Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NOD 32 can't clear virus


  • This topic is locked This topic is locked
22 replies to this topic

#1 Tajthethird

Tajthethird

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 01 August 2012 - 12:45 AM

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.4.1
Run by Mulkanoor at 0:35:13 on 2012-08-01
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.299 [GMT -5:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\system32\WUDFHost.exe
C:\Users\Mulkanoor\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
-netsvcs
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_268.exe
"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://search.mytool.co/?babsrc=home&s=web&as=0&isid=9848
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://search.mytool.co/?babsrc=home&s=web&as=0&isid=9848
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
uRun: [Google Update] "C:\Users\Mulkanoor\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRunOnce: [SpybotDeletingB1342] command.com /c del "C:\Windows\svchost.exe_old"
uRunOnce: [SpybotDeletingD6942] cmd.exe /c del "C:\Windows\svchost.exe_old"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [SpybotDeletingA1466] command.com /c del "C:\Windows\svchost.exe_old"
mRunOnce: [SpybotDeletingC1692] cmd.exe /c del "C:\Windows\svchost.exe_old"
StartupFolder: C:\Users\MULKAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Mulkanoor\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\MULKAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\MULKAN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
LSP: mswsock.dll
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} - hxxp://108.201.250.138:85/AVC_AX_724.cab
DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} - hxxp://99.60.247.134:85/AVC_AX_742.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=722
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{2302E98D-BCA8-4AA8-A37E-736A66C49CE0} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AD25B1E0-1D36-4E24-A9F3-42F1E3FBF368} : DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
BHO-X64: Ad-Aware Security Toolbar - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [SpybotDeletingA1466] command.com /c del "C:\Windows\svchost.exe_old"
mRunOnce-x64: [SpybotDeletingC1692] cmd.exe /c del "C:\Windows\svchost.exe_old"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mulkanoor\AppData\Roaming\Mozilla\Firefox\Profiles\7wn5cghz.default\
FF - prefs.js: browser.search.selectedEngine - MyTools
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Users\Mulkanoor\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Mulkanoor\AppData\Roaming\Mozilla\Firefox\Profiles\7wn5cghz.default\extensions\LogMeInClient@logmein.com\plugins\npLMI64.dll
FF - plugin: C:\Users\Mulkanoor\AppData\Roaming\Mozilla\Firefox\Profiles\7wn5cghz.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-08-01 03:49:05 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-08-01 03:49:05 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-08-01 02:46:50 20480 ------w- C:\Windows\svchost.exe_old
2012-07-29 00:28:06 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-07-29 00:10:25 9133488 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C19222A1-E5B9-45CF-8DBA-89AAD31F876C}\mpengine.dll
2012-07-26 04:52:53 -------- d-----w- C:\Users\Mulkanoor\AppData\Roaming\Malwarebytes
2012-07-26 04:52:33 -------- d-----w- C:\ProgramData\Malwarebytes
2012-07-26 04:52:32 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-07-26 04:52:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-26 04:31:21 -------- d-----w- C:\Program Files (x86)\SpeedFan
2012-07-12 08:11:44 3148800 ----a-w- C:\Windows\System32\win32k.sys
2012-07-11 20:30:15 2004480 ----a-w- C:\Windows\System32\msxml6.dll
2012-07-11 20:30:14 1881600 ----a-w- C:\Windows\System32\msxml3.dll
2012-07-11 20:30:14 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll
2012-07-11 20:30:11 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2012-07-11 20:30:11 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2012-07-11 20:30:11 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2012-07-04 05:10:46 -------- d-----r- C:\Users\Mulkanoor\Dropbox
2012-07-04 05:07:39 -------- d-----w- C:\Users\Mulkanoor\AppData\Roaming\Dropbox
.
==================== Find3M ====================
.
2012-07-31 18:39:12 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-31 18:39:12 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-11 17:01:55 87488 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2012-07-11 17:01:46 34720 ----a-w- C:\Windows\System32\LMIport.dll
2012-07-11 17:01:44 80800 ----a-w- C:\Windows\System32\LMIinit.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-05-31 17:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-05-25 16:24:12 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2012-05-15 04:01:31 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 03:03:54 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-14 19:02:41 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-05-14 19:02:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
.
============= FINISH: 0:38:48.44 ===============

BC AdBot (Login to Remove)

 


#2 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 01 August 2012 - 02:17 PM

Hello and welcome to Bleeping Computer!

I am D-FRED-BROWN and I will be helping you. :)


Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.


----------Step 1----------------
I know you've already run TDSSKiller before, but please run it one more time so we have an up-to-date idea of what may be remaining on the computer.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Skip is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: Do not choose Cure or Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

----------Step 2----------------
Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.


----------Step 3----------------
Please download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

----------Step 4----------------
In your next reply, please include the following:
  • TDSSKiller's logfile
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt
After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. :)

#3 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 02 August 2012 - 06:31 PM

