712 USBAAPL64 - ok
02:21:23.0000 5712 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
02:21:23.0003 5712 usbaudio - ok
02:21:23.0037 5712 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
02:21:23.0039 5712 usbccgp - ok
02:21:23.0098 5712 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
02:21:23.0101 5712 usbcir - ok
02:21:23.0130 5712 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
02:21:23.0132 5712 usbehci - ok
02:21:23.0178 5712 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
02:21:23.0195 5712 usbhub - ok
02:21:23.0220 5712 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
02:21:23.0222 5712 usbohci - ok
02:21:23.0252 5712 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
02:21:23.0253 5712 usbprint - ok
02:21:23.0277 5712 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:21:23.0279 5712 USBSTOR - ok
02:21:23.0297 5712 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
02:21:23.0298 5712 usbuhci - ok
02:21:23.0327 5712 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
02:21:23.0339 5712 usbvideo - ok
02:21:23.0378 5712 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
02:21:23.0382 5712 UxSms - ok
02:21:23.0406 5712 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
02:21:23.0408 5712 VaultSvc - ok
02:21:23.0439 5712 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
02:21:23.0440 5712 vdrvroot - ok
02:21:23.0510 5712 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
02:21:23.0520 5712 vds - ok
02:21:23.0553 5712 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
02:21:23.0555 5712 vga - ok
02:21:23.0583 5712 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
02:21:23.0584 5712 VgaSave - ok
02:21:23.0627 5712 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
02:21:23.0638 5712 vhdmp - ok
02:21:23.0659 5712 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
02:21:23.0661 5712 viaide - ok
02:21:23.0688 5712 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
02:21:23.0690 5712 volmgr - ok
02:21:23.0755 5712 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
02:21:23.0758 5712 volmgrx - ok
02:21:23.0788 5712 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
02:21:23.0794 5712 volsnap - ok
02:21:23.0856 5712 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
02:21:23.0872 5712 vsmraid - ok
02:21:24.0015 5712 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
02:21:24.0053 5712 VSS - ok
02:21:24.0181 5712 vToolbarUpdater12.1.5 (3da649c6ec481d8f36b54f33fc01dd1e) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe
02:21:24.0199 5712 vToolbarUpdater12.1.5 - ok
02:21:24.0333 5712 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
02:21:24.0336 5712 vwifibus - ok
02:21:24.0357 5712 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
02:21:24.0358 5712 vwififlt - ok
02:21:24.0445 5712 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
02:21:24.0488 5712 W32Time - ok
02:21:24.0553 5712 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
02:21:24.0555 5712 WacomPen - ok
02:21:24.0607 5712 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:21:24.0608 5712 WANARP - ok
02:21:24.0621 5712 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
02:21:24.0622 5712 Wanarpv6 - ok
02:21:24.0763 5712 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
02:21:24.0803 5712 WatAdminSvc - ok
02:21:24.0962 5712 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
02:21:25.0009 5712 wbengine - ok
02:21:25.0162 5712 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
02:21:25.0181 5712 WbioSrvc - ok
02:21:25.0243 5712 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
02:21:25.0255 5712 wcncsvc - ok
02:21:25.0272 5712 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
02:21:25.0277 5712 WcsPlugInService - ok
02:21:25.0342 5712 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
02:21:25.0344 5712 Wd - ok
02:21:25.0417 5712 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
02:21:25.0434 5712 Wdf01000 - ok
02:21:25.0467 5712 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:21:25.0470 5712 WdiServiceHost - ok
02:21:25.0474 5712 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
02:21:25.0478 5712 WdiSystemHost - ok
02:21:25.0535 5712 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
02:21:25.0543 5712 WebClient - ok
02:21:25.0578 5712 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
02:21:25.0586 5712 Wecsvc - ok
02:21:25.0605 5712 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
02:21:25.0607 5712 wercplsupport - ok
02:21:25.0628 5712 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
02:21:25.0631 5712 WerSvc - ok
02:21:25.0693 5712 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
02:21:25.0695 5712 WfpLwf - ok
02:21:25.0723 5712 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
02:21:25.0724 5712 WIMMount - ok
02:21:25.0755 5712 WinDefend - ok
02:21:25.0766 5712 WinHttpAutoProxySvc - ok
02:21:25.0861 5712 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
02:21:25.0870 5712 Winmgmt - ok
02:21:26.0046 5712 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
02:21:26.0101 5712 WinRM - ok
02:21:26.0265 5712 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
02:21:26.0267 5712 WinUsb - ok
02:21:26.0363 5712 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
02:21:26.0413 5712 Wlansvc - ok
02:21:26.0481 5712 wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
02:21:26.0483 5712 wltrysvc - ok
02:21:26.0527 5712 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
02:21:26.0528 5712 WmiAcpi - ok
02:21:26.0622 5712 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
02:21:26.0632 5712 wmiApSrv - ok
02:21:26.0672 5712 WMPNetworkSvc - ok
02:21:26.0708 5712 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
02:21:26.0712 5712 WPCSvc - ok
02:21:26.0753 5712 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
02:21:26.0756 5712 WPDBusEnum - ok
02:21:26.0782 5712 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
02:21:26.0784 5712 ws2ifsl - ok
02:21:26.0841 5712 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
02:21:26.0847 5712 wscsvc - ok
02:21:26.0853 5712 WSearch - ok
02:21:27.0054 5712 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
02:21:27.0071 5712 wuauserv - ok
02:21:27.0224 5712 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
02:21:27.0225 5712 WudfPf - ok
02:21:27.0270 5712 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:21:27.0272 5712 WUDFRd - ok
02:21:27.0326 5712 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
02:21:27.0330 5712 wudfsvc - ok
02:21:27.0382 5712 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
02:21:27.0388 5712 WwanSvc - ok
02:21:27.0489 5712 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
02:21:27.0494 5712 yukonw7 - ok
02:21:27.0553 5712 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
02:21:27.0834 5712 \Device\Harddisk0\DR0 - ok
02:21:27.0985 5712 MBR (0x1B8) (02dd08ad2d6332e304cf1da38b1cd2d6) \Device\Harddisk1\DR12
02:21:32.0291 5712 \Device\Harddisk1\DR12 - ok
02:21:32.0297 5712 Boot (0x1200) (f5ee10852db918ca7af3268d6c751c84) \Device\Harddisk0\DR0\Partition0
02:21:32.0300 5712 \Device\Harddisk0\DR0\Partition0 - ok
02:21:32.0314 5712 Boot (0x1200) (67ed2e4d28698540b44fa239fd65cbf0) \Device\Harddisk0\DR0\Partition1
02:21:32.0316 5712 \Device\Harddisk0\DR0\Partition1 - ok
02:21:32.0322 5712 ============================================================
02:21:32.0322 5712 Scan finished
02:21:32.0322 5712 ============================================================
02:21:32.0345 4964 Detected object count: 0
02:21:32.0345 4964 Actual detected object count: 0




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users