13:06:03.0805 4072 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:06:04.0152 4072 ============================================================
13:06:04.0152 4072 Current date / time: 2012/08/02 13:06:04.0152
13:06:04.0152 4072 SystemInfo:
13:06:04.0152 4072
13:06:04.0152 4072 OS Version: 6.1.7601 ServicePack: 1.0
13:06:04.0152 4072 Product type: Workstation
13:06:04.0152 4072 ComputerName: MULKANOOR-PC
13:06:04.0152 4072 UserName: Mulkanoor
13:06:04.0152 4072 Windows directory: C:\Windows
13:06:04.0152 4072 System windows directory: C:\Windows
13:06:04.0152 4072 Running under WOW64
13:06:04.0152 4072 Processor architecture: Intel x64
13:06:04.0152 4072 Number of processors: 2
13:06:04.0152 4072 Page size: 0x1000
13:06:04.0152 4072 Boot type: Normal boot
13:06:04.0152 4072 ============================================================
13:06:05.0330 4072 Drive \Device\Harddisk0\DR0 - Size: 0x2E93B00000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:06:05.0348 4072 ============================================================
13:06:05.0348 4072 \Device\Harddisk0\DR0:
13:06:05.0354 4072 MBR partitions:
13:06:05.0354 4072 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:06:05.0354 4072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1746A800
13:06:05.0354 4072 ============================================================
13:06:05.0384 4072 C: <-> \Device\Harddisk0\DR0\Partition1
13:06:05.0422 4072 ============================================================
13:06:05.0422 4072 Initialize success
13:06:05.0422 4072 ============================================================
13:06:14.0295 3936 ============================================================
13:06:14.0295 3936 Scan started
13:06:14.0295 3936 Mode: Manual;
13:06:14.0295 3936 ============================================================
13:06:15.0437 3936 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:06:15.0449 3936 1394ohci - ok
13:06:15.0508 3936 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:06:15.0525 3936 ACPI - ok
13:06:15.0553 3936 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:06:15.0555 3936 AcpiPmi - ok
13:06:15.0630 3936 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:06:15.0632 3936 AdobeARMservice - ok
13:06:15.0747 3936 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:06:15.0756 3936 AdobeFlashPlayerUpdateSvc - ok
13:06:15.0815 3936 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:06:15.0843 3936 adp94xx - ok
13:06:15.0876 3936 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:06:15.0895 3936 adpahci - ok
13:06:15.0920 3936 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:06:15.0933 3936 adpu320 - ok
13:06:15.0962 3936 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:06:15.0964 3936 AeLookupSvc - ok
13:06:16.0028 3936 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:06:16.0042 3936 AFD - ok
13:06:16.0127 3936 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
13:06:16.0164 3936 AgereSoftModem - ok
13:06:16.0207 3936 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:06:16.0248 3936 agp440 - ok
13:06:16.0280 3936 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:06:16.0283 3936 ALG - ok
13:06:16.0318 3936 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:06:16.0320 3936 aliide - ok
13:06:16.0330 3936 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:06:16.0332 3936 amdide - ok
13:06:16.0356 3936 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:06:16.0358 3936 AmdK8 - ok
13:06:16.0374 3936 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:06:16.0375 3936 AmdPPM - ok
13:06:16.0403 3936 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:06:16.0409 3936 amdsata - ok
13:06:16.0433 3936 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:06:16.0454 3936 amdsbs - ok
13:06:16.0465 3936 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:06:16.0467 3936 amdxata - ok
13:06:16.0527 3936 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:06:16.0546 3936 AppID - ok
13:06:16.0572 3936 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:06:16.0575 3936 AppIDSvc - ok
13:06:16.0621 3936 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:06:16.0623 3936 Appinfo - ok
13:06:16.0701 3936 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:06:16.0703 3936 Apple Mobile Device - ok
13:06:16.0735 3936 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
13:06:16.0749 3936 AppMgmt - ok
13:06:16.0783 3936 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:06:16.0790 3936 arc - ok
13:06:16.0805 3936 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:06:16.0811 3936 arcsas - ok
13:06:16.0832 3936 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:06:16.0851 3936 AsyncMac - ok
13:06:16.0889 3936 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:06:16.0889 3936 atapi - ok
13:06:16.0987 3936 athr (8c56e93749ba53a4b645963d3439e01e) C:\Windows\system32\DRIVERS\athrx.sys
13:06:17.0023 3936 athr - ok
13:06:17.0160 3936 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:06:17.0181 3936 AudioEndpointBuilder - ok
13:06:17.0190 3936 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:06:17.0195 3936 AudioSrv - ok
13:06:17.0241 3936 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:06:17.0249 3936 AxInstSV - ok
13:06:17.0325 3936 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:06:17.0340 3936 b06bdrv - ok
13:06:17.0383 3936 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:06:17.0395 3936 b57nd60a - ok
13:06:17.0426 3936 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:06:17.0433 3936 BDESVC - ok
13:06:17.0449 3936 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:06:17.0452 3936 Beep - ok
13:06:17.0543 3936 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:06:17.0566 3936 BFE - ok
13:06:17.0624 3936 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:06:17.0646 3936 BITS - ok
13:06:17.0700 3936 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:06:17.0702 3936 blbdrive - ok
13:06:17.0788 3936 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:06:17.0803 3936 Bonjour Service - ok
13:06:17.0844 3936 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:06:17.0867 3936 bowser - ok
13:06:17.0885 3936 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:06:17.0887 3936 BrFiltLo - ok
13:06:17.0899 3936 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:06:17.0901 3936 BrFiltUp - ok
13:06:17.0934 3936 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:06:17.0940 3936 Browser - ok
13:06:17.0962 3936 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:06:17.0972 3936 Brserid - ok
13:06:17.0991 3936 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:06:17.0993 3936 BrSerWdm - ok
13:06:18.0003 3936 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:06:18.0004 3936 BrUsbMdm - ok
13:06:18.0018 3936 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:06:18.0019 3936 BrUsbSer - ok
13:06:18.0040 3936 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:06:18.0041 3936 BTHMODEM - ok
13:06:18.0077 3936 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:06:18.0101 3936 bthserv - ok
13:06:18.0137 3936 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:06:18.0144 3936 cdfs - ok
13:06:18.0190 3936 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:06:18.0204 3936 cdrom - ok
13:06:18.0246 3936 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:06:18.0249 3936 CertPropSvc - ok
13:06:18.0271 3936 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:06:18.0273 3936 circlass - ok
13:06:18.0313 3936 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:06:18.0330 3936 CLFS - ok
13:06:18.0385 3936 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:06:18.0388 3936 clr_optimization_v2.0.50727_32 - ok
13:06:18.0426 3936 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:06:18.0433 3936 clr_optimization_v2.0.50727_64 - ok
13:06:18.0520 3936 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:06:18.0541 3936 clr_optimization_v4.0.30319_32 - ok
13:06:18.0578 3936 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:06:18.0583 3936 clr_optimization_v4.0.30319_64 - ok
13:06:18.0618 3936 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:06:18.0620 3936 CmBatt - ok
13:06:18.0653 3936 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:06:18.0654 3936 cmdide - ok
13:06:18.0704 3936 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:06:18.0721 3936 CNG - ok
13:06:18.0738 3936 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:06:18.0739 3936 Compbatt - ok
13:06:18.0784 3936 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:06:18.0802 3936 CompositeBus - ok
13:06:18.0818 3936 COMSysApp - ok
13:06:18.0833 3936 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:06:18.0834 3936 crcdisk - ok
13:06:18.0898 3936 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:06:18.0913 3936 CryptSvc - ok
13:06:18.0962 3936 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
13:06:18.0980 3936 CSC - ok
13:06:19.0041 3936 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
13:06:19.0069 3936 CscService - ok
13:06:19.0115 3936 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:06:19.0128 3936 DcomLaunch - ok
13:06:19.0178 3936 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:06:19.0188 3936 defragsvc - ok
13:06:19.0237 3936 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:06:19.0244 3936 DfsC - ok
13:06:19.0295 3936 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:06:19.0308 3936 Dhcp - ok
13:06:19.0329 3936 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:06:19.0331 3936 discache - ok
13:06:19.0373 3936 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:06:19.0375 3936 Disk - ok
13:06:19.0411 3936 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:06:19.0424 3936 Dnscache - ok
13:06:19.0491 3936 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:06:19.0502 3936 dot3svc - ok
13:06:19.0537 3936 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:06:19.0549 3936 DPS - ok
13:06:19.0581 3936 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:06:19.0600 3936 drmkaud - ok
13:06:19.0680 3936 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:06:19.0744 3936 DXGKrnl - ok
13:06:19.0781 3936 e1express (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
13:06:19.0792 3936 e1express - ok
13:06:19.0835 3936 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys
13:06:19.0848 3936 eamonm - ok
13:06:19.0883 3936 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:06:19.0890 3936 EapHost - ok
13:06:20.0052 3936 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:06:20.0139 3936 ebdrv - ok
13:06:20.0234 3936 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:06:20.0236 3936 EFS - ok
13:06:20.0297 3936 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys
13:06:20.0312 3936 ehdrv - ok
13:06:20.0391 3936 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:06:20.0417 3936 ehRecvr - ok
13:06:20.0441 3936 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:06:20.0446 3936 ehSched - ok
13:06:20.0578 3936 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
13:06:20.0606 3936 ekrn - ok
13:06:20.0721 3936 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:06:20.0743 3936 elxstor - ok
13:06:20.0793 3936 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys
13:06:20.0806 3936 epfw - ok
13:06:20.0834 3936 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys
13:06:20.0836 3936 EpfwLWF - ok
13:06:20.0860 3936 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys
13:06:20.0862 3936 epfwwfp - ok
13:06:20.0893 3936 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:06:20.0912 3936 ErrDev - ok
13:06:20.0970 3936 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:06:21.0003 3936 EventSystem - ok
13:06:21.0042 3936 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:06:21.0096 3936 exfat - ok
13:06:21.0114 3936 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:06:21.0168 3936 fastfat - ok
13:06:21.0231 3936 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:06:21.0283 3936 Fax - ok
13:06:21.0297 3936 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:06:21.0299 3936 fdc - ok
13:06:21.0325 3936 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:06:21.0327 3936 fdPHost - ok
13:06:21.0343 3936 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:06:21.0345 3936 FDResPub - ok
13:06:21.0364 3936 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:06:21.0367 3936 FileInfo - ok
13:06:21.0375 3936 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:06:21.0398 3936 Filetrace - ok
13:06:21.0412 3936 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:06:21.0414 3936 flpydisk - ok
13:06:21.0472 3936 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:06:21.0483 3936 FltMgr - ok
13:06:21.0559 3936 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:06:21.0632 3936 FontCache - ok
13:06:21.0725 3936 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:06:21.0727 3936 FontCache3.0.0.0 - ok
13:06:21.0773 3936 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:06:21.0792 3936 FsDepends - ok
13:06:21.0817 3936 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:06:21.0836 3936 Fs_Rec - ok
13:06:21.0889 3936 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:06:21.0900 3936 fvevol - ok
13:06:21.0921 3936 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:06:21.0923 3936 gagp30kx - ok
13:06:21.0958 3936 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:06:21.0959 3936 GEARAspiWDM - ok
13:06:22.0024 3936 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:06:22.0049 3936 gpsvc - ok
13:06:22.0109 3936 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:06:22.0114 3936 gusvc - ok
13:06:22.0139 3936 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:06:22.0141 3936 hcw85cir - ok
13:06:22.0182 3936 hcwPP2 (af844d328bb8ef0943bcaf10fa1fc263) C:\Windows\system32\DRIVERS\hcwPP2.sys
13:06:22.0194 3936 hcwPP2 - ok
13:06:22.0484 3936 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:06:22.0495 3936 HdAudAddService - ok
13:06:22.0517 3936 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:06:22.0523 3936 HDAudBus - ok
13:06:22.0532 3936 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:06:22.0534 3936 HidBatt - ok
13:06:22.0547 3936 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:06:22.0553 3936 HidBth - ok
13:06:22.0562 3936 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:06:22.0565 3936 HidIr - ok
13:06:22.0590 3936 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:06:22.0593 3936 hidserv - ok
13:06:22.0653 3936 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:06:22.0671 3936 HidUsb - ok
13:06:22.0707 3936 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:06:22.0713 3936 hkmsvc - ok
13:06:22.0752 3936 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:06:22.0764 3936 HomeGroupListener - ok
13:06:22.0796 3936 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:06:22.0809 3936 HomeGroupProvider - ok
13:06:22.0858 3936 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:06:22.0860 3936 HpSAMD - ok
13:06:22.0925 3936 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:06:22.0951 3936 HTTP - ok
13:06:22.0985 3936 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:06:22.0985 3936 hwpolicy - ok
13:06:23.0049 3936 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:06:23.0073 3936 i8042prt - ok
13:06:23.0107 3936 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:06:23.0110 3936 iaStorV - ok
13:06:23.0251 3936 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:06:23.0283 3936 idsvc - ok
13:06:23.0324 3936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:06:23.0326 3936 iirsp - ok
13:06:23.0397 3936 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:06:23.0487 3936 IKEEXT - ok
13:06:23.0531 3936 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:06:23.0532 3936 intelide - ok
13:06:23.0551 3936 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:06:23.0553 3936 intelppm - ok
13:06:23.0582 3936 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:06:23.0588 3936 IPBusEnum - ok
13:06:23.0622 3936 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:06:23.0643 3936 IpFilterDriver - ok
13:06:23.0697 3936 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:06:23.0719 3936 iphlpsvc - ok
13:06:23.0748 3936 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:06:23.0750 3936 IPMIDRV - ok
13:06:23.0783 3936 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:06:23.0813 3936 IPNAT - ok
13:06:23.0910 3936 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
13:06:23.0939 3936 iPod Service - ok
13:06:23.0962 3936 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:06:23.0964 3936 IRENUM - ok
13:06:23.0997 3936 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:06:24.0016 3936 isapnp - ok
13:06:24.0055 3936 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:06:24.0090 3936 iScsiPrt - ok
13:06:24.0119 3936 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:06:24.0122 3936 kbdclass - ok
13:06:24.0158 3936 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:06:24.0160 3936 kbdhid - ok
13:06:24.0182 3936 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:06:24.0184 3936 KeyIso - ok
13:06:24.0219 3936 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:06:24.0225 3936 KSecDD - ok
13:06:24.0246 3936 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:06:24.0258 3936 KSecPkg - ok
13:06:24.0279 3936 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:06:24.0297 3936 ksthunk - ok
13:06:24.0341 3936 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:06:24.0368 3936 KtmRm - ok
13:06:24.0414 3936 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:06:24.0450 3936 LanmanServer - ok
13:06:24.0481 3936 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:06:24.0508 3936 LanmanWorkstation - ok
13:06:24.0555 3936 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:06:24.0575 3936 lltdio - ok
13:06:24.0606 3936 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:06:24.0619 3936 lltdsvc - ok
13:06:24.0633 3936 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:06:24.0636 3936 lmhosts - ok
13:06:24.0739 3936 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
13:06:24.0756 3936 LMIGuardianSvc - ok
13:06:24.0785 3936 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
13:06:24.0786 3936 LMIInfo - ok
13:06:24.0819 3936 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
13:06:24.0833 3936 LMIMaint - ok
13:06:24.0853 3936 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
13:06:24.0854 3936 lmimirr - ok
13:06:24.0875 3936 LMIRfsClientNP - ok
13:06:24.0896 3936 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
13:06:24.0898 3936 LMIRfsDriver - ok
13:06:24.0939 3936 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
13:06:24.0957 3936 LogMeIn - ok
13:06:24.0995 3936 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:06:25.0000 3936 LSI_FC - ok
13:06:25.0013 3936 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:06:25.0019 3936 LSI_SAS - ok
13:06:25.0032 3936 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:06:25.0034 3936 LSI_SAS2 - ok
13:06:25.0046 3936 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:06:25.0051 3936 LSI_SCSI - ok
13:06:25.0077 3936 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:06:25.0084 3936 luafv - ok
13:06:25.0131 3936 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
13:06:25.0144 3936 mcdbus - ok
13:06:25.0183 3936 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:06:25.0195 3936 Mcx2Svc - ok
13:06:25.0211 3936 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:06:25.0213 3936 megasas - ok
13:06:25.0241 3936 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:06:25.0252 3936 MegaSR - ok
13:06:25.0347 3936 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:06:25.0350 3936 Microsoft Office Groove Audit Service - ok
13:06:25.0385 3936 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:06:25.0388 3936 MMCSS - ok
13:06:25.0396 3936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:06:25.0398 3936 Modem - ok
13:06:25.0432 3936 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:06:25.0434 3936 monitor - ok
13:06:25.0471 3936 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:06:25.0475 3936 mouclass - ok
13:06:25.0495 3936 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:06:25.0497 3936 mouhid - ok
13:06:25.0536 3936 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:06:25.0541 3936 mountmgr - ok
13:06:25.0611 3936 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:06:25.0617 3936 MozillaMaintenance - ok
13:06:25.0650 3936 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:06:25.0667 3936 mpio - ok
13:06:25.0685 3936 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:06:25.0705 3936 mpsdrv - ok
13:06:25.0769 3936 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:06:25.0793 3936 MpsSvc - ok
13:06:25.0834 3936 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:06:25.0850 3936 MRxDAV - ok
13:06:25.0887 3936 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:06:25.0901 3936 mrxsmb - ok
13:06:25.0922 3936 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:06:25.0932 3936 mrxsmb10 - ok
13:06:25.0947 3936 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:06:25.0952 3936 mrxsmb20 - ok
13:06:25.0983 3936 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:06:25.0985 3936 msahci - ok
13:06:26.0024 3936 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:06:26.0062 3936 msdsm - ok
13:06:26.0083 3936 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:06:26.0098 3936 MSDTC - ok
13:06:26.0139 3936 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:06:26.0141 3936 Msfs - ok
13:06:26.0156 3936 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:06:26.0171 3936 mshidkmdf - ok
13:06:26.0195 3936 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:06:26.0197 3936 msisadrv - ok
13:06:26.0240 3936 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:06:26.0254 3936 MSiSCSI - ok
13:06:26.0258 3936 msiserver - ok
13:06:26.0291 3936 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:06:26.0293 3936 MSKSSRV - ok
13:06:26.0309 3936 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:06:26.0311 3936 MSPCLOCK - ok
13:06:26.0331 3936 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:06:26.0363 3936 MSPQM - ok
13:06:26.0406 3936 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:06:26.0423 3936 MsRPC - ok
13:06:26.0452 3936 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:06:26.0454 3936 mssmbios - ok
13:06:26.0458 3936 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:06:26.0460 3936 MSTEE - ok
13:06:26.0477 3936 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:06:26.0479 3936 MTConfig - ok
13:06:26.0506 3936 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:06:26.0508 3936 Mup - ok
13:06:26.0566 3936 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:06:26.0583 3936 napagent - ok
13:06:26.0626 3936 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:06:26.0677 3936 NativeWifiP - ok
13:06:26.0764 3936 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:06:26.0789 3936 NDIS - ok
13:06:26.0811 3936 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:06:26.0831 3936 NdisCap - ok
13:06:26.0858 3936 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:06:26.0861 3936 NdisTapi - ok
13:06:26.0891 3936 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:06:26.0894 3936 Ndisuio - ok
13:06:26.0935 3936 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:06:26.0970 3936 NdisWan - ok
13:06:26.0998 3936 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:06:27.0033 3936 NDProxy - ok
13:06:27.0061 3936 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:06:27.0063 3936 NetBIOS - ok
13:06:27.0115 3936 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:06:27.0129 3936 NetBT - ok
13:06:27.0148 3936 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:06:27.0149 3936 Netlogon - ok
13:06:27.0189 3936 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:06:27.0208 3936 Netman - ok
13:06:27.0235 3936 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:06:27.0249 3936 netprofm - ok
13:06:27.0357 3936 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:06:27.0363 3936 NetTcpPortSharing - ok
13:06:27.0404 3936 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:06:27.0406 3936 nfrd960 - ok
13:06:27.0486 3936 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:06:27.0507 3936 NlaSvc - ok
13:06:27.0528 3936 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:06:27.0531 3936 Npfs - ok
13:06:27.0567 3936 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:06:27.0576 3936 nsi - ok
13:06:27.0590 3936 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:06:27.0592 3936 nsiproxy - ok
13:06:27.0702 3936 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:06:27.0758 3936 Ntfs - ok
13:06:27.0871 3936 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:06:27.0889 3936 Null - ok
13:06:28.0470 3936 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:06:28.0720 3936 nvlddmkm - ok
13:06:28.0864 3936 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:06:28.0878 3936 nvraid - ok
13:06:28.0908 3936 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:06:28.0913 3936 nvstor - ok
13:06:28.0927 3936 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:06:28.0929 3936 nv_agp - ok
13:06:29.0009 3936 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:06:29.0024 3936 odserv - ok
13:06:29.0072 3936 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:06:29.0098 3936 ohci1394 - ok
13:06:29.0148 3936 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:06:29.0154 3936 ose - ok
13:06:29.0190 3936 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:06:29.0208 3936 p2pimsvc - ok
13:06:29.0244 3936 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:06:29.0261 3936 p2psvc - ok
13:06:29.0300 3936 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:06:29.0301 3936 Parport - ok
13:06:29.0331 3936 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:06:29.0333 3936 partmgr - ok
13:06:29.0364 3936 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:06:29.0376 3936 PcaSvc - ok
13:06:29.0414 3936 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:06:29.0426 3936 pci - ok
13:06:29.0441 3936 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:06:29.0459 3936 pciide - ok
13:06:29.0486 3936 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:06:29.0497 3936 pcmcia - ok
13:06:29.0513 3936 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:06:29.0515 3936 pcw - ok
13:06:29.0551 3936 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:06:29.0606 3936 PEAUTH - ok
13:06:29.0701 3936 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
13:06:29.0735 3936 PeerDistSvc - ok
13:06:29.0805 3936 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:06:29.0818 3936 PerfHost - ok
13:06:29.0952 3936 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:06:30.0033 3936 pla - ok
13:06:30.0079 3936 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:06:30.0099 3936 PlugPlay - ok
13:06:30.0141 3936 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\Windows\system32\HPZipm12.dll
13:06:30.0144 3936 Pml Driver HPZ12 - ok
13:06:30.0167 3936 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:06:30.0182 3936 PNRPAutoReg - ok
13:06:30.0214 3936 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:06:30.0218 3936 PNRPsvc - ok
13:06:30.0266 3936 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:06:30.0302 3936 PolicyAgent - ok
13:06:30.0335 3936 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:06:30.0348 3936 Power - ok
13:06:30.0411 3936 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:06:30.0467 3936 PptpMiniport - ok
13:06:30.0487 3936 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:06:30.0488 3936 Processor - ok
13:06:30.0530 3936 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:06:30.0542 3936 ProfSvc - ok
13:06:30.0563 3936 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:06:30.0565 3936 ProtectedStorage - ok
13:06:30.0608 3936 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:06:30.0613 3936 Psched - ok
13:06:30.0704 3936 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:06:30.0743 3936 ql2300 - ok
13:06:30.0874 3936 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:06:30.0875 3936 ql40xx - ok
13:06:30.0906 3936 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:06:30.0917 3936 QWAVE - ok
13:06:30.0934 3936 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:06:30.0967 3936 QWAVEdrv - ok
13:06:30.0983 3936 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:06:31.0017 3936 RasAcd - ok
13:06:31.0048 3936 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:06:31.0051 3936 RasAgileVpn - ok
13:06:31.0074 3936 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:06:31.0082 3936 RasAuto - ok
13:06:31.0115 3936 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:06:31.0154 3936 Rasl2tp - ok
13:06:31.0193 3936 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:06:31.0226 3936 RasMan - ok
13:06:31.0262 3936 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:06:31.0269 3936 RasPppoe - ok
13:06:31.0285 3936 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:06:31.0308 3936 RasSstp - ok
13:06:31.0350 3936 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:06:31.0361 3936 rdbss - ok
13:06:31.0371 3936 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:06:31.0406 3936 rdpbus - ok
13:06:31.0424 3936 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:06:31.0425 3936 RDPCDD - ok
13:06:31.0468 3936 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
13:06:31.0528 3936 RDPDR - ok
13:06:31.0554 3936 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:06:31.0555 3936 RDPENCDD - ok
13:06:31.0568 3936 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:06:31.0569 3936 RDPREFMP - ok
13:06:31.0621 3936 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
13:06:31.0657 3936 RdpVideoMiniport - ok
13:06:31.0708 3936 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:06:31.0746 3936 RDPWD - ok
13:06:31.0792 3936 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:06:31.0806 3936 rdyboost - ok
13:06:31.0831 3936 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:06:31.0838 3936 RemoteAccess - ok
13:06:31.0867 3936 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:06:31.0907 3936 RemoteRegistry - ok
13:06:31.0949 3936 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
13:06:31.0950 3936 RimUsb - ok
13:06:32.0000 3936 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:06:32.0000 3936 RimVSerPort - ok
13:06:32.0031 3936 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
13:06:32.0033 3936 ROOTMODEM - ok
13:06:32.0063 3936 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:06:32.0067 3936 RpcEptMapper - ok
13:06:32.0089 3936 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:06:32.0092 3936 RpcLocator - ok
13:06:32.0151 3936 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:06:32.0156 3936 RpcSs - ok
13:06:32.0179 3936 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:06:32.0199 3936 rspndr - ok
13:06:32.0226 3936 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
13:06:32.0227 3936 s3cap - ok
13:06:32.0246 3936 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:06:32.0248 3936 SamSs - ok
13:06:32.0262 3936 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:06:32.0263 3936 sbp2port - ok
13:06:32.0295 3936 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:06:32.0308 3936 SCardSvr - ok
13:06:32.0343 3936 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:06:32.0380 3936 scfilter - ok
13:06:32.0470 3936 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:06:32.0523 3936 Schedule - ok
13:06:32.0556 3936 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:06:32.0557 3936 SCPolicySvc - ok
13:06:32.0596 3936 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:06:32.0634 3936 SDRSVC - ok
13:06:32.0686 3936 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:06:32.0687 3936 secdrv - ok
13:06:32.0706 3936 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:06:32.0709 3936 seclogon - ok
13:06:32.0736 3936 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:06:32.0739 3936 SENS - ok
13:06:32.0754 3936 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:06:32.0758 3936 SensrSvc - ok
13:06:32.0767 3936 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:06:32.0768 3936 Serenum - ok
13:06:32.0779 3936 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:06:32.0785 3936 Serial - ok
13:06:32.0823 3936 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:06:32.0842 3936 sermouse - ok
13:06:32.0885 3936 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:06:32.0902 3936 SessionEnv - ok
13:06:32.0929 3936 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:06:32.0949 3936 sffdisk - ok
13:06:32.0960 3936 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:06:32.0980 3936 sffp_mmc - ok
13:06:32.0990 3936 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:06:32.0992 3936 sffp_sd - ok
13:06:33.0013 3936 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:06:33.0014 3936 sfloppy - ok
13:06:33.0055 3936 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:06:33.0098 3936 SharedAccess - ok
13:06:33.0143 3936 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:06:33.0162 3936 ShellHWDetection - ok
13:06:33.0183 3936 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:06:33.0185 3936 SiSRaid2 - ok
13:06:33.0199 3936 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:06:33.0200 3936 SiSRaid4 - ok
13:06:33.0228 3936 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:06:33.0236 3936 Smb - ok
13:06:33.0278 3936 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:06:33.0282 3936 SNMPTRAP - ok
13:06:33.0371 3936 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
13:06:33.0372 3936 speedfan - ok
13:06:33.0395 3936 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:06:33.0396 3936 spldr - ok
13:06:33.0454 3936 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:06:33.0516 3936 Spooler - ok
13:06:33.0703 3936 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:06:33.0798 3936 sppsvc - ok
13:06:33.0893 3936 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:06:33.0907 3936 sppuinotify - ok
13:06:33.0996 3936 sptd (aa90a319bb067e0d149b4c95608c4b05) C:\Windows\system32\Drivers\sptd.sys
13:06:34.0035 3936 sptd - ok
13:06:34.0095 3936 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:06:34.0109 3936 srv - ok
13:06:34.0142 3936 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:06:34.0159 3936 srv2 - ok
13:06:34.0179 3936 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:06:34.0192 3936 srvnet - ok
13:06:34.0233 3936 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:06:34.0246 3936 SSDPSRV - ok
13:06:34.0259 3936 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:06:34.0265 3936 SstpSvc - ok
13:06:34.0293 3936 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:06:34.0294 3936 stexstor - ok
13:06:34.0359 3936 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:06:34.0382 3936 stisvc - ok
13:06:34.0427 3936 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
13:06:34.0428 3936 storflt - ok
13:06:34.0465 3936 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
13:06:34.0466 3936 storvsc - ok
13:06:34.0494 3936 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:06:34.0495 3936 swenum - ok
13:06:34.0546 3936 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:06:34.0568 3936 swprv - ok
13:06:34.0583 3936 Synth3dVsc - ok
13:06:34.0693 3936 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:06:34.0735 3936 SysMain - ok
13:06:34.0851 3936 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:06:34.0866 3936 TabletInputService - ok
13:06:34.0887 3936 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:06:34.0906 3936 TapiSrv - ok
13:06:34.0925 3936 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:06:34.0929 3936 TBS - ok
13:06:35.0067 3936 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:06:35.0120 3936 Tcpip - ok
13:06:35.0286 3936 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:06:35.0297 3936 TCPIP6 - ok
13:06:35.0382 3936 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:06:35.0385 3936 tcpipreg - ok
13:06:35.0410 3936 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:06:35.0428 3936 TDPIPE - ok
13:06:35.0457 3936 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:06:35.0466 3936 TDTCP - ok
13:06:35.0508 3936 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:06:35.0532 3936 tdx - ok
13:06:35.0563 3936 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:06:35.0583 3936 TermDD - ok
13:06:35.0646 3936 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:06:35.0653 3936 TermService - ok
13:06:35.0679 3936 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:06:35.0683 3936 Themes - ok
13:06:35.0714 3936 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:06:35.0717 3936 THREADORDER - ok
13:06:35.0763 3936 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:06:35.0778 3936 TrkWks - ok
13:06:35.0826 3936 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:06:35.0838 3936 TrustedInstaller - ok
13:06:35.0883 3936 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:06:35.0885 3936 tssecsrv - ok
13:06:35.0917 3936 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:06:35.0954 3936 TsUsbFlt - ok
13:06:35.0958 3936 tsusbhub - ok
13:06:36.0008 3936 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:06:36.0047 3936 tunnel - ok
13:06:36.0077 3936 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:06:36.0078 3936 uagp35 - ok
13:06:36.0121 3936 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:06:36.0131 3936 udfs - ok
13:06:36.0162 3936 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:06:36.0166 3936 UI0Detect - ok
13:06:36.0193 3936 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:06:36.0194 3936 uliagpkx - ok
13:06:36.0231 3936 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:06:36.0250 3936 umbus - ok
13:06:36.0281 3936 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:06:36.0282 3936 UmPass - ok
13:06:36.0320 3936 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
13:06:36.0333 3936 UmRdpService - ok
13:06:36.0374 3936 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:06:36.0400 3936 upnphost - ok
13:06:36.0437 3936 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:06:36.0438 3936 USBAAPL64 - ok
13:06:36.0467 3936 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:06:36.0491 3936 usbccgp - ok
13:06:36.0542 3936 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:06:36.0544 3936 usbcir - ok
13:06:36.0556 3936 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:06:36.0558 3936 usbehci - ok
13:06:36.0600 3936 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:06:36.0618 3936 usbhub - ok
13:06:36.0628 3936 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:06:36.0647 3936 usbohci - ok
13:06:36.0667 3936 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:06:36.0668 3936 usbprint - ok
13:06:36.0704 3936 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:06:36.0759 3936 USBSTOR - ok
13:06:36.0791 3936 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
13:06:36.0814 3936 usbuhci - ok
13:06:36.0845 3936 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:06:36.0850 3936 UxSms - ok
13:06:36.0876 3936 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:06:36.0878 3936 VaultSvc - ok
13:06:36.0902 3936 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:06:36.0904 3936 vdrvroot - ok
13:06:36.0971 3936 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:06:36.0997 3936 vds - ok
13:06:37.0025 3936 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:06:37.0026 3936 vga - ok
13:06:37.0038 3936 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:06:37.0057 3936 VgaSave - ok
13:06:37.0067 3936 VGPU - ok
13:06:37.0104 3936 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:06:37.0140 3936 vhdmp - ok
13:06:37.0166 3936 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:06:37.0167 3936 viaide - ok
13:06:37.0208 3936 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
13:06:37.0222 3936 vmbus - ok
13:06:37.0235 3936 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
13:06:37.0236 3936 VMBusHID - ok
13:06:37.0267 3936 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:06:37.0269 3936 volmgr - ok
13:06:37.0309 3936 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:06:37.0326 3936 volmgrx - ok
13:06:37.0364 3936 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:06:37.0375 3936 volsnap - ok
13:06:37.0416 3936 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:06:37.0419 3936 vsmraid - ok
13:06:37.0518 3936 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:06:37.0560 3936 VSS - ok
13:06:37.0670 3936 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:06:37.0704 3936 vwifibus - ok
13:06:37.0720 3936 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:06:37.0723 3936 vwififlt - ok
13:06:37.0756 3936 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:06:37.0791 3936 W32Time - ok
13:06:37.0807 3936 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:06:37.0808 3936 WacomPen - ok
13:06:37.0848 3936 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:06:37.0872 3936 WANARP - ok
13:06:37.0883 3936 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:06:37.0884 3936 Wanarpv6 - ok
13:06:37.0966 3936 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:06:38.0008 3936 WatAdminSvc - ok
13:06:38.0103 3936 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:06:38.0158 3936 wbengine - ok
13:06:38.0265 3936 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:06:38.0278 3936 WbioSrvc - ok
13:06:38.0342 3936 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:06:38.0379 3936 wcncsvc - ok
13:06:38.0394 3936 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:06:38.0400 3936 WcsPlugInService - ok
13:06:38.0441 3936 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:06:38.0442 3936 Wd - ok
13:06:38.0482 3936 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:06:38.0509 3936 Wdf01000 - ok
13:06:38.0526 3936 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:06:38.0541 3936 WdiServiceHost - ok
13:06:38.0545 3936 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:06:38.0549 3936 WdiSystemHost - ok
13:06:38.0585 3936 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:06:38.0596 3936 WebClient - ok
13:06:38.0632 3936 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:06:38.0645 3936 Wecsvc - ok
13:06:38.0664 3936 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:06:38.0670 3936 wercplsupport - ok
13:06:38.0694 3936 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:06:38.0698 3936 WerSvc - ok
13:06:38.0750 3936 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:06:38.0768 3936 WfpLwf - ok
13:06:38.0791 3936 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:06:38.0809 3936 WIMMount - ok
13:06:38.0835 3936 WinDefend - ok
13:06:38.0846 3936 WinHttpAutoProxySvc - ok
13:06:38.0906 3936 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:06:38.0926 3936 Winmgmt - ok
13:06:39.0048 3936 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:06:39.0123 3936 WinRM - ok
13:06:39.0263 3936 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:06:39.0280 3936 WinUsb - ok
13:06:39.0341 3936 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:06:39.0379 3936 Wlansvc - ok
13:06:39.0395 3936 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:06:39.0414 3936 WmiAcpi - ok
13:06:39.0473 3936 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:06:39.0487 3936 wmiApSrv - ok
13:06:39.0528 3936 WMPNetworkSvc - ok
13:06:39.0560 3936 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:06:39.0564 3936 WPCSvc - ok
13:06:39.0597 3936 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:06:39.0611 3936 WPDBusEnum - ok
13:06:39.0639 3936 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:06:39.0659 3936 ws2ifsl - ok
13:06:39.0674 3936 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:06:39.0689 3936 wscsvc - ok
13:06:39.0694 3936 WSearch - ok
13:06:39.0845 3936 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:06:39.0921 3936 wuauserv - ok
13:06:40.0054 3936 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:06:40.0077 3936 WudfPf - ok
13:06:40.0097 3936 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:06:40.0110 3936 WUDFRd - ok
13:06:40.0145 3936 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:06:40.0150 3936 wudfsvc - ok
13:06:40.0179 3936 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:06:40.0192 3936 WwanSvc - ok
13:06:40.0222 3936 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:06:40.0261 3936 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
13:06:40.0261 3936 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
13:06:40.0266 3936 Boot (0x1200) (b194d0af711a89512fba05e0ccd6c8b3) \Device\Harddisk0\DR0\Partition0
13:06:40.0267 3936 \Device\Harddisk0\DR0\Partition0 - ok
13:06:40.0291 3936 Boot (0x1200) (f9cc3b0a3e470a36deeb2b0bc91ae6d4) \Device\Harddisk0\DR0\Partition1
13:06:40.0292 3936 \Device\Harddisk0\DR0\Partition1 - ok
13:06:40.0292 3936 ============================================================
13:06:40.0292 3936 Scan finished
13:06:40.0292 3936 ============================================================
13:06:40.0307 4956 Detected object count: 1
13:06:40.0307 4956 Actual detected object count: 1
13:07:38.0771 4956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
13:07:38.0771 4956 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip
13:08:38.0155 4516 Deinitialize success







ComboFix 12-07-31.03 - Mulkanoor 08/02/2012 15:03:31.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.866 [GMT -5:00]
Running from: c:\users\Mulkanoor\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\svchost.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-02 to 2012-08-02 )))))))))))))))))))))))))))))))
.
.
2012-08-01 17:28 . 2012-08-01 17:28 -------- d-----w- c:\program files\iTunes
2012-08-01 17:28 . 2012-08-01 17:28 -------- d-----w- c:\program files (x86)\iTunes
2012-08-01 17:28 . 2012-08-01 17:28 -------- d-----w- c:\program files\iPod
2012-08-01 17:14 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43BBF9CF-00B1-409B-A828-6BC456E8B5CD}\mpengine.dll
2012-08-01 03:49 . 2012-08-01 20:05 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-08-01 03:49 . 2012-08-01 20:05 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-07-29 00:28 . 2012-07-29 00:28 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2012-07-26 04:52 . 2012-07-26 04:52 -------- d-----w- c:\users\Mulkanoor\AppData\Roaming\Malwarebytes
2012-07-26 04:52 . 2012-07-26 04:52 -------- d-----w- c:\programdata\Malwarebytes
2012-07-26 04:52 . 2012-07-26 04:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-26 04:52 . 2012-07-03 18:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-26 04:31 . 2012-07-26 04:31 -------- d-----w- c:\program files (x86)\SpeedFan
2012-07-12 08:11 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 20:30 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 20:30 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 20:30 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-07-11 20:30 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-07-11 20:30 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 20:30 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-07-11 20:30 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-04 05:10 . 2012-08-02 20:16 -------- d-----r- c:\users\Mulkanoor\Dropbox
2012-07-04 05:07 . 2012-08-02 20:16 -------- d-----w- c:\users\Mulkanoor\AppData\Roaming\Dropbox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 19:39 . 2012-06-05 16:51 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-02 19:39 . 2011-12-11 02:53 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-12 08:04 . 2012-01-08 19:53 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-11 17:01 . 2012-04-28 22:04 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-11 17:01 . 2012-04-28 22:04 34720 ----a-w- c:\windows\system32\LMIport.dll
2012-07-11 17:01 . 2012-04-28 22:04 80800 ----a-w- c:\windows\system32\LMIinit.dll
2012-06-02 22:19 . 2012-06-19 13:25 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-19 13:25 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-19 13:25 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-19 13:25 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-19 13:25 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-19 13:25 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-19 13:25 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 20:19 . 2012-06-19 13:25 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 20:15 . 2012-06-19 13:25 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 17:25 . 2011-12-11 01:36 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-25 16:24 . 2012-04-28 22:04 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2012-05-15 04:01 . 2012-06-13 13:26 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 13:26 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 13:26 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-05-14 19:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-05-14 19:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2012-04-11 20:08 87440 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-04-11 87440]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-05-09 201112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\users\Mulkanoor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-6-13 27595032]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2011-12-10 576000]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-12-11 867064]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-02 250056]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-09 1255736]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-09-22 974944]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-11 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 19:39]
.
2012-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4081413660-1306598774-2834709941-1001Core.job
- c:\users\Mulkanoor\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-11 01:21]
.
2012-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4081413660-1306598774-2834709941-1001UA.job
- c:\users\Mulkanoor\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-11 01:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 97792 ----a-w- c:\users\Mulkanoor\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.mytool.co/?babsrc=home&s=web&as=0&isid=9848
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://search.mytool.co/?babsrc=home&s=web&as=0&isid=9848
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {8214B72E-B0CD-466E-A44D-1D54D926038D} - hxxp://108.201.250.138:85/AVC_AX_724.cab
DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} - hxxp://99.60.247.134:85/AVC_AX_742.cab
FF - ProfilePath - c:\users\Mulkanoor\AppData\Roaming\Mozilla\Firefox\Profiles\7wn5cghz.default\
FF - prefs.js: browser.search.selectedEngine - MyTools
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKU-Default-Run-Temp - c:\users\Mulkanoor\AppData\Local\VirtualStore\Temp\pwsqwa.dll
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\\.\globalroot\systemroot\svchost.exe
.
**************************************************************************
.
Completion time: 2012-08-02 15:35:19 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-02 20:35
.
Pre-Run: 137,015,197,696 bytes free
Post-Run: 137,326,018,560 bytes free
.
- - End Of File - - 50DBAA6921F455BEA7642B45691F1C4A



Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
ESET Smart Security 5.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.0
Java™ 7 Update 4
Java version out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.60
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

#4 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 02 August 2012 - 06:40 PM

Go ahead and run TDSSKiller once again, but this time, select Cure instead of Skip. If asked to reboot, please allow it to do so.

Post the new TDSSKiller log in your next reply, and let me know how things go.

#5 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 02 August 2012 - 06:58 PM

After doing another scan with the ESET antivirus, it still found a trojan virus: Win32/Olmarik.TDL4. However the computer does not freeze up as much as before and my antivirus is not showing me all the threats that were coming up like before.

#6 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 02 August 2012 - 07:03 PM

18:59:10.0227 5000 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:59:10.0628 5000 ============================================================
18:59:10.0628 5000 Current date / time: 2012/08/02 18:59:10.0628
18:59:10.0628 5000 SystemInfo:
18:59:10.0628 5000
18:59:10.0629 5000 OS Version: 6.1.7601 ServicePack: 1.0
18:59:10.0629 5000 Product type: Workstation
18:59:10.0629 5000 ComputerName: MULKANOOR-PC
18:59:10.0629 5000 UserName: Mulkanoor
18:59:10.0629 5000 Windows directory: C:\Windows
18:59:10.0629 5000 System windows directory: C:\Windows
18:59:10.0629 5000 Running under WOW64
18:59:10.0629 5000 Processor architecture: Intel x64
18:59:10.0629 5000 Number of processors: 2
18:59:10.0629 5000 Page size: 0x1000
18:59:10.0629 5000 Boot type: Normal boot
18:59:10.0629 5000 ============================================================
18:59:12.0104 5000 Drive \Device\Harddisk0\DR0 - Size: 0x2E93B00000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:59:12.0155 5000 ============================================================
18:59:12.0155 5000 \Device\Harddisk0\DR0:
18:59:12.0155 5000 MBR partitions:
18:59:12.0155 5000 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:59:12.0155 5000 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1746A800
18:59:12.0155 5000 ============================================================
18:59:12.0186 5000 C: <-> \Device\Harddisk0\DR0\Partition1
18:59:12.0240 5000 ============================================================
18:59:12.0240 5000 Initialize success
18:59:12.0240 5000 ============================================================
18:59:13.0947 4912 ============================================================
18:59:13.0947 4912 Scan started
18:59:13.0947 4912 Mode: Manual;
18:59:13.0947 4912 ============================================================
18:59:15.0148 4912 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:59:15.0194 4912 1394ohci - ok
18:59:15.0255 4912 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:59:15.0269 4912 ACPI - ok
18:59:15.0306 4912 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:59:15.0331 4912 AcpiPmi - ok
18:59:15.0408 4912 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:59:15.0411 4912 AdobeARMservice - ok
18:59:15.0524 4912 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:59:15.0536 4912 AdobeFlashPlayerUpdateSvc - ok
18:59:15.0591 4912 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:59:15.0629 4912 adp94xx - ok
18:59:15.0663 4912 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:59:15.0739 4912 adpahci - ok
18:59:15.0851 4912 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:59:15.0857 4912 adpu320 - ok
18:59:15.0881 4912 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:59:15.0884 4912 AeLookupSvc - ok
18:59:15.0956 4912 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:59:15.0978 4912 AFD - ok
18:59:16.0060 4912 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
18:59:16.0100 4912 AgereSoftModem - ok
18:59:16.0151 4912 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:59:16.0180 4912 agp440 - ok
18:59:16.0216 4912 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:59:16.0218 4912 ALG - ok
18:59:16.0254 4912 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:59:16.0274 4912 aliide - ok
18:59:16.0283 4912 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:59:16.0301 4912 amdide - ok
18:59:16.0333 4912 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:59:16.0353 4912 AmdK8 - ok
18:59:16.0369 4912 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:59:16.0388 4912 AmdPPM - ok
18:59:16.0422 4912 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:59:16.0461 4912 amdsata - ok
18:59:16.0495 4912 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:59:16.0532 4912 amdsbs - ok
18:59:16.0542 4912 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:59:16.0562 4912 amdxata - ok
18:59:16.0621 4912 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:59:16.0624 4912 AppID - ok
18:59:16.0650 4912 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:59:16.0652 4912 AppIDSvc - ok
18:59:16.0698 4912 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:59:16.0700 4912 Appinfo - ok
18:59:16.0795 4912 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:59:16.0797 4912 Apple Mobile Device - ok
18:59:16.0830 4912 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
18:59:16.0867 4912 AppMgmt - ok
18:59:16.0902 4912 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:59:16.0931 4912 arc - ok
18:59:16.0954 4912 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:59:16.0965 4912 arcsas - ok
18:59:16.0993 4912 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:16.0995 4912 AsyncMac - ok
18:59:17.0050 4912 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:59:17.0051 4912 atapi - ok
18:59:17.0141 4912 athr (8c56e93749ba53a4b645963d3439e01e) C:\Windows\system32\DRIVERS\athrx.sys
18:59:17.0204 4912 athr - ok
18:59:17.0346 4912 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:59:17.0365 4912 AudioEndpointBuilder - ok
18:59:17.0377 4912 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:59:17.0383 4912 AudioSrv - ok
18:59:17.0427 4912 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:59:17.0451 4912 AxInstSV - ok
18:59:17.0528 4912 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:59:17.0547 4912 b06bdrv - ok
18:59:17.0579 4912 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:17.0622 4912 b57nd60a - ok
18:59:17.0654 4912 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:59:17.0660 4912 BDESVC - ok
18:59:17.0672 4912 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:59:17.0674 4912 Beep - ok
18:59:17.0747 4912 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:59:17.0764 4912 BFE - ok
18:59:17.0827 4912 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
18:59:17.0868 4912 BITS - ok
18:59:17.0919 4912 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:17.0945 4912 blbdrive - ok
18:59:18.0045 4912 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:59:18.0065 4912 Bonjour Service - ok
18:59:18.0113 4912 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:59:18.0120 4912 bowser - ok
18:59:18.0138 4912 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:59:18.0141 4912 BrFiltLo - ok
18:59:18.0152 4912 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:59:18.0154 4912 BrFiltUp - ok
18:59:18.0189 4912 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:59:18.0195 4912 BridgeMP - ok
18:59:18.0228 4912 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:59:18.0250 4912 Browser - ok
18:59:18.0291 4912 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:59:18.0324 4912 Brserid - ok
18:59:18.0360 4912 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:18.0386 4912 BrSerWdm - ok
18:59:18.0398 4912 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:18.0416 4912 BrUsbMdm - ok
18:59:18.0429 4912 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:18.0431 4912 BrUsbSer - ok
18:59:18.0451 4912 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:59:18.0470 4912 BTHMODEM - ok
18:59:18.0504 4912 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:59:18.0511 4912 bthserv - ok
18:59:18.0539 4912 catchme - ok
18:59:18.0556 4912 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:59:18.0562 4912 cdfs - ok
18:59:18.0611 4912 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:59:18.0656 4912 cdrom - ok
18:59:18.0698 4912 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:59:18.0701 4912 CertPropSvc - ok
18:59:18.0732 4912 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:59:18.0735 4912 circlass - ok
18:59:18.0773 4912 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:59:18.0791 4912 CLFS - ok
18:59:18.0855 4912 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:59:18.0858 4912 clr_optimization_v2.0.50727_32 - ok
18:59:18.0905 4912 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:59:18.0911 4912 clr_optimization_v2.0.50727_64 - ok
18:59:18.0981 4912 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:59:19.0002 4912 clr_optimization_v4.0.30319_32 - ok
18:59:19.0046 4912 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:59:19.0052 4912 clr_optimization_v4.0.30319_64 - ok
18:59:19.0087 4912 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:59:19.0107 4912 CmBatt - ok
18:59:19.0147 4912 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:59:19.0166 4912 cmdide - ok
18:59:19.0214 4912 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
18:59:19.0247 4912 CNG - ok
18:59:19.0256 4912 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:59:19.0274 4912 Compbatt - ok
18:59:19.0311 4912 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:59:19.0314 4912 CompositeBus - ok
18:59:19.0329 4912 COMSysApp - ok
18:59:19.0343 4912 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:59:19.0346 4912 crcdisk - ok
18:59:19.0398 4912 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
18:59:19.0416 4912 CryptSvc - ok
18:59:19.0474 4912 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:59:19.0496 4912 CSC - ok
18:59:19.0537 4912 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
18:59:19.0558 4912 CscService - ok
18:59:19.0618 4912 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:59:19.0641 4912 DcomLaunch - ok
18:59:19.0681 4912 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:59:19.0691 4912 defragsvc - ok
18:59:19.0748 4912 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:59:19.0755 4912 DfsC - ok
18:59:19.0807 4912 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:59:19.0826 4912 Dhcp - ok
18:59:19.0848 4912 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:59:19.0858 4912 discache - ok
18:59:19.0909 4912 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:59:19.0935 4912 Disk - ok
18:59:19.0972 4912 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:59:19.0985 4912 Dnscache - ok
18:59:20.0172 4912 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:59:20.0188 4912 dot3svc - ok
18:59:20.0222 4912 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:59:20.0251 4912 DPS - ok
18:59:20.0284 4912 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:59:20.0307 4912 drmkaud - ok
18:59:20.0393 4912 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:59:20.0448 4912 DXGKrnl - ok
18:59:20.0484 4912 e1express (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
18:59:20.0495 4912 e1express - ok
18:59:20.0545 4912 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys
18:59:20.0562 4912 eamonm - ok
18:59:20.0586 4912 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:59:20.0617 4912 EapHost - ok
18:59:20.0784 4912 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:59:20.0896 4912 ebdrv - ok
18:59:20.0995 4912 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:59:20.0998 4912 EFS - ok
18:59:21.0058 4912 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys
18:59:21.0095 4912 ehdrv - ok
18:59:21.0180 4912 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:59:21.0205 4912 ehRecvr - ok
18:59:21.0230 4912 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:59:21.0233 4912 ehSched - ok
18:59:21.0356 4912 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
18:59:21.0384 4912 ekrn - ok
18:59:21.0499 4912 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:59:21.0538 4912 elxstor - ok
18:59:21.0588 4912 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys
18:59:21.0603 4912 epfw - ok
18:59:21.0620 4912 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys
18:59:21.0667 4912 EpfwLWF - ok
18:59:21.0696 4912 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys
18:59:21.0715 4912 epfwwfp - ok
18:59:21.0746 4912 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:59:21.0764 4912 ErrDev - ok
18:59:21.0815 4912 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:59:21.0832 4912 EventSystem - ok
18:59:21.0862 4912 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:59:21.0875 4912 exfat - ok
18:59:21.0923 4912 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:59:21.0938 4912 fastfat - ok
18:59:22.0008 4912 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:59:22.0044 4912 Fax - ok
18:59:22.0058 4912 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:59:22.0099 4912 fdc - ok
18:59:22.0126 4912 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:59:22.0128 4912 fdPHost - ok
18:59:22.0143 4912 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:59:22.0145 4912 FDResPub - ok
18:59:22.0166 4912 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:59:22.0168 4912 FileInfo - ok
18:59:22.0185 4912 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:59:22.0187 4912 Filetrace - ok
18:59:22.0198 4912 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:22.0200 4912 flpydisk - ok
18:59:22.0257 4912 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:59:22.0269 4912 FltMgr - ok
18:59:22.0335 4912 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:59:22.0370 4912 FontCache - ok
18:59:22.0461 4912 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:59:22.0463 4912 FontCache3.0.0.0 - ok
18:59:22.0509 4912 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:59:22.0511 4912 FsDepends - ok
18:59:22.0537 4912 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:59:22.0539 4912 Fs_Rec - ok
18:59:22.0591 4912 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:59:22.0603 4912 fvevol - ok
18:59:22.0624 4912 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:59:22.0683 4912 gagp30kx - ok
18:59:22.0719 4912 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:59:22.0722 4912 GEARAspiWDM - ok
18:59:22.0789 4912 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:59:22.0814 4912 gpsvc - ok
18:59:22.0877 4912 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:59:22.0900 4912 gusvc - ok
18:59:22.0933 4912 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:59:22.0936 4912 hcw85cir - ok
18:59:22.0977 4912 hcwPP2 (af844d328bb8ef0943bcaf10fa1fc263) C:\Windows\system32\DRIVERS\hcwPP2.sys
18:59:22.0991 4912 hcwPP2 - ok
18:59:23.0054 4912 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:59:23.0076 4912 HdAudAddService - ok
18:59:23.0103 4912 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:59:23.0110 4912 HDAudBus - ok
18:59:23.0134 4912 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:59:23.0177 4912 HidBatt - ok
18:59:23.0201 4912 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:59:23.0224 4912 HidBth - ok
18:59:23.0240 4912 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:59:23.0275 4912 HidIr - ok
18:59:23.0293 4912 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
18:59:23.0295 4912 hidserv - ok
18:59:23.0338 4912 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
18:59:23.0365 4912 HidUsb - ok
18:59:23.0392 4912 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:59:23.0399 4912 hkmsvc - ok
18:59:23.0438 4912 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:59:23.0450 4912 HomeGroupListener - ok
18:59:23.0483 4912 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:59:23.0495 4912 HomeGroupProvider - ok
18:59:23.0531 4912 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:59:23.0534 4912 HpSAMD - ok
18:59:23.0602 4912 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:59:23.0636 4912 HTTP - ok
18:59:23.0645 4912 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:59:23.0646 4912 hwpolicy - ok
18:59:23.0710 4912 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:59:23.0739 4912 i8042prt - ok
18:59:23.0767 4912 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:59:23.0770 4912 iaStorV - ok
18:59:23.0989 4912 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:59:24.0029 4912 idsvc - ok
18:59:24.0068 4912 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:59:24.0072 4912 iirsp - ok
18:59:24.0159 4912 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:59:24.0182 4912 IKEEXT - ok
18:59:24.0216 4912 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:59:24.0220 4912 intelide - ok
18:59:24.0253 4912 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:59:24.0256 4912 intelppm - ok
18:59:24.0284 4912 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:59:24.0307 4912 IPBusEnum - ok
18:59:24.0341 4912 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:24.0348 4912 IpFilterDriver - ok
18:59:24.0400 4912 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:59:24.0422 4912 iphlpsvc - ok
18:59:24.0450 4912 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:59:24.0455 4912 IPMIDRV - ok
18:59:24.0481 4912 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:59:24.0487 4912 IPNAT - ok
18:59:24.0580 4912 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
18:59:24.0610 4912 iPod Service - ok
18:59:24.0631 4912 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:59:24.0633 4912 IRENUM - ok
18:59:24.0666 4912 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:59:24.0691 4912 isapnp - ok
18:59:24.0732 4912 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:59:24.0767 4912 iScsiPrt - ok
18:59:24.0788 4912 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
18:59:24.0791 4912 kbdclass - ok
18:59:24.0827 4912 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
18:59:24.0830 4912 kbdhid - ok
18:59:24.0851 4912 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:59:24.0853 4912 KeyIso - ok
18:59:24.0880 4912 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
18:59:24.0886 4912 KSecDD - ok
18:59:24.0922 4912 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
18:59:24.0936 4912 KSecPkg - ok
18:59:24.0965 4912 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:59:24.0967 4912 ksthunk - ok
18:59:25.0011 4912 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:59:25.0054 4912 KtmRm - ok
18:59:25.0116 4912 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
18:59:25.0144 4912 LanmanServer - ok
18:59:25.0175 4912 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:59:25.0207 4912 LanmanWorkstation - ok
18:59:25.0241 4912 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:59:25.0243 4912 lltdio - ok
18:59:25.0276 4912 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:59:25.0294 4912 lltdsvc - ok
18:59:25.0310 4912 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:59:25.0313 4912 lmhosts - ok
18:59:25.0416 4912 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
18:59:25.0434 4912 LMIGuardianSvc - ok
18:59:25.0461 4912 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
18:59:25.0463 4912 LMIInfo - ok
18:59:25.0497 4912 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
18:59:25.0511 4912 LMIMaint - ok
18:59:25.0539 4912 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
18:59:25.0564 4912 lmimirr - ok
18:59:25.0578 4912 LMIRfsClientNP - ok
18:59:25.0598 4912 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
18:59:25.0651 4912 LMIRfsDriver - ok
18:59:25.0691 4912 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
18:59:25.0708 4912 LogMeIn - ok
18:59:25.0748 4912 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:59:25.0770 4912 LSI_FC - ok
18:59:25.0782 4912 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:59:25.0805 4912 LSI_SAS - ok
18:59:25.0817 4912 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:59:25.0837 4912 LSI_SAS2 - ok
18:59:25.0857 4912 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:59:25.0879 4912 LSI_SCSI - ok
18:59:25.0905 4912 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:59:25.0912 4912 luafv - ok
18:59:25.0947 4912 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
18:59:25.0958 4912 MBAMProtector - ok
18:59:26.0011 4912 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:59:26.0033 4912 MBAMService - ok
18:59:26.0100 4912 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
18:59:26.0146 4912 mcdbus - ok
18:59:26.0184 4912 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:59:26.0189 4912 Mcx2Svc - ok
18:59:26.0206 4912 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:59:26.0241 4912 megasas - ok
18:59:26.0277 4912 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:59:26.0312 4912 MegaSR - ok
18:59:26.0408 4912 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:59:26.0411 4912 Microsoft Office Groove Audit Service - ok
18:59:26.0446 4912 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:59:26.0449 4912 MMCSS - ok
18:59:26.0464 4912 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:59:26.0467 4912 Modem - ok
18:59:26.0501 4912 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:59:26.0527 4912 monitor - ok
18:59:26.0566 4912 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
18:59:26.0569 4912 mouclass - ok
18:59:26.0596 4912 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:59:26.0599 4912 mouhid - ok
18:59:26.0629 4912 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:59:26.0635 4912 mountmgr - ok
18:59:26.0706 4912 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:59:26.0710 4912 MozillaMaintenance - ok
18:59:26.0744 4912 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:59:26.0763 4912 mpio - ok
18:59:26.0779 4912 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:59:26.0782 4912 mpsdrv - ok
18:59:26.0847 4912 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:59:26.0888 4912 MpsSvc - ok
18:59:26.0928 4912 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:59:26.0944 4912 MRxDAV - ok
18:59:26.0990 4912 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:27.0002 4912 mrxsmb - ok
18:59:27.0030 4912 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:27.0043 4912 mrxsmb10 - ok
18:59:27.0058 4912 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:27.0071 4912 mrxsmb20 - ok
18:59:27.0102 4912 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:59:27.0122 4912 msahci - ok
18:59:27.0167 4912 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:59:27.0206 4912 msdsm - ok
18:59:27.0228 4912 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:59:27.0242 4912 MSDTC - ok
18:59:27.0275 4912 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:59:27.0288 4912 Msfs - ok
18:59:27.0299 4912 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:59:27.0301 4912 mshidkmdf - ok
18:59:27.0331 4912 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:59:27.0349 4912 msisadrv - ok
18:59:27.0383 4912 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:59:27.0397 4912 MSiSCSI - ok
18:59:27.0404 4912 msiserver - ok
18:59:27.0426 4912 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:59:27.0433 4912 MSKSSRV - ok
18:59:27.0445 4912 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:27.0446 4912 MSPCLOCK - ok
18:59:27.0457 4912 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:59:27.0458 4912 MSPQM - ok
18:59:27.0500 4912 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:59:27.0518 4912 MsRPC - ok
18:59:27.0554 4912 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:59:27.0557 4912 mssmbios - ok
18:59:27.0563 4912 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:59:27.0565 4912 MSTEE - ok
18:59:27.0580 4912 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:59:27.0583 4912 MTConfig - ok
18:59:27.0609 4912 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:59:27.0612 4912 Mup - ok
18:59:27.0661 4912 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:59:27.0675 4912 napagent - ok
18:59:27.0721 4912 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:59:27.0739 4912 NativeWifiP - ok
18:59:27.0813 4912 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:59:27.0859 4912 NDIS - ok
18:59:27.0888 4912 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:27.0890 4912 NdisCap - ok
18:59:27.0918 4912 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:27.0921 4912 NdisTapi - ok
18:59:27.0952 4912 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:27.0955 4912 Ndisuio - ok
18:59:28.0010 4912 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:28.0023 4912 NdisWan - ok
18:59:28.0058 4912 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:59:28.0061 4912 NDProxy - ok
18:59:28.0088 4912 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:59:28.0090 4912 NetBIOS - ok
18:59:28.0137 4912 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:59:28.0149 4912 NetBT - ok
18:59:28.0183 4912 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:59:28.0185 4912 Netlogon - ok
18:59:28.0242 4912 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:59:28.0268 4912 Netman - ok
18:59:28.0321 4912 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:59:28.0352 4912 netprofm - ok
18:59:28.0443 4912 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:59:28.0449 4912 NetTcpPortSharing - ok
18:59:28.0490 4912 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:59:28.0537 4912 nfrd960 - ok
18:59:28.0602 4912 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:59:28.0627 4912 NlaSvc - ok
18:59:28.0639 4912 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:59:28.0641 4912 Npfs - ok
18:59:28.0662 4912 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:59:28.0664 4912 nsi - ok
18:59:28.0684 4912 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:59:28.0686 4912 nsiproxy - ok
18:59:28.0811 4912 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:59:28.0855 4912 Ntfs - ok
18:59:28.0957 4912 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:59:28.0958 4912 Null - ok
18:59:29.0520 4912 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:59:29.0812 4912 nvlddmkm - ok
18:59:30.0149 4912 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:59:30.0187 4912 nvraid - ok
18:59:30.0217 4912 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:59:30.0273 4912 nvstor - ok
18:59:30.0288 4912 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:59:30.0310 4912 nv_agp - ok
18:59:30.0394 4912 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:59:30.0410 4912 odserv - ok
18:59:30.0441 4912 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:59:30.0466 4912 ohci1394 - ok
18:59:30.0517 4912 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:59:30.0531 4912 ose - ok
18:59:30.0567 4912 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:59:30.0601 4912 p2pimsvc - ok
18:59:30.0629 4912 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:59:30.0644 4912 p2psvc - ok
18:59:30.0668 4912 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:59:30.0698 4912 Parport - ok
18:59:30.0731 4912 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:59:30.0741 4912 partmgr - ok
18:59:30.0757 4912 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:59:30.0770 4912 PcaSvc - ok
18:59:30.0808 4912 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:59:30.0861 4912 pci - ok
18:59:30.0910 4912 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:59:30.0934 4912 pciide - ok
18:59:30.0962 4912 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:59:30.0999 4912 pcmcia - ok
18:59:31.0015 4912 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:59:31.0017 4912 pcw - ok
18:59:31.0079 4912 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:59:31.0099 4912 PEAUTH - ok
18:59:31.0182 4912 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
18:59:31.0235 4912 PeerDistSvc - ok
18:59:31.0307 4912 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:59:31.0326 4912 PerfHost - ok
18:59:31.0474 4912 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:59:31.0521 4912 pla - ok
18:59:31.0573 4912 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:59:31.0590 4912 PlugPlay - ok
18:59:31.0634 4912 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\Windows\system32\HPZipm12.dll
18:59:31.0638 4912 Pml Driver HPZ12 - ok
18:59:31.0662 4912 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:59:31.0665 4912 PNRPAutoReg - ok
18:59:31.0692 4912 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:59:31.0696 4912 PNRPsvc - ok
18:59:31.0750 4912 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:59:31.0772 4912 PolicyAgent - ok
18:59:31.0804 4912 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:59:31.0817 4912 Power - ok
18:59:31.0879 4912 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:59:31.0885 4912 PptpMiniport - ok
18:59:31.0906 4912 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:59:31.0932 4912 Processor - ok
18:59:32.0061 4912 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
18:59:32.0067 4912 ProfSvc - ok
18:59:32.0107 4912 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:59:32.0109 4912 ProtectedStorage - ok
18:59:32.0152 4912 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:59:32.0157 4912 Psched - ok
18:59:32.0239 4912 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:59:32.0296 4912 ql2300 - ok
18:59:32.0433 4912 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:59:32.0446 4912 ql40xx - ok
18:59:32.0483 4912 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:59:32.0501 4912 QWAVE - ok
18:59:32.0511 4912 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:59:32.0513 4912 QWAVEdrv - ok
18:59:32.0527 4912 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:59:32.0528 4912 RasAcd - ok
18:59:32.0551 4912 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:32.0553 4912 RasAgileVpn - ok
18:59:32.0568 4912 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:59:32.0574 4912 RasAuto - ok
18:59:32.0608 4912 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:32.0614 4912 Rasl2tp - ok
18:59:32.0654 4912 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:59:32.0671 4912 RasMan - ok
18:59:32.0698 4912 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:32.0721 4912 RasPppoe - ok
18:59:32.0737 4912 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:59:32.0743 4912 RasSstp - ok
18:59:32.0786 4912 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:59:32.0797 4912 rdbss - ok
18:59:32.0814 4912 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:32.0849 4912 rdpbus - ok
18:59:32.0868 4912 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:32.0878 4912 RDPCDD - ok
18:59:32.0913 4912 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:59:32.0926 4912 RDPDR - ok
18:59:32.0948 4912 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:59:32.0949 4912 RDPENCDD - ok
18:59:32.0961 4912 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:59:32.0963 4912 RDPREFMP - ok
18:59:33.0014 4912 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
18:59:33.0016 4912 RdpVideoMiniport - ok
18:59:33.0053 4912 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:59:33.0073 4912 RDPWD - ok
18:59:33.0121 4912 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:59:33.0133 4912 rdyboost - ok
18:59:33.0166 4912 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:59:33.0189 4912 RemoteAccess - ok
18:59:33.0219 4912 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:59:33.0234 4912 RemoteRegistry - ok
18:59:33.0301 4912 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
18:59:33.0309 4912 RimUsb - ok
18:59:33.0360 4912 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
18:59:33.0363 4912 RimVSerPort - ok
18:59:33.0391 4912 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
18:59:33.0393 4912 ROOTMODEM - ok
18:59:33.0423 4912 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:59:33.0426 4912 RpcEptMapper - ok
18:59:33.0450 4912 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:59:33.0453 4912 RpcLocator - ok
18:59:33.0511 4912 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:59:33.0516 4912 RpcSs - ok
18:59:33.0540 4912 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:59:33.0541 4912 rspndr - ok
18:59:33.0570 4912 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:59:33.0572 4912 s3cap - ok
18:59:33.0589 4912 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:59:33.0590 4912 SamSs - ok
18:59:33.0606 4912 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:59:33.0630 4912 sbp2port - ok
18:59:33.0664 4912 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:59:33.0676 4912 SCardSvr - ok
18:59:33.0712 4912 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:59:33.0714 4912 scfilter - ok
18:59:33.0789 4912 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:59:33.0842 4912 Schedule - ok
18:59:33.0875 4912 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:59:33.0876 4912 SCPolicySvc - ok
18:59:33.0915 4912 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:59:33.0927 4912 SDRSVC - ok
18:59:33.0980 4912 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:59:33.0995 4912 secdrv - ok
18:59:34.0027 4912 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:59:34.0030 4912 seclogon - ok
18:59:34.0055 4912 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
18:59:34.0057 4912 SENS - ok
18:59:34.0088 4912 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:59:34.0091 4912 SensrSvc - ok
18:59:34.0103 4912 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:59:34.0122 4912 Serenum - ok
18:59:34.0139 4912 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:59:34.0208 4912 Serial - ok
18:59:34.0234 4912 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:59:34.0252 4912 sermouse - ok
18:59:34.0296 4912 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:59:34.0310 4912 SessionEnv - ok
18:59:34.0340 4912 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:59:34.0358 4912 sffdisk - ok
18:59:34.0371 4912 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:59:34.0389 4912 sffp_mmc - ok
18:59:34.0401 4912 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:59:34.0403 4912 sffp_sd - ok
18:59:34.0432 4912 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:59:34.0451 4912 sfloppy - ok
18:59:34.0491 4912 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:59:34.0517 4912 SharedAccess - ok
18:59:34.0562 4912 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:59:34.0580 4912 ShellHWDetection - ok
18:59:34.0602 4912 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:59:34.0638 4912 SiSRaid2 - ok
18:59:34.0708 4912 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:59:34.0730 4912 SiSRaid4 - ok
18:59:34.0763 4912 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:59:34.0787 4912 Smb - ok
18:59:34.0831 4912 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:59:34.0833 4912 SNMPTRAP - ok
18:59:34.0914 4912 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
18:59:34.0917 4912 speedfan - ok
18:59:34.0938 4912 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:59:34.0940 4912 spldr - ok
18:59:34.0998 4912 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:59:35.0019 4912 Spooler - ok
18:59:35.0226 4912 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:59:35.0318 4912 sppsvc - ok
18:59:35.0419 4912 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:59:35.0430 4912 sppuinotify - ok
18:59:35.0515 4912 sptd (aa90a319bb067e0d149b4c95608c4b05) C:\Windows\system32\Drivers\sptd.sys
18:59:35.0573 4912 sptd - ok
18:59:35.0623 4912 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:59:35.0635 4912 srv - ok
18:59:35.0685 4912 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:59:35.0702 4912 srv2 - ok
18:59:35.0723 4912 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:59:35.0736 4912 srvnet - ok
18:59:35.0776 4912 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:59:35.0789 4912 SSDPSRV - ok
18:59:35.0803 4912 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:59:35.0807 4912 SstpSvc - ok
18:59:35.0829 4912 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:59:35.0832 4912 stexstor - ok
18:59:35.0885 4912 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:59:35.0915 4912 stisvc - ok
18:59:36.0001 4912 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:59:36.0004 4912 storflt - ok
18:59:36.0125 4912 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:59:36.0150 4912 storvsc - ok
18:59:36.0240 4912 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:59:36.0263 4912 swenum - ok
18:59:36.0317 4912 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:59:36.0336 4912 swprv - ok
18:59:36.0352 4912 Synth3dVsc - ok
18:59:36.0624 4912 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:59:36.0671 4912 SysMain - ok
18:59:36.0787 4912 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:59:36.0792 4912 TabletInputService - ok
18:59:36.0823 4912 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:59:36.0840 4912 TapiSrv - ok
18:59:36.0861 4912 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:59:36.0864 4912 TBS - ok
18:59:37.0011 4912 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:59:37.0063 4912 Tcpip - ok
18:59:37.0282 4912 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:59:37.0294 4912 TCPIP6 - ok
18:59:37.0484 4912 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:59:37.0487 4912 tcpipreg - ok
18:59:37.0521 4912 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:59:37.0523 4912 TDPIPE - ok
18:59:37.0563 4912 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:59:37.0570 4912 TDTCP - ok
18:59:37.0652 4912 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:59:37.0657 4912 tdx - ok
18:59:37.0690 4912 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:59:37.0709 4912 TermDD - ok
18:59:37.0764 4912 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:59:37.0783 4912 TermService - ok
18:59:37.0817 4912 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:59:37.0819 4912 Themes - ok
18:59:37.0849 4912 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:59:37.0852 4912 THREADORDER - ok
18:59:37.0882 4912 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:59:37.0896 4912 TrkWks - ok
18:59:37.0945 4912 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:59:37.0957 4912 TrustedInstaller - ok
18:59:37.0993 4912 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:37.0995 4912 tssecsrv - ok
18:59:38.0032 4912 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:59:38.0034 4912 TsUsbFlt - ok
18:59:38.0039 4912 tsusbhub - ok
18:59:38.0119 4912 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:59:38.0125 4912 tunnel - ok
18:59:38.0153 4912 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:59:38.0173 4912 uagp35 - ok
18:59:38.0214 4912 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:59:38.0231 4912 udfs - ok
18:59:38.0291 4912 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:59:38.0314 4912 UI0Detect - ok
18:59:38.0436 4912 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:59:38.0456 4912 uliagpkx - ok
18:59:38.0679 4912 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:59:38.0714 4912 umbus - ok
18:59:38.0757 4912 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:59:38.0791 4912 UmPass - ok
18:59:38.0862 4912 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
18:59:38.0875 4912 UmRdpService - ok
18:59:38.0916 4912 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:59:38.0935 4912 upnphost - ok
18:59:38.0980 4912 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
18:59:39.0000 4912 USBAAPL64 - ok
18:59:39.0039 4912 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:39.0050 4912 usbccgp - ok
18:59:39.0094 4912 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:59:39.0102 4912 usbcir - ok
18:59:39.0141 4912 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:59:39.0160 4912 usbehci - ok
18:59:39.0210 4912 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:59:39.0279 4912 usbhub - ok
18:59:39.0296 4912 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:59:39.0322 4912 usbohci - ok
18:59:39.0344 4912 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:59:39.0370 4912 usbprint - ok
18:59:39.0380 4912 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:39.0387 4912 USBSTOR - ok
18:59:39.0419 4912 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
18:59:39.0424 4912 usbuhci - ok
18:59:39.0455 4912 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:59:39.0458 4912 UxSms - ok
18:59:39.0478 4912 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:59:39.0480 4912 VaultSvc - ok
18:59:39.0522 4912 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:59:39.0562 4912 vdrvroot - ok
18:59:39.0615 4912 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:59:39.0645 4912 vds - ok
18:59:39.0735 4912 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:39.0761 4912 vga - ok
18:59:39.0934 4912 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:59:39.0980 4912 VgaSave - ok
18:59:40.0002 4912 VGPU - ok
18:59:40.0339 4912 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:59:40.0401 4912 vhdmp - ok
18:59:40.0494 4912 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:59:40.0532 4912 viaide - ok
18:59:40.0842 4912 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:59:41.0000 4912 vmbus - ok
18:59:41.0044 4912 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:59:41.0063 4912 VMBusHID - ok
18:59:41.0121 4912 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:59:41.0157 4912 volmgr - ok
18:59:41.0321 4912 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:59:41.0335 4912 volmgrx - ok
18:59:41.0580 4912 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:59:41.0656 4912 volsnap - ok
18:59:41.0838 4912 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:59:41.0893 4912 vsmraid - ok
18:59:42.0284 4912 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:59:42.0328 4912 VSS - ok
18:59:42.0463 4912 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:59:42.0476 4912 vwifibus - ok
18:59:42.0496 4912 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:59:42.0499 4912 vwififlt - ok
18:59:42.0532 4912 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:59:42.0548 4912 W32Time - ok
18:59:42.0567 4912 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:59:42.0570 4912 WacomPen - ok
18:59:42.0632 4912 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:42.0638 4912 WANARP - ok
18:59:42.0650 4912 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:42.0651 4912 Wanarpv6 - ok
18:59:42.0734 4912 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:59:42.0766 4912 WatAdminSvc - ok
18:59:42.0862 4912 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:59:42.0906 4912 wbengine - ok
18:59:43.0015 4912 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:59:43.0027 4912 WbioSrvc - ok
18:59:43.0068 4912 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:59:43.0085 4912 wcncsvc - ok
18:59:43.0103 4912 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:59:43.0106 4912 WcsPlugInService - ok
18:59:43.0175 4912 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:59:43.0177 4912 Wd - ok
18:59:43.0240 4912 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:59:43.0259 4912 Wdf01000 - ok
18:59:43.0277 4912 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:59:43.0283 4912 WdiServiceHost - ok
18:59:43.0287 4912 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:59:43.0290 4912 WdiSystemHost - ok
18:59:43.0353 4912 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:59:43.0363 4912 WebClient - ok
18:59:43.0392 4912 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:59:43.0403 4912 Wecsvc - ok
18:59:43.0422 4912 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:59:43.0430 4912 wercplsupport - ok
18:59:43.0453 4912 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:59:43.0457 4912 WerSvc - ok
18:59:43.0530 4912 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:43.0541 4912 WfpLwf - ok
18:59:43.0566 4912 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:59:43.0568 4912 WIMMount - ok
18:59:43.0595 4912 WinDefend - ok
18:59:43.0605 4912 WinHttpAutoProxySvc - ok
18:59:43.0663 4912 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:59:43.0684 4912 Winmgmt - ok
18:59:43.0800 4912 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:59:43.0872 4912 WinRM - ok
18:59:44.0034 4912 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:59:44.0050 4912 WinUsb - ok
18:59:44.0287 4912 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:59:44.0347 4912 Wlansvc - ok
18:59:44.0429 4912 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:59:44.0450 4912 WmiAcpi - ok
18:59:45.0204 4912 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:59:45.0252 4912 wmiApSrv - ok
18:59:45.0444 4912 WMPNetworkSvc - ok
18:59:45.0543 4912 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:59:45.0567 4912 WPCSvc - ok
18:59:45.0612 4912 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:59:45.0629 4912 WPDBusEnum - ok
18:59:45.0698 4912 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:59:45.0700 4912 ws2ifsl - ok
18:59:45.0716 4912 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
18:59:45.0731 4912 wscsvc - ok
18:59:45.0736 4912 WSearch - ok
18:59:46.0080 4912 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:59:46.0160 4912 wuauserv - ok
18:59:46.0612 4912 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:59:46.0618 4912 WudfPf - ok
18:59:46.0638 4912 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:46.0651 4912 WUDFRd - ok
18:59:46.0720 4912 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:59:46.0737 4912 wudfsvc - ok
18:59:46.0801 4912 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:59:46.0807 4912 WwanSvc - ok
18:59:46.0856 4912 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:59:46.0936 4912 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:59:46.0936 4912 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:59:46.0960 4912 Boot (0x1200) (b194d0af711a89512fba05e0ccd6c8b3) \Device\Harddisk0\DR0\Partition0
18:59:46.0978 4912 \Device\Harddisk0\DR0\Partition0 - ok
18:59:46.0999 4912 Boot (0x1200) (f9cc3b0a3e470a36deeb2b0bc91ae6d4) \Device\Harddisk0\DR0\Partition1
18:59:47.0013 4912 \Device\Harddisk0\DR0\Partition1 - ok
18:59:47.0013 4912 ============================================================
18:59:47.0013 4912 Scan finished
18:59:47.0013 4912 ============================================================
18:59:47.0034 4168 Detected object count: 1
18:59:47.0034 4168 Actual detected object count: 1
18:59:54.0141 4168 \Device\Harddisk0\DR0\# - copied to quarantine
18:59:54.0144 4168 \Device\Harddisk0\DR0 - copied to quarantine
18:59:54.0184 4168 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:59:57.0680 4168 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:59:58.0561 4168 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
18:59:58.0943 4168 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
18:59:59.0376 4168 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:59:59.0851 4168 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
19:00:00.0288 4168 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
19:00:00.0291 4168 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
19:00:00.0294 4168 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
19:00:00.0299 4168 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
19:00:00.0613 4168 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
19:00:00.0911 4168 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
19:00:00.0915 4168 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
19:00:00.0918 4168 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
19:00:00.0929 4168 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
19:00:01.0285 4168 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
19:00:01.0287 4168 \Device\Harddisk0\DR0 - ok
19:00:01.0405 4168 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
19:00:08.0447 4352 Deinitialize success

#7 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 02 August 2012 - 07:03 PM

Please do the following:

  • Download ListParts64 to a USB flash drive.
  • Plug the USB drive into the infected machine.

Boot your computer into Recovery Environment

  • Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
  • Select Repair your computer.
  • Select Language and click Next
  • Enter password (if necessary) and click OK, you should now see the screen below ...

Posted Image

  • Select the Command Prompt option.
  • A command window will open.
  • Type notepad then hit Enter.
  • Notepad will open.
  • Click File > Open then select Computer.
  • Note down the drive letter for your USB Drive.
  • Close Notepad.
[*]Back in the command window ....
  • Type e:/listparts64.exe and hit Enter (where e: is replaced by the drive letter for your USB drive)
  • ListParts will start to run.
  • Press the Scan button.
  • When finished scanning it will make a log Result.txt on the flash drive.
[*]Close the command window.
[*]Boot back into normal mode and post me the Result.txt log please.
[/list]

#8 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 02 August 2012 - 07:09 PM

Scan after selecting cure found no threats in the system.

#9 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 02 August 2012 - 07:24 PM

Sounds good. I'd still like to get that ListParts report if possible.

#10 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 02 August 2012 - 07:49 PM

ListParts by Farbar Version: 25-07-2012
Ran by SYSTEM (administrator) on 02-08-2012 at 19:46:05
Windows 7 (X64)
Running From: K:\
Language: 0409
************************************************************

========================= Memory info ======================

Percentage of memory in use: 19%
Total physical RAM: 2046.45 MB
Available physical RAM: 1644.2 MB
Total Pagefile: 2046.45 MB
Available Pagefile: 1615.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: () (Fixed) (Total:186.21 GB) (Free:127.78 GB) NTFS
9 Drive k: (My GS Drive) (Removable) (Total:1.86 GB) (Free:1.79 GB) FAT
10 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 186 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 Online 1901 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 186 GB 101 MB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C System Rese NTFS Partition 100 MB Healthy

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D NTFS Partition 186 GB Healthy

======================================================================================================

Partitions of Disk 5:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1901 MB 8 KB

======================================================================================================

Disk: 5
Partition 1
Type : 0E
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 K My GS Drive FAT Removable 1901 MB Healthy

======================================================================================================

****** End Of Log ******

#11 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 02 August 2012 - 07:54 PM

Go ahead and boot back into Normal Mode.

Reboot once more, then TDSSKiller again, and post the new log it creates. Let me know how it goes.

#12 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 03 August 2012 - 03:48 PM

15:46:11.0447 3736 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:46:11.0775 3736 ============================================================
15:46:11.0775 3736 Current date / time: 2012/08/03 15:46:11.0775
15:46:11.0775 3736 SystemInfo:
15:46:11.0775 3736
15:46:11.0775 3736 OS Version: 6.1.7601 ServicePack: 1.0
15:46:11.0775 3736 Product type: Workstation
15:46:11.0775 3736 ComputerName: MULKANOOR-PC
15:46:11.0775 3736 UserName: Mulkanoor
15:46:11.0775 3736 Windows directory: C:\Windows
15:46:11.0775 3736 System windows directory: C:\Windows
15:46:11.0775 3736 Running under WOW64
15:46:11.0775 3736 Processor architecture: Intel x64
15:46:11.0775 3736 Number of processors: 2
15:46:11.0775 3736 Page size: 0x1000
15:46:11.0775 3736 Boot type: Normal boot
15:46:11.0775 3736 ============================================================
15:46:14.0291 3736 Drive \Device\Harddisk0\DR0 - Size: 0x2E93B00000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:14.0306 3736 Drive \Device\Harddisk1\DR1 - Size: 0x76D87E00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:46:14.0322 3736 ============================================================
15:46:14.0322 3736 \Device\Harddisk0\DR0:
15:46:14.0322 3736 MBR partitions:
15:46:14.0322 3736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:46:14.0322 3736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1746A800
15:46:14.0322 3736 \Device\Harddisk1\DR1:
15:46:14.0337 3736 MBR partitions:
15:46:14.0337 3736 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xE, StartLBA 0x10, BlocksNum 0x3B6C2F
15:46:14.0337 3736 ============================================================
15:46:14.0478 3736 C: <-> \Device\Harddisk0\DR0\Partition1
15:46:14.0478 3736 ============================================================
15:46:14.0478 3736 Initialize success
15:46:14.0478 3736 ============================================================
15:46:16.0151 3960 ============================================================
15:46:16.0151 3960 Scan started
15:46:16.0151 3960 Mode: Manual;
15:46:16.0151 3960 ============================================================
15:46:17.0432 3960 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:46:17.0448 3960 1394ohci - ok
15:46:17.0479 3960 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:46:17.0495 3960 ACPI - ok
15:46:17.0526 3960 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:46:17.0526 3960 AcpiPmi - ok
15:46:17.0620 3960 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:46:17.0620 3960 AdobeARMservice - ok
15:46:17.0745 3960 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:17.0760 3960 AdobeFlashPlayerUpdateSvc - ok
15:46:17.0807 3960 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:46:17.0854 3960 adp94xx - ok
15:46:17.0916 3960 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:46:17.0932 3960 adpahci - ok
15:46:17.0948 3960 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:46:17.0963 3960 adpu320 - ok
15:46:17.0995 3960 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:46:17.0995 3960 AeLookupSvc - ok
15:46:18.0057 3960 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:46:18.0151 3960 AFD - ok
15:46:18.0213 3960 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys
15:46:18.0260 3960 AgereSoftModem - ok
15:46:18.0323 3960 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:46:18.0401 3960 agp440 - ok
15:46:18.0588 3960 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:46:18.0588 3960 ALG - ok
15:46:18.0713 3960 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:46:18.0745 3960 aliide - ok
15:46:19.0010 3960 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:46:19.0026 3960 amdide - ok
15:46:19.0229 3960 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:46:19.0245 3960 AmdK8 - ok
15:46:19.0620 3960 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:46:19.0651 3960 AmdPPM - ok
15:46:20.0027 3960 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:46:20.0058 3960 amdsata - ok
15:46:21.0058 3960 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:46:21.0074 3960 amdsbs - ok
15:46:21.0277 3960 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:46:21.0324 3960 amdxata - ok
15:46:21.0871 3960 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:46:21.0902 3960 AppID - ok
15:46:22.0121 3960 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:46:22.0152 3960 AppIDSvc - ok
15:46:22.0730 3960 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:46:22.0792 3960 Appinfo - ok
15:46:23.0152 3960 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:23.0183 3960 Apple Mobile Device - ok
15:46:23.0339 3960 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:46:23.0371 3960 AppMgmt - ok
15:46:23.0433 3960 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:46:23.0433 3960 arc - ok
15:46:23.0511 3960 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:46:23.0511 3960 arcsas - ok
15:46:23.0574 3960 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:23.0574 3960 AsyncMac - ok
15:46:23.0856 3960 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:46:23.0872 3960 atapi - ok
15:46:25.0012 3960 athr (8c56e93749ba53a4b645963d3439e01e) C:\Windows\system32\DRIVERS\athrx.sys
15:46:25.0075 3960 athr - ok
15:46:26.0200 3960 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:46:26.0215 3960 AudioEndpointBuilder - ok
15:46:26.0231 3960 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:46:26.0231 3960 AudioSrv - ok
15:46:26.0528 3960 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:46:26.0559 3960 AxInstSV - ok
15:46:26.0997 3960 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:46:27.0028 3960 b06bdrv - ok
15:46:27.0278 3960 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:27.0293 3960 b57nd60a - ok
15:46:27.0637 3960 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:46:27.0637 3960 BDESVC - ok
15:46:27.0732 3960 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:46:27.0763 3960 Beep - ok
15:46:28.0419 3960 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:46:28.0466 3960 BFE - ok
15:46:28.0857 3960 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
15:46:28.0904 3960 BITS - ok
15:46:29.0279 3960 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:29.0294 3960 blbdrive - ok
15:46:30.0169 3960 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:46:30.0185 3960 Bonjour Service - ok
15:46:30.0451 3960 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:46:30.0466 3960 bowser - ok
15:46:30.0576 3960 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:46:30.0701 3960 BrFiltLo - ok
15:46:31.0201 3960 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:46:31.0232 3960 BrFiltUp - ok
15:46:33.0060 3960 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
15:46:33.0123 3960 BridgeMP - ok
15:46:34.0373 3960 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:46:34.0388 3960 Browser - ok
15:46:34.0654 3960 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:46:34.0669 3960 Brserid - ok
15:46:34.0716 3960 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:34.0716 3960 BrSerWdm - ok
15:46:34.0748 3960 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:34.0748 3960 BrUsbMdm - ok
15:46:34.0779 3960 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:34.0779 3960 BrUsbSer - ok
15:46:34.0888 3960 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:46:34.0904 3960 BTHMODEM - ok
15:46:35.0060 3960 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:46:35.0076 3960 bthserv - ok
15:46:35.0248 3960 catchme - ok
15:46:35.0388 3960 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:46:35.0388 3960 cdfs - ok
15:46:35.0560 3960 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:46:35.0591 3960 cdrom - ok
15:46:35.0733 3960 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:46:35.0733 3960 CertPropSvc - ok
15:46:35.0889 3960 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:46:35.0905 3960 circlass - ok
15:46:36.0405 3960 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:46:36.0483 3960 CLFS - ok
15:46:38.0686 3960 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:39.0092 3960 clr_optimization_v2.0.50727_32 - ok
15:46:39.0624 3960 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:39.0750 3960 clr_optimization_v2.0.50727_64 - ok
15:46:39.0968 3960 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:40.0110 3960 clr_optimization_v4.0.30319_32 - ok
15:46:40.0157 3960 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:40.0172 3960 clr_optimization_v4.0.30319_64 - ok
15:46:40.0188 3960 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:40.0204 3960 CmBatt - ok
15:46:40.0235 3960 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:46:40.0235 3960 cmdide - ok
15:46:40.0282 3960 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
15:46:40.0297 3960 CNG - ok
15:46:40.0313 3960 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:46:40.0329 3960 Compbatt - ok
15:46:40.0375 3960 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:46:40.0391 3960 CompositeBus - ok
15:46:40.0407 3960 COMSysApp - ok
15:46:40.0454 3960 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:46:40.0454 3960 crcdisk - ok
15:46:40.0500 3960 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:46:40.0516 3960 CryptSvc - ok
15:46:40.0610 3960 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:46:40.0610 3960 CSC - ok
15:46:40.0657 3960 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:46:40.0704 3960 CscService - ok
15:46:40.0875 3960 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:46:40.0891 3960 DcomLaunch - ok
15:46:40.0985 3960 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:46:41.0047 3960 defragsvc - ok
15:46:41.0125 3960 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:46:41.0141 3960 DfsC - ok
15:46:41.0360 3960 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:46:41.0375 3960 Dhcp - ok
15:46:41.0422 3960 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:46:41.0438 3960 discache - ok
15:46:41.0469 3960 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:46:41.0469 3960 Disk - ok
15:46:41.0516 3960 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:46:41.0516 3960 Dnscache - ok
15:46:41.0610 3960 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:46:41.0610 3960 dot3svc - ok
15:46:41.0688 3960 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:46:41.0704 3960 DPS - ok
15:46:41.0735 3960 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:46:41.0750 3960 drmkaud - ok
15:46:41.0923 3960 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:46:41.0923 3960 DXGKrnl - ok
15:46:41.0970 3960 e1express (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
15:46:41.0970 3960 e1express - ok
15:46:42.0017 3960 eamonm (13533557d01b88c83110d5cf749f14d7) C:\Windows\system32\DRIVERS\eamonm.sys
15:46:42.0033 3960 eamonm - ok
15:46:42.0048 3960 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:46:42.0048 3960 EapHost - ok
15:46:44.0336 3960 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:46:44.0430 3960 ebdrv - ok
15:46:44.0790 3960 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:46:44.0790 3960 EFS - ok
15:46:44.0994 3960 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\Windows\system32\DRIVERS\ehdrv.sys
15:46:44.0994 3960 ehdrv - ok
15:46:45.0275 3960 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:46:45.0322 3960 ehRecvr - ok
15:46:45.0462 3960 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:46:45.0478 3960 ehSched - ok
15:46:45.0744 3960 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
15:46:45.0759 3960 ekrn - ok
15:46:46.0072 3960 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:46:46.0087 3960 elxstor - ok
15:46:46.0166 3960 epfw (198c6fbc30bbd9632ea051203dccf204) C:\Windows\system32\DRIVERS\epfw.sys
15:46:46.0181 3960 epfw - ok
15:46:46.0197 3960 EpfwLWF (56de463f517710a8aa44eef82c35b3c9) C:\Windows\system32\DRIVERS\EpfwLWF.sys
15:46:46.0197 3960 EpfwLWF - ok
15:46:46.0212 3960 epfwwfp (710b0442bb2f99278d7b8e02a8849c11) C:\Windows\system32\DRIVERS\epfwwfp.sys
15:46:46.0212 3960 epfwwfp - ok
15:46:46.0259 3960 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:46:46.0306 3960 ErrDev - ok
15:46:46.0400 3960 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:46:46.0416 3960 EventSystem - ok
15:46:46.0494 3960 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:46:46.0509 3960 exfat - ok
15:46:46.0525 3960 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:46:46.0541 3960 fastfat - ok
15:46:46.0666 3960 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:46:46.0712 3960 Fax - ok
15:46:46.0853 3960 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:46:46.0853 3960 fdc - ok
15:46:46.0884 3960 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:46:46.0884 3960 fdPHost - ok
15:46:46.0900 3960 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:46:46.0900 3960 FDResPub - ok
15:46:46.0916 3960 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:46:46.0916 3960 FileInfo - ok
15:46:46.0947 3960 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:46:46.0947 3960 Filetrace - ok
15:46:46.0962 3960 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:46:46.0962 3960 flpydisk - ok
15:46:47.0009 3960 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:46:47.0025 3960 FltMgr - ok
15:46:47.0525 3960 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:46:47.0556 3960 FontCache - ok
15:46:47.0759 3960 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:46:47.0759 3960 FontCache3.0.0.0 - ok
15:46:47.0837 3960 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:46:47.0837 3960 FsDepends - ok
15:46:47.0869 3960 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:46:47.0869 3960 Fs_Rec - ok
15:46:47.0931 3960 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:46:47.0947 3960 fvevol - ok
15:46:47.0994 3960 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:46:48.0041 3960 gagp30kx - ok
15:46:48.0103 3960 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:46:48.0103 3960 GEARAspiWDM - ok
15:46:48.0197 3960 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:46:48.0259 3960 gpsvc - ok
15:46:48.0525 3960 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:46:48.0525 3960 gusvc - ok
15:46:48.0556 3960 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:46:48.0556 3960 hcw85cir - ok
15:46:48.0666 3960 hcwPP2 (af844d328bb8ef0943bcaf10fa1fc263) C:\Windows\system32\DRIVERS\hcwPP2.sys
15:46:48.0681 3960 hcwPP2 - ok
15:46:48.0775 3960 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:46:48.0791 3960 HdAudAddService - ok
15:46:48.0822 3960 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:46:48.0822 3960 HDAudBus - ok
15:46:48.0853 3960 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:46:48.0869 3960 HidBatt - ok
15:46:48.0885 3960 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:46:48.0885 3960 HidBth - ok
15:46:48.0901 3960 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:46:48.0901 3960 HidIr - ok
15:46:48.0948 3960 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
15:46:48.0948 3960 hidserv - ok
15:46:48.0995 3960 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:46:49.0010 3960 HidUsb - ok
15:46:49.0057 3960 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:46:49.0057 3960 hkmsvc - ok
15:46:49.0182 3960 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:46:49.0198 3960 HomeGroupListener - ok
15:46:49.0291 3960 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:46:49.0291 3960 HomeGroupProvider - ok
15:46:49.0338 3960 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:46:49.0338 3960 HpSAMD - ok
15:46:49.0463 3960 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:46:49.0479 3960 HTTP - ok
15:46:49.0526 3960 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:46:49.0526 3960 hwpolicy - ok
15:46:49.0620 3960 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:46:49.0651 3960 i8042prt - ok
15:46:49.0698 3960 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:46:49.0698 3960 iaStorV - ok
15:46:49.0948 3960 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:46:49.0979 3960 idsvc - ok
15:46:50.0026 3960 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:46:50.0041 3960 iirsp - ok
15:46:50.0120 3960 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:46:50.0166 3960 IKEEXT - ok
15:46:50.0198 3960 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:46:50.0198 3960 intelide - ok
15:46:50.0213 3960 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:46:50.0213 3960 intelppm - ok
15:46:50.0276 3960 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:46:50.0291 3960 IPBusEnum - ok
15:46:50.0354 3960 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:46:50.0370 3960 IpFilterDriver - ok
15:46:50.0416 3960 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:46:50.0448 3960 iphlpsvc - ok
15:46:50.0495 3960 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:46:50.0495 3960 IPMIDRV - ok
15:46:50.0541 3960 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:46:50.0541 3960 IPNAT - ok
15:46:51.0213 3960 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:46:51.0245 3960 iPod Service - ok
15:46:51.0291 3960 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:46:51.0291 3960 IRENUM - ok
15:46:51.0323 3960 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:46:51.0338 3960 isapnp - ok
15:46:51.0573 3960 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:46:51.0635 3960 iScsiPrt - ok
15:46:51.0698 3960 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:46:51.0698 3960 kbdclass - ok
15:46:51.0729 3960 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:46:51.0729 3960 kbdhid - ok
15:46:51.0760 3960 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:46:51.0760 3960 KeyIso - ok
15:46:51.0948 3960 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
15:46:51.0948 3960 KSecDD - ok
15:46:52.0026 3960 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
15:46:52.0041 3960 KSecPkg - ok
15:46:52.0073 3960 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:46:52.0073 3960 ksthunk - ok
15:46:52.0135 3960 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:46:52.0151 3960 KtmRm - ok
15:46:52.0213 3960 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
15:46:52.0245 3960 LanmanServer - ok
15:46:52.0276 3960 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:46:52.0307 3960 LanmanWorkstation - ok
15:46:52.0338 3960 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:46:52.0338 3960 lltdio - ok
15:46:52.0385 3960 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:46:52.0385 3960 lltdsvc - ok
15:46:52.0463 3960 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:46:52.0463 3960 lmhosts - ok
15:46:52.0713 3960 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
15:46:52.0729 3960 LMIGuardianSvc - ok
15:46:52.0776 3960 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
15:46:52.0776 3960 LMIInfo - ok
15:46:53.0104 3960 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
15:46:53.0166 3960 LMIMaint - ok
15:46:53.0213 3960 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
15:46:53.0229 3960 lmimirr - ok
15:46:53.0245 3960 LMIRfsClientNP - ok
15:46:53.0276 3960 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
15:46:53.0276 3960 LMIRfsDriver - ok
15:46:53.0307 3960 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
15:46:53.0323 3960 LogMeIn - ok
15:46:53.0416 3960 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:46:53.0416 3960 LSI_FC - ok
15:46:53.0432 3960 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:46:53.0432 3960 LSI_SAS - ok
15:46:53.0448 3960 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:46:53.0448 3960 LSI_SAS2 - ok
15:46:53.0463 3960 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:46:53.0479 3960 LSI_SCSI - ok
15:46:53.0495 3960 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:46:53.0510 3960 luafv - ok
15:46:53.0541 3960 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
15:46:53.0541 3960 MBAMProtector - ok
15:46:53.0713 3960 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:46:53.0745 3960 MBAMService - ok
15:46:53.0791 3960 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
15:46:53.0791 3960 mcdbus - ok
15:46:53.0995 3960 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:46:54.0010 3960 Mcx2Svc - ok
15:46:54.0026 3960 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:46:54.0026 3960 megasas - ok
15:46:54.0057 3960 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:46:54.0073 3960 MegaSR - ok
15:46:54.0198 3960 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:46:54.0198 3960 Microsoft Office Groove Audit Service - ok
15:46:54.0245 3960 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:46:54.0245 3960 MMCSS - ok
15:46:54.0260 3960 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:46:54.0260 3960 Modem - ok
15:46:54.0291 3960 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:46:54.0291 3960 monitor - ok
15:46:54.0338 3960 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:46:54.0338 3960 mouclass - ok
15:46:54.0354 3960 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:46:54.0354 3960 mouhid - ok
15:46:54.0385 3960 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:46:54.0401 3960 mountmgr - ok
15:46:54.0479 3960 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:46:54.0495 3960 MozillaMaintenance - ok
15:46:54.0870 3960 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:46:54.0885 3960 mpio - ok
15:46:54.0916 3960 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:46:54.0916 3960 mpsdrv - ok
15:46:55.0010 3960 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:46:55.0026 3960 MpsSvc - ok
15:46:55.0120 3960 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:46:55.0135 3960 MRxDAV - ok
15:46:55.0182 3960 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:46:55.0182 3960 mrxsmb - ok
15:46:55.0260 3960 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:46:55.0276 3960 mrxsmb10 - ok
15:46:55.0307 3960 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:46:55.0323 3960 mrxsmb20 - ok
15:46:55.0354 3960 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:46:55.0354 3960 msahci - ok
15:46:55.0385 3960 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:46:55.0416 3960 msdsm - ok
15:46:55.0432 3960 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:46:55.0448 3960 MSDTC - ok
15:46:55.0479 3960 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:46:55.0479 3960 Msfs - ok
15:46:55.0510 3960 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:46:55.0510 3960 mshidkmdf - ok
15:46:55.0541 3960 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:46:55.0541 3960 msisadrv - ok
15:46:55.0557 3960 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:46:55.0573 3960 MSiSCSI - ok
15:46:55.0573 3960 msiserver - ok
15:46:55.0604 3960 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:46:55.0604 3960 MSKSSRV - ok
15:46:55.0620 3960 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:46:55.0620 3960 MSPCLOCK - ok
15:46:55.0620 3960 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:46:55.0635 3960 MSPQM - ok
15:46:55.0698 3960 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:46:55.0729 3960 MsRPC - ok
15:46:55.0791 3960 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:46:55.0791 3960 mssmbios - ok
15:46:55.0807 3960 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:46:55.0807 3960 MSTEE - ok
15:46:55.0838 3960 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:46:55.0838 3960 MTConfig - ok
15:46:55.0854 3960 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:46:55.0854 3960 Mup - ok
15:46:56.0074 3960 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:46:56.0089 3960 napagent - ok
15:46:56.0136 3960 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:46:56.0136 3960 NativeWifiP - ok
15:46:56.0230 3960 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:46:56.0277 3960 NDIS - ok
15:46:56.0308 3960 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:46:56.0308 3960 NdisCap - ok
15:46:56.0339 3960 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:46:56.0339 3960 NdisTapi - ok
15:46:56.0386 3960 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:46:56.0386 3960 Ndisuio - ok
15:46:56.0449 3960 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:46:56.0464 3960 NdisWan - ok
15:46:56.0480 3960 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:46:56.0496 3960 NDProxy - ok
15:46:56.0511 3960 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:46:56.0511 3960 NetBIOS - ok
15:46:56.0574 3960 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:46:56.0589 3960 NetBT - ok
15:46:56.0621 3960 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:46:56.0621 3960 Netlogon - ok
15:46:56.0667 3960 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:46:56.0683 3960 Netman - ok
15:46:56.0730 3960 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:46:56.0746 3960 netprofm - ok
15:46:56.0839 3960 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:46:56.0855 3960 NetTcpPortSharing - ok
15:46:56.0886 3960 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:46:56.0886 3960 nfrd960 - ok
15:46:56.0933 3960 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:46:56.0949 3960 NlaSvc - ok
15:46:56.0980 3960 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:46:56.0980 3960 Npfs - ok
15:46:56.0996 3960 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:46:56.0996 3960 nsi - ok
15:46:57.0011 3960 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:46:57.0011 3960 nsiproxy - ok
15:46:57.0199 3960 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:46:57.0277 3960 Ntfs - ok
15:46:57.0464 3960 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:46:57.0464 3960 Null - ok
15:46:58.0839 3960 nvlddmkm (dd81fbc57ab9134cddc5ce90880bfd80) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:46:58.0917 3960 nvlddmkm - ok
15:46:59.0214 3960 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:46:59.0246 3960 nvraid - ok
15:46:59.0292 3960 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:46:59.0308 3960 nvstor - ok
15:46:59.0355 3960 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:46:59.0355 3960 nv_agp - ok
15:46:59.0527 3960 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:46:59.0574 3960 odserv - ok
15:46:59.0605 3960 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:46:59.0636 3960 ohci1394 - ok
15:46:59.0699 3960 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:46:59.0714 3960 ose - ok
15:46:59.0746 3960 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:46:59.0761 3960 p2pimsvc - ok
15:46:59.0792 3960 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:46:59.0808 3960 p2psvc - ok
15:46:59.0839 3960 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:46:59.0839 3960 Parport - ok
15:46:59.0902 3960 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:46:59.0902 3960 partmgr - ok
15:46:59.0917 3960 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:46:59.0933 3960 PcaSvc - ok
15:46:59.0996 3960 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:47:00.0011 3960 pci - ok
15:47:00.0027 3960 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:47:00.0042 3960 pciide - ok
15:47:00.0214 3960 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:47:00.0230 3960 pcmcia - ok
15:47:00.0308 3960 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:47:00.0308 3960 pcw - ok
15:47:00.0355 3960 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:47:00.0402 3960 PEAUTH - ok
15:47:00.0652 3960 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:47:00.0699 3960 PeerDistSvc - ok
15:47:00.0886 3960 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:47:00.0886 3960 PerfHost - ok
15:47:01.0121 3960 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:47:01.0183 3960 pla - ok
15:47:01.0246 3960 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:47:01.0261 3960 PlugPlay - ok
15:47:01.0308 3960 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\Windows\system32\HPZipm12.dll
15:47:01.0324 3960 Pml Driver HPZ12 - ok
15:47:01.0355 3960 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:47:01.0355 3960 PNRPAutoReg - ok
15:47:01.0402 3960 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:47:01.0402 3960 PNRPsvc - ok
15:47:01.0527 3960 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:47:01.0558 3960 PolicyAgent - ok
15:47:01.0605 3960 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:47:01.0605 3960 Power - ok
15:47:01.0683 3960 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:47:01.0683 3960 PptpMiniport - ok
15:47:01.0714 3960 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:47:01.0714 3960 Processor - ok
15:47:01.0746 3960 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:47:01.0761 3960 ProfSvc - ok
15:47:01.0777 3960 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:47:01.0777 3960 ProtectedStorage - ok
15:47:01.0824 3960 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:47:01.0824 3960 Psched - ok
15:47:01.0933 3960 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:47:01.0980 3960 ql2300 - ok
15:47:02.0308 3960 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:47:02.0308 3960 ql40xx - ok
15:47:02.0355 3960 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:47:02.0371 3960 QWAVE - ok
15:47:02.0371 3960 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:47:02.0371 3960 QWAVEdrv - ok
15:47:02.0386 3960 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:47:02.0386 3960 RasAcd - ok
15:47:02.0449 3960 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:02.0464 3960 RasAgileVpn - ok
15:47:02.0480 3960 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:47:02.0480 3960 RasAuto - ok
15:47:02.0542 3960 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:02.0542 3960 Rasl2tp - ok
15:47:02.0589 3960 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:47:02.0621 3960 RasMan - ok
15:47:02.0636 3960 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:02.0652 3960 RasPppoe - ok
15:47:02.0683 3960 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:47:02.0683 3960 RasSstp - ok
15:47:02.0761 3960 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:47:02.0777 3960 rdbss - ok
15:47:02.0839 3960 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:47:02.0871 3960 rdpbus - ok
15:47:02.0902 3960 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:02.0902 3960 RDPCDD - ok
15:47:03.0246 3960 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:47:03.0261 3960 RDPDR - ok
15:47:03.0277 3960 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:47:03.0292 3960 RDPENCDD - ok
15:47:03.0308 3960 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:47:03.0324 3960 RDPREFMP - ok
15:47:03.0386 3960 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
15:47:03.0402 3960 RdpVideoMiniport - ok
15:47:03.0464 3960 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:47:03.0496 3960 RDPWD - ok
15:47:03.0542 3960 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:47:03.0558 3960 rdyboost - ok
15:47:03.0589 3960 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:47:03.0589 3960 RemoteAccess - ok
15:47:03.0621 3960 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:47:03.0636 3960 RemoteRegistry - ok
15:47:03.0683 3960 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:47:03.0699 3960 RimUsb - ok
15:47:03.0746 3960 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:47:03.0746 3960 RimVSerPort - ok
15:47:03.0777 3960 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
15:47:03.0777 3960 ROOTMODEM - ok
15:47:03.0792 3960 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:47:03.0792 3960 RpcEptMapper - ok
15:47:03.0839 3960 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:47:03.0839 3960 RpcLocator - ok
15:47:03.0902 3960 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:47:03.0902 3960 RpcSs - ok
15:47:03.0933 3960 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:47:03.0933 3960 rspndr - ok
15:47:03.0964 3960 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:47:03.0964 3960 s3cap - ok
15:47:03.0980 3960 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:47:03.0980 3960 SamSs - ok
15:47:03.0996 3960 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:47:04.0011 3960 sbp2port - ok
15:47:04.0027 3960 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:47:04.0042 3960 SCardSvr - ok
15:47:04.0089 3960 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:47:04.0089 3960 scfilter - ok
15:47:04.0230 3960 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:47:04.0261 3960 Schedule - ok
15:47:04.0308 3960 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:47:04.0308 3960 SCPolicySvc - ok
15:47:04.0355 3960 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:47:04.0355 3960 SDRSVC - ok
15:47:04.0417 3960 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:47:04.0417 3960 secdrv - ok
15:47:04.0433 3960 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:47:04.0433 3960 seclogon - ok
15:47:04.0464 3960 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
15:47:04.0464 3960 SENS - ok
15:47:04.0480 3960 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:47:04.0480 3960 SensrSvc - ok
15:47:04.0496 3960 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:47:04.0496 3960 Serenum - ok
15:47:04.0527 3960 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:47:04.0527 3960 Serial - ok
15:47:04.0589 3960 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:47:04.0621 3960 sermouse - ok
15:47:04.0699 3960 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:47:04.0714 3960 SessionEnv - ok
15:47:04.0761 3960 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:47:04.0777 3960 sffdisk - ok
15:47:04.0792 3960 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:47:04.0824 3960 sffp_mmc - ok
15:47:04.0839 3960 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:47:04.0839 3960 sffp_sd - ok
15:47:04.0855 3960 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:47:04.0855 3960 sfloppy - ok
15:47:04.0918 3960 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:47:04.0934 3960 SharedAccess - ok
15:47:05.0231 3960 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:47:05.0247 3960 ShellHWDetection - ok
15:47:05.0262 3960 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:47:05.0262 3960 SiSRaid2 - ok
15:47:05.0293 3960 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:47:05.0293 3960 SiSRaid4 - ok
15:47:05.0325 3960 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:47:05.0325 3960 Smb - ok
15:47:05.0372 3960 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:47:05.0372 3960 SNMPTRAP - ok
15:47:05.0481 3960 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys
15:47:05.0497 3960 speedfan - ok
15:47:05.0512 3960 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:47:05.0512 3960 spldr - ok
15:47:05.0590 3960 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:47:05.0637 3960 Spooler - ok
15:47:06.0168 3960 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:47:06.0262 3960 sppsvc - ok
15:47:06.0497 3960 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:47:06.0512 3960 sppuinotify - ok
15:47:06.0684 3960 sptd (aa90a319bb067e0d149b4c95608c4b05) C:\Windows\system32\Drivers\sptd.sys
15:47:06.0715 3960 sptd - ok
15:47:06.0778 3960 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:47:06.0793 3960 srv - ok
15:47:06.0825 3960 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:47:06.0840 3960 srv2 - ok
15:47:06.0903 3960 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:47:06.0918 3960 srvnet - ok
15:47:06.0950 3960 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:47:06.0965 3960 SSDPSRV - ok
15:47:06.0981 3960 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:47:06.0981 3960 SstpSvc - ok
15:47:07.0012 3960 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:47:07.0012 3960 stexstor - ok
15:47:07.0075 3960 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:47:07.0122 3960 stisvc - ok
15:47:07.0153 3960 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:47:07.0153 3960 storflt - ok
15:47:07.0200 3960 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:47:07.0200 3960 storvsc - ok
15:47:07.0231 3960 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:47:07.0231 3960 swenum - ok
15:47:07.0293 3960 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:47:07.0356 3960 swprv - ok
15:47:07.0403 3960 Synth3dVsc - ok
15:47:07.0559 3960 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:47:07.0606 3960 SysMain - ok
15:47:07.0747 3960 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:47:07.0762 3960 TabletInputService - ok
15:47:07.0778 3960 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:47:07.0809 3960 TapiSrv - ok
15:47:07.0825 3960 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:47:07.0825 3960 TBS - ok
15:47:07.0997 3960 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:47:08.0075 3960 Tcpip - ok
15:47:08.0497 3960 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:47:08.0512 3960 TCPIP6 - ok
15:47:08.0668 3960 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:47:08.0668 3960 tcpipreg - ok
15:47:08.0731 3960 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:47:08.0731 3960 TDPIPE - ok
15:47:08.0762 3960 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:47:08.0762 3960 TDTCP - ok
15:47:08.0793 3960 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:47:08.0825 3960 tdx - ok
15:47:08.0872 3960 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:47:08.0903 3960 TermDD - ok
15:47:09.0028 3960 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:47:09.0075 3960 TermService - ok
15:47:09.0106 3960 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:47:09.0106 3960 Themes - ok
15:47:09.0122 3960 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:47:09.0137 3960 THREADORDER - ok
15:47:09.0168 3960 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:47:09.0168 3960 TrkWks - ok
15:47:09.0247 3960 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:47:09.0247 3960 TrustedInstaller - ok
15:47:09.0309 3960 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:09.0309 3960 tssecsrv - ok
15:47:09.0356 3960 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:47:09.0356 3960 TsUsbFlt - ok
15:47:09.0356 3960 tsusbhub - ok
15:47:09.0403 3960 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:47:09.0418 3960 tunnel - ok
15:47:09.0434 3960 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:47:09.0450 3960 uagp35 - ok
15:47:09.0481 3960 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:47:09.0497 3960 udfs - ok
15:47:09.0528 3960 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:47:09.0528 3960 UI0Detect - ok
15:47:09.0559 3960 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:47:09.0559 3960 uliagpkx - ok
15:47:09.0606 3960 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:47:09.0622 3960 umbus - ok
15:47:09.0637 3960 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:47:09.0637 3960 UmPass - ok
15:47:09.0684 3960 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:47:09.0684 3960 UmRdpService - ok
15:47:09.0747 3960 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:47:09.0762 3960 upnphost - ok
15:47:09.0793 3960 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:47:09.0809 3960 USBAAPL64 - ok
15:47:09.0840 3960 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:09.0856 3960 usbccgp - ok
15:47:09.0903 3960 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:47:09.0919 3960 usbcir - ok
15:47:09.0951 3960 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:47:09.0951 3960 usbehci - ok
15:47:09.0998 3960 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:47:10.0060 3960 usbhub - ok
15:47:10.0076 3960 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:47:10.0107 3960 usbohci - ok
15:47:10.0138 3960 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:47:10.0138 3960 usbprint - ok
15:47:10.0185 3960 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:10.0201 3960 USBSTOR - ok
15:47:10.0216 3960 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:47:10.0216 3960 usbuhci - ok
15:47:10.0248 3960 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:47:10.0263 3960 UxSms - ok
15:47:10.0294 3960 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:47:10.0294 3960 VaultSvc - ok
15:47:10.0310 3960 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:47:10.0326 3960 vdrvroot - ok
15:47:10.0404 3960 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:47:10.0435 3960 vds - ok
15:47:10.0466 3960 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:10.0482 3960 vga - ok
15:47:10.0482 3960 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:47:10.0498 3960 VgaSave - ok
15:47:10.0513 3960 VGPU - ok
15:47:10.0544 3960 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:47:10.0576 3960 vhdmp - ok
15:47:10.0607 3960 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:47:10.0623 3960 viaide - ok
15:47:10.0669 3960 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:47:10.0685 3960 vmbus - ok
15:47:10.0701 3960 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:47:10.0701 3960 VMBusHID - ok
15:47:10.0716 3960 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:47:10.0716 3960 volmgr - ok
15:47:10.0779 3960 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:47:10.0794 3960 volmgrx - ok
15:47:10.0826 3960 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:47:10.0826 3960 volsnap - ok
15:47:10.0873 3960 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:47:10.0888 3960 vsmraid - ok
15:47:11.0107 3960 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:47:11.0138 3960 VSS - ok
15:47:11.0294 3960 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:47:11.0310 3960 vwifibus - ok
15:47:11.0326 3960 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:47:11.0326 3960 vwififlt - ok
15:47:11.0357 3960 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:47:11.0373 3960 W32Time - ok
15:47:11.0451 3960 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:47:11.0466 3960 WacomPen - ok
15:47:11.0607 3960 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:47:11.0623 3960 WANARP - ok
15:47:11.0623 3960 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:47:11.0638 3960 Wanarpv6 - ok
15:47:12.0091 3960 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:47:12.0154 3960 WatAdminSvc - ok
15:47:12.0310 3960 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:47:12.0357 3960 wbengine - ok
15:47:12.0654 3960 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:47:12.0669 3960 WbioSrvc - ok
15:47:12.0826 3960 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:47:12.0857 3960 wcncsvc - ok
15:47:12.0951 3960 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:47:12.0966 3960 WcsPlugInService - ok
15:47:13.0060 3960 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:47:13.0076 3960 Wd - ok
15:47:13.0279 3960 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:47:13.0310 3960 Wdf01000 - ok
15:47:13.0326 3960 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:47:13.0341 3960 WdiServiceHost - ok
15:47:13.0341 3960 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:47:13.0341 3960 WdiSystemHost - ok
15:47:13.0404 3960 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:47:13.0419 3960 WebClient - ok
15:47:13.0451 3960 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:47:13.0466 3960 Wecsvc - ok
15:47:13.0482 3960 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:47:13.0498 3960 wercplsupport - ok
15:47:13.0607 3960 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:47:13.0607 3960 WerSvc - ok
15:47:13.0654 3960 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:47:13.0654 3960 WfpLwf - ok
15:47:13.0716 3960 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:47:13.0716 3960 WIMMount - ok
15:47:13.0748 3960 WinDefend - ok
15:47:13.0763 3960 WinHttpAutoProxySvc - ok
15:47:13.0873 3960 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:47:13.0888 3960 Winmgmt - ok
15:47:14.0030 3960 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:47:14.0077 3960 WinRM - ok
15:47:14.0405 3960 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:47:14.0420 3960 WinUsb - ok
15:47:14.0483 3960 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:47:14.0499 3960 Wlansvc - ok
15:47:14.0530 3960 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:47:14.0561 3960 WmiAcpi - ok
15:47:14.0608 3960 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:47:14.0624 3960 wmiApSrv - ok
15:47:14.0686 3960 WMPNetworkSvc - ok
15:47:14.0702 3960 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:47:14.0717 3960 WPCSvc - ok
15:47:14.0749 3960 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:47:14.0749 3960 WPDBusEnum - ok
15:47:14.0780 3960 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:47:14.0780 3960 ws2ifsl - ok
15:47:14.0795 3960 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
15:47:14.0811 3960 wscsvc - ok
15:47:14.0811 3960 WSearch - ok
15:47:15.0061 3960 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:47:15.0124 3960 wuauserv - ok
15:47:15.0249 3960 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:47:15.0264 3960 WudfPf - ok
15:47:15.0280 3960 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:15.0295 3960 WUDFRd - ok
15:47:15.0342 3960 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:47:15.0342 3960 wudfsvc - ok
15:47:15.0389 3960 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:47:15.0405 3960 WwanSvc - ok
15:47:15.0436 3960 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:47:15.0842 3960 \Device\Harddisk0\DR0 - ok
15:47:15.0858 3960 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR1
15:47:21.0562 3960 \Device\Harddisk1\DR1 - ok
15:47:21.0562 3960 Boot (0x1200) (b194d0af711a89512fba05e0ccd6c8b3) \Device\Harddisk0\DR0\Partition0
15:47:21.0562 3960 \Device\Harddisk0\DR0\Partition0 - ok
15:47:21.0578 3960 Boot (0x1200) (f9cc3b0a3e470a36deeb2b0bc91ae6d4) \Device\Harddisk0\DR0\Partition1
15:47:21.0578 3960 \Device\Harddisk0\DR0\Partition1 - ok
15:47:21.0578 3960 Boot (0x1200) (e18afafbf83c6cab984df4b9169e1804) \Device\Harddisk1\DR1\Partition0
15:47:21.0593 3960 \Device\Harddisk1\DR1\Partition0 - ok
15:47:21.0593 3960 ============================================================
15:47:21.0593 3960 Scan finished
15:47:21.0593 3960 ============================================================
15:47:21.0593 3924 Detected object count: 0
15:47:21.0593 3924 Actual detected object count: 0

#13 Tajthethird

Tajthethird
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 03 August 2012 - 03:51 PM

System seems to be working fine now

#14 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 03 August 2012 - 04:22 PM

Glad to hear things are running better.

Your logs appear to be clean. Before we do anything else, please run this online scan to verify we haven't missed anything:

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats is Unchecked and the option Scan unwanted applications is checked
  • Click Scan
    Wait for the scan to finish
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


#15 D-FRED-BROWN

D-FRED-BROWN

    Resident Bracketologist


  • Malware Response Team
  • 834 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Kansas, USA
  • Local time:04:02 AM

Posted 05 August 2012 - 03:43 PM

(bump)

Are you still with me? If your problems still persist, let me know and we'll go about fixing them. :wink:
If not, please let me know so I can close this topic.

-DFB




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